VARIOUS SERIOUS ISSUES AND BUGS

GENERAL INFO;
Device: GT-i9100
ROM: CM10
Kernel: Stock CM10
Avast Anti-Theft: 2.0.2571

The following issues just can’t exist in such an application…

ISSUE #1

I performed a “Wipe Data/Factory Reset” with hard-reset proof settings just to check if you would be able to send commands to the phone. My results;

  • Commands through web portal - FAIL
  • Commands through SMS - SUCCESS

Error generated by your web interface;

https://lh3.googleusercontent.com/-FzP8C-_a9HA/UDexqDkiARI/AAAAAAAAAHM/QI3zzKuu0kk/s1543/AVAST+ERROR.png

What I had to do to resolve this was to open up the anti-theft application on the phone, disconnect from my Avast account and then reconnect again, from suggestion by the built in connection control feature;
After repairing with my account, using the web interface was possible. What thief will do this for me?

https://lh6.googleusercontent.com/-wYvOEtT3uEY/UDeyMJp22cI/AAAAAAAAAHU/0fLieVrTsEA/s800/Screenshot_2012-08-24-18-55-03.png

ISSUE #2

You got 3 ways to store settings on;

  • Direct Write Method
  • Recovery Image Method
  • Modify custom backup list

This issue is related to the third option, Modify custom backup list. This has in fact never been working. Even if the custom_backup_list.txt with the correct content exists at the right place, it wont work. The app will have gone after a ROM flash. This backup-feature doesn’t seems to exist no more in the newer versions of CM (9 and 10). I don’t know whether the custom-backup-list-method or my addon.d-method works on CM7. That’s up to you to check if it does or not, I don’t think my method works on CM7. Either way, I’ll explain my working method of surviving a CM9/10 flash.

In all CM9/10 installations, there is a folder: /system/addon.d
In this folder there is a file by default : 50-cm.sh
This file does nothing other than backing up specified files in the /system directory. By default, the only thing it backs up is /system/etc/hosts. So this does basically the exact same thing as the custom_backup_list.txt does in CM7.
Source: http://forum.xda-developers.com/showthread.php?t=1617356

What I did: I copied /system/addon.d/50-cm.sh to the computer and opened it in notepad++. I deleted the only line that tells it to backup /system/etc/hosts, then I placed these two lines there instead;

app/com.avast.android.antitheft.apk
etc/com.avast.android.antitheft.backup.enc

Then I saved the file, renamed it to “AVAST_BACKUP” and placed it in /system/addon.d. There are 2 files in that folder now, the original 50-cm.sh and the additional AVAST_BACKUP file.
Then I immediately tried flashing a CM10 zip to confirm success, and it worked! The application was left untouched. Here is the file I use: https://docs.google.com/open?id=0B4I9PcsfiZ0mTG9IN1RFWTdZVHc

Now, how you are gonna manage to use both methods depending on which version of CM the user is on, is your problem. Either you integrate both methods in your app or you one version for each CM version.

These 2 issues are major, and you have to fix them quite fast!

ISSUE #3

This issue is somewhat relating to issue #1.
When using my method in issue #2 to backup the anti-theft app while flashing CyanogenMod ROMs, I get principally the same error as in issue #1. I do not get the “Database” error, but instead I get “Command timed out” (as seen in the background of the first screenshot) in the web interface as of in the application itself I get this error when checking with the built in connection control feature;

https://lh3.googleusercontent.com/-mh9418XZ6Vk/UDlNEC1ZEUI/AAAAAAAAAHs/LIk15JSszYE/s800/Screenshot_2012-08-26-00-05-42.png

Doing as suggested in the screenshot above solves it, till I flash a new, updated version of the ROM.

Still waiting for response! Do you understand that this is serious!? These bugs cannot exists in your software, you are one of the biggest security company in the world with millions of users! You got to reply to this!

hello chrismalla

thanks for your feedback.

