I don't know the details but this feels like such a specific attack vector. Most malware targets the easiest and most common payload delivery mechanism as possible. Having someone connected via hotspot and piggybacking ontop of a specific workflow such as Shizuku just seems super unlikely. Could absolutely be wrong about this though, just my gut feel
Privacy
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
Sounds like you need to put your phone in rice overnight.
Don't worry. Nothing will happen. Shizuku establishes adb server on your device not your friends device.
thanks man
Man you always use a condom
Just like a pc, you can wipe your phone. Albeit with a couple more steps. When I think I'm dealing with a compromised system, I wipe it and restore the backup.
...you do have a backup, right?
starts sweating
If you reset your phone whose bloat will come back
yea that's another prob 🥲
I wouldn't stress much. It would take a targeted attack to have actually compromised your phone. It is alright.
thanks man
Should be fine. Seems like a very specific attack vector. Also it seems that shizuku works by being installed on ur own device then accessing the adb server over lan of the same device its installed on? I would assume the android debugging interface is quite secure to unauthorised access. I just consulted with dr gpt and adb uses a mechanism where each debugging device generates a rsa keypair then sends the public key to the debugged device which it can deny or authorise. It seems that adb is by default unencrypted with no further proof of device so someone with access to the network can intercept/change/spoof adb traffic.
Imao gpt hallucinates a TON to count anything it says as credible
Its right most of the time and i just went and read the docs and it seems its right about this. Also im using a custom uncensored ai agent that can search shit so hallucinations arent really an issue for me.