Database Users

uk speed camera .cab for tomtom

Hi guys
Can any 1 remember the cab file needed for speed camera detection in uk with tomtom 5.2
_^.^_

what software can i use on xda exec to alert me of cameras etc
_^.^_

go to www.pocketgpsworld.com or .co.uk ??? and follow the instructions to get the speed cam database installed and working with TOMTOM

Celtictiger said:
what software can i use on xda exec to alert me of cameras etc
_^.^_
Click to expand...
Click to collapse
A free download for TomTom; seems to work great- warns you (visual and audio) of speed limits, cameras or anything else (POIs) you wish to have warnings/alerts for.
http://checkpoint.oabsoftware.nl/index.php?MainURL=body-download.htm

i thought checkpoint was only for TT3 as in TT5 you can pretty much the same using POI, alright the warnings aint quite the same but its less overhead

Carnivor said:
i thought checkpoint was only for TT3 as in TT5 you can pretty much the same using POI, alright the warnings aint quite the same but its less overhead
Click to expand...
Click to collapse
True about the overhead with using CheckPOInt, although the latest version is designed to run with TTN v5.
Does TomTom give an audible warning? I think this is the main reason for having CheckPOInt- not an important feature for for everyone I should imagine.

Tomtom 5 will give you 1 audio warning based on distance to the camera. Checkpoint will give you 2 audio warnings based on time to arrive at the camera. However you should set up Tomtom to display the visual warning and checkpoint to manage the audio warnings only or Tomtom will get slow screen refreshes. Personally I don't bother with Checkpoint as I don't see the value anymore, although I loved it for Tomtom 3.
I should also point out the the Pocketgps.co.uk will be charging for future updates to their database at £2 a time or £19 for a yearly subscription to their site. However it is an outstanding database and they do deserve to start charging, especially as they intend to plow the cash back into maintaining the database to an even higher standard.

just checked em, they're already charging, BUG**R!, i wanted one last update before it kicked in, ahh well off i go to find the wifes credit card :lol:

Carnivor said:
just checked em, they're already charging, BUG**R!, i wanted one last update before it kicked in, ahh well off i go to find the wifes credit card :lol:
Click to expand...
Click to collapse
Aw c'mon £2 is all we're askin' (unless you've contributed prior to 1st Jan 06 or donated in the past via PayPal in which case you get Free lifetime subs.

griffog said:
Aw c'mon £2 is all we're askin' (unless you've contributed prior to 1st Jan 06 or donated in the past via PayPal in which case you get Free lifetime subs.
Click to expand...
Click to collapse
Wish you luck with your charging scheme. Personally, it put me right off your site...

Fair enough, it hasn't affacted the majority and the most of those who were eligible for free subs have applied and are sorted now.
If you realised how much work goes into it and the improvements we have deployed and have in the pipeline I'm sure you'd think different.
Did you ever contribute a location?

griffog said:
If you realised how much work goes into it and the improvements we have deployed and have in the pipeline I'm sure you'd think different.
Did you ever contribute a location?
Click to expand...
Click to collapse
All the locations I saw were already listed.
I'm probably more aware of the work involved than you presume. I have maintained and provided public information thru websites in the past. Please tell me, when you started the database did you do it as a personal project, a public service, or with the intention to profit one day?
Now that you have made the database a commercial enterprise are you now complying with the many legalities of running such an enterprise, including insurance against possible claims regarding what you are supplying? And if it's not a commercial enterprise then surely you are fund raising and the better way is to request funds, through advertising, or a premium product vs a basic one (perhaps like DVD Profiler)?
BTW, how does your subscription policy tie in with this statement on your website "It is the joint policy of both the UK Department for Transport and the police to make the locations of these cameras as well known as possible."?
As I said before, I wish you luck but I'm not impressed and will be seeking alternatives before "subscribing" to your site...

We've been a limited company for some time. When we started it was a hobby, but when it started requiring 30hrs a week each of input it outgrew that philosophy.
We're DPA registered, have PL insurance and have complied with all relevant legislation.
I wish you luck in your search.

griffog said:
We've been a limited company for some time. When we started it was a hobby, but when it started requiring 30hrs a week each of input it outgrew that philosophy.
We're DPA registered, have PL insurance and have complied with all relevant legislation.
I wish you luck in your search.
Click to expand...
Click to collapse
I appreciate your prompt reply to my questions but you seem to have overlooked answering this point I made:
"BTW, how does your subscription policy tie in with this statement on your website "It is the joint policy of both the UK Department for Transport and the police to make the locations of these cameras as well known as possible."?"
In my search I found another company offering a camera database. They seem to differ from yourselves in that they have a team driving around the country verifying camera locations and also email subscribers whenever the database is updated. Their link is http://www.trafcam.com/database.htm. Are these things which you intend to do also? Or will you continue to rely on user contributions and produce only monthly database updates?
It might persuade people to subscribe if you give them reasons to do so, explain the benefits, and tell us exactly what has changed that now warrents a subscription.

