Related
First of all: I'm an OSS advocate and love the idea of open source. Don't forget that while reading this.
Some 2 month ago, I got myself a Galaxy S. It's not exactly cheap, but on the other side, it's really good hardware. This thread is not about Samsung or the Galaxy S. It's about the missing parts of android security.
We all know it from our home computers: Software sometimes has bugs. Some just annoy us, others are potentially dangerous for our beloved data. Our data sometimes gets stolen or deleted due to viruses. Viruses enter our machines by exploiting bugs that allow for code execution or priviledge escalation. To stay patched, we regularly execute our "apt-get update;apt-get dist-upgrade" or use windows update. We do this to close security holes on our systems.
In the PC world, the software and OS manufacturers release security bulletins to inform users of potentially dangerous issues. They say how to work around them or provide a patch.
How do we stay informed about issues and keep our Android devices updated?
Here's what Google says:
We will publicly announce security bugs when the fixes are available via postings to the android-security-announce group on Google Groups.
Click to expand...
Click to collapse
Source: http://developer.android.com/guide/appendix/faq/security.html#informed
OK, that particular group is empty (except for a welcome post). Maybe there are no bugs in Android. Go check yourself and google a bit - they do exist.
"So why doesn't Google tell us?", you ask. I don't know. What I know is that the various components of Android (WebKit, kernel, ...) do have bugs. There's nothing wrong with that BTW, software is made by people - and people make mistakes and write buggy code all the time. Just read the changelogs or release notes.
"Wait", I head you say, "there are no changelogs or release notes for Android releases".
Oh - so let's sum up what we need to stay informed about security issues, bugs and workarounds:
* Security bulletins and
* Patches or Workaround information
What of these do we have? Right, nada, zilch, rien.
I'll leave it up to you to decide if that's good common practise.
"But why is this important anyway", you ask.
Well, remember my example above. You visit a website and suddenly find all your stored passwords floating around on the internet. Don't tell me that's not possible, there was a WebKit bug in 2.2 that did just that. Another scenario would be a drive-by download that breaks out of the sandbox and makes expensive phone calls. Or orders subscriptions for monthly new ringtones, raising your bill by orders of magnitute. Or shares your music on illegal download portals (shh, don't tell the RIAA that this is remotely possible).
The bug is probably fixed in 2.2.1 - but without changelogs we can't be sure.
But that's not all - there's a second problem. Not only are we unaware of security issues, we also don't have automated update mechanisms.
We only receive updates when our phone's manufacturers release new firmware. Sadly, not all manufacturers support their phones in the long run.
In the PC world, most Distros have a central package management - that Google forgot to implement in Android. Agreed, some phones can receive OTA updates, but that depends on the carrier. And because of the differences in Android versions it's not possible to have a central patch management either. So we do not know if our Android devices might have security issues. We also have no easy way to patch them.
Perhaps you knew this before, then I apologize for taking your time.
What do YOU - the computer literate and security aware XDA users - think about this? Do you think that's a problem? Or would you rather say that these are minor problems?
Very intresting, thanks! The update problem should be fixed with the next release, no more custom UIs and mods from phone manufacturers,at least google said that
Sent from my Nexus One using XDA App
Excellent post and quite agree with you. The other significant problem looming is the granularity (or rather, lack thereof) in app permissions which can cause problems you describe without bugs and exploits. I install an app that does something interesting with contacts and also has internet access to display ads. How do I know that my contacts are not encrypted, so making sniffing useless, and beamed back to mummy? Nothing other than blind trust!
I love Android but it's an accident waiting to happen unless the kind of changes you advocate are implemented and granularity of permissions significantly increased. I don't like much about Apple but their walled garden app store is something they did get right although IMHO, they also abuse that power to stifle competition. Bring out the feds!
simonta said:
The other significant problem looming is the granularity (or rather, lack thereof) in app permissions [...]
How do I know that my contacts are not encrypted, so making sniffing useless, and beamed back to mummy? Nothing other than blind trust!
Click to expand...
Click to collapse
I agree, although I'm not sure that less experienced users might have difficulties with such options.
simonta said:
I love Android but it's an accident waiting to happen
Click to expand...
Click to collapse
Sad but true. I'm just curious what Google will do when the first problems arise and the first users will have groundshaking bills.
If that happens to just a few users, it'll get a kind media coverage Google surely won't like.
I've seen quite a few android exploits posted on bugtraq over the years. It's a high-volume email list, but with some filtering of stuff you don't care about, it becomes manageable. It's been around forever and is a good resource if you want the latest security news on just about anything computer related.
http://www.securityfocus.com/archive/1/description
People are bashing a lot about the Android security model but the truth is you can never have 100% protection with ANY solution.
Apple is not allowing any app in their store. Fine. but mostly they are only filtering out apps that crash, violate some rules or they just don't like them or whatever. but they can never tell what an app is really doing. Therefore they would neeed to reverse-engineer every app they get etc. That's just impossible considering the amount of apps....
Speaking again of Android. I think the permission model is not bad. I mean, no other OS got such detailed description about what an app can do or not. But unfortunately it can only filter out very conspicuous apps, i.e. a Reversi game asking for your location and internet access. But then you never know... if the app is using ads it requires location and internet access, right? so what can you do?
RAMMANN said:
Apple is not allowing any app in their store. Fine. but mostly they are only filtering out apps that crash, violate some rules or they just don't like them or whatever. but they can never tell what an app is really doing. Therefore they would neeed to reverse-engineer every app they get etc. That's just impossible considering the amount of apps....
Click to expand...
Click to collapse
Not really, they do blackbox testing and let the apps run on emulated devices they then check if the app "behaves" as desired...
Of course you can't get 100% security and I don't think that's what we're saying, but there is a lot you can do.
Take for example internet access which is the biggest worry I have. The only reason most apps request internet access is to support ads. I now have a choice to make, don't use the app or trust it. That simple, no other choice.
If I installed an app that serves ads but did not have internet access, then the only way that app can get information off my phone is to use exploits and I'm a lot more comfortable knowing that some miscreant needs to understand that than the current situation where some script kiddy can hoover up my contacts.
