Skip navigation
Help

Embedded Linux

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.

darthcamaro writes "Last week, Rain Forrest Puppy (aka Jeff Forristal) first disclosed the initial public report about an Android Master Key flaw. Code was released earlier this week for attackers to exploit the flaw — but what about users? Google has claimed that it has patched the issue but how do you know if your phone/carrier is safe? Forristal's company now has an app for that. But even if your phone is not patched, don't be too worried that risks are limited if you still to a 'safe' app store like Google Play. 'The only way an Android user can be attacked via this master key flaw is if they download a vulnerable application.

"It all comes down to where you get your applications from," Forristal said.'"

0
Your rating: None
Original author: 
Florence Ion


What if you could privately use an application and manage its permissions to keep ill-intending apps from accessing your data? That’s exactly what Steve Kondik at CyanogenMod—the aftermarket, community-based firmware for Android devices—hopes to bring to the operating system. It’s called Incognito Mode, and it’s designed to help keep your personal data under control.

Kondik, a lead developer with the CyanogenMod team, published a post on his Google Plus profile last week about Incognito Mode. He offered more details on the feature:

I've added a per-application flag which is exposed via a simple API. This flag can be used by content providers to decide if they should return a full or limited dataset. In the implementation I'm working on, I am using the flag to provide these privacy features in the base system:

  • Return empty lists for contacts, calendar, browser history, and messages.
  • GPS will appear to always be disabled to the running application.
  • When an app is running incognito, a quick panel item is displayed in order to turn it off easily.
  • No fine-grained permissions controls as you saw in CM7. It's a single option available under application details.

The API provides a simple isIncognito() call which will tell you if incognito is enabled for the process (or the calling process). Third party applications can honor the feature using this API, or they can choose to display pictures of cats instead of running normally.

Every time you install a new application on Android, the operating system asks you to review the permissions the app requests before it can install. This approach to user data is certainly precarious because users can't deny individual permissions to pick and choose what an application has access to, even if they still want to use that app. Incognito Mode could potentially fix this conundrum, enabling users to restrict their data to certain applications.

Read 9 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Florence Ion

Sometimes, we're not always satisfied with the experience that Android offers us. However, the beauty of being an Android user is that you can make a choice to do something different. Before you head off into the weekend, check out Everything.me and its unique Home screen experience. Or, if you've been envious of Facebook's Chat Heads and wish they existed for other apps, download Floating Notifications to get a similar experience.

The Google Play store is chock full of applications that allow us to customize our phones, tack on new features, or just check the score for our favorite team. Here are just a few of those apps we discovered this week that can make those things happen.

Everything.me, Free

Read 14 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Dan Goodin

greyweed

Recently discovered malware targeting Android smartphones exploits previously unknown vulnerabilities in the Google operating system and borrows highly advanced functionality more typical of malicious Windows applications, making it the world's most sophisticated Android Trojan, a security researcher said.

The infection, named Backdoor.AndroidOS.Obad.a, isn't very widespread at the moment. The malware gives an idea of the types of smartphone malware that are possible, however, according to Kaspersky Lab expert Roman Unuchek in a blog post published Thursday. Sharply contrasting with mostly rudimentary Android malware circulating today, the highly stealthy Obad.a exploits previously unknown Android bugs, uses Bluetooth and Wi-Fi connections to spread to near-by handsets, and allows attackers to issue malicious commands using standard SMS text messages.

"To conclude this review, we would like to add that Backdoor.AndroidOS.Obad.a looks closer to Windows malware than to other Android trojans, in terms of its complexity and the number of unpublished vulnerabilities it exploits," Unuchek wrote. "This means that the complexity of Android malware programs is growing rapidly alongside their numbers."

Read 6 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Florence Ion

We spent the week at I/O sitting in sessions, walking around the show floor, and congregating with developers. After the keynote, things got quieter on the news front but there was still plenty to learn about. This conference is about community, bringing together developers of all types, and connecting people with similar interests and backgrounds. It's also about adorable little Androids, which absolutely overwhelmed downtown San Francisco's convention center, the Moscone Center.


