I want to follow Michael Bazzell's steps for sanitizing Android (from ep. 246) but I'm already stuck at the first step

Michael’s show notes: The Privacy, Security, & OSINT Show – Episode 246 – IntelTechniques Blog
“Windows: choco install adb”
Windows is my only option atm, so I just searched “choco install adb” and clicked on the first link, which says

Some Checks Have Failed or Are Not Yet Complete
Not All Tests Have Passed
Scan Testing Resulted in Flagged as a Note:
At least one file within this package has greater than 0 detections, but less than 5
Log in or click on link to see number of positives.
In cases where actual malware is found, the packages are subject to removal. Software sometimes has false positives. Moderators do not necessarily validate the safety of the underlying software,"

It goes on like that.
as a newbie, I can’t tell what this means, what are they talking about? I feel like when you don’t understand something, you have to be extra cautious, so even though my gut tells me “they can’t possibly be saying their own product has malware in it” I don’t understand this, so I need to find someone who does.

So that is a terminal comand, using this, not something you search. I personally had a bit of trouble installing and using adb and fastboot and ended up using an installer which unfortunatelly i don’t have any more. But I didn’t use chocolatey so it might work for you. Do you have AMD or intel machine?

BTW If you link to the show notes it might help people help you :grin:

1 Like

Thank you for replying, that makes sense, so I wasn’t even on the first step because the first step is figuring out what he was even talking about, and the second step is… opening my… command… prompt?.. And typing that into it? :grimacing: I thought I could follow instructions without needing to understand everything, but it seems like this guide assumes you’ve been to at least one class where people mention computers, which I haven’t, so I’m probably going to either need to ask for a lot of help, or give up if it gets too hard. Do I have AMD or intel machine? I have no idea sorry, how would I find that out? And the page you showed me says “Please inspect https://community.chocolatey.org/install.ps1 prior to running any of these scripts to ensure safety. We already know it’s safe, but you should verify the security and contents of any script from the internet you are not familiar with.” For me, inspecting it won’t ensure my safety because I don’t understand any of it, it could say “this thing is riddled with every known virus in this universe and others” and it would look no different to me than if it’s very obviously safe to anyone who understands what it says. So how do I take their advice? (which I agree with, you should always verify that something is safe, not take risks because you want something) but I like, can’t do that. I’m still curious about where the “more than 0 and less than 5” viruses they were talking about are

I can’t comment on why Chocolatey is giving you that error but I used the official SDK Platform Tools, or you could use the tools bundled in Android Studio. You can alternately install adb using WSL. There are many other ways besides the Chocolatey install through Powershell.

This is irrelevant and does not matter.

Sorry to be discouraging, but I honestly would not recommend trying to use ADB commands without having some basic familiarity with the terminal (Command Prompt). There is a reason ADB is hidden in the Developer Options — it is quite possible to do undesirable things with ADB, and the user is expected to understand the commands they run.

You should NEVER run commands you do not understand!!! This applies to Windows, Mac OS, Linux, Android through ADB — everywhere. This is just as dangerous as installing random unknown software.
Many people are guilty of blindly running commands from the internet, but that does not make it any more okay.

I recommend you focus on the settings and options available directly on the device within Android.

If you choose to proceed with ADB anyway, please download the SDK platform tools (which includes ADB) from the official site. I cannot comment on the Chocolatey install script, but definitely do not use a third-party installer.

I appreciate that advice, I might try learning more about it before I do anything, and if I still don’t understand everything I’m messing with I just won’t mess with it. Thanks :slight_smile:

This is irrelevant and does not matter.

It does since Some AMD Ryzen or Intel Systems may have problems to recognize your device in fastboot. and one of the solutions is to update the microcode by going to the AMD or Intel website.

This was a historical USB 3.0 issue with certain Ryzen CPUs, and it is incredibly unlikely to see this bug in the wild today. Even then, this issue does not affect ADB and only becomes worth mentioning after it is encountered.

If you’re on the less technical side but still want to work on improving privacy on your Android device, you should check out Techlore’s privacy and security guide for Android. It has lots of options you can use that don’t require a lot of technical knowledge and it will at least improve your situation in the short-term while/if you learn more about implementing the technical solutions.

1 Like