However, if internet access and ad serving were separate permissions, you could in one hit address, taking a wild guess, 90% of the risk from the wild west that is Marketplace. With a bit more design and work, it would be possible to get the risk down to manageable and acceptable levels (at least for me).
I absolutely agree with you on Apple, one of the main reasons that I chose a Desire instead of an iPhone, but the Android approach is too far the other way IMHO.
Just my tuppence, in a hopeless cause of imagining someone at Google paying attention and thinking you know what, it is an accident waiting to happen.
marty1976 said:
Not really, they do blackbox testing and let the apps run on emulated devices they then check if the app "behaves" as desired...
Click to expand...
Click to collapse
Well, so why did a tethering app once make it into the appstore?
Also I think there are many possibilities for an app to behave normal, and just start some bad activity after some time. Wait a couple months until the app is spread around and then bang. Or remotely launch some action initiated through push notifications etc.
If there is interest, then there is always a way....
simonta said:
However, if internet access and ad serving were separate permissions, you could in one hit address, taking a wild guess, 90% of the risk from the wild west that is Marketplace. With a bit more design and work, it would be possible to get the risk down to manageable and acceptable levels (at least for me).
Click to expand...
Click to collapse
I agree that a seperate permission for ads would be a good thing.
But there are still many apps which need your location, contacts, internet access.... all the social media things nowadays. And this is where the whole thing will be going to so I think in the future it will be even harder to differenciate.
Getting back on topic: I just read that Windows 7 Phone will get updates and patches like desktop windows. That means patchday once a month plus when urgency is high...
simonta said:
However, if internet access and ad serving were separate permissions, you could in one hit address, taking a wild guess, 90% of the risk from the wild west that is Marketplace. With a bit more design and work, it would be possible to get the risk down to manageable and acceptable levels (at least for me).
Click to expand...
Click to collapse
But, how do you distinguish them? Today, (as a developer) I can use any ad-provider I want. In order to distinguish ads from general internet access, the OS would need one of:
A Google-defined ad interface, which stifles "creativity" in ad design. Developers would simply ignore it and do what they do now as soon as their preferred ad-provider didn't want to support the "official" ad system or provided some improvement by doing so.
An OS update to support every new ad-provider (yuck^2).
Every ad-provider would have to go through a Google whitelist that was looked up on the fly (increased traffic, and all ads are now "visible" to Google whether Google is involved in the transaction or not). This would also make ad-blocking apps harder to implement since Google's whitelisting API might not behave if the whitelist was unavailable. On the upside, it would make ad-blocking in custom ROMs be trivial.
Even if Google did one of these things, it still wouldn't provide any real increase in privacy or security. The "ad service" would still need to deliver a payload from the app to the service (in order to select ads) and another from the service to the app (the ad content). Such a mechanism could be trivially exploited to do anything that simple HTTP access could provide.
http://code.google.com/p/android/issues/list
issues submitted are reviewed by google employed techs... they tell you if you messed up and caused the issue or if the issue will be fixed in a future release or whatever info they find.
probably not the best way to handle it but its better then nothing.
twztdwyz said:
http://code.google.com/p/android/issues/list
Click to expand...
Click to collapse
Knew that bug tracker, but the free tagging aka labels isn't the best idea IMHO.
You can't search for a specific release, for example...
twztdwyz said:
probably not the best way to handle it but its better then nothing.
Click to expand...
Click to collapse
Ack, but I think Google can do _much_ better...
Two more things to have in mind:
1. I doubt that many Android users bother much about what permissions they give to an app.
2. Using Google to sync your contacts and calendar (and who knows what else), is a bad, bad idea.
If this is the wrong place for this thread sorry but I could see a forum for these devices.
I just ordered the Archos 101 Internet Tablet 16 GB. It was a toss up between that tablet and the Viewsonic G-Tab. The lighter weight and form factor of the Archos, as well as the fact they were actually in stock and cheaper then the Viewsonic made me end up with one of those.
Has anyone started playing with these devices yet to see if they can be rooted, custom recoveried, or ROM'd yet? I'd love to get Cyanogen 2.2 or a lightweight 2.2 build on this device. Thanks!
Permanent root is still being worked on. Don't plan on seeing Cyanogen on them (at least I haven't heard anything about the Cyanogen team coming up with anything). Once permanent root comes (after the 2.2 update), then custom ROMs will be coming down the pipe.
z4root works for temp root right now, and hopefully perm root soon. If you apply the current 2.2 you will want z4root and SetCpu (search XDA) to get your CPU clock speeds back to 1 GHz.
There are some internal 2.2 fixes coming in the next firmware from Archos that should stabilize things a bit and *hopefully* enable hardware acceleration in Flash. Once that firmware is out we should be at a decent starting point for custom development.
"and *hopefully* enable hardware acceleration in Flash"
It is officially stated by Archos that the hardwareaccelerated Flash is there and just needs confirmation by adobe.
fzelle said:
It is officially stated by Archos that the hardwareaccelerated Flash is there and just needs confirmation by adobe.
Click to expand...
Click to collapse
Not sure about you, but the whole process of even getting my A101 wound up being a I'll believe it when I see it affair. I trust the better (working) Flash is coming, but until I see the firmware I will continue to hope.
Hexidecimal said:
Has anyone started playing with these devices yet to see if they can be rooted, custom recoveried, or ROM'd yet? I'd love to get Cyanogen 2.2 or a lightweight 2.2 build on this device. Thanks!
Click to expand...
Click to collapse
I have an A70. It's basically the 101 with a 7" screen, so they are the same. I was hesitant to be too exited about it when I decided to order. I had never owned an Archos. In fact, I had never even heard of them.
Now that I actually have my A70, I am very pleased with it. It is fast and very responsive. And the build quality is quite high. On par with Apple even. (please don't start a flame war over this, it's just my opinion).
The real thing that has me exited is that, once this baby gets rooted, it's gonna be so frickin awesome. I don't know about Cyan, but I think there will be some great Roms for it coming down the pipe. After all, there are only a few viable Android tablets out there for a while (the Gtab, Galaxy and Archos), so devs will probably focus their talents on those. It's not like the phone market where you have 50 different platforms to choose from.
