About nine months ago, Rootjunky managed to bypass the factory reset protection (FRP) on Samsung devices simply by inserting an OTG drive into the phone and installing an app. Then, two months later, he found a vulnerability on LG phones; this time, he circumvented FRP by using talkback settings to open a browser, downloading an APK that opened settings, adding a new user, switching back to the main account, and then resetting without FRP. However, this new exploit for Samsung phones might be the most ingenious yet.
Factory reset protection was added to Android with 5.1 Lollipop, but since different OEMs use different variations of Android, vulnerabilities can arise. Read More
ZTE has been making some fine devices lately, and one of them is the Axon 7 which just went on sale a couple of weeks ago. The problem ZTE faces with enthusiasts though is the locked bootloader on its phones. This complicates things a lot for custom ROM enthusiasts as well as developers and modders who like to tinker with their devices.
But that situation is about to be resolved now. ZTE has announced that it will unlock the bootloader of the US versions of both the ZTE Axon 7 and Axon Pro, but only if you ask nicely. The requests will be processed on the Z-Community forums, within the Developers Lounge sub-space, and ZTE says it's reserved to "those with a high level of technical expertise and have had experience flashing custom ROMs." It's not clear whether or not it plans to verify that about each person who submits a request, or how exactly that'll be done. Read More
The odds are pretty good that if you're using a still-supported Nexus device, it's probably running August's security update by now. The factory images became available on Monday of last week and OTAs have been intermittently rolling out since then. The push to AOSP took a little longer and finally included a couple of other tags that were behind schedule. All of the changes have been compiled into their respective lists and the changelogs are ready for perusal.
Google's Android Security Bulletin details the potential vulnerabilities addressed by the August updates, but it's not too rare to see other small bug fixes and adjustments hidden among the changes. Read More
Android's Platform Distribution chart has been updated for August, and this month brings little in the way of interesting change. Marshmallow has risen around 1.9 points, to 15.2% of installs, with Lollipop 5.0 and 5.1 actually netting a 0.4 point gain this time around. Last month, total Lollipop installs actually dropped around 0.3 points, meaning this month's increased numbers have actually reversed that change and then some. Given that 5.0 installs didn't actually grow - gains were made solely by v5.1 - it's not exactly clear what happened there. Perhaps a large number of devices have gone straight from KitKat to Android 5.1, though that's an awful strange time for a jump. Read More
The OnePlus 3 has fast charging tech called Dash Charge, a first for the company. However, the necessary code for third-party ROMs and kernels to support Dash Charge simply didn't exist at launch. OP said it would release the necessary code by the end of July, and lo and behold, here it is right on time. Read More
The BLU R1 HD is a cheap Android phone, made even cheaper by its release as an Amazon Prime Exclusive device. You pay $50 (or $60 for the 16GB/2GB RAM version) for the phone instead of its original $100 price tag, but you get Amazon's apps pre-installed and its ads on the lockscreen. It's not that bad really: David has been trying to live with it for a month and hasn't faced many issues beside the "slowening", ie. the fact that the phone gets slower the more you use it.
If you've had an eye on this device either as your main phone or maybe as a Pokémon GO phone (hey, we understand), but you just can't bring yourself to accept Amazon's bloat, there's good news for you. Read More
CyanogenMod founder and Cyanogen Inc. cofounder Steve Kondik has published a blog post on the official CyanogenMod blog today. That is the blog associated with the community project, not Cyanogen Inc. Kondik's post appears to serve dual purposes: to ensure the community that CyanogenMod isn't going anywhere (and no one suggested it was), and that the company's alleged "pivot to apps" isn't happening.
After Friday's layoffs, the post makes sense. There's no reason to believe that the reduction of staff at Cyanogen Inc responsible for the maintenance of the open source CyanogenMod project means the community-driven effort is in danger. Read More
When it comes to mobile data, where customers almost always have a limited pool of access to work with, less is more. That's the principle behind the "delta" updates to apps that Google introduced way back in 2012, which in most cases allows the Play Store to download only the incrementally updated parts of an app rather than the entire APK. Now a new tweak to the delta update algorithm has made the updates themselves even smaller. Read More
Most of the intrepid users who tried the most recent Android N developer preview were none too pleased with the new notification toggle behavior. Google changed the WiFi and Bluetooth buttons from simple toggles to connection list triggers. After more than 1,500 issue tracker stars in just a few days, Google has relented. Read More
Android 7.0 Nougat developer preview will now show an application's install source in the app info interface. The new list item comes at the bottom, under the subheader "Store." This field is populated by a string obtained through getInstallerPackageName method, previously only accessible via a manual query. This string can be filled by a third party app store (such as Amazon, whose Appstore currently does this), or left blank in the case of an application that has been sideloaded.
As you can see in the hero image above, the Pokemon GO APK I sideloaded shows as having been installed by the package installer. Read More