# Android spy warning!



## aiping

Android devices listening to you, when you think it's switched off. They? store it in log_other_mode.

Google log_other_mode !

Until now log_other_mode was believed just to 'steal' internal memory.

But now its clear that somebody is listening when you switch off your Android device, send the sound file when you are online again.

To proof, I dampened the internal micros , so the recorded sound is continous 'cracking' => log_other_mode grew proportional with switch off time.

Than I used broken external micro, so sound is zero. => log_other_mode was just the bone of 4 kB after one night.

Please confirm and share.


----------



## MakeSlingshots

why the slingshot form then


----------



## brucered

No worries here. I wear this when around my Android phone.


----------



## MakeSlingshots

nice


----------



## aiping

@brucered
the tin head in the picture will not help if
this guy also don't stop talking..

And if you cannot find my buddys @Chinawhistle at Twitter,
than they surpressing succesfully all messages to major antivirus companies and of course Snowden.

And maybe its also inyetesting for this forum as many of
us using ChronoConnect on Android.


----------



## aiping

I tried to find my buddy @Chinawhistle at Twitter.
His cascade of warnings to major Antivirus companies is unvisible. Only something from AVG, that's the one she did not contacted...


----------



## Phoul Mouth

Well I guess I shouldn't talk about my terrorist attacks or attempts to assassinate heads of state near my mobile phone then. LMFAO.


----------



## aiping

I think it's more about collecting compromising data, to be aivailable if needed. For example you think you are clecer cheeting your wife and switch of your Android phone. The conversation with your what kind of lover and Geo location
(if they have also access to GPS in switch off mode) could be quite usefull...


----------



## aiping

Fascinating! This time I switched off for more than 3 hours and
the first time since my detection of log_other_mode stayed at its
'bone size' of 4kB. Maybe @Chinawhistle motivated some people
to work at the weekend and activate some kill switches,
cleaning up evidences.

So, if you find log_other_mode at your Android device bigger than
4 kB, don't erase it, keep it, maybe it still grows, its a nice evidence
to get some money out of a 'united sue'... against who?

Attached two photos how it looks like they if they are still active on your device.
Look switch off/on time and log_other_mode file size


----------



## Imperial

Dammm, I just upgrade from 2 cans on a piece of string. I guess it's back to the old ways of smoke signals and morse code.


----------



## JonM

I made it farther than you, I upgaded to a wall mount corded phone. Still trying to figure out the circular dial....


----------



## aiping

@JohnM That probably will not help, if it is not a electric-mechanical one. ISDN and VoIP types can also be remote controlled. Smoke signs and drums....other people also have eyes and ears.

Update: log_other_mode is back. This is interesting, because they know my IP and device but don't retreat even knowing being compromised. Here are the conclusion:

- they can not take it out. This thing is a robot fullfilling its predefined orders. I blocked new orders with DroidWall. Worse suspicion, its an integrated 'feature' of Android.

- yesterday switch off 3 hours / no tapping could be due to low battery.
As the processor needs juice to tap, the robot maybe is inactive when in
danger to drain the battery which could draw suspecion. But connected to
a charger...party!

If someone has the possibility to take sensitive thermal imaging from
the circuit board, that would be a bullet proof evidence.

So, if you find the same problem, share and blow the whistle.

Attached you will find the photo, the sucker tapped 38,3 MB from 9:00 to 6:45.


----------



## aiping

Wrong picture, take this one:


----------



## brucered

How do I know when I click on the second picture with my Android, that it isn't infecting my phone with a listening device?


----------



## pult421

Thanks dude. But lets keep the slingshot stuff.. slingshots and such. Ive learned politics and conspiracy can end friendships and make people look ugly over an opinion. Everyone knows we are being watched and heard.. so whip it out often and scream sexy stuff. Give em a show seriously though. Thanks for the heads up.


----------



## JonM




----------



## Resigned User

I don't know what's your problem... You are controlled or not... But about one thing I'm sure 100%...
This file that you mentioned is only in Android 4.0.0 to 4.2.2 and only in smartphone and tablet with MTK CPU ... and it's controlled by MTKLogger.apk ...