Just my .02 cents. I hope you enjoy your A101.
Archos 101: 'Lag' reinvented
I have a Archos 101 8Gb since 2 weeks.
I also own a Samsung Galaxy S, getting rid of 'lag' on the Galaxy S is a big thing in the Galaxy S forums. But compared to a Archos 101, the Galaxy S merely hesitates a bit, while the Archos frequently has to be resurrected from the dead it seems. There is plenty of room for serious improvement, at this moment it doesn't come close to the performance of a standard Samsung Galaxy S or HTC Desire, especially when swithcing apps or screens, or when something is downloading.
So, looking forward to customizing!
Archos 101 8Gb Froyo 2.2, Z4Root + SetCPU 1000Mhz.
Why would it be so hard to root or create ROMs for this device when Archos, on their website claim that this is all open source and even possible to dual boot?
Possibilities beyond Android™ with the ‘Dual OS’
Just like a PC, the ARCHOS 70 internet tablet can be freely programmed in alternative ways. This gives developers programming options in addition to the applications that can be created for the Android platform. To have total control of your Internet Tablet, ARCHOS has opened up this device, thus allowing creative minds to program their own tablet, or create what could be the tablet of the future.
ARCHOS has decided to « open » its ARCHOS 70 internet tablet by proposing to install and replace the system running Android originally installed on the machine.
Developers and programmers can choose for the operating system running under Linux distribution Ångström.
Developers can install this OS on an ARCHOS 70 internet tablet and join the Linux community which is developing a new interface, new icons, drivers, programs ... dedicated to this platform.
Skilled developers and programmers can now choose to switch over to a true standard Linux environment as offered by the Ångström Linux distribution. Developers can put this on their ARCHOS 70 internet tablet devices and join other enthusiasts who are experimenting with various ideas and interfaces based on the Linux operating system.
The difficult part is they compressed the file system with squashfs, which is a read only system.
I'm not too familiar with linux or android os, but I've read people saying that it has to be decompressed before we can have read/write access for root
xShadoWxDrifTx said:
The difficult part is they compressed the file system with squashfs, which is a read only system.
I'm not too familiar with linux or android os, but I've read people saying that it has to be decompressed before we can have read/write access for root
Click to expand...
Click to collapse
There is a workaround for r-only but it's not ready yet. Over at archosfans one of members is trying to remount /system and enable writing, thus providing us with permanent root access. It's work in progress...
zad225: That might require the SDE which I will be released in the next couple days.
Techngro said:
Now that I actually have my A70, I am very pleased with it. It is fast and very responsive.
The real thing that has me excited is that, once this baby gets rooted, it's gonna be so frickin awesome.
Click to expand...
Click to collapse
No poster is addressing the big problem with the 101: RAM is limited to 256MB, a huge technical and marketing disaster. My phone has 512MB...!
I have two days to decide whether to return it or not. RAM gets well below 50MB easily, and the tablet gets very slow and laggy. I've uninstalled everything I can think of, and under the best circumstances I get 72MB free, dangerously close to a slowdown...
I love everything else about it, specially the weight and the sound. But right now I'm leaning to a return, because even modding will not overcome the RAM problem.
Can someone technically qualified refute my opinion..? I don't mean "it works fine for me" or "be patient", I mean a technical reason that would eliminate the slower speed and lagginess.
Thank you.
You could add a swap file if you are temp rooted.
Sent from my HTC Legend using XDA App
marclh1992 said:
You could add a swap file if you are temp rooted.
Sent from my HTC Legend using XDA App
Click to expand...
Click to collapse
just searched the gen8 section and I don't find any directions on adding a swap file . does someone have a link to a HOW-TO on that
argie said:
No poster is addressing the big problem with the 101: RAM is limited to 256MB, a huge technical and marketing disaster. My phone has 512MB...!
I have two days to decide whether to return it or not. RAM gets well below 50MB easily, and the tablet gets very slow and laggy. I've uninstalled everything I can think of, and under the best circumstances I get 72MB free, dangerously close to a slowdown...
I love everything else about it, specially the weight and the sound. But right now I'm leaning to a return, because even modding will not overcome the RAM problem.
Can someone technically qualified refute my opinion..? I don't mean "it works fine for me" or "be patient", I mean a technical reason that would eliminate the slower speed and lagginess.
Thank you.
Click to expand...
Click to collapse
Sorry but can you give a technical reason on why 256MB RAM is a huge technical and marketing disaster?
The Motorola Droid has 256MB of RAM and runs Froyo fine including Flash. I am able to get down to 25MB or less with no slow down. So saying that the 256MB of RAM is the root problem is incorrect. Would more memory be nice? Of course it would.
The main reasons people are seeing issues is because of some bugs in the current Archos Froyo implementation. It also appears that JIT is not actually enabled in this first Froyo build either. Both of these items can be fixed with a software update.
Another reason I see is the incorrect use of task killers. People seem to think they need to kill all running programs when in fact that can cause slowdowns, instability, crashes and lockups.
I have also seen user error that causes a lot of issues. Mostly from new to Android people that have no clue what they are doing. They install half baked programs that cause some of the issues mentioned above.
I think if you give it some time then things will become nicer. If your not willing to wait then I'm sure you can pick up a new tablet within the next couple of months that will meet your criteria.
Go to this website for how to use a swap space. It fixed most problems for me.
forum.archosfans.com/viewtopic.php?f=74&t=42718
Sent from my HTC Legend using XDA App
I'm about to root my Nexus 10. Will I lose anything? Such as some Google Apps refusing to work like paid for movies or books or anything if it detects it's running on a rooted device?
Or do all Google and other apps still work fine?
Anything to watch out for? I'm considering Cyanogen, and will root with Mskip's tool.
http://forum.xda-developers.com/showthread.php?t=2001868
Everything will work fine. All that I have ever found not working is my employer's software developed only for the employees. No mass produced app will give you any trouble.
Enjoy CM10!
Sent from my GT-N7100 or the Nexus 10, heaven knows.
Those who help noobs go to heaven. True story.
