XDA User Turned a Macbook Pro Into a DIY Samsung DeX Laptop

Along with the Galaxy S8 and S8+ announcement earlier this year, we also got to know Samsung DeX. This wireless-charging dock allows you to connect your Galaxy S8, S8+ or Note 8 as a desktop computer, allowing you to do things you would normally do on a proper desktop platform, like web browsing, sending emails, getting work done, and so on. However, the biggest deal-breaker with DeX is that you need a keyboard, a monitor and a mouse laying around in order to use your phone with those. This doesn’t allow you to get things done on the go, as getting DeX to work on a laptop is not exactly a plug and play process as it is on the desktop. And if you already have such peripherals, and the money to buy a Samsung flagship, you probably have a PC as well anyway.

Luckily, XDA Junior Member kreal was not afraid to get his hands dirty in order to make a DIY Samsung DeX laptop dock. He took an old MacBook Pro from early 2008, removed the motherboard and other internals, got a couple of powerbanks, cobbled up some cables, and after a lot of hard work, hacking and effort he managed to get the Samsung DeX interface to boot up in the MacBook Pro’s 1440×900 display. He documented the process in full in our Galaxy S8 forums.

If you’d like to get your hands dirty with a laptop and a Galaxy S8, go ahead and check the forums to see the process, step by step, with pictures included. However, have in mind that it’s a pretty hacky process, and there’s no actual guarantee that things will go fine and dandy: you’re on your own. After all, cracking open a laptop and replacing all the internals is not for the faint of heart at all, and you might void a few warranties (though we are use to that here). The author of this project has also made a video of the laptop dock booting the DeX interface flawlessly with his Galaxy S8, and he’s also answering questions from users in the thread.

---

Source: Forums

from xda-developers http://ift.tt/2yHg6Fa
via IFTTT

Google Removes YouTube from the Amazon Echo Show, Says it Violates their ToS

Amazon and Google have been going back and forth for a few years now. They seem to not want to play nice with each other  due to the large competitive overlap of their products and services, and in some case it’s resulted in a worse user experience for the end user. We see this conflict with products such as Amazon Prime Video, Google Home and more. This week, users found that their YouTube application was no longer working on the Amazon Echo Show as access to it was removed by Google.

This rivalry between Google and Amazon is nothing new and it’s something that has had a negative impact on users for years (though, at the same time, such competition likely had many unseen benefits). For example, the Amazon Prime Video application has never had support for Chromecast because Amazon wants you to buy their Fire TV Stick instead. This upsets Google and so they found a reason for them to remove the application from the Play Store. Thankfully it’s back now, but it still doesn’t have support for Chromecast.

Amazon holds a grudge too and not only refuses to sell the Chromecast on their website, but also refuses to sell the Google Home in their store as well. Searching for either of these two Google products shows Amazon’s alternative towards the top of the list, again a result of the overlap between both their products and services. While competition itself certainly pushes these companies to leapfrog each other with their respective endeavors, a sizable chunk of their customers would like to see Google and Amazon meet somewhere in the middle to make everyday services simpler and more seamless.

Now, Google says that Amazon’s implementation of YouTube on the Echo Show violates their terms of service and creates a broken user experience for the customer. Amazon is seemingly upset about it because they feel there isn’t a technical reason as to why Google did this, and that they did so without an explanation to Amazon or a notification to their customers.

---

Source: TechCrunch

from xda-developers http://ift.tt/2fRpKxf
via IFTTT

Twitter is Testing a 280 Character Limit for Tweets

Cramming all of your thoughts into a short Tweet can be difficult to do. We usually end up erasing a word or two, shortening some sentences, abbreviating some words, or simply not sending the tweet at all once it loses the original meaning. This is because Twitter has a 140-character limit for tweets. While the platform has functioned well with this character limit for the last 11 years, they appear to be finally expanding the 140 character limit as the company has announced that they are testing a higher character limit for tweets.

Some Twitter users may now notice that they can send longer tweets with up to 280 characters. For those users, this means that they will now be able to send twice the amount of characters in a single tweet. This is a significant change for Twitter users of most languages, while those tweeting in certain written  languages such as Mandarin, Japanese, or Korean have long been able to express their thoughts in fewer characters. Now more users can enjoy the same flexibility, and this decision comes after a market study made by the Twitter staff, which shed light on the fact that around 9% of all English tweets have 140 characters, compared to a much lower 0.4% percent of all Japanese tweets.

Suggested reading: Twitter No Longer Counts Usernames In Replies Against 140 Limit

With this decision, the company is hoping way fewer tweets run into the character limit. However, the feature is currently available only in A/B testing, so most users will likely have to wait before they can take advantage of it. Twitter wants to see existing users’ reactions before actually increasing the character limit for all users.

If your character limit just increased, then congratulations! You’re one of the lucky few that was chosen to participate in the A/B test. You can read more about this over at the Twitter official blog, where they will keep users posted about their test results.

