Join us in a fun Sunday Debate on Cyanogen Inc. Come with your opinions and feel free to read some of our thoughts, then pick your side or play devil’s advocate to get your voice heard and engage in friendly discussion. You can read our food-for-thought or jump straight into the fray below! CyanogenMod is widely recognized across XDA for its solid performance, great feature set and far-reaching (and also long-lasting) support for all sorts of devices, from...
Malicious Toolkit Thwarted by adbdSecure
First off, it bears noting that XDA in no way supports the use of anything that can be considered malicious. Some would say that certain tools can be used for good, such as packet-sniffing your home network. But the reality is that as a hacking site, the inevitable will happen. What one might have intended for good, can (and most often is) used for evil.
A malicious toolkit by Kos recently appeared in the wild called P2P ADB, which provides tools for attacking a device if ADB Debugging is left enabled on the other device. Here is a breakdown of what this toolkit enables by taking advantage of USB Debug Mode, Root, and some crafty hacks:
- the bypassing of lock screens,
- making system changes and even “backing up” Android profiles, all from one phone to another
- perform an Auth token cloning attack, enabling an attacker to gain access to a victims Google account, change the password, or even setup a one-time-password for themselves if two-factor-authentication is enabled
XDA Elite Recognized Developer Stericson immediately recognized the danger and created adbdSecure. His application helps to guard your device from malicious attacks that seek to use adbd, but only does so when you have enabled a password, PIN, or pattern lock for your lock screen. adbdSecure will turn adbd on when the phone is unlocked and will turn it back off when the screen goes off, thus preventing any sort of intrusion on your device. Add Tasker into the equation, and you have a pretty versatile application for all sorts of protection.
And in the true nature of XDA, Stericson has open-sourced the application so that you can take what he has done and improve it, as well as contribute more to the community. You can find the source on GitHub, and download the application for your device on Google Play. And once again, the only way to protect your device from this attack is to take the initiative and add lock screen protection.
Want something on the XDA Portal? Send us a tip!
There are tons of choices to choose from when looking for a great alarm app for Android. While the stock Clock app for AOSP does the job, it may lack some of the more advanced features from competitors. Let us know what your favorite alarm clock app is for Android and why.
Did you watch Apple's VP draw on his wrist during the Apple Watch announcement and wonder "why can't my Wear watch do that?" In typical XDA fashion, one enterprising forum member has brought similar functionality to Android Wear with a twist; it works on phones and watches alike, with other platforms on the way! The app is called Pinsy, and its release debut is a strong proof of concept with plenty of room to grow. You may remember the developer behind this project, XDA...