[ROM+Kernel] MiRaGe-CM7.2-IHO (07132013)

[sellers86]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

Dialer attack vulnerability

I am a Republic Wireless beta community member and just saw a post over there that lists an URL to test for the dialer program being vulnerable to a USSD-based attack that triggers a phone reset by activating the reset function through a dialer string. I am still on the July 16th build so this may not apply to more recent releases. But if you go to dylanreeve.com/phone.php there is a script there that will test your dialer for the vulnerability by displaying your MEID in a dialog box (using the non-destructive *#06# IMEI code rather than the very damaging factory reset one). It displays my MEID so according to him that means that the default dialer program is vulnerable.

Just to be clear, both my Optimus V and my new Motorola XT557 display the vulnerability.

Is this already known to the devs?

There are apps available to block the attack. Look for TelStop (by @colimrm) and Auto-reset Blocker.

More info is available at: Remote USSD Attack - Prevention - dylan//posterous

I am very aware of this. I havent found a fix for GB yet, just ICS though. If it works, itll be included in a CNA update in the future. CM has a submission on their gerrit, I have no clue if they have accepted it or not.

 

[ganggreen30]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

Mirage Can I ask a serious question is this ROM faster and smoother than bobz cm10 and more secure? I'm thinking of switching back to cm 7 . Thanks

Sent from my LG-VM670 using Xparent Pink Tapatalk 2

 

[Mack07018]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

Mirage Can I ask a serious question is this ROM faster and smoother than bobz cm10 and more secure? I'm thinking of switching back to cm 7 . Thanks

Sent from my LG-VM670 using Xparent Pink Tapatalk 2

Yes

 

[glarepate]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

I am very aware of this. I havent found a fix for GB yet, just ICS though. If it works, itll be included in a CNA update in the future. CM has a submission on their gerrit, I have no clue if they have accepted it or not.

Over at Republic Wireless one of the community members tracked down a patch submitted last June:

https://android.googlesource.com/pl...+/39948dc7e34dc2041b801058dada28fedb80c388^!/

 

[sellers86]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

Over at Republic Wireless one of the community members tracked down a patch submitted last June:

https://android.googlesource.com/pl...+/39948dc7e34dc2041b801058dada28fedb80c388^!/

This patch is for the contacts.apk, I'm pretty sure the current patch needs to be applied in the phone apk source

Sent from my One V using Android Central Forums

 

[economichitman]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

USB tethering to windows 7/vista is still not working on a clean install of the latest rom. I have the LG drivers installed on my pc, so it should be recognized..

 

[mrg666]

MiRaGe 09302012

I have synced with the CM repo and rebuilt MiRaGe today. This build fixes the dialer attack vulnerability. Enjoy!

 

[bjzapp]

Re: MiRaGe 09302012

I'm sorry if this may be posted in wrong place.... but thought appropriate since this is the ROM i'm using.
I have not yet or have yet to Partition my SD Card and have some questions.
1:whatshould the ext size be?
2: swap size?
Using CMrecovery 5.0xxx
Trying to eliminate the low internal memory issue

 

[irish-68]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

I just installed the TelStop app. Should I bother updating Mirage to today's build?

 

[bjzapp]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

I just installed the TelStop app. Should I bother updating Mirage to today's build?

I would...could eliminate an unnecessary app

 

[glarepate]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

This patch is for the contacts.apk,

Yeah, I noticed that it's for contacts. I don't know where the 'tel:' function that is used to trigger the USSD codes is located. Is it in the phone.apk code? (I'm no dev.)

Well, never mind I guess. Looks like it's fixed.

 

[flapjack.fiasco]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

I'm sorry if this may be posted in wrong place.... but thought appropriate since this is the ROM i'm using.
I have not yet or have yet to Partition my SD Card and have some questions.
1:whatshould the ext size be?
2: swap size?
Using CMrecovery 5.0xxx
Trying to eliminate the low internal memory issue

If you've got the space, 1024MB for ext, and 0MB for swap.