I don't see how our having a subscription service affects that policy? Despite the stated aim of the UK DoT you will quickly find that they make it far from easy, if they did then we would not have a service worth using. All the other systems that have succeeded are subscription based.
We are already implementing a verification process and are preparing to offer live updates rather than monthly incremental ones. Our ability to map Mobile haunts far surpasses that of any other commercial database thanks to the huge number of users and we are now using a scoring system that allows trusted users to have their reports added more quickly than those that require verification.
Trafcam does not integrate fully with nav systems unlike ours and their PocketPC offering at £79 is rather more expensive than ours at £19. We also offer lifetime membership to the first member who reports a previously unrecorded fixed camera (subject to verification).
We additionally offer a utility that integrates with TomTom on PocketPC and GO units to capture locations easily and submit them for verification.

griffog said:
I don't see how our having a subscription service affects that policy?
We are already implementing a verification process and are preparing to offer live updates rather than monthly incremental ones.
Trafcam does not integrate fully with nav systems unlike ours and their PocketPC offering at £79 is rather more expensive than ours at £19. We also offer lifetime membership to the first member who reports a previously unrecorded fixed camera (subject to verification).
We additionally offer a utility that integrates with TomTom on PocketPC and GO units to capture locations easily and submit them for verification.
Click to expand...
Click to collapse
All very good points. I'll address them below:
1. It removes a free source of information.
2. Surely the time to charge is AFTER you have implemented them?
3. Yes, more expensive but offering more NOW. Plus the charge is 49/yr after 1st year. £30 is for software (see below). Palm users pay less in the first year.
4. Trafcam does integrate with the mainstream satnav apps.
5. Trafcam software allows you to spot cameras even if not running navigation software such as tomtom.
6. The purpose of your utility is designed to your advantage.

JRH said:
1. It removes a free source of information.
Click to expand...
Click to collapse
Clearly, I am not arguing that.
2. Surely the time to charge is AFTER you have implemented them?
Click to expand...
Click to collapse
We are already implementing many, many more versions covering a multitude of nav systems is one.
3. Yes, more expensive but offering more NOW. Plus the charge is 49/yr after 1st year. £30 is for software (see below). Palm users pay less in the first year.
Click to expand...
Click to collapse
How does it offer more, we have greater coverage and our system allows the cameras to overlay on the map, Trafcam uses a background app that opos up over the navigation system when an alert is triggered, that's not the optimum solution.
4. Trafcam does integrate with the mainstream satnav apps.
Click to expand...
Click to collapse
Integrate no, works in conjunction with, yes.
5. Trafcam software allows you to spot cameras even if not running navigation software such as tomtom.
Click to expand...
Click to collapse
Because it's an entirely separate app, the vast majority want the data displayed on the map so they can see where the hazard is so run the navigation all the time.
6. The purpose of your utility is designed to your advantage.
Click to expand...
Click to collapse
Absolutely, but it makes the user experience better and if you spot a new canmera you can capture and report is far more easily and get the free sub as the reward.
If you prefer Trafcam then I'm glad you like it. I have no aspirations that we are the only solution available but for the majority of users ours is the better and the most popular by far.

At the moment i have no preference as I am still exploring alternatives. Trafcam was just one that came up on a search.
We could go on debating the pro's and con's of your offering for many posts to come, but I suspect with little to gain. I still maintain that you have brought in a charge very quickly, with no apparent improved benefits as yet, and that is not good for customers. I also think it would do wonders for your credibility with the public at large if you were to:
1. Remove the charge until such time as there are specific identifiable benefits.
2. Introduce a scheme of premium vs basic product charges.
3. Clearly promote what improvements are being made (or have, if that is the case).
4. Implement frequent database updates vs current monthly ones.
I'll leave it at that...

On the other side of the fence...
I have no problem at all paying £2 to PocketGPSWorld for their database. It's been the database of choice for many many months (years?) and if they need to start charging a nominal fee because of the overhead of providing it then that seems entirely justifiable to me.
JRH, if you want to spend at least double the price for the cheapest alternative then that's your prerogative. You can vote with your credit card and see how you get on.
I rarely download the DB myself -- my last update was about a year ago -- but if by contributing to the database I can earn a lifetime's free updates then I've got a financial incentive to help maintain the information. (I never have before.) If the quality of the database continues to improve because more people are contributing then we all win; the only decision we need to make is whether we contribute or pay.
Time will tell whether PGW have made the right or wrong decision for themselves, but I can't really see how any reasonable person can object to their plan. £2 is nothing these days. I'm surprised you're putting griffog under such pressure to justify himself, JRH!
PS. There's a list of db changes on the PGW homepage that were brought in with the new charging scheme. Do they not comprise 'specific identifiable benefits'?

