[read] >>>>> new stagefright bug discovered <<<<< [read]
We all know that the stagefright bug has plagued Android phones through the use of malicious MMS messages, now it turns out that Zimperium (the securtiy fim who discovered the bug) has now found out that stagefright extends to MP3 and MP4 files on any device running Android 5.0 and above. You can read what Zimperium said about it here
Please share this around and get people informed about it! Thank you
Related
(Feel free to move/copy this to anywhere beta requests should be.)
Simon Tatham's portable puzzle collection is 27 single-player games, all automatically generated (so you never run out of puzzles). I first ported this to Android about a year ago, but that was before the Native Development Kit, so I had to use NestedVM instead, which made it slow to start a game, memory-hungry, and storage-hungry (5MB!) It was also before any keyboardless devices, so I didn't bother with any on-screen keyboard support. There was no translation support. It had a few other smaller bugs that I've left there for far too long.
Ladies and gentlemen, may I introduce... the new, slimmer (632KB apk, 1.21MB install), faster, translatable, keyboard-enabled Puzzles. Edit: This can now be found on Android Market and on the project website.
Update: 8736.2 now includes docs in the package, without launching a Browser, which I know a lot of Market commenters wanted.
Update: 8736.3 fixes a crash on rotation during your first game.
Update: 8745.2 allows saving/loading games (on SD card). This is compatible with other platforms.
Update: 8750.2 fixes several serious bugs on Android 2.0 / Droid, and devices with small screens, and has a rewritten crash handling system to send me logs by email.
market://search/?q=pname:name.boyle.chris.sgtpuzzles
More about the project and apk download at:
http://chris.boyle.name/projects/android-puzzles
aka http://sn.im/apuz (quicker to type on the device)
GitHub:
http://github.com/chrisboyle/sgtpuzzles
If you find any problems, please reply here or ideally send me logcat / Log Collector output: [email protected]
Thanks!
Thanks!
I just installed 8736.3 and it works great. No problems so far. I really like the speed boost!
Thanks,
It works perfectly on my G2.
is there a security fix for the recent trojan that is floating around for the fascinate?
This might help:
http://forum.xda-developers.com/showthread.php?t=977154
Mind you, that fixes one hole that was actively being exploited and got found out. There are many more known vulnerabilities in Android: you need look no further than how you got root in the first place (hint: any program can use the same vulnerability to give itself root!).
Also, don't wrongly assume that any 'antivirus' software on the market will protect you- they won't work any better than traditional desktop antivirus (meaning, very poorly).
As long as your downloading random applications off the market, it'll be fine.
infectedROM.com<quote/
So recently with 2.3.4 update we have found the addition to CIQ in the ramdisk -CIQ is ment to monitor user activity and send logs off to wherever. Come to find out, CIQ is not the only part of android responsible for sending these stats. They get written out by framework to 4 major locations
/<Quote>
Ref 1: binary dump 8/19
http://infectedrom.com/content.php/154-HTCs-User-Behavior-Logging#new_comment
Ref 2:Company selling the ****.
http://www.carrieriq.com/overview/IQInsightExperienceManager/index.htm.
can anyone make a patch for all variants of hd2 roms from gb up i used the bluebox app to check if my phone was vunerable for this bug 13678484 (fake id) and my daily driver barebone cm7 v2b was, and id say all roms developed for hd2 are vunerable have searched the net for how to patch this vunerability but cant find the info abywhere this is something i think all xda devs for this device will have to sort out as we cannot get help from carriers on this as this is what advice is given "contact your carrier or phone vendor for patch. if anyone has advice on how to sort this out would be very thankful i think xda should run a piece about this vunerability and what steps are being taken by all devs on xda to patch this vunerabilitu for older handsets likemy hd2.
Bluebox Security revealed a significant security flaw that affects all Android devices since version 2.1. Our hyperbolic title mocks the fact that he had little to ignite the Internet powders. If the fault is real, it should take a step back and put the case in context instead of screaming panic for nothing.
A serious flaw that affects a large number of terminals
Very schematically, the fault Fake ID allows malware to authenticate using the signature of a known application to hide its true origin. The firm provides an example of a virus masquerading as an Adobe Systems and Google software which would be able to become a Trojan horse or steal data used by Google Wallet acquiring the necessary permissions without using the user.
The flaw is serious. However, Google has already been made aware, he has already released a patch he sent to his partners, he corrected the flaw in Android 4.4 KitKat, he scanned the Google Play and can say that no application in its store uses this vulnerability. Finally, Verify Apps, which monitors the behavior of applications on an Android device, is also fixed and can detect an application attempting to exploit Fake ID.
A patch already in place and a flaw in a very limited scope that still show that Google still has work to do in terms of security
In short, it is true that it is possible to be a victim of this fault, but it requires a terminal that has not been updated, download an application containing malware does not come from Google and Play Verify Apps have disabled or have an Android version of which is free. Suffice to say that the cases in question are very limited.
This flaw shows that Google still has work to do in terms of its security strategy. Last month, we décriions lax features the Play Store. Today, we are dealing with a flaw of a limited scope, but was discovered by analyzing the shortcomings of the source code of the operating system.