Sent from my LG-VM670 using Tapatalk 2

 

[HurrrDurrrDURP]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

Its built into the android system as a whole, basically web developers can have the web browser make a IPC call to the kernel, pass that string of text and have the dialer run.

So really this just black-lists that IPC call with that string of text; Which is kernel/Android side.

 

[irish-68]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

I would...could eliminate an unnecessary app

The size of the TelStop app is only 11k. It doesn't take up too much room.

 

[ganggreen30]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

Does this come with its own custom kernel or do I have to flash it ?

Sent from my LG-VM670 using Xparent Pink Tapatalk 2

 

[sellers86]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

Does this come with its own custom kernel or do I have to flash it ?

Sent from my LG-VM670 using Xparent Pink Tapatalk 2

All optimus v roms come with a custom kernel.

Sent from my LG-VM670 using Android Central Forums

 

[bigrickie77]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

yes it comes with mr. g custom kernel.

Sent from my LG-VM670 using Xparent ICS Tapatalk 2

 

[drezliok]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

Will this work on Mirage? If not, what can I do to make it work?

[SCRIPTS]CronMod-A2SD/D2EXT/INT2EXT (updated 09/19) - xda-developers

A2SD
-Moves /data/app to /sd-ext
-Moves /data/app-private to /sd-ext
-Works with EXT 2/3/4 filesystems
-ZipAligns /data/app on every boot
-No symlinks

A2SD+
-Moves /data/app to /sd-ext
-Moves /data/app-private to /sd-ext
-Moves /data/dalvik-cache to /sd-ext
-Works with EXT 2/3/4 filesystems
-ZipAligns /data/app on every boot
-No symlinks

A2SD++
-Moves /data/app to /sd-ext
-Moves /data/app-private to /sd-ext
-Moves /data/dalvik-cache to /sd-ext
-Moves /data/data to /sd-ext
-Works with EXT 2/3/4 filesystems
-ZipAligns /data/app on every boot
-No symlinks

There a flashable Zips available in the link.

 

[daffy_duck_nj]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

mrg666 said on the third post (on page 1) of this thread:

- Link2SD is recommended. Learn how to use it and you will be rewarded. I have never had any kind of insufficient space problem with Link2SD. However, as soon as we root our phones and flash a custom ROM, we are now on the other side on our own. You will need to figure out how to find your way around and there are many different ways. Please find the good practices and methods that work for you and don't clutter the thread with insufficient space problems.
I use link2sd with 60 apps and it takes at most 5 minutes to update the ROM with the following way.
- copy the new zip to SDcard and boot into recovery
- wipe cache and dalvik-cache
- flash ROM
- reboot
- wait for link2sd warning for missing mount scripts
- run link2sd and recreate mount scripts (if you touch the link2sd notification from the pull down, link2sd will automatically open with mount scripts dialog)
- reboot
- run link2sd
-- relink dalvik-cache files
-- relink library files
- done!
And no application reinstalls necessary. There are many tricks/mods to link /data to the sdcard. Whatever method we choose, there will be disadvantages and problems since OV does not have large internal storage as the other high-end phones do. The best practice is to sticking with one of the methods (I use and recommend Link2SD) and learning to deal with it. I don't want to use a method that is making the ROM dependent on the sdcard since not everybody has a large sdcard. Also, sdcards exhibit extremely wide variation of reliability and performance, mostly inferior to internal storage. If I link /data to sdext by default, people will be bringing here many complaints due to sdcard performance and failure. For my sanity, I will avoid that.

I'd take his advice and run with it.

 

[irish-68]

Re: [ROM+Kernel] MiRaGe-CM7.2-IHO

I prefer using L2SD, since it allows more control over the ext partition. it allows movement of apps to and from internal storage, monitoring of space and has a few other nifty tools. When I was running ICS on my Op V, it already had A2SD, and I did miss the flexibility of L2SD, though A2SD is simpler to use.