I've used the data base while it was free and will continue to use it for the very modest £2 or £19 yearly not a problem. Just think if it saves you a speeding ticket then it's well worth it, not that you should be speeding anyway!

what other choice does google give us?

I bought a g1 last year. I rooted my phone. I fell in love with android and the great community behind it. I am an avid cyanogen mod user.
Google basically ripped out the great fun, learning experimence, and day to day usage i now have in android.
I know how this community feels about 'warez'. I know how this community feels about cyanogen and his contribution to not only us but an 'open source' environment to cell phones.
Well basically what i am getting to is that cyanogen may be legally wrong but what if a developer were to release roms behind closed doors? To torrents and newsgroups and not officially have a face behind said rom. If a developer were to do that, would xda support threads pretaining to that rom? Would all of us still download and love a rom like we do now? Or am i just wrong for getting to that?
If this thread is deleted i understand, but to me i will abandon android if it fails to prosper by the community like true open source software is intended.

Give it time, there are work arounds for ROM makers. Google distributes these applications freely, which means all ROM developers have to do is remove those apps from the ROMs, and give you an application which installs them.
The Android scene is not dead. This sucks, but we will get over it, even without Google's help.

*edit, gary beat me to it..this is in re: to the original post
your not reading before you type...
Google is pissed about him including certain components that were not official yet or closed source. We get over that, and we are back in business. Everyone is way over-reacting, just wait...they will get it figured out. He just cant legally be quite so cutting-edge anymore

I've hard talks of a script that will automatically DL the apps that aren't allowed, I hope that happens soon .

I understand work arounds and what not but do i not have the legal right to use googles closed source apps now that i bought my g1? It is like buying a new car from ford and then ford telling manufacturers of aftermarket products (like air filters or tires) they cant sell them because ford owns the patent to the left head light circuit and it in some legal sense interfers.
A new set of tires on my car is just as damn harmful as using a cyanogen made rom on my phone. I own the hardware, i should be able to do with it as i see fit. Cyanogen doesnt make his roms available to those who dont already own an android licensed product and doesnt do his work for profit that google doesnt see.
They have a legal right yes, but why excersize that legal right when only those who support you already (and if you download cm roms you will more then likely be a future supporter) will end up with the crap end of the stick.
All the crap recently with apple and google voice i have thought to myself that apple will be getting what they deserve by sure to come fines from the fcc. Now google punches us all in the stomache for supporting them and their alledged open source cause. None of us here, including cyanogen, did any actual wrong. If it plays out how it is apparent they want it, everyone loses.

~~Tito~~ said:
I've hard talks of a script that will automatically DL the apps that aren't allowed, I hope that happens soon .
Click to expand...
Click to collapse
our could we just not back up and put theme proper place in the update zips?

rondey- said:
I understand work arounds and what not but do i not have the legal right to use googles closed source apps now that i bought my g1? It is like buying a new car from ford and then ford telling manufacturers of aftermarket products (like air filters or tires) they cant sell them because ford owns the patent to the left head light circuit and it in some legal sense interfers.
Click to expand...
Click to collapse
Your analogy is flawed because software cannot be treated the same as tangible items. Anyway, the issue at hand is not your license to use Google's closed-source apps, it is the unauthorized distribution of these apps by "ROM" cooks.

It's more than just a few apps that are closed source, though; many of the fundamental pieces that allow the phones to function are proprietary, such as sync, the LED control, the radio control... Take it all out and you have a phone that can't phone.

danguyf said:
It's more than just a few apps that are closed source, though; many of the fundamental pieces that allow the phones to function are proprietary, such as sync, the LED control, the radio control... Take it all out and you have a phone that can't phone.
Click to expand...
Click to collapse
You really need to listen to the previous post. Anything that is required for our phones to run is not at question. Mod and distribute away. Led control , radio control, is not at question.
"That’s why we developed Android apps for many of our services like YouTube, Gmail, Google Voice, and so on. These apps are Google’s way of benefiting from Android in the same way that any other developer can, but the apps are not part of the Android platform itself. We make some of these apps available to users of any Android-powered device via Android Market, and others are pre-installed on some phones through business deals. Either way, these apps aren’t open source, and that’s why they aren’t included in the Android source code repository. Unauthorized distribution of this software harms us just like it would any other business, even if it’s done with the best of intentions."
Its the apps that are in question, not the underlying drivers, api's, libraries. So please and anyone else let's not overreact. Lets try to each help find a way to make this a non issue.