DroidBois said:
I'm about to root my Nexus 10. Will I lose anything? Such as some Google Apps refusing to work like paid for movies or books or anything if it detects it's running on a rooted device?
Or do all Google and other apps still work fine?
Anything to watch out for? I'm considering Cyanogen, and will root with Mskip's tool.
http://forum.xda-developers.com/showthread.php?t=2001868
Click to expand...
Click to collapse
You lose everything, including your home and first-born child.
In all seriousness, just about everything will work fine if you only root. Some custom ROMs do introduce incompatibility problems, but it's usually on a pretty small scale (an app here or there might not work if your ROM/kernel choice tweaks how the device handles graphics, for example). By and large, you should be fine, but be careful of certain content apps that will refuse to play on rooted devices.
SacGuru said:
Everything will work fine. All that I have ever found not working is my employer's software developed only for the employees. No mass produced app will give you any trouble.
Enjoy CM10!
Sent from my GT-N7100 or the Nexus 10, heaven knows.
Those who help noobs go to heaven. True story.
Click to expand...
Click to collapse
Come now, you know that's not entirely true. Many stuck-up content providers won't support rooted devices, and you'll also get the standard "unsupported device" claim if you're rooted or have an unlocked bootloader from apps like Google Wallet. By and large though, OP, you should be fine.
Rirere said:
You lose everything, including your home and first-born child.
In all seriousness, just about everything will work fine if you only root. Some custom ROMs do introduce incompatibility problems, but it's usually on a pretty small scale (an app here or there might not work if your ROM/kernel choice tweaks how the device handles graphics, for example). By and large, you should be fine, but be careful of certain content apps that will refuse to play on rooted devices.
Come now, you know that's not entirely true. Many stuck-up content providers won't support rooted devices, and you'll also get the standard "unsupported device" claim if you're rooted or have an unlocked bootloader from apps like Google Wallet. By and large though, OP, you should be fine.
Click to expand...
Click to collapse
You are right, but I was responding to what the OP had asked. Movies from play will work just fine afaik. And yes, there would be some app developers who won't support modified devices (I've heard of some trouble with the Sky tv app), but then again on some devices there are ways to temporarily unroot to allow such apps to run.
Again, how the device handles graphics can be modified as well. I had trouble with the Naked Browser before I modified the dpi using an xposed framework module.
In simple terms, so as to not confuse things, I would say that the huge majority of apps would give him no problems, and he would be missing out a lot if he refuses to root his device in the fear of one or two apps not working.
Sent from my GT-N7100 or the Nexus 10, heaven knows.
Those who help noobs go to heaven. True story.
SacGuru said:
You are right, but I was responding to what the OP had asked. Movies from play will work just fine afaik. And yes, there would be some app developers who won't support modified devices (I've heard of some trouble with the Sky tv app), but then again on some devices there are ways to temporarily unroot to allow such apps to run.
Again, how the device handles graphics can be modified as well. I had trouble with the Naked Browser before I modified the dpi using an xposed framework module.
In simple terms, so as to not confuse things, I would say that the huge majority of apps would give him no problems, and he would be missing out a lot if he refuses to root his device in the fear of one or two apps not working.
Sent from my GT-N7100 or the Nexus 10, heaven knows.
Those who help noobs go to heaven. True story.
Click to expand...
Click to collapse
There's a fine line between "not confus[ing] things" though and glossing over very real issues. It's significantly better for a new user to go into rooting aware of potential problems than rush in and get screwed on something because they expected rooting to be a land of sunshine, rainbows, and daisies, and found it was actually one that also had blood and tears.
That's especially true when you start getting into things like XPosed modules, which, while simple are much more than a new user should really have to contend with. Full stock+rooted is probably the safest introduction because it's so comparatively trivial to revert if you blow yourself up.
Rirere said:
There's a fine line between "not confus[ing] things" though and glossing over very real issues. It's significantly better for a new user to go into rooting aware of potential problems than rush in and get screwed on something because they expected rooting to be a land of sunshine, rainbows, and daisies, and found it was actually one that also had blood and tears.
That's especially true when you start getting into things like XPosed modules, which, while simple are much more than a new user should really have to contend with. Full stock+rooted is probably the safest introduction because it's so comparatively trivial to revert if you blow yourself up.
Click to expand...
Click to collapse
I know people who went on to custom roms the day they rooted their phones. I myself used one within a fortnight of using my first android device. Rooting isn't exactly rocket science.
I would really like to know what percentage of apps you believe do not work on custom roms/rooted phones out of all apps in the world. Impossible though it might be to have an exact number, I have a slight suspicion you have a larger-than-what-could-be-true figure in your head. While at it, do mention some of the blood and tears you have had while using your device.
In all the time I have been using android devices, I have only once encountered an app which I couldn't run on my device, and I believe that was purely due to lack of effort on my part.
Again, many people turn on to modifying their devices only because they want to use a custom rom, as the OP already wants to. I have never seen a comment by an user who regrets rooting his device as an app isn't working. I have seen numerous from users who are disappointed with the capabilities of their unrooted devices.
Had you understood my second comment, you would have realized that not only had I agreed with what you had said, I had also, unlike you, actually mentioned a couple of apps which might have problems on a rooted device. Glossing over issues might be wrong, but complicating simple questions is worse, in my opinion.
Sent from my GT-N7100 or the Nexus 10, heaven knows.
Those who help noobs go to heaven. True story.
SacGuru said:
I know people who went on to custom roms the day they rooted their phones. I myself used one within a fortnight of using my first android device. Rooting isn't exactly rocket science.
I would really like to know what percentage of apps you believe do not work on custom roms/rooted phones out of all apps in the world. Impossible though it might be to have an exact number, I have a slight suspicion you have a larger-than-what-could-be-true figure in your head. While at it, do mention some of the blood and tears you have had while using your device.
In all the time I have been using android devices, I have only once encountered an app which I couldn't run on my device, and I believe that was purely due to lack of effort on my part.
Again, many people turn on to modifying their devices only because they want to use a custom rom, as the OP already wants to. I have never seen a comment by an user who regrets rooting his device as an app isn't working. I have seen numerous from users who are disappointed with the capabilities of their unrooted devices.
