09
Mar
android_market

PSA: Infected "Android Market Security Tool March 2011" App Floating Around

Posted by in Applications, News

It seems evil-doers' depravity knows no bounds: we've just heard word from Symantec that an infected version of Google's Android Market Security Tool March 2011 is floating around the "black markets" - meaning it's not in the Android Market, but it is floating around the 'net in APK form. Luckily, it's not nearly as bad as DroidDream (the malware it was designed to remove), but it's malware nonetheless.

Specifically, Justin says it's closely related to (or possibly the same as) "Fake 10086" malware. Asian users seem to be getting the brunt of it, and it collects information such as IMEI, phone number, and other minor tidbits, which it then uploads to this site.

29
Jan
image

Yet Another Android Data-Stealing Vulnerability Uncovered, Affects All Versions Of The OS

Posted by in Android OS, Gingerbread 2.3, News

Last year, we reported on a serious vulnerability in all versions of Android, found by a security researcher Thomas Cannon. It allowed a remote attacker to download files off a user's SD card upon visiting a webpage with malicious JavaScript code embedded in it. Google's response was swift, and the fix was rolled out in the public release of Gingerbread at the end of 2010.

A new report from eWeek came out today stating that another researcher, Xuxian Jiang, this time from North Carolina State University, stepped forward with a tweak to the very same vulnerability Google reportedly patched. The new method circumvents protection put in place and allows an attacker, yet again, to access a user's SD card as well as the /system directory and directories that are open for reading in the Android sandbox.

09
Dec
snap20101209_132649

Gmail App Gets Big Update: Quick Folder Switching, Priority Inbox, And A Lot More

Posted by in Applications, News

Update: This Gmail client update is only for devices with Android 2.2 or higher.

Gmail for Android received a substantial update from Google this afternoon - and the AndroidPolice team has agreed: some of the improvements are long overdue, while some of them are just plain cool.

snap20101209_132649 snap20101209_132721 snap20101209_132927

The change blurb that you'll find on the Market page lists some of the biggies, but a major one (for us, at least) has been excluded: quick folder switching. In the top left corner of whichever folder you were in, there was a simple label indicating the name of the folder. This is now a button, similar to the account button at the top right.

29
Sep
root_android

2.2.1 Update For Nexus One Breaks Universal Androot, Swype, And Other Aftermarket Keyboards

Posted by in Android OS, News, Nexus One (Passion)

A few days ago, the code for the Nexus One's 2.2.1 update went AOSP (Android Open Source Project), meaning that the source code became available to developers. It was comprised mostly of bugfixes and other things that weren't major... oh, and it also patched the exploits that allowed Universal Androot to unlock your device. We had a short conversation about it on Twitter with Cyanogen (the conversation starts at the bottom and goes up):

Image 9

As if breaking Universal Androot wasn't enough, apparently the new update also prevents existing installations of Swype and some other aftermarket keyboards from working. An easy solution exists though - just uninstall your existing keyboard and reinstall it.

02
Sep
image

Now We're Talking - Google's Latest Follow-up To The License Verification Fiasco Showcases 4 Methods To Make Pirates' Jobs Much Harder

Posted by in Apps/Games, Development, News

Update: Tim Bray responded in our comments letting us know Trevor Johns, a hands-on guy in the Android back-rooms, was the author of the post.

After we blew the faults behind Google's License Verification Library out of the water last week, Google's Tim Bray promised us some tips for protecting our applications against piracy, and in the latest post at Google's official Android blog he delivered them. Tim's article is loaded with easy to follow sample code, and advice that just makes sense. Mr. Bray covers several protection methods including:

  • obfuscation,
  • customizing the Licensing Library,
  • making your application tamper resistant (with a code sample that is nearly identical to what I published a week ago),
  • and using a secondary server for added protection.

23
Aug

[EXCLUSIVE] Report: [UPDATED] Google's Android Market License Verification Easily Circumvented, Will Not Stop Pirates

Posted by in Development, Exclusives, Videos
Last Updated: June 5th, 2012

[Update: 8/24/10 @ 7:45 PM EST by Aaron] Tim Bray responded to Justin's article, but seems to have misunderstood the goal. Thus, Justin has written a follow-up article here.

Preface

This article was not written to teach people how to pirate or ridicule Google's Android License Verification Library (LVL) that handles communication with Google's Android Market Licensing Service.

I am very much against piracy, and very much pro-Google. I have spent more time researching copy protection for my applications than development of the applications themselves.

I would like to thank:

  • the author of Star Hunt for allowing me to use his application in my demo video
  • the author of Tasker for allowing me to use his application, which has the best implementation of LVL I found, in this article

Both of these applications are available in the market - I highly suggest you give them a try.

20
Jul
image

LG Ally Update On Verizon Brings Numerous Improvements, But No Froyo

Posted by in Ally (Aloha), News, Verizon Wireless

Although no one expected the LG Ally to be the next phone to receive a push to Android 2.2, the announcement of an Ally update really got our hopes up. Still, it’s better than nothing. So, what changes does this update bring Ally users? Check them out below, straight from Verizon’s support page:

Improvements:
+ Increased QWERTY keyboard operability.
+ Streamlined alert functions.
+ Improved usability with alert sounds for authentication or
confirmation of Bluetooth® functions.
+ Increased speed and response time for Messaging and
Camera applications.
Enhancements:
+ Manage your schedule with preloaded Corporate
Calendar application.
+ Improved Amazon MP3 application.

08
Jun
Nexus One Gets 720p HD Video Recording In A Patch To CyanogenMod

Nexus One Gets 720p HD Video Recording In A Patch To CyanogenMod

Posted by in Development, Eclair 2.1, HTC, Nexus One (Passion)

Nexus One is still alive and pretty much kicking, especially thanks to the community. Since Google won't push new features to it, the community has to.

First Cyanogen added support for 802.11n WiFi in CyanogenMod, and now about half an hour ago, an xda-developers forum member by the name of charnsingh_online announced that he made a patch for CyanogenMod which enabled 720p video recording in the Nexus One.

The only requirement - CyanogenMod version of at least CM5.0.8test3, which means - yes, you need a rooted N1 running CM and not the stock OS.

His solution doesn't yet work in Froyo, but expect support for that to come out shortly.

18
Nov
IMG_5082

Sprint And HTC Release The First HTC Hero Firmware Update 1.56: Fixes Major Bugs, Adds Small Tweaks

Posted by in Hero (Sprint, HeroC), HTC, News, Sprint

This post and all its comments were migrated from Artem's personal blog beerpla.net when Android Police launched. If you would like to visit the original post there, please click here.

Only 2 days after I posted the list of problems with my HTC Hero (The Not So Good, The Bad, And The Ugly: My List Of 20+ Problems With HTC Hero) Sprint and HTC released the first firmware update.

The Update

To update your Hero, go to Settings->About phone->System updates->Firmware update.

The update took about 10 minutes to install, weighed 3.7MB or so, and rebooted the phone twice - once to install and once to reboot after the installation, so make sure you don't need to make any important phone calls during that time.

Page 2 of 212