Johnny Blaze said:
You really need to listen to the previous post. Anything that is required for our phones to run is not at question. Mod and distribute away. Led control , radio control, is not at question.
Click to expand...
Click to collapse
Actually, LED, radio, SPL... that's all HTC's property. Even the leaked NBH files that allowed this scene to flourish solely belong to HTC.
So although Google's decision does not affect them, they still fall under the same category of "oh crap...".

This is bad news. The phone is essentially useless without the Gmail app (for sign-in on initial boot as well as contact sync) and Android Market (for downloading any apps). Then take Google Maps out of the picture, and may as well throw the phone out and get an iPhone. At a minimum, this means the days of custom ROMs are over.

RueTheDay said:
This is bad news. The phone is essentially useless without the Gmail app (for sign-in on initial boot as well as contact sync) and Android Market (for downloading any apps). Then take Google Maps out of the picture, and may as well throw the phone out and get an iPhone. At a minimum, this means the days of custom ROMs are over.
Click to expand...
Click to collapse
This is actually not true at all. The Gmail app is something that is currently being worked on. Google maps isn't that great (but it's available in the market) Like it's been said, give it time. This is just a hiccup that we'll all get over. Soon.

RueTheDay said:
This is bad news. The phone is essentially useless without the Gmail app (for sign-in on initial boot as well as contact sync) and Android Market (for downloading any apps). Then take Google Maps out of the picture, and may as well throw the phone out and get an iPhone. At a minimum, this means the days of custom ROMs are over.
Click to expand...
Click to collapse
Your hyperbole not only singles you out as an ignorant fool, it also highlights the fact you have no idea where the true innovations in Android are. It is not having native GMail or Youtube clients (which are nice), it is in things like dalvik and the ipc framework. These are pieces of code that do not have anything to do with whether Google apps are present or not on the phone (or if it even is a phone).

[APP] FREE Anti virus

http://forum.xda-developers.com/showthread.php?t=1453695

Why are you creating 2 topics about it?
Had you tested it? How it compare to theoretically best Zoner Antywirus? Tell us some more, than posting links - this is kind of flooding.
For me, this program won't beat Zoner.. for now.
Anyway, I'll test it

Rayman96 said:
Why are you creating 2 topics about it?
Had you tested it? How it compare to theoretically best Zoner Antywirus? Tell us some more, than posting links - this is kind of flooding.
For me, this program won't beat Zoner.. for now.
Anyway, I'll test it
Click to expand...
Click to collapse
sorry if i did hurt you. well i was a beta tester for the app. it did performed well for me, besides comodo is a reputed company after all and they are standing for free softwares.
I posted the links cause it contains all the details of the software, details about the company etc, i thought its better than i explain those details.
about double posting, the one i posted is in the general section is for all to see. The second is for my fellow lgp500 users, where i really belogs. i hope i am clear enough. no harm ment

Best free antivirus is your brain - never install app without good amount of comments about app.

AdvDretch said:
Best free antivirus is your brain - never install app without good amount of comments about app.
Click to expand...
Click to collapse
Who in this world has time to read all that? Have you ever tried to read Google’s conditions and policies while creating a Google account? Certainly the answer would be ‘NO’. Do you know that Google had 60 different policies that helped them to collect data from your personal Gmail and other Google apps? Now do you know that they had merged all these in to one policy?
Google will know more about you than your wife does. Everything across your screens will be integrated and tracked. Google noted that it collects information you provide, data from your usage, device information and location. Unique applications are also noted. Sure you can use Google’s dashboard and ad manager to cut things out, but this policy feels Big Brother-ish. Google is watching you as long as you are logged in. It’s also unclear whether this privacy policy move will be considered bundling in some way by regulators. This unified experience hook appears to be at least partially aimed at juicing Google+. Google responded with clarification: Google noted that it already has all that data, but it’s now integrating that information across products. It’s a change in how Google will use the data not what it collects. In other words, Google already knows more about you than your wife.( not my comment go read this.... http://m.zdnet.com/blog/btl/googles-new-privacy-policy-the-good-bad-scary/67893)
Now my question is whether Google is good or bad? Do you need Droidwall to defend your privacy? Or do you still believe in your Brain(better do not believe in brain but use it to think rationally)?
Conclusion: we need a new definition to “virus”...My contribution is Anything that steals your private data is a virus.( no flames needed, no harm meant...just my thought about the relevancy of protective apps like Droidwall, comodo, avg, etc. ...etc)

,do we realy need anti virus?,

algie17 said:
,do we realy need anti virus?,
Click to expand...
Click to collapse
You dont need one
Sent from my LG-P500 using XDA Premium App

josinpoul's mean run anti virus before creating Google account
And if too don't have anti virus then don't use Google. Josin your explanation is wrong. Brain and antivirus both useful.

