android   161250

« earlier    

digdroid - DNS debug android app. Java ui Go logic
go  golang  android  application  example  dns  debugger 
17 hours ago by vonc
Trend Micro discovers vulnerability that renders Android devices silent » Trend Micro
Wish Wu (Mobile Threat Response Engineer):
We have discovered a vulnerability in Android that can render a phone apparently dead – silent, unable to make calls, with a lifeless screen. This vulnerability is present from Android 4.3 (Jelly Bean) up to the current version, Android 5.1.1 (Lollipop). Combined, these versions account for more than half of Android devices in use today. No patch has been issued in the Android Open Source Project (AOSP) code by the Android Engineering Team to fix this vulnerability since we reported it in late May.

This vulnerability can be exploited in two ways: either via a malicious app installed on the device, or through a specially-crafted web site. The first technique can cause long-term effects to the device: an app with an embedded MKV file that registers itself to auto-start whenever the device boots would case the OS to crash every time it is turned on.

In some ways, this vulnerability is similar to the recently discovered Stagefright vulnerability. Both vulnerabilities are triggered when Android handles media files, although the way these files reach the user differs.

Seems like the media file handling is where everyone is focussing for Android weaknesses just now.
android  vulnerability 
17 hours ago by charlesarthur
September 2014: iPhone 6 and Android value » Benedict Evans
From September 2014:
with the iPhone 6 and iOS8, Apple has done its best to close off all the reasons to buy high-end Android beyond simple personal preference. You can get a bigger screen, you can change the keyboard, you can put widgets on the notification panel (if you insist) and so on. Pretty much all the external reasons to choose Android are addressed - what remains is personal taste.

Amongst other things, this is a major cull of Steve Jobs' sacred cows - lots of these are decisions he was deeply involved in. No-one was quicker than Steve Jobs himself to change his mind, but it's refreshing to see so many outdated assumptions being thrown out. 

Meanwhile, with the iPhone 6 Plus (a very Microsofty name, it must be said) Apple is also tackling the phablet market head on. The available data suggests this is mostly important in East Asia but not actually dominant even there - perhaps 10-20% of units except in South Korea, where it is much larger.  Samsung has tried hard to make the pen (or rather stylus) a key selling point for these devices, but without widespread developer support (there is nothing as magical as Paper for the Note) it is not clear that these devices have actually sold on anything beyond screen size and inverse price sensitivity (that is, people buy it because it's the 'best' and most expensive one). That in turn means the 6 Plus could be a straight substitute. 

Now we have Samsung's results (out by the time you read this) and LG's results, where the latter specifically says that sales were lower in South Korea than expected. Evans seems to have been borne out: the only differentiator between premium Android and iPhones was screen size.
android  apple  iphone 
17 hours ago by charlesarthur
How to protect yourself from the Stagefright security flaw | PCWorld
The first thing you should do to protect yourself is turn off MMS auto-retrieval. The example below is from Google’s Messenger app, which is one of the best apps for text messaging.
security  android 
18 hours ago by jasonsamuels
Never Settle -
OnePlus creates beautifully designed products with premium build quality & brings the best technology to users around the world. No tradeoffs, we #NeverSettle.
android  phones 
19 hours ago by bobpotter
Mobile device OCR
Google Translate on cell phones uses an on-phone neural net to identify letters
translation  machinelearning  ocr  mobile  google  android 
19 hours ago by nelson
Untitled (
: “Imagine if Windows patches had to pass through Dell and your ISP before they came to you & neither cared?”
Android  from twitter
22 hours ago by jeffbax
Android security, bugs and exploits » Google+
Adrian Ludwig is head of security for Android:
There’s common, mistaken assumption that any software bug can be turned into a security exploit.  In fact, most bugs aren’t exploitable and there are many things Android has done to improve those odds. We’ve spent the last 4 years investing heavily in technologies focused on one type of bug - memory corruption bugs - and trying to make those bugs more difficult to exploit. 

A list of some of those technologies that have been introduced since since Ice Cream Sandwich (Android 4.0) are <a href="">listed here</a>. The most well known of these is called Address Space Layout Randomization (‘ASLR’), which was fully completed in Android 4.1 with support for PIE (Position Independent Executables) and is now on over 85% of Android devices. This technology makes it more difficult for an attacker to guess the location of code, which is required for them to build a successful exploit.

What Ludwig doesn't mention: the Stagefright bug. Is it right to say it could be used to take over a phone via MMS? Or would ASLR defeat that? You'd hope the head of security for Android would tackle this in a public blogpost talking about security. But he doesn't. Which tends to make one think the worst.
android  security  stagefright 
22 hours ago by charlesarthur
Choose the Best - Slant
Slant is a Q&A website that helps you choose the best products
programming  social  questions  decision  poll  recommendations  tools  android  electronics  ios  dev  linux  windows  pc  osx  stack  comparison  compare 
22 hours ago by Sophus12345

« earlier    

related tags

aclu  adminsys  android:security  aop  api  apple  application  architecture  archon  article  bootcamp  builder  bus  cache  caching  chrome  chromeos-apk  client  code  codepath  compare  comparison  cyanogenmod  debugger  debugging  decision  decompiler  dependency  design  dev  development  devices  dns  download  electronics  emulator  event  example  flaws  forms  fragment  framework  ftc  fuzzing  fw  go  golang  google  googleplay  graphics  guide  hack  hackers  headphones  http  image  injection  introduction  ios  iphone  java  javascript  jekyll  json  jul15  lang:en  leaving  library  linux  localhost  logging  lollipop  machinelearning  microsoft  minecraft  mobile  motherboard  motorola  myblog-posted  ndk  networking  nexus  nexus5  nexus7  objective-c  ocr  oneplusone  opensource  openssl  opinion  osx  ota  pc  phone  phones  photography  poll  privacy  problem  programming  quality  questions  recommendations  reference  resources  rest  rfw  rxjava  samsung  sdk  security  self-hosting  semantics  server  services  services:used  smartphone  social  software  stack  stackoverflow  stagefright  syntax  taobao  testing  thingstobuy  tools  tracing  translation  tutorial  tv  ui  update  updates  versagen  vice  view  vulnerability  webdesign  windows 

Copy this bookmark: