AntiTheft feature: I recive only clear-text sms

Hello everyone,

i have an HTC 0ne M8 with android 4.4.2 and the latest cms. I activated antitheft with all options, but if i send a remote-command to my phone it recives an clear-text sms wit e.g. “takephoto#(my password)” and nothing happens…
The problem is: so everyone can read my password and shut down anti-theft.
What am i doing wrong?

Thanks

Hi Muzist,

This is the limitation on Android 4.4 Kitkat. We can not manage the default SMS inbox.

You should lock your device first, then try to locate it if needed. So that, no one can read your messages.

In the mean time, we are looking for possible solutions.

The same is happening on 4.3 Jelly Bean (Samsung Galaxy S3). Just got it installed yesterday and was shocked that it sends the password in clear text.
First impression - crazy app and crazy people thinking that the product is awesome.
Please make it clear at Play Store what versions it is fully functional and what not. Otherwise, you will be just getting more negative feedbacks and people turning away.

Hey Staff!

You should really inform on Google Play about this app big security problems.
Today Google Play gives the information that this app is compatible for Android 4.4.2
If it is as moderator says that this app does not work with later versions of Android, but instead gives your password to the persons that have stolen the phone. Then you should really either redraw the app or inform potential users.
You are doing people harm!

Best regards
Mats

You actually risk doing people harm!

When i use Anti theft to remote control a stolen phone i send an sms the thief can reed. The sms displays my password.
You should really either unpublish the app or inform potential new users on Google Play.

Today Google Play gives the information that this app is compatible for Android 4.4.2.
Obviously this is not true.

Show some responsibility, admitting an error is a quality.

Best regards
Mats

Hi guys,

It is a restriction that is imposed by Operating System. You can always prefer to use that module or not but I still think that it has a value for most of the user.

If your first command would be “lock” then thief or anyone else would not be able to read any message. So, I do not believe that it is a real threat.

We would update the help document with this info.

Ilker

Your concerns are understood and replied on previous post. Please do not create more then one post for same topic.

Hi guys!

So it is “the operation system” that gives my password to the thief?
And Comodo can not do anything about that?
I claim that Comodo help the thief to steal my property, by careless architecture and programming.

So it is the customer that is the bad guy, who has chosen to install the program. I see.
How could your customers choose not to use a part of your app if you do not tell them about the risk of using it?
You have full information about the damage your customers can take. And you blaim your customers?!

Do you realise what kind of lawsuits you risk?
And what damage you will take if this blows?
It will not be enough to censor this forum.

Getting past the initial phone lock isn’t exactly an easy process for a thief.

The latest 4.4 OS seems to have issues with most call/SMS blockers and anti-thief. There are a few workarounds you could try. Firstly, you can add your antithieft contact to the private communication in the private space therefore making the SMS unreadable. Other suggestions are turning off SMS popup on the phone and locking the message with the applock. There are workarounds to deal with your issue. The likelihood of someone getting in your phone in the first place is questionable and who’s to say they won’t just plug it in a PC and wipe your phone anyway. The other options you have are using the built in device manager which allows you to locate, lock, and alarm your phone via the web. You can even change the pin. FYI changing the pin to a letter and number combo when it’s just set for numbers will make it impossible to unlock without changing it again.

Eric

Hi Eric
It could be so.
But if the telephone is stolen, Comodo gladly gives all the information necessary to the thief to shortcut all security.
So You Sire and Your “security app” happily sells your customers to the people You are suppose to protect them for.

In old Japan Hara-kiri would be the only way out.
I suppose You just continue and hope that no one will notice.

(A hidden message: Don’t use this app. Its the thieves wet dream and the company don’t care)

Hi Matzas,

I start to doubt about your intends.

We already explained you about technical limitations on Android 4.4 and explained your concerns are not valid for majority of the use cases . This limitation is present for everyone not just for us. Also, it does not mean that we do not care or we are not working on possible solutions. We are working on alternative approaches to overcome this.

Please do not try to poison people who understand the value of having more secure environment then having nothing.

Ilker

@Matzas,
If you are here simply to troll, you will be banned.
Please watch what and how you post.
Thank you.

I agree with @matzas on this.

Looking at the Anti-Theft app, it has not been updated since 2012. Is it possible that is part of the problem? Other anti-theft modules from several other security vendors do not have the described issue, but they are updated regularly.

I would like to see this issue fixed as well as password protect the security app from uninstallation.

Tread carefully. Your questions have already been answered so there is no need to spread FUD. You are on the mod’s radar.

Looking at the Anti-Theft app, it has not been updated since 2012. Is it possible that is part of the problem? Other anti-theft modules from several other security vendors do not have the described issue, but they are updated regularly.

I would like to see this issue fixed as well as password protect the security app from uninstallation.

Ilkers has stated that Comodo is looking into possible solutions to overcome the problem that not only affects Comodo but also other vendors:

Any chance Comodo is looking at implementing web-based anti-theft functionality to go along with the SMS commands?

Yep, it is on our roadmap.