Had you understood my second comment, you would have realized that not only had I agreed with what you had said, I had also, unlike you, actually mentioned a couple of apps which might have problems on a rooted device. Glossing over issues might be wrong, but complicating simple questions is worse, in my opinion.
Click to expand...
Click to collapse
You're starting to get a little touchy there.
I've been rooted and flashing ROMs for several years now, so I'm hardly new to the field. Nor do I think that there's even a large portion of apps out there that have trouble on rooted devices-- because that is not the point. From an end-user perspective, it only takes the loss of one app or a misbehaving one to ruin the experience. A great day-to-day example is Foldersync-- while the app "runs" correctly, if it detects you have root privileges it will spam superuser requests to perform a better sync. If you deny the request, your sync may fail, and if you accept it, the app potentially causes a wakelock. Random behavior can be just as bad as an outright crash.
OP's interest with ROMs is also a point of greater concern than just root. You really don't have to look too far to see people having problems, especially if you every venture outside of Nexus-land. The last hulabaloo I saw over this was back in the HTC One forums because a popular AOSP ROM had a misconfigured graphics driver that caused a few games to fall over and die.
As far as blood, sweat, and tears, try a bootlooping Galaxy Player 4.0 with a wiped /efs that was essentially softbricked for about two months before I had a free six or seven hours to manually dd everything back into place. I've also had my share of bootloops on Nexus devices while experimenting, although with a little fastboot or adb knowledge it's not hard to get out of them.
I have seen plenty of people regret their root or flash. I don't think you quite remember how bad the first bootloop or problem can be if you have never messed with this stuff before. Fastboot and adb are pretty easy to learn to use, but when you're first starting and every black screen seems like the death knell, it's a different matter altogether. Yes, I saw your post, and I understood, but it's a lot better to play it safe, especially at first, then charge ahead unaware of the consequences. Don't tell me you haven't seen people whining in countless ROM threads because they've done something stupid, usually because they didn't know not to.
Bottom line: better to play it safe and know than not. The only point I made up top was that you have to be 100% aware that you're playing with fire before you get burned. That doesn't mean fire isn't useful or that it's scary, but it does mean you have to be careful.
Edit
SacGuru said:
The whole point of my second post was that there are alternatives - to roms, to mods, to apps, to hardware limitations. The availability of these alternatives is amongst the prime reasons we love android, you and I.
The Op is not asking us about Softbricks/bootlooping devices, or black screens. He is asking only about apps. As I said before, I haven't yet seen a comment from someone who wants to unroot his device just because a particular app does not work. It might be possible that with your experience you might have seen one or two, but as you mention yourselves, people sometimes tend to be stupid.
It's unfortunate that I sounded touchy to you. My only answer to the Op still remains that it would be highly unlikely for him to have trouble with apps, even though there could be apps which do not work on modded phones (as I did mention in my very first comment).
Click to expand...
Click to collapse
I think we're reading the comment a little differently. This is why I brought up what I did.
I'm about to root my Nexus 10. Will I lose anything? Such as some Google Apps refusing to work like paid for movies or books or anything if it detects it's running on a rooted device?
Or do all Google and other apps still work fine?
Anything to watch out for? I'm considering Cyanogen, and will root with Mskip's tool.
Click to expand...
Click to collapse
Based on the questions being asked, I think it's reasonable to assume OP doesn't know anything about rooting or ROMs, so I'm being a little more liberal in looking at this comment than I would be otherwise. As such, I'd rather err on giving them information a little outside the original scope than too little.
Rirere said:
You're starting to get a little touchy there.
I've been rooted and flashing ROMs for several years now, so I'm hardly new to the field. Nor do I think that there's even a large portion of apps out there that have trouble on rooted devices-- because that is not the point. From an end-user perspective, it only takes the loss of one app or a misbehaving one to ruin the experience. A great day-to-day example is Foldersync-- while the app "runs" correctly, if it detects you have root privileges it will spam superuser requests to perform a better sync. If you deny the request, your sync may fail, and if you accept it, the app potentially causes a wakelock. Random behavior can be just as bad as an outright crash.
OP's interest with ROMs is also a point of greater concern than just root. You really don't have to look too far to see people having problems, especially if you every venture outside of Nexus-land. The last hulabaloo I saw over this was back in the HTC One forums because a popular AOSP ROM had a misconfigured graphics driver that caused a few games to fall over and die.
As far as blood, sweat, and tears, try a bootlooping Galaxy Player 4.0 with a wiped /efs that was essentially softbricked for about two months before I had a free six or seven hours to manually dd everything back into place. I've also had my share of bootloops on Nexus devices while experimenting, although with a little fastboot or adb knowledge it's not hard to get out of them.
I have seen plenty of people regret their root or flash. I don't think you quite remember how bad the first bootloop or problem can be if you have never messed with this stuff before. Fastboot and adb are pretty easy to learn to use, but when you're first starting and every black screen seems like the death knell, it's a different matter altogether. Yes, I saw your post, and I understood, but it's a lot better to play it safe, especially at first, then charge ahead unaware of the consequences. Don't tell me you haven't seen people whining in countless ROM threads because they've done something stupid, usually because they didn't know not to.
Bottom line: better to play it safe and know than not. The only point I made up top was that you have to be 100% aware that you're playing with fire before you get burned. That doesn't mean fire isn't useful or that it's scary, but it does mean you have to be careful.
Click to expand...
Click to collapse
The whole point of my second post was that there are alternatives - to roms, to mods, to apps, to hardware limitations. The availability of these alternatives is amongst the prime reasons we love android, you and I.
The Op is not asking us about Softbricks/bootlooping devices, or black screens. He is asking only about apps. As I said before, I haven't yet seen a comment from someone who wants to unroot his device just because a particular app does not work. It might be possible that with your experience you might have seen one or two, but as you mention yourselves, people sometimes tend to be stupid.
It's unfortunate that I sounded touchy to you. My only answer to the Op still remains that it would be highly unlikely for him to have trouble with apps, even though there could be apps which do not work on modded phones (as I did mention in my very first comment). Somehow your answer seemed pretty similar to mine ('just about everything would be fine'), so I just wondered why you had to mention to me problems with apps like the google wallet which are easily fixed.