---

Source: Twitter

from xda-developers http://ift.tt/2xwVNN3
via IFTTT

Dirty COW, an Exploit in the Linux Kernel, is Now Being Abused on Android by ZNIU

Dirty COW (Dirty Copy-On-Write), or CVE-2016-5195, is a 9-year-old Linux bug that was discovered in October last year. It is one of the most serious bugs to have ever been found within the Linux kernel, and now malware dubbed ZNIU has been found in the wild. The bug was patched in the December 2016 security update, but any devices which haven’t received it are vulnerable. How many devices is that? Quite a lot.

As you can see above, there are actually a sizable number of devices from pre-Android 4.4, when Google started making security patches. What’s more, any device on Android 6.0 Marshmallow or lower is actually going to be at risk unless they received any security patches past December 2016, and unless said patches properly targeted the bug. With the negligence of many manufacturers to security updates, it’s hard to say that most people are actually protected. An analysis by TrendLabs has revealed a lot of information about ZNIU.

ZNIU – The First Malware using Dirty COW on Android

First let’s get one thing clear, ZNIU is not the first recorded usage of Dirty COW on Android. In fact, a user on our forums used the Dirty COW exploit (DirtySanta is basically just Dirty COW) to unlock the bootloader of the LG V20.  ZNIU is only the first recorded usage of the bug being used for a malicious purpose. It’s likely this is because the application is incredibly complex. It seems to be active in 40 countries, with over 5000 infected users at the time of writing. It disguises itself in pornography and game applications, present in over 1200 applications.

What does the ZNIU Dirty COW malware do?

Firstly, ZNIU’s Dirty COW implementation only works on ARM and X86 64-Bit architecture. This doesn’t sound too bad, as most flagships on 64-Bit architecture usually will have the December 2016 security patch at least. However, any 32-Bit devices may also be susceptible to lovyroot or KingoRoot, which two of the six ZNIU rootkits use.

But what does ZNIU do? It mostly appears as a pornographic related app, but again can also be found in game related applications. Once installed, it checks for an update for the ZNIU payload. It will then begin privilege escalation, gaining root access, bypassing SELinux and installing a backdoor in the system for future remote attacks.

Once the application has initialized and the backdoor is installed, it begins to send device and carrier information back to a server located in mainland China. It then begins to transfer money to an account via a carrier’s payment service, but only if the user infected has a Chinese phone number. The messages confirming the transactions are then intercepted and deleted. Users from outside of China will have their data logged and a backdoor installed but will not have payments made from their account. The amount taken is ridiculously small as to avoid notice, the equivalent of $3 a month. ZNIU leverages root access for its SMS related actions, as to interact at all with SMS an application would normally need to be granted access by the user. It can also infect other applications installed on the device. All communications are encrypted, including the rootkit payloads downloaded on the device.

Despite said encryption the obfuscation process was poor enough that TrendLabs were able to determine the details of the web server, including location, used for communication between the malware and server.

How does the ZNIU Dirty COW malware work?

It’s fairly simple how it works, and fascinating from a security perspective. The application downloads the payload it needs for the current device it’s running on and extracts it to a file. This file contains all script or ELF files required for the malware to function. It writes then to virtual Dynamically Linked Shared Object (vDSO), which is usually a mechanism for giving user applications (ie, non-root) a space to work within the kernel. There is no SELinux limit here, and this is where the “magic” of Dirty COW really happens. It creates a “reverse shell”, which in simple terms means that the machine (in this case, your phone) is executing commands to your application instead of the other way around. This allows the attacker to then gain access to the device, which ZNIU does by patching SELinux and installing a backdoor root shell.

So what can I do?

Really, all you can do is stay away from applications not on the Play Store. Google has confirmed to TrendLabs that Google Play Protect will now recognize the application. If your device has the December 2016 security patch or later you are also completely safe.

---

Source: TrendLabs

from xda-developers http://ift.tt/2hynnQ8
via IFTTT

LaunchEnr is a Simple, AOSP-Style Launcher with Many Android Oreo Features

Custom launchers are the first thing that comes to mind when people think about Android customization. After all, the home screen can be considered as the main UX element of your phone and can be customized in many different ways, going from a simple icon change to a complete overhaul of every aspect of the launcher. There are many different alternatives including Nova Launcher, Action Launcher, Lawnchair, you name it. However, those looking to keep it simple while getting some additional features also have many options available. One of them being LaunchEnr.

LaunchEnr is developed by XDA Senior Member ivn888, and it’s based on AOSP Launcher3, meaning that Pixel Launcher/AOSP Launcher users will feel right at home with LaunchEnr. It also adds lots of useful, essential features. It includes icon pack support, dark and light theme options, per-app icons and labels, app hiding, unread count notification badge features, home screen rotation, and a lot more! It also lightens the stock AOSP code of Launcher3, replacing some deprecated methods and effectively optimizing the app. With the 2.0 update, it also includes all Android 8.0 Oreo standard features, like round/adaptive icon support, notification badges, further code optimizations, and more.