No need for 2 topics about one thing but thanks for sharing!!!

http://ca.reuters.com/article/technologyNews/idCATRE81N1T120120224
By Jim Finkle
BOSTON (Reuters) - Cybersecurity experts have uncovered a flaw in a component of the operating system of Google Inc's widely used Android smartphone that they say hackers can exploit to gain control of the devices.
Researchers at startup cybersecurity firm CrowdStrike said they have figured out how to use that bug to launch attacks and take control of some Android devices.
CrowdStrike, which will demonstrate its findings next week at a major computer security conference in San Francisco, said an attacker sends an email or text message that appears to be from a trusted source, like the user's phone carrier. The message urges the recipient to click on a link, which if done infects the device.
At that point, the hacker gains complete control of the phone, enabling him or her to eavesdrop on phone calls and monitor the location of the device, said Dmitri Alperovitch, chief technology officer and co-founder of CrowdStrike.
Google spokesman Jay Nancarrow declined comment on Crowdstrike's claim.
Alperovitch said the firm conducted the research to highlight how mobile devices are increasingly vulnerable to a type of attack widely carried out against PCs. In such instances, hackers find previously unknown vulnerabilities in software, then exploit those flaws with malicious software that is delivered via tainted links or attached documents.
He said smartphone users need to prepare for this type of attack, which typically cannot be identified or thwarted by mobile device security software.
"With modifications and perhaps use of different exploits, this attack will work on every smartphone device and represents the biggest security threat on those devices," said Alperovitch, who was vice president of threat research at McAfee Inc before he co-founded CrowdStrike. Researchers at CrowdStrike were not the first to identify such a threat, though such warnings are less common than reports of malicious applications that make their way to online websites, such as Apple's App Store or the Android Market.
In July 2009, researchers Charlie Miller and Collin Mulliner figured out a way to attack Apple's iPhone by sending malicious code embedded in text messages that was invisible to the phone's user. Apple repaired the bug in the software a few weeks after the pair warned it of the problem.
The method devised by CrowdStrike currently works on devices running Android 2.2, also known as Froyo. That version is installed on about 28 percent of all Android devices, according to a Google survey conducted over two weeks ending February 1.
Alperovitch said he expects to have a second version of the software finished by next week that can attack phones running Android 2.3. That version, widely known as Gingerbread, is installed on another 59 percent of all Android devices, according to Google.
CrowdStrike's method of attack makes use of a previously unpublicized security flaw in a piece of software known as webkit, which is built into the Android operating system's Web browser.
Webkit is also incorporated into other software programs, including Google's Chrome browser and the Apple iOS operating system for the iPhone and iPad.
CrowdStrike said it had not attempted to create software to attack iOS devices or the Chrome browser.

Ok, now a group of hackers control 500000000 devices... an antivirus will slow the phone down more than a hacker trying to run a phone from another continent over your 2G network... just think about it... how can your screen be monitored over 3G in real-time? It can't be done on my 5Mbps PC...
And if you turn data off, then 1GB of data will be sent to google when you turn it on??? Think logic...(where the f**k do you store that??? I think the effect will be noticed right away, and the attacker has no time to take control, unless you are stupid enough to see a 1GB file and not suspect anything...) PCs have real-time protection, but that is because there are terrible threats out there, and they are optimized, they don't slow down... on your phone, you will regret having a phone for 2 years running like **** and then dropping in water, while you could have best performance in those 2 years...
We are not windows, but we are android, and it is the most unsafe mobile OS, if you want a safe one, get from apple... just 2x price at ½ quality...
Sent from my LG-P500

well i use avast antivirus
but not for scanning viruses
but rather for anti-theft feature and firewall(blocking apps)
and isnt android a java based OS ??
im sure there are not many virus's
that can cause heavy damage

Android Head Unit with Open Source Firmware (e.g. Cyanogen compatible)

Is there such a thing as an Android head unit that ships with open source firmware such as Cyanogen?
On one hand, I really want an Android head unit just for the Google Maps.
On the other hand. given the number of critical privilege escalation exploits and in some case remote code execution exploits that are being published and fixed on a monthly basis, using an Android device that is not fully patched yet is plugged straight into the vehicle's CAN bus sounds like as ill advised an idea as it can possibly get.
So - is there such a thing as a Cyanogen (or similar) based Android firmware for an Android head unit?

I think it's more an issue of these units coming with Rockchip CPUs and a community to build the radio/DVD/CD apps lacking.
Would gladly pay £50 more for a Snapdragon 625 (14 mm processor) version of these head units

Arguably, the existing apps can be extracted from the stock ROM.
I don't see what the performance and efficiency of the SoC has to do with anything.
My concern is purely around the timely security patches. Using an unpatched phone is bad enough. Using an unpatched device plugged into the car's CAN bus is borderline suicidally stupid.

I was referring more to use of Snapdragon processors as they are open source drivers so ROMs can be developed for them and added my personal preference after.

shatteredsilicon said:
Is there such a thing as an Android head unit that ships with open source firmware such as Cyanogen?
Click to expand...
Click to collapse
Ha ha ha, not from these dodgy Chinese manufacturers!
shatteredsilicon said:
plugged straight into the vehicle's CAN bus sounds like as ill advised an idea as it can possibly get.
Click to expand...
Click to collapse
You don't have to connect the CAN bus, I haven't in my car.
shatteredsilicon said:
So - is there such a thing as a Cyanogen (or similar) based Android firmware for an Android head unit?
Click to expand...
Click to collapse
I believe someone is working on a port for one of the Newsmy units, not sure where it's at but I can tell you that because of the RK3188 chip they've had to keep the old 3.0 kernel that it came with.
The binary blobs supplied for some parts make using other kernels too difficult.

kobirulali said:
I was referring more to use of Snapdragon processors as they are open source drivers so ROMs can be developed for them and added my personal preference after.
Click to expand...
Click to collapse
So every last one of the currently available Android based head units is based on a closed source GPL violating SoC?
leonkernan said:
You don't have to connect the CAN bus, I haven't in my car.
Click to expand...
Click to collapse
What functionality is lost by not doing so? And given how the head unit is usually quite important to the functioning of the CAN bus, how many other things will stop working or result in various errors to permanently come up on the dashboard?
leonkernan said:
I believe someone is working on a port for one of the Newsmy units, not sure where it's at but I can tell you that because of the RK3188 chip they've had to keep the old 3.0 kernel that it came with.
The binary blobs supplied for some parts make using other kernels too difficult.
Click to expand...
Click to collapse
There are enough critical CVEs against the Linux kernel on a regular enough basis (including the recent CVE-2016-5195) that not having the kernel source available is bad enough to make any device that doesn't either have full sources available or a cast iron commitment from the manufacturer to release monthly Android security updates completely unviable.
I guess that means that until there is a Cyanogen supported head unit I won't be getting one...

shatteredsilicon said:
So every last one of the currently available Android based head units is based on a closed source GPL violating SoC?
What functionality is lost by not doing so? And given how the head unit is usually quite important to the functioning of the CAN bus, how many other things will stop working or result in various errors to permanently come up on the dashboard?
There are enough critical CVEs against the Linux kernel on a regular enough basis (including the recent CVE-2016-5195) that not having the kernel source available is bad enough to make any device that doesn't either have full sources available or a cast iron commitment from the manufacturer to release monthly Android security updates completely unviable.
I guess that means that until there is a Cyanogen supported head unit I won't be getting one...
Click to expand...
Click to collapse
Or build your own. http://forum.xda-developers.com/android-auto/android-head-units/diy-2din-project-t3469332

shatteredsilicon said:
What functionality is lost by not doing so? And given how the head unit is usually quite important to the functioning of the CAN bus, how many other things will stop working or result in various errors to permanently come up on the dashboard?
Click to expand...
Click to collapse
In my Toyota, none. As for other models, I can't say as I haven't tried it.

shatteredsilicon said:
Is there such a thing as an Android head unit that ships with open source firmware such as Cyanogen?
On one hand, I really want an Android head unit just for the Google Maps.
On the other hand. given the number of critical privilege escalation exploits and in some case remote code execution exploits that are being published and fixed on a monthly basis, using an Android device that is not fully patched yet is plugged straight into the vehicle's CAN bus sounds like as ill advised an idea as it can possibly get.
So - is there such a thing as a Cyanogen (or similar) based Android firmware for an Android head unit?
Click to expand...
Click to collapse
Nothing currently.
I anticipate that the new intel units will be a bit easier to deal with.
The major stumbling block will be in adapting the car-specific functionality of the MCU board.

shatteredsilicon said:
So every last one of the currently available Android based head units is based on a closed source GPL violating SoC?
What functionality is lost by not doing so? And given how the head unit is usually quite important to the functioning of the CAN bus, how many other things will stop working or result in various errors to permanently come up on the dashboard?
Click to expand...
Click to collapse
I don't know of a single car that requires an OBD plugin to the head unit I don't know where you got that idea from but I think you received some bad info
This may be the case on some of the newest cars but otherwise no it is not needed at all

I'm pretty sure OBD and CAN are two completely unrelated things.
Examples of functionality that would almost certainly be lost without a CAN connection include things like trip computer information, time configuration (shows up on the dashboard but is only configurable via the head unit), and other similar things.