By now, I am sure both of us understand what the other is talking about. Also, the op has enough info to take a decision on his own. My only qualm is that the inclusion of some seemingly complex terminology might turn him off rooting his device
Sent from my GT-N7100 or the Nexus 10, heaven knows.
Those who help noobs go to heaven. True story.
Wow... I just love you guys so much... So much detailed analysis here..
I've rooted all my devices in the past and generally not had any issues if I use a mature solid tool and ROM, I've only had issues with more 'pioneering' ROM's and tools, but for good reason. So I try to stick to the stable well tested mature varieties like Cyanogen and well supported tools, generally where the developer gets some payment (as reward encourages good development).
I'm more concerned with anything like content apps so Google Books / Magazines / Movies / Zinio etc or any other apps that may kick a stink about running on a rooted device?
Spotify seems fine on a rooted device so far though (Nexus 4).
It may not be an issue for some, but I am one of the (possibly rare?) people who PAY for content - specifically reading material. And I have an extensive library so I don't want to lose that.
I'm not so concerned on the technical front as the Nexus should be fairly well community supported and understood mainstream devices and likely to have stable development and mature community support.
I have the mskip tool ready to go so I'm fine with that.
It's not a debate about rooting vs not. I always root because simple things like having a quick tile for WLAN AP can make a HUGE difference through the day as opposed to this retarded idea that people ENJOY diving deep through menu layers for simple on / off functions - it drives me completely and utterly insane over the course of a day. So I like to set up and streamline my device how I need it, and even have accurate time with root tools like ClockSync, or better security support to lock out spyware crap like FaceSpy and so on (if root helps) and also, being able to properly back up my phone.
Or employer mandated junk like Afaria that some companies mandate for BYOD-to-work devices, not that I have any idea what it's for as opposed to a trusted workable solution like Google Apps (I guess everyone has to make their own thing to put their own buggy bloated stamp on everything). Will that mandated junk still work?
The biggest problem I have still is this MTP *CRAP* which which I believe you can't work around? That's another story and Google should be shot for this.
But root vs not has little to do with that. I guess we're stuck with this MTP crap no matter what we do (thanks Google, you tools).
Thanks for the advice here though.
DroidBois said:
Wow... I just love you guys so much... So much detailed analysis here..
I've rooted all my devices in the past and generally not had any issues if I use a mature solid tool and ROM, I've only had issues with more 'pioneering' ROM's and tools, but for good reason. So I try to stick to the stable well tested mature varieties like Cyanogen and well supported tools, generally where the developer gets some payment (as reward encourages good development).
I'm more concerned with anything like content apps so Google Books / Magazines / Movies / Zinio etc or any other apps that may kick a stink about running on a rooted device?
Spotify seems fine on a rooted device so far though (Nexus 4).
It may not be an issue for some, but I am one of the (possibly rare?) people who PAY for content - specifically reading material. And I have an extensive library so I don't want to lose that.
I'm not so concerned on the technical front as the Nexus should be fairly well community supported and understood mainstream devices and likely to have stable development and mature community support.
I have the mskip tool ready to go so I'm fine with that.
It's not a debate about rooting vs not. I always root because simple things like having a quick tile for WLAN AP can make a HUGE difference through the day as opposed to this retarded idea that people ENJOY diving deep through menu layers for simple on / off functions - it drives me completely and utterly insane over the course of a day. So I like to set up and streamline my device how I need it, and even have accurate time with root tools like ClockSync, or better security support to lock out spyware crap like FaceSpy and so on (if root helps) and also, being able to properly back up my phone.
Or employer mandated junk like Afaria that some companies mandate for BYOD-to-work devices, not that I have any idea what it's for as opposed to a trusted workable solution like Google Apps (I guess everyone has to make their own thing to put their own buggy bloated stamp on everything). Will that mandated junk still work?
The biggest problem I have still is this MTP *CRAP* which which I believe you can't work around? That's another story and Google should be shot for this.
But root vs not has little to do with that. I guess we're stuck with this MTP crap no matter what we do (thanks Google, you tools).
Thanks for the advice here though.
Click to expand...
Click to collapse
I've not had any problems with Google Play services and root, although most of my books are sideloaded after ripping DRM off of Amazon purchases (I don't really believe in the idea of a "perpetual lease"). As someone who has spent time working on that "employer junk" for corporate use, it may annoy the living **** out of you as a rooted user, but from a corporate standpoint it's actually pretty damn important.
Now, as far as MTP goes, don't quote me on this, but I remember seeing a setting in DriveDroid a while back (it's an app that lets you mount an ISO on your computer by connecting your device) that would let you change your USB connection mode to something other than MTP/PTP. I dont' remember the acronym, unfortunately, but it was a lot more in line with the way a "standard" USB device would connect (with the attendant issues of not using FUSE).
Hello G3 users,
I didn't find much privacy controls on Android L.
I went back to Kitkat, and used xposed and xprivacy to control the information going out.
For android L...
Xposed may not be in Android L, or need to wait for a long time.
AppOps seems not in the OS now.
Do you think of any apps that related to Android L privacy control?
Will CM12 privacy control enough for normal users?
Isn't no privacy control enough for normal users? I know we are all paranoid about sharing this and that with that app, but usually normal users don't give a rats ass about that.
Until there is a full blown solution from Google (which I think it's flawed because the privacy controls are far too confusing for regular users) you will have to live with what we have (or what we will have).
kraven001 said:
Isn't no privacy control enough for normal users? I know we are all paranoid about sharing this and that with that app, but usually normal users don't give a rats ass about that.
Until there is a full blown solution from Google (which I think it's flawed because the privacy controls are far too confusing for regular users) you will have to live with what we have (or what we will have).
Click to expand...
Click to collapse
I don't agree.
Confuse user or not it depends how developers design the apps.
Simple control like "allow it to access internet? allow it to access your contacts/location?" question I don't think a normal user will confuse with this.
No control nowadays means the control are in developers hands.