However, you should try it out in order to actually experience the whole LaunchEnr feature set. You can download it on the Play Store, where it’s available as a free application with no ads included. The developer also has an official XDA thread, where he delivers official updates and changelogs (as well as including the APK for each and every update). The developer is also active on the forums, picking up bug reports. It’s still marked as a beta, so you will probably find some bugs here and there. But we are really excited to see development coming along nicely, and we are looking forward to future LaunchEnr releases coming soon.

LaunchEnr (Free, Google Play) →

---

Source: Forums

from xda-developers http://ift.tt/2fQAFr6
via IFTTT

Source: Pixel 2 XL has Stereo Speakers, Always Listening “Music Recognition”, and Portrait Mode

The Google Pixel 2 and Pixel 2 XL is set to be announced on October 4th with multiple color options and a hefty price tag. While these two smartphones have had a lot of information leaked so far, one of the most controversial changes is the lack of a 3.5mm headphone jack. This has been corroborated by our own sources, 9to5Google, @evleaks, and others, so it’s safe to say that the next generation Pixel 2/2 XL smartphones will not feature a headphone jack.

Users have been wondering if, at the very least, Google would offer dual stereo speakers on these smartphones. Though previous leaks have affirmed the existence of dual speakers on the smaller Pixel 2 model, some were wondering if this would be true on the larger Pixel 2 XL model. After speaking with our source, we can confirm that the Google Pixel 2 XL will indeed have dual stereo speakers on front much like its smaller counterpart.

That isn’t all that we’ve learned, however. Over this weekend, the founder of AndroidPolice Artem Russakovski shared some unverified rumors from a source who spent time with the Verizon Google Pixel 2. Our own source independently corroborates most of these claims. That means we believe both the Google Pixel 2 and Google Pixel 2 XL will have the following features:

• New “Portrait Mode” feature in the Google Camera app. This feature focuses on the main person in frame and blurs out the background to produce an image in vein of a live portrait. This feature is said to be similar to the Portrait Mode found on the iPhone 7 Plus.
• Revamped Pixel Launcher with the search bar at the bottom. This was accidentally shown off at this year’s Google I/O, and 9to5Google was able to capture a video of it in action. Some of you may not like how it looks, but the beauty of Android is that you can always install another launcher.
• New “Music Recognition” feature. According to the settings page for this feature, “when music is playing nearby, it will automatically show up on your lock screen.” Even though Google Assistant itself doesn’t yet have song recognition (though there’s a workaround for that), it seems that Google will somehow be able to listen for songs in the background and recommend them to you on the lock screen. Those of you worried about privacy will probably want to keep this feature disabled.
• Squeeze to launch Google Assistant. We already leaked the existence of this feature back in July, but Artem’s tweets now corroborate this further.
• Always on Ambient Display mode. We’ve covered this feature on multiple occasions, and given that it’s actually live in AOSP and can even be enabled on existing Android Oreo devices, this is probably Google’s worst-kept secret feature for the Pixel 2 series.

There are bound to be other leaks of features and hardware of the Google Pixel 2 and Google Pixel 2 XL in the coming days. We’re only a few days away from the official announcement, so there’s a lot to look forward to in the next week. Though the loss of the 3.5mm headphone jack port is disappointing to many, perhaps having dual, front-facing stereo speakers will assuage those concerns somewhat. Furthermore, those new Google Assistant-enabled headphones might come in handy in the future—perhaps if they release another model at a lower price.

from xda-developers http://ift.tt/2hwtfwO
via IFTTT

Google Prepares to Better Integrate Android Things with Chromecast in Android P

Earlier this year, we got our first glimpse at Android Things, previously called Brillo, along with several developer previews to date. Android Things aims to be an Android-based solution for embedded systems. As an OS for the Internet of Things (IoT), it’s designed to work on systems with as low as 32 MBs of RAM. While it sounds promising, we probably won’t see many Android Things devices in the wild until next year when the OS is more mature. This means we’re sure to see more improvements in the coming months. One such improvement that we’ve spotted in the source code is Chromecast integration, set to be rolled out with the release of Android Things based on Android P (9.0).

We discovered this recent commit in the Chromium Gerrit. It introduces a new volume control API, which is an Android Things system API (it will be a public API when Android P comes around) to synchronize the volume level between Android Things and Chromecast devices. This is a pretty small change, but it’s noteworthy as it shows how Google is working to better integrate the Android Things and Chromecast platforms.

The end goal of Android Things is to integrate Android with every device in your household. As such, this is just one small change of many to come for Android Things-powered systems to integrate seamlessly with the rest of the Google ecosystem. We have previously shown our excitement for Android Things and all its capabilities and potentials, and seeing more of these capabilities slowly come to life only increases our excitement further.

Android Things is currently on its 5th developer preview, and as we said earlier, it’s really unlikely that we’ll be getting finalized versions before the end of the year. We expect to hear more about the new IoT OS during the course of the next year.

from xda-developers http://ift.tt/2hy35pU
via IFTTT