The Google Store

A Google Store employee models the Android Superhero costume, available for a mere $32.80. There was no word on compatibility with the YouTube Socks.

Sean Gallagher

14 more images in gallery

Read on Ars Technica | Comments

0
Your rating: None
Original author: 
Florence Ion

SAN FRANCISCO, CA—Although Google's keynote at the I/O conference this week focused heavily on the APIs and behind-the-scenes development of the Android operating system, it looks like there's a lot more in store. This idea was especially apparent in a panel discussion today involving eleven members of the Android development team. The team sat for a forty-minute question and answer session, and while they dodged most inquiries about forthcoming features for Android, they did offer a bit of insight into what the future of Android might look like, what developers could do to help further the platform, and what they’ve learned from their journey thus far.

The conversation began with a question relating to whether or not the Android team would have done anything differently from the beginning. Senior Android Engineer Dianne Hackborn said the team "should have had more control over applications. A big example is the whole settings provider, where we just let applications go and write to it... it was a simple thing that we shouldn’t have done." Ficus Kirkpatrick, one of the founding members of the Android team and the current lead for the Google Play Store team, added that “you’re never going to get everything right the first time. I don’t really regret any of the mistakes we’ve made. I think getting things out there at the speed we did…was the most important thing.”

The team also briefly touched on fragmentation and how they’re working to combat the issue—it was even referred to as the “F” word. "This is something we think about a lot,” said Dave Burke, engineering director of the Android platform. He explained that many silicon vendors take the open source code, break it apart, and create their own Board Support Packages (BSPs) to make their hardware compatible with the software. To streamline the process, the Android team made the code for the platform more layered, so if a vendor needs to make changes, they have a clean abstraction layer to do so without affecting the entire operating system.

Read 6 remaining paragraphs | Comments

0
Your rating: None
Original author: 
GoogleDevelopers


Google I/O 2013 - Android Design for UI Developers

Nick Butcher, Roman Nurik Design on Android is no longer a complex mystery of disjointed patterns; the Android design guidelines have paved the way for a des...
From:
GoogleDevelopers
Views:
5414

229
ratings
Time:
40:14
More in
Science & Technology

0
Your rating: None
Original author: 
GoogleDevelopers


Google Developers Live at I/O 2013 - Inside the Niantic Project

John Hanke, Louis Gray The Niantic Project has debuted two applications that center on location and discovery. The Ingress game has sparked incredible interest from Android users, choosing...
From:
GoogleDevelopers
Views:
232

17
ratings
Time:
06:45
More in
Science & Technology

0
Your rating: None
Original author: 
Florence Ion

Mobile gaming can be a finicky thing. Not only does any title have to account for varying screen resolutions and multiplayer play, but with such a saturated device market, being able to take a game cross-platform entices both the developer and the player. For example, switching back and forth between iOS and Android can be difficult for some mobile gamers, especially if there are in-app purchases and achievements worth hoarding. As mobile ecosystems grow so do the users’ needs.

Google apparently realizes this since the company is making big strides to ensure that game developers are on board with its mobile ecosystem. It’s introduced a suite of APIs that will enable cloud saves, leaderboards, multiplayer game play, and achievements—all things that will benefit mobile gamers. “The opportunity that exists here is phenomenal for both developers and players looking for interesting and entertaining games,” said Greg Hartell, product manager for Google Play game services. “What it’s really about is creating a cross-platform environment that allows you to build a community of players across different screens.”

At first glance, Google’s Play game services appear to be a response to Apple’s Game Center functionality. On iOS the Game Center is featured as a standalone application for players to check on achievements and hook up with friends to play a game. Game Center is also integrated into the games that support it. The Play game services work similarly: users log in with their Google Plus account on the titles that support it.

Read 9 remaining paragraphs | Comments

0
Your rating: None