Simply delete this apk file and you are done... No more file increase and I think... No more "panic" about big brother... That for sure are not so stupid to put an obvious evidence of spying


----------



## aiping

@Widget
thanks a lot to pointing at the MTK logger. There are following apps visible with 'Manage apps':

MTK logger
MTK Android suite daemon
MTK thermal manager
MTK live wallpapers

If you look up the permissions of these Apps, specialy MTK thermal manager, they are allowed to do ANYTHING up to make direct calls.

I cannot delete them, but I did:

- Clear cache
- Force stop
- Disable

Interesting, you cannot enable them back, will see if they stay disabled.

Again thanks, Widget!

A-Ping

P.S. I love the picture with Picard and the 'black bone'


----------



## Resigned User

I think that all the permission that a developer gives to his application have a function...others have no reason to exist... 
In case of the thermal service it is a good thing that it can access the call function because it will be very very bad if your phone explode attached to your ear during a phone call because no "service" noticed that phone become dangerously high in temperature and can't shut down... 
Consider that the "permission voices" are sometimes generic and "make phone calls" does not mean that your phone call by itself numbers but that it can controlling some functionality during your phone call


----------



## Resigned User

For example... A application use for text messaging.. has no reason to can access phone calls... So I never will install this kind of app...


----------



## aiping

In general commercial sold Hardwares 'Device thermal safety managment' must be hardwired! Than, everybody at should read the generic! permissions of the 'MTK thermal manager', and think if that is necessary. Open 'Manage Apps', search for 'MTK thermal manager' and scroll down to 'Permissions'.

Anyway,as expected MTK logger, MTK thermal manager & MTK Android suite daemon are coming back active after restart. These things are really dedicated for surveillance...

Actually I can only deal arround to block '1000, Android system....thermal manager' with DroidWall to communicate with outside.

What's also interesting, if you google 'MTK thermal manager', there are only a few threads/post about this issue... and no solution to solve this issue. Because it's Google! (Don't be evil...?)


----------



## Resigned User

Yep ...you have an MTK CPU and all related apps must be there... You can frozen them but not forever and you can't uninstall them because your phone will begin to crash...

So if you get rid of it you must pass to another type of smartphone like Lumia or iPhone or maybe a Android phone with "no MTK CPU"


----------



## Resigned User

Can u tell me the version of this MTK app installed on your phone?


----------



## aiping

All MTK apps are Version 1.0


----------



## aiping

MTK, https://en.m.wikipedia.org/wiki/MediaTek, its Taiwanese, I am dead....


----------



## Resigned User

This are mine


----------



## aiping

So, how do you deal with 'log_other_mode', as it at least 
eats up you internal memory?


----------



## Resigned User

I search this file all around and can't find it... No log... 
So I'm easy


----------



## brucered

If people want to hear and see what I do when my phone is off....knock yourself out. It isn't that exciting.

I feel sorry for whoever has to look over the data.


----------



## aiping

@brucered
It's not about you, it's general/global. Snowden teached us that all is tapped when Online. Now we get some solid clues, that it also happens Offline. StuxNet was the first official proof of Offline intrusion and sabotage. To review the enormous amount of data you don't need humans anymore. I don't know if you are up to date, but recently a computer wins GO against humans. And I don't know if you are old enough to know this song:


----------



## brucered

Plenty old enough to remember....as soon as I saw it pop up, I starting singing in my head "I hear, the secrets that you keep".

I still can't tell if this thread is serious or not. If it is, there are bigger things to worry about and a fail safe, 100% guarantee fix....dump the smart phone. Or, if you are going to a super, top-secret, classified meeting, leave your smart phone in the car.

What exactly are general citizens worried about if they are recorded and what info would be of any use to anyone?


----------



## Cjw

If your that worried throw your cell phone away. Become a prepper.