wingzero186 said:
I don't know of a single car that requires an OBD plugin to the head unit I don't know where you got that idea from but I think you received some bad info
This may be the case on some of the newest cars but otherwise no it is not needed at all
Click to expand...
Click to collapse
shatteredsilicon said:
I'm pretty sure OBD and CAN are two completely unrelated things.
Examples of functionality that would almost certainly be lost without a CAN connection include things like trip computer information, time configuration (shows up on the dashboard but is only configurable via the head unit), and other similar things.
Click to expand...
Click to collapse
OBD and CAN are definitely different, but can be somewhat related and intertwined. as most ODB ports also provide CAN access. As more and more of the functions and information are integrated into the "radio screen" (at that point they aren't really Radio's anymore, but entertainment centers and/or Multi-Information-Displays, etc.), then it will be tougher to use 'generic' devices. And to think we are trusting the coders working on these boxes to properly handle CAN messages?
If you really want to scare yourself, do some googling on various CAN and vehicle system exploits/hacks. Then remember that you are putting a rooted android device directly on that bus.

Zaphod-Beeblebrox said:
Then remember that you are putting a rooted android device directly on that bus.
Click to expand...
Click to collapse
I really don't understand the obsession with rooting Android devices. It seems like a particularly pointless way of de-securing the device for negligible benefit. I guess it appeals to the sort of people that drive a car without wearing a seatbelt or ride a motorbike without wearing a helmet, but that doesn't make it clever.

shatteredsilicon said:
I really don't understand the obsession with rooting Android devices. It seems like a particularly pointless way of de-securing the device for negligible benefit. I guess it appeals to the sort of people that drive a car without wearing a seatbelt or ride a motorbike without wearing a helmet, but that doesn't make it clever.
Click to expand...
Click to collapse
Wow.... your life must not be so great.... no fun AND you don't even understand why people Root?
LOL.

shatteredsilicon said:
Arguably, the existing apps can be extracted from the stock ROM.
I don't see what the performance and efficiency of the SoC has to do with anything.
My concern is purely around the timely security patches. Using an unpatched phone is bad enough. Using an unpatched device plugged into the car's CAN bus is borderline suicidally stupid.
Click to expand...
Click to collapse
I think the number of these head units (Chinese/Generic) that are plugged into the CAN bus is quite minimal. There may be a subset of users who have it, but most are simply connected to the 12+V, common ground, the AM/FM antenna, the speakers and/or an amp.. There may be some sense wires for reverse gear, illumination, etc, but they don't transmit anything and do not control anything outside the head unit That's the typcal level of in-car integration (aside from those who might also be adding a bluetooth OBD dongle...but that's another issue.)
The concern over potential security issues that the OP raised, however, are legitimate. Because the vast majority of these head units have Wifi enabled, which is easily exploitable, especially when well-know exploits have not been patched. And very few (if any) will ever receive an update from the OEM who created the original ROM.
To be fully transparent, this is a common security issue that affects ALL Android devices that are not regularly updated when Google patches the code base. So I think using a lower-tier cell phone would be lot more of a concern (if I were using one), simply because of the potential loss of personal data if it were remotely hacked because of a known Android exploit. That's exactly what I would be worried about if I were inputting any personal data to a head unit that could be accessed remotely.
If you keep that potential problem in mind, I think the security on one is no worse than using a second or third tier Android phone that does not get any updates. I would be especially careful about using a "real" Google account when downloading anything or browsing the web through one of these things.
Just my $0.2

tbd2k2 said:
I think the number of these head units (Chinese/Generic) that are plugged into the CAN bus is quite minimal. There may be a subset of users who have it, but most are simply connected to the 12+V, common ground, the AM/FM antenna, the speakers and/or an amp.. There may be some sense wires for reverse gear, illumination, etc, but they don't transmit anything and do not control anything outside the head unit That's the typcal level of in-car integration (aside from those who might also be adding a bluetooth OBD dongle...but that's another issue.)
The concern over potential security issues that the OP raised, however, are legitimate. Because the vast majority of these head units have Wifi enabled, which is easily exploitable, especially when well-know exploits have not been patched. And very few (if any) will ever receive an update from the OEM who created the original ROM.
To be fully transparent, this is a common security issue that affects ALL Android devices that are not regularly updated when Google patches the code base. So I think using a lower-tier cell phone would be lot more of a concern (if I were using one), simply because of the potential loss of personal data if it were remotely hacked because of a known Android exploit. That's exactly what I would be worried about if I were inputting any personal data to a head unit that could be accessed remotely.
If you keep that potential problem in mind, I think the security on one is no worse than using a second or third tier Android phone that does not get any updates. I would be especially careful about using a "real" Google account when downloading anything or browsing the web through one of these things.
Just my $0.2
Click to expand...
Click to collapse
I agree with all of your sentiments here except the minimizing of the numbers plugged into canbus. I think you underestimate those. All of these devices that are 'model specific' (ie, trim panels fit a specific model) and support SWC are plugged into the CAN bus. Most of these devices are getting their SWC from CAN. They also display things like AC controls, Door openings, push RDS through Multi-Info-Displays in the gauge cluster, etc.
I think being connect to CAN, plus all the things you mentioned above, should give people some concern.
I'm still waiting for the first example of Ransomware that threatens to take your brakes out if you don't pay. May seem a little far fetched, but if you do any serious looking at CAN exploits, these things are possible.