#2) Actually we know of the Cyanogen Mod issue but did not yet have resources to update to newest CM versions. Will do so ASAP however.
#1) The problem with hard resetting the phone is that on the web we (at the moment) use Google Cloud to Device Messaging to communicate to the phone. Now, C2DM is tied to the Google account on the phone. After hard reset, the google account will not be paired anymore, so also C2DM will not work anymore. We’re working on solution for this problem but for now, after hard reset, only SMS will be available for communicating to your phone.
#3) This seems to be a problem of not-up-to-date hard-reset-proof stored settings. After every change in web configuration you should hard reset store your settings. Actually there is a “Check hard-reset proof settings” button in the app which will also check for the stored settings being up-to-date. Just try it!

thanks for your great feedback,
best regards
Reinhard

#2: It’s not hard to apply the update. The easiest way would be to change the “Modify custom backup list” to “CyanogenMod Backup” that will do both things;

  • Do what your application already does (custom_backup_list.txt)
  • Extract [AVAST_BACKUP] to /system/addon.d

It doesn’t matter which version of CM the user has installed, the backup will still succeed if both files exists.

#3: It’s not, you are right it has to be updated after a ROM flash, but the message in the screenshot is still being displayed, you have to unpair and repair to get around it.
My suggestion: Let the app automatically update the /system/etc/com.avast.android.antitheft.backup.enc file regularly, maybe after every boot, to make sure it’s always up-to-date (If the “Direct Write Method” is checked).
But the main issue this is about (screenshot message) is still occurring and needs to be fixed.

lets try after we have the custom backup list thing fixed. currently working on it.

Try what? Isn’t the custom backup list working in CM7 either? What about issue #3?

i just implemented the fix and all three issues seem to be fixed in my build (did not ever run into #3 however).

Great then, did you patch issue #1? About issue #2 did you add the addon.d method to the app?
Share the .apk and I’ll try it right away!

chrismalla, do you recognize that this software is freeware and that the support for CM is not main part of the application?

Do you realize that there is only one issue that is directly related to CM, and that this particular issue is easily patched? Do you also realize that you have official support for CM and because of that have to keep up the support for it? Are you saying that I can’t assume that issue #2 will be patched?

chrismalla drop me an email to holzner (at) avast.com and I’ll get you a test version.

Done.

Hi,

where exactly this information comes from? I just checked the user guide and knowledge base and it doesn’t seem to be there.

Filip

I tried with the updated pre-release build and can confirm that both issue #1 and #2 are resolved. However, issue #3 is still present.

What I did when checking if issue #3 was resolved: First, I updated the hard-reset proof settings and checked with the built in connection control feature. All went well. I continued with flashing cm-10-20120825-EXPERIMENTAL-i9100-BEANPEELER.zip and gapps-jb-20120726-signed.zip right after that. I booted the phone into the system from recovery mode. I tried sending a command from the web portal but got the message “Command timed out”. I entered the app to check with the built in connection control feature, it told me the hard-reset proof settings were out of date and then displayed the message as shown in the screenshot (device not found on servers).

And now? Will you send me back to the stable channel or let me stay on the pre-release one?

Thanks very much for resolving the two most major issues!

Shit take a damn chillpill for christ sake!
The avast team is doing their job just fine…

Also let me remind you THIS IS A FREEWARE APP…

Stop bitching and wait or switch to another app or why not even make your own?

He has done his job already, I have the enhanced app installed and running just fine. Thanks! I don’t need to chill, you do.

No, I do not, we have not any official support for CM builds. You probably can ask for some fix concerning these, but please mention, that the developing has another priorities that supporting experimental builds - we have to focus to the rest, who are using vendors ROMs. Anyway, I do not recognize much politeness in your requirements and you have been really lucky to meet Reinhard, who is actually the developer of the anti-theft.

Anyway, you can use our support team for such a requests - it is better tracked than here.

Thanks.

I cannot reproduce the “device not found” error.
However i now added custom backup list also for CM9/10 it will be published on beta path later today.

Hi i updated beta path with build 2579. It should now also work CM9/10 to pre CM9 as you suggested. Please test.

sorry, but what does this bring? Issue #1 and #2 was fixed in the previous build.