Sent from my iPhone using Tapatalk


----------



## Cjw

brucered said:


> Plenty old enough to remember....as soon as I saw it pop up, I starting singing in my head "I hear, the secrets that you keep".
> 
> I still can't tell if this thread is serious or not. If it is, there are bigger things to worry about and a fail safe, 100% guarantee fix....dump the smart phone. Or, if you are going to a super, top-secret, classified meeting, leave your smart phone in the car.
> 
> What exactly are general citizens worried about if they are recorded and what info would be of any use to anyone?


 They could listen to a conversation with the Ex wife. That will make them want to stab their ear drums with a knitting needle and never want to get married ever.

Sent from my iPhone using Tapatalk


----------



## aiping

I use the internet structure as long it is up.
I am not worried neither scared but want to warn you.
I am a prepper. Question to those with their BOB's, do you know where to go? Are you ready to leave your survival stockpile at home at any moment? I have the Taiwanese jungle, recently enjoyed snake for lunch, cook it in water
to get all nutrions out from these nasty little bones.


----------



## Cjw

Have at it. Make sure you have your zombie killing weapons too.

Sent from my iPhone using Tapatalk


----------



## aiping

Probably it will not be zombies but starving desperates.
So, an avoided fight is a winning fight

@ Widget 
glad to hear that you are not tapped in this way.


----------



## aiping

This is the most recent and conclusive thread I found:

http://android.stackexchange.com/questions/109292/blocking-android-system-battery-warning-com-media-tek-common-data-service-fro

So together with Widgets info, that he did not found log_other_mode, I draw following conclusion:

- The MTK Thermal Manager is a backdoor

- It becomes active when you root your device and install a firewall, me, DroidWall

- From now on the MTK Thermal Manager logs the audio, GPS?, acceleration sensor? (for camera/video the file seems to be to small)
when the Android device is 'switched off & charging'

- The data are compressed and encrypted in log_other_mode

- log_other_mode sneaks out when you are Online

Having no root and firewall does not mean you are NOT surveilled,
cause you are than 'naked on the table' anyway, simply don't know
what's going on in the background.


----------



## aiping

MediaTek confesses that it Chipsets software provides a backdoor, without specifying where and how:

http://m.gadgets.ndtv.com/mobiles/news/software-bug-leaves-several-mediatek-powered-android-devices-vulnerable-to-attack-795743

Its now time to show up a list of vulnarable devices (you will become tired from scrolling..):

https://en.m.wikipedia.org/wiki/List_of_devices_using_Mediatek_SoCs

In general, IF you are interested in privacy, treat any mobile communication device as a tapping bug: Audio, Video, Geo location, Text input, access to any file, up 24/7


----------



## Genoa Slingshot

I don't know about this stuff.
If they want to spy me they have hundreds of way to do it, so I give up.
But I think this thread is kind of intresting and I don't agree with the people that say to don't speak about this or don't speak about that.
This is a small section of the forum called "GENERAL OFF TOPIC" so, here, people can speak about all they want (under the forum's rules).
If you want read about slingshot, just read the rest of the forum.
If you don't like the argument, just don't read it.
If you want say your opinion, just say it with education and respect.
But you don't afford to say what people can or cannot speaking about in this general off topic section!


----------



## aiping

Follow my soul-mate Twitter @Chinawhistle

https://www.sendspace.com/file/ytrsdo


----------



## brucered

@aiping

What is that link for?

You want us to click on a sendspace.com link when you are talking about Twitter in a spyware thread? I don't think so.


----------



## Cjw

I'll be sure to log on to the site. Not.


----------



## brucered

Cjw said:


> I'll be sure to log on to the site. Not.


I checked and there were a few odd posts, and this one in a slingshot thread.

Time for the Mods to investigate. He's one paranoid dude.

http://slingshotforum.com/index.php?/topic/49609-Semi-Tube-slingshot#entry620962

http://slingshotforum.com/index.php?/topic/49609-Semi-Tube-slingshot#entry617345


----------



## Resigned User

What is the relationship between twitter and a download of a file?!?!!


