Just hours ago the source code for Android 4.4.2 went live on AOSP, and now we already have our changelog from Al Sutton. With only four meaningful changes, this is probably the smallest changelog we've ever seen. That's not to say it isn't significant, as it further hides away App Ops and also shores up two fairly serious vulnerabilities.

2013-12-11_13-44-29

The security fixes aren't much of a surprise. There is a patch to block the Class-0 "Flash" SMS attack we covered a couple of weeks ago. Instead of stacking each message onto the screen, the new behavior will display the first Class-0 message and queue up subsequent messages until they can be dismissed by the user. There is also a fix for a potential Denial-of-Service issue caused when receiving 0-byte WAP messages.

Unfortunately, it looks like App Ops is being made even more difficult to reach after this patch to the Settings app. This turn of events isn't completely unexpected after a recent statement by Dianne Hackborn, one of Android's best known framework engineers. It looks like Google is serious about keeping App Ops out of the hands of users.

Aside from these changes, there is also a small tweak to the camera app to generate less logs, but that's it. Again, it's a pretty tiny update. If you'd like to take a closer look, hit the source link below.

Source: Funky Android