Hot on the heels of Bluebox's disclosure of the "Master Key" exploit, a Chinese blog has posted details of a similar vulnerability. This attack also sidesteps a bug in the signature verification step and allows seemingly innocent APKs to include a potentially dangerous payload; and like its brethren, Google has already patched the flaw and posted it to the Android Open Source Project (AOSP). The information comes to us from a China-based group (or possibly individual) calling itself the Android Security Squad.
In a turn of events that no one could have predicted, Google introduced, in partnership with HTC and Samsung, two versions of highly anticipated and desirable phones that are stripped of their manufacturer skins entirely and are devoted purely to stock Android. Equally unpredictably, this created a chasm in the Android community as the Nexus Warriors took up arms against the mudblood HTC One and Galaxy S4.
There were no survivors.
I've taken a less conventional path into the world of Android. I owned a Honeycomb tablet long before I finally got my hands on my first smartphone, and before that, my first Android device was a Nook Color (I booted CyanogenMod from a microSD card, so it was legit). It is due to this background that I am sad to see Barnes & Noble end in-house development of its Nook line of tablets.
Have you ever refused to install an app because it wants too many permissions? Yeah, a lot of people have, and we don't blame them. A little too much trust can lead to stolen information, mysterious charges on your cellular bill, or worse. Thanks to developer M66B, we've got a simple way to lock down potentially misbehaving software. His new mod, XPrivacy, can block several types of activities and queries, despite the permissions granted at installation.
This is the app roundup. The game roundup from this week can be found here.
If an official AOSP build and CyanogenMod support have got you hot and bothered to try out Sony's latest entry into the tablet world, there's good news. The Xperia Tablet Z is now officially available through Sony's partner channels worldwide, according to a press release issued this morning. This much-anticipated 1080p tablet is the larger brother to the Xperia Z smartphone, in both design and hardware terms. Sony's US store still shows a pre-order doesn't list any retailers, but Amazon shows the 16GB and 32GB models at $499 and $599, respectively, arriving on Friday the 24th.
After some teasing, Paranoid Android has unveiled (in a lovely promo image) their plan for multi-window functionality on Android, which they promise to "get right," – Halo.
The premise is simple, yet extremely ambitious in scope – allow apps to give you notifications right on top of your screen, which allow you to pop into that app without leaving the one you're in (no matter what it is), take care of business, and resume your experience uninterrupted.
If you bought/plan on buying AT&T's variant of the Galaxy S4, we have some bad news for those of you who like to flash custom ROMs, kernels, and the like: it's locked down tight.
Historically, Samsung devices – up to and including the SIII – have been bootloader-unlocked on AT&T. The Galaxy S4 brings a major change in that respect, as Steve Kondik (Cyanogen) has confirmed that it is indeed locked, in that it "authenticates the recovery and boot images before executing them." In layman's terms, that essentially means that it won't allow any sort of custom recovery or boot image to be flashed and/or run.
This is the app roundup. The game roundup from last week can be found here.