----------



## aiping

That was misleading. Apologize for those who clicked the link. Was in a hurry yesterday....Here is the Twitter link:

https://mobile.twitter.com/Chinawhistle

The file download is for the people from Twitter and Slingshotforum who knows what it is and how to operate it, its encrypted as it contains sensitive information.


----------



## aiping

Maybe someone of you can help me to find out
if this issue is 'local' or Android related:

If I search 'Semi Tube Slingshot' at baidu.com (Chinese Google)
on Windows, different browsers, I get plenty results, but on Android searching 'Semi Tube Slingshot' at baidu.com brings zero links to
the 'real thing', any browser, different Android devices, versions.

This selective 'effect' is at least interesting.


----------



## aiping

Last week three applications went 'out of order'
on my primary Android device:
- Gallery
- ImageResizer
- File Manager
=> Message:'unfortunately the application stopped...'
This I could cover up with alternative apps

This morning the Android keyboard went off:
=> unfortunately keyboard has stopped

Even factory reset could not solve this issue!

This is coming from in deep Android system,
which I did not touch, so its from
outside. And it's sophisticated, nothing
from bored kids.

Question: What is it good for? Not a hidden attack,
no demand for ransom. Not enough to stop
me to use backup devices.

These incidents only can be the message: stop 
what you are doing and that's not much: earning
my money, shooting slingshot, 3D printing,
publishing on slingshot forum.

Well, so I swapped to my secondary Android device.
Actually all is running smoothly.
Will keep you updated.

All the best from A-Ping


----------



## aiping

Keeping the keyboard shut down after factory reset 
requires sophisticated hacking skills...


----------



## Viper010

Scary stuff....

You could try getting around the issue by downloading a custom keyboard from Google Play Store.

For example Sony Xperia keyboard, if you like the classic black n grey layout.

I use TouchPal keyboard myself for more options in colors and customization settings. It works great for Swipe Type (put finger on first letter, don't lift, trace from letter to letter, lift for next word)

The swiping takes some getting used to but then it's much faster than typing letter for letter.

Good luck with your spy issues man.... I always "knew" the Chinese government was scary but I never suspected they were so "total" with their approach....


----------



## aiping

@Viper

thanks a lot for this tip!!! I was just to flash the tablet with all related risks.

Before that I will now try an alternative keyboard, also try to get rid

of this annoying message 'Unfortunately...' every 10 seconds

By the way, Google Play store I am cast out and any download is blocked

from alternative stores. Need to get it from other sources :naughty:


----------



## Viper010

Hmmmm.... For jail broken apples there's the "sinful iPhone repository".... I'm pretty sure something similar must be available for rooted android devices, probably several options even. But since I don't run any rooted android, I don't know them.

Would you like me to ask a friend who is knowledgeable about these things? I do know a couple of guys who know, for sure.


----------



## aiping

Thanks Viper2

I found a way to deal around, despite the rootcourse 
persists. Interesting coincidence that the disturbing
incidents intensified when I was to implement
the tube slot feature and reached it's peak just
when was about to publish.

Here are my recommendations( even they could not
stop the attack...)

SRT AppGuard 
AF. Wall+

All the best from A-Ping


----------



## LittleScar86

"He who sacrifices liberty for security deserve neither"

I'm a newbie here but fairly familiar with this topic as I use to frequent conspiracy forums before their mods would end up banning me. Anyways, should be fairly common knowledge now that these devices and even microwaves are spying on us. No, that wasn't a jab at Kelly-Ann Conway! And now with the cervesa bug and TPTB wanting to use drones to enforce social-distancing The Police State is in our faces now and who is crying out for more government power?!


----------



## Hermit

15471 said:


> No worries here. I wear this when around my Android phone.


HAHAHAHA! Just great! I needed a laugh, and that did it! Thanks...

Rich


----------



## nikitayang446

aiping said:


> I think it's more about collecting compromising data, to be aivailable if needed. For example you think you are clecer cheeting your wife and switch of your Android phone. The conversation with your what kind of lover and Geo location
> (if they have also access to GPS in switch off mode) could be quite usefull...



So how do I find out if someone is listening


----------

