How to verify if device is reporting fake technical specs like Android version, RAM, or storage memory?



  • I've been asked if I can check some faulty behavior of a device, a cheap Chinese android smartphone.

    I'm not really an android expert, usually I install a few apps to help me figure out few things about the device. These apps I've reported conflicting results compared to what was displayed in the main android settings area:

    • With https://f-droid.org/en/packages/com.google.android.diskusage/ internal memory is reported as 3.9gb vs 16gb in system settings.
    • https://play.google.com/store/apps/details?id=ru.andr7e.deviceinfohw (suggested by @alecxs) explicitly mark as fake the reported version 9.0, pointing Android 6 as correct with API level 23. Unfortunately the app reports the same storage size of 16gb as stated in system settings.
      Following another intuition of @alecxs, inspecting the partitions tab and looking at the displayed partitions sizes, it's possible to detect yet another forged spec. The total reported partitions size is around 8gb, the userdata partition is around 4gb which is corresponding to DiskUsage report. In my previous attempt I've https://f-droid.org/en/packages/com.kgurgul.cpuinfo/ .

    This kinda reminds me of fake USB thumb drives scams with less memory than advertised.

    So is there a way (preferably without root) to test/analyze common technical details of a device for possible tampering/spoofing?

    Like

    • Storage
    • Android version
    • RAM
    • CPU
    • Something else that can be faked?

    FLOSS solutions are highly appreciated! 🙂

    UPDATES

    • Listed used apps and updated after suggestions in comments.
    • Added considerations and further analysis of partitions memory size.


  • In general the more common an hardware info app is the more likely it is that the hardware faker have integrated a patch to let a system info app display wrong values.

    Therefore the best way to identify fake hardware is not to use an app at all. Using a Linux command-line program e.g. executed via adb identifying fake values or values that do not match if more likely. To do so I would recommend to copy a (renamed) busybox binary via adb:

    1. rename it to something different like mybinary
    2. push it to the phone adb push /sdcard
    3. start adb shell
    4. copy the binary it to a path where you can execute it: cp /sdcard/ /data/local/tmp/
    5. make it executable chmod u+x /data/local/tmp/

    Now you are ready to use it..eg. to check the physical RAM:

    /data/local/tmp/ free
                total       used       free     shared    buffers     cached
    Mem:       5727792    5528296     199496      67020       1712    2170428
    -/+ buffers/cache:    3356156    2371636
    Swap:      2097148    1737312     359836
    

    In this example the total memory of the phone is 6GB minus the size used by the GPU. So we end up here with 5727792 total memory = 5.4GB max RAM

    To print disk size you can use

    /data/local/tmp/ df -h /sdcard
    Filesystem                Size      Used Available Use% Mounted on
    /dev/fuse               109.6G     17.9G     91.5G  16% /storage/emulated
    

    It shows the user data partition size and usage. The used phone has 128GB flash memory. The user data partition is smaller as the remaining space is occupied by the system partition(s) and other partitions.




Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2