Many apps now access information more than they need. I believe you know what they will do with such valuable information.
It is a problem of motivation.
Why should a user have such amount of control?
- support will be higher (because of more options)
- less insight into the customer
It is enough if there are no better widely available solutions and if the user gets the feeling that he is cared of/ protected.
And this can be done by marketing alone.
If you think, someone will or should do something, try to find the specific benefit. This is business not charity.
And with this said, I'll stay at 4.x, because of xposed availability.
https://play.google.com/store/apps/details?id=com.findsdk.apppermission
Problem solved
lol
ChongoDroid said:
https://play.google.com/store/apps/details?id=com.findsdk.apppermission
Problem solved
lol
Click to expand...
Click to collapse
A good start!
Thanks for telling this!!
Seems like a simple enough question but I've been having a really difficult time trying to gain traction about information on this tablet or any tablet.
Yes. i've owned one since is was released last year but there is NOTHING on xda. Even though it's new and fairly speedy, no one has worked on an ROM for this. I wanted to unlock and root it so I can use it on another ISP/Mobile.
Gasaraki- said:
Yes. i've owned one since is was released last year but there is NOTHING on xda. Even though it's new and fairly speedy, no one has worked on an ROM for this. I wanted to unlock and root it so I can use it on another ISP/Mobile.
Click to expand...
Click to collapse
It's very very frustrating, there seems to be very little support for it. Do you know if you can charge while having a thumb drive hooked up? Like OTG style? I have purchased 2 tablets so far and neither have this capabilities. I don't want to be purchasing a third with the same result
Gasaraki- said:
Yes. i've owned one since is was released last year but there is NOTHING on xda. Even though it's new and fairly speedy, no one has worked on an ROM for this. I wanted to unlock and root it so I can use it on another ISP/Mobile.
Click to expand...
Click to collapse
I just ordered o e and it showed up today and it also does not charge while a thumb drive is hooked up. Have you found any information or help on this product anywhere. Do you know of any other forums where people actually answer problems? I am so impossibly frustrated
Gasaraki- said:
Yes. i've owned one since is was released last year but there is NOTHING on xda. Even though it's new and fairly speedy, no one has worked on an ROM for this. I wanted to unlock and root it so I can use it on another ISP/Mobile.
Click to expand...
Click to collapse
No need to root to switch to another isp. get unlock code from current isp, install odin 3.14.1 and install any isp firmware you want from https://galaxyfirmware.com/model/SM-T307U/ I had an at&t branded with android9, and now i am running wind/freedom android11 firmware.
bbortnick said:
No need to root to switch to another isp. get unlock code from current isp, install odin 3.14.1 and install any isp firmware you want from https://galaxyfirmware.com/model/SM-T307U/ I had an at&t branded with android9, and now i am running wind/freedom android11 firmware.
Click to expand...
Click to collapse
Hi, thnx for the useful info. Did you have trouble getting the unlock code from at&t? Where did you enter that code? A specific app on the at&t rom I'm guessing?
Getting a sprint version of this device, but want to use it t-mobile. Have read that just factory reset device and use odin to flash other firmware would work, does that sound feasible to you? I'm kind of doubting that but have no idea really.
It used to be flashing diff rom would sim unlock, but not anymore I don't think.
thnx for taking the time, so little info for this available.
cheers
No problem with at&t, although i had to impersonate a US location. Start here: https://www.att.com/deviceunlock/unlockstep1
Like I said, vendor unlock, install odin on your pc, use odin to install the desired firmware you downloaded.
The firmware should boot up, but maybe the radio bands are different between the two isp's? and therefore the LTE part of the tablet may not work. i don't care since I don't install a sim card, just use it on wifi.
Thanks a lot for the info guys. For anyone else reading, I used 'T307UVLS6CUH1' (BMC) - and it is unbranded and doesn't have a ton of bloatware.
Also, since there are so few users on this thing, will also drop that I made a stand for it here:
Galaxy Tab A Stand by xnappo
This is a horizontal stand for the Samsung Galaxy Tab A 8.4 (2020). Admittedly it is a bit specific because of the not-so-popular tablet and the use of a NetDot Gen10 magnetic USB cable. One could use this with USB-C directly - but I do really recommend that (likely stress on USB port). You...
www.thingiverse.com
xnappo
Hello,
I got unlocked ATT SM-T307UZNAATT from eBay.
My provider is Red Pocket, and I have ATT-compatible SIM.
When I try to place a call - ATT window appears and askes to log in to ATT account or create one.
How could I place calls?
Would appreciate any help!
xnappo said:
Thanks a lot for the info guys. For anyone else reading, I used 'T307UVLS6CUH1' (BMC) - and it is unbranded and doesn't have a ton of bloatware.
Click to expand...
Click to collapse
How is the speed/lag? This tablet is mega slow, but I was wondering if I loaded different firmware (currently on AT&T) that it might help, since it can't be rooted.
My 8-yr old rooted Galaxy Tab S 8.4 is better than this thing, but alas a few apps won't run on 32-bit architecture. I think I will relegate this AT&T "brick" to my exercise bike for an entertainment interface.
kodiak799 said:
How is the speed/lag? This tablet is mega slow, but I was wondering if I loaded different firmware (currently on AT&T) that it might help, since it can't be rooted.
My 8-yr old rooted Galaxy Tab S 8.4 is better than this thing, but alas a few apps won't run on 32-bit architecture. I think I will relegate this AT&T "brick" to my exercise bike for an entertainment interface.
Click to expand...
Click to collapse
Meh - no better. It is pretty ridiculous - I was very happy with my 2015 Galaxy Tab S2 8.0 - but it started crashing all the time. This one is slower, thicker, lower resolution, and heavier! 32 GB really isn't enough storage either.
It is super annoying there are not any good 8 inch Android tablets. The Huawei M6 8.4 looks okay, but being in the US it is a bit of a pain to get.
xnappo said:
Meh - no better. It is pretty ridiculous - I was very happy with my 2015 Galaxy Tab S2 8.0 - but it started crashing all the time. This one is slower, thicker, lower resolution, and heavier! 32 GB really isn't enough storage either.