This flaw shows that Google still has work to do in terms of its security strategy. Last month, we décriions lax features the Play Store. Today, we are dealing with a flaw of a limited scope, but was discovered by analyzing the shortcomings of the source code of the operating system.[/QUOTE]
while the info you have given is fine and i thank you for it, but there are other app stores people use beside google play store and reading up on this bug it is still possible their phones could become compromised downloading apps from them?
A Big Big Thank You
Just an update: opssemnik backported the fake id xposed module and it works perfectly with gb roms a big big thank you to him. he also supplied a link in the comments on http://www.xda-developers.com/android/fight-fake-id-vulnerability-xposed/ So once again a big thank you to opssemnik
Please HELP get Redmagic 5G NFC GPay fix AND BL unlock FP fix: Takes 10m of time!
We have proven the easiest way to get development started on a new device is to NOTIFY the device manufacturer that there is a NEED for the company to fix issues. Thanks to XDA folks for 10 minutes of their time to email [email protected], we have gotten ZTE to release the full source code (that's an accomplishment, they haven't done this since the RM3, 2 phone versions ago, and it was Android 9 code). WE HAVE STRENGTH IN NUMBERS.
The first issue is Google Pay does NOT WORK with NA and Global ROMs. It reports 2 cards instead of 1 card when you go to a terminal, so you can NEVER make a payment!!! I BELIEVE THIS IS PROBLEM #1 TO ADDRESS FIRST
The second issue is THE BOOTLOADER UNLOCK METHOD BREAKS THE FINGERPRINT SENSOR. This is obviously highly undesirable for anyone who wants ROOT. *** WE HAVE DISCOVERED A BYPASS METHOD SO THIS IS LESS IMPORTANT ATM *** But it may stop working in the future, but is not required at the moment. See my XDA post: https://forum.xda-developers.com/nu...how-to-unlock-bootloader-redmagic-5g-t4081743
So how can we fix this issue? COMPLAIN!!! We got source code this way already (THANK YOU FOR YOUR HELP GUYS WE DID IT! CONTACTING NUBIA VIA EMAIL AND UTILIZING GITHUB ISSUES REALLY WORKS! YOU CAN ALSO USE SOCIAL MEDIA (FACEBOOK etc.) WHICH WILL PROBABLE RESULT IN EVEN FASTER FIXES!
METHOD #1
EMAIL Nubia customer support at [email protected]
You can simply report the issue similar to this message in your email:
Subject: Google Pay does not work NFC on Global / NFC ROMs
Google Pay does not work with NFC which your Global and North American phones claim to support. It reports 2 cards at the terminal instead of 1 card so payment fails EVERY time. This is an issue across the world for everyone with Google Pay. WE NEED THIS FIXED AS IT IS A LISTED FEATURE OF THE PHONE THAT DOES NOT WORK.
XDA has a list of people reporting the same issue: https://forum.xda-developers.com/nubia-red-magic-5g/help/nfc-available-t4081831
Please fix as soon as possible.
Signed,
[YOUR NAME / Country / Phone Model]
*** NOTE - FOR THE TIME BEING, LESS IMPORTANT WITH THE BL BYPASS METHOD LINKED ABOVE (UNTIL THEY PATCH IT) ***
Separate email (they put tickets into bins of issues to address the most requested ones first)
Subject: Bootloader Unlock breaks the Fingerprint Sensor
The bootloader unlock on the Redmagic 5G disables the fingerprint sensor completely - the error message says to contact Nubia support. The device will not even allow a fingerprint to be added. The Android installation detects the sensor on the "back of the phone" i.e. missing the Goodix in-screen fingerprint location, so it can not be added. Later trying to add an FP results in an error:
Loss of fingerprint calibration data
Loss of fingerprint calibration data was detected.
Currently unable to complete fingerprint entry,
please contact Nubia after-sales support via
4007006600
Please fix as soon as possible.
Signed,
[YOUR NAME / Country / Phone Model]
METHOD #2:
https://github.com/ztemt/NX659J_Q_kernel/issues/2
Post something like I did here - GOOGLE PAY DOES NOT WORK. FIX NFC ON GLOBAL AND NA VARIANT ROMS ASAP.
Many customers are very upset an advertised feature of the phone does not work. We use GooglePay regularly and it does not work, this must be fixed as soon as possible. Or you have falsely advertised (expect many returned phones). The sooner the issue is fixed, the more happy customers you will have. And more sales of the phone for addressing your customer feedback and social media approvals will jump tremendously.
Thank you everyone who contacted [email protected] or posted to the original GitHub issue, now we just need them to follow through on these other items!
@mslezak THREAD CLOSED as duplicate of https://forum.xda-developers.com/nubia-red-magic-5g/how-to/please-help-redmagic-5g-source-fp-fix-t4087597
XDA Forum Rules (excerpt):
...
5. Create a thread topic or post a message only once, this includes external links & streaming media.
As a large forum, we don't need unnecessary clutter. You're free to edit your message as you like, so if you do not receive an answer, revisit your message and see if you can describe your problem better. Not everyone is online at the same time so it might take a while before you receive an answer.
You can bump your unanswered question once every 24 hours
Duplicate threads and posts will be removed
Always post in an existing thread if a topic already exists, before creating a new thread.
Use our search function to find the best forum for your device.
Links to an external source are only allowed if relevant to the topic in hand. A description must be included, no copy & pasting from the original source.
Self-promotion is forbidden, this includes blogs, social media and video channels etc. Random links will be removed.
...
Click to expand...
Click to collapse