It is super annoying there are not any good 8 inch Android tablets. The Huawei M6 8.4 looks okay, but being in the US it is a bit of a pain to get.
Click to expand...
Click to collapse
The only great 8" tablet is the Lenovo Legion Y700, running SD870 with 12gb ram. 2560x1600, but IPS and not OLED.
I own the Tab S 8.4 (2014), the Tab A 8.4 (2020) and the Y700 (2021, 8.8").
Tab A is terrible.
It's painfully slow.
It needs root.
It has the same RAM as a tablet 6 YEARS older than it, with LOWER resolution and ! much worse performance. I wish it could be fixed.... Android 10 Lineage is out for Tab S 8.4.
kodiak799 said:
How is the speed/lag? This tablet is mega slow, but I was wondering if I loaded different firmware (currently on AT&T) that it might help, since it can't be rooted.
My 8-yr old rooted Galaxy Tab S 8.4 is better than this thing, but alas a few apps won't run on 32-bit architecture. I think I will relegate this AT&T "brick" to my exercise bike for an entertainment interface.
Click to expand...
Click to collapse
I have done quite a few mods/tweaks to system/Global/Secure settings and also disabled Gaming Optimization Service (GOS) via Alliance Sheild X, it has made a MASSIVE difference. This device's (SM-T307U) performance is being HEAVILY limited by software-based restrictions. Most of which can be disabled without root. I can go into more detail as to how ive sped up this device if anyone is interested.
NOTE - If someone has the ATT version and can drop the .IMG or Firmware .zip that'd be awesome.
Ill keep trying to find a way to root this device until i get a new one, if anyone else has any success, DM me.
K0mraid3 said:
I have done quite a few mods/tweaks to system/Global/Secure settings and also disabled Gaming Optimization Service (GOS) via Alliance Sheild X
Click to expand...
Click to collapse
I've already deleted, turned-off and disabled everything I can. It's a good bit snappier, but still a dog.
I actually have 2, so I may play around with deleting/disabling apps via ADB. But it's not battery drain, which with some securetask special permissions I've gotten it to SIP power while the screen is off (varies, as low as 2% per day up to about 6-7%).
I checked the usual sources and couldn't find any AT&T image files.
kodiak799 said:
I've already deleted, turned-off and disabled everything I can. It's a good bit snappier, but still a dog.
I actually have 2, so I may play around with deleting/disabling apps via ADB. But it's not battery drain, which with some securetask special permissions I've gotten it to SIP power while the screen is off (varies, as low as 2% per day up to about 6-7%).
I checked the usual sources and couldn't find any AT&T image files.
Click to expand...
Click to collapse
Yeah this this is good on power, it is just severely limited. Judging from similar devices with the same exynos processor, there's got to be something holding it back. I again recommend using SetEdit or something similar to modify some params in the settings tables. The line I highlighted is in both this tablet and my Galaxy S22 & S21. I also found a param in there called "Enhanced CPU responsiveness" which was set to off, after turning that on, I noticed a massive gain in my tablet.
Also worth noting is I added the line "Allow_more_heat_value" with a value of "30" and it allows all cores to boot to max.
K0mraid3 said:
I again recommend using SetEdit or something similar to modify some params in the settings tables.
Click to expand...
Click to collapse
I'll have to give this a shot. I wouldn't think AT&T throttled the CPU, which means Sammie did it for some reason. Probably to hit some sort of battery life benchmark. Or maybe it caused instability in some devices. But being a mid-tier processor you wouldn't expect that it needed to be throttled.
I believe Sammie is giving up on the Exynos processors. I bet they had issues on this tablet, said "screw it" and just **** this out with a throttled cpu.
kodiak799 said:
I'll have to give this a shot. I wouldn't think AT&T throttled the CPU, which means Sammie did it for some reason. Probably to hit some sort of battery life benchmark. Or maybe it caused instability in some devices. But being a mid-tier processor you wouldn't expect that it needed to be throttled.
I believe Sammie is giving up on the Exynos processors. I bet they had issues on this tablet, said "screw it" and just **** this out with a throttled cpu.
Click to expand...
Click to collapse
It's 100% a Samsung related throttle. From my understanding, it's done because they use many of the same parts/processors in various devices, so as a way to control device specific performances, they set limitations. For example, this tablet has the same processor as some of their other "Higher-end" models (if I'm not mistaken), so to keep this tablet from outperforming the others, it's limited. I'm sure there are other reasons, like the battery benchmark bit that you mentioned too.
But yeah. This is 100% a Samsung based throttling.
K0mraid3 said:
I have done quite a few mods/tweaks to system/Global/Secure settings and also disabled Gaming Optimization Service (GOS) via Alliance Sheild X, it has made a MASSIVE difference. This device's (SM-T307U) performance is being HEAVILY limited by software-based restrictions. Most of which can be disabled without root. I can go into more detail as to how ive sped up this device if anyone is interested.
NOTE - If someone has the ATT version and can drop the .IMG or Firmware .zip that'd be awesome.
Ill keep trying to find a way to root this device until i get a new one, if anyone else has any success, DM me.
Click to expand...
Click to collapse
I’d be interested in how you tweaked this tablet to function better.
K0mraid3 said:
I have done quite a few mods/tweaks to system/Global/Secure settings and also disabled Gaming Optimization Service (GOS) via Alliance Sheild X, it has made a MASSIVE difference. This device's (SM-T307U) performance is being HEAVILY limited by software-based restrictions. Most of which can be disabled without root. I can go into more detail as to how ive sped up this device if anyone is interested.
NOTE - If someone has the ATT version and can drop the .IMG or Firmware .zip that'd be awesome.
Ill keep trying to find a way to root this device until i get a new one, if anyone else has any success, DM me.
Click to expand...
Click to collapse
Can you please share the mods/tweaks you've done?
I have one of these purely for its size, I travel over Europe and as the seating space is limited the smaller the better. I am running the Canadian Wind software but if anyone can give me a run through on disabling apps/services to speed up a bit that would be helpful.
I am going to buy the Lenovo Legion Y700 but only when a global version with LTE is available.
Cheers
Nick