Yes, you are probably correct on the numbers connected to CANBUS. I don't have that in my car, it's older, so I was over generalizing.
Newer models of cars have it and those selling manufacturer-specific head units often advtertise that they can accept CANBUS data. So, the newer the car and the more model-specific the unit, the more likely the CANBUS connection.
Not sure about the ransomware threat in a head unit though. It's possible,I suppose. But if a car head unit maker deliberately allowed that or if it was commonly known that a certain vendor had that problem, I think their sales would drop to zero rather quickly.

You would be surprised. My best friend works on automotive embedded electronics, and the industry has changed massively in the past 10 years, in terms of exactly these kinds of devices. A decade ago nobody even remotely considered the aspects of security isolation between different systems on various buses. Today it's the biggest focus of the design and development. Bottom line, you _really_ don't want to attach an unpatched Android devices to the CAN bus of even the newest cars that are still getting firmware updates and were designed with CAN security in mind, let alone a 10 year old car that was designed at a time when CAN bus security wasn't even a consideration.
There have been several demonstrations recently of CAN hacks over various means that can seriously affect critical systems like engine and brakes.

shatteredsilicon said:
I really don't understand the obsession with rooting Android devices. It seems like a particularly pointless way of de-securing the device for negligible benefit. I guess it appeals to the sort of people that drive a car without wearing a seatbelt or ride a motorbike without wearing a helmet, but that doesn't make it clever.
Click to expand...
Click to collapse
First off, root does NOT mean you are losing ANY degree of security.
However, the implementation of accessing that root CAN be dangerous, for instance, SuperSU is a NOT SECURE. SuperSU hands your device's most intimate controls over to a black box corporation with unknown motivations and no public face. THAT is scary.
Root access can actually IMPROVE security, because it allows you the access needed in order to AUDIT the device's security. This is something you don't have without root access.
The first rule of root is that you should ONLY use OPEN SOURCE software to manage it (i.e. https://github.com/seSuperUser). This is because being open source means that you (or somebody you trust) can audit the code directly, and understand EXACTLY what it is doing.
As for the benefit, the fact that you are unable to comprehend what you can really do with root access doesn't mean that the benefits are "negligible". You're thinking along a very shallow line, such as changing the system UI to use predominantly PINK coloring scheme. This is not a benefit of root, this is just silly. I'm not going to go into what you can do with root, because the reality is that the only limit is YOUR IMAGINATION.

shatteredsilicon said:
Is there such a thing as an Android head unit that ships with open source firmware such as Cyanogen?
On one hand, I really want an Android head unit just for the Google Maps.
On the other hand. given the number of critical privilege escalation exploits and in some case remote code execution exploits that are being published and fixed on a monthly basis, using an Android device that is not fully patched yet is plugged straight into the vehicle's CAN bus sounds like as ill advised an idea as it can possibly get.
So - is there such a thing as a Cyanogen (or similar) based Android firmware for an Android head unit?
Click to expand...
Click to collapse
Getting back to the original question, there is one "Chinese android head unit" where there has been some CM development work going on.
It's the NEWSMY carpad. Here is a link to the thread:
http://forum.xda-developers.com/and...-units/newsmy-carpad-nu3001-cm13-rom-t3469306

$129 OctaCore/2GB DDR/32GB EMMC earlier review users wanted !

Apply promotion code 8IUCIRP3 for extra $20 saving.
3rd generation 2DIN universal 7":
mod edit - links removed

nonstop2050 said:
Apply promotion code 8IUCIRP3 for extra $20 saving.
3rd generation 2DIN universal 7":
mod edit - links removed
Click to expand...
Click to collapse
Without any reviews about product or you (the seller), hard to push the "buy" button... especially as we don't know what kind of hardware/support is in there.
I.e. What's the audio processor? Upgradable to 6.0? How many aux usb? External mic support? etc.
:good:

coolest35 said:
Without any reviews about product or you (the seller), hard to push the "buy" button... especially as we don't know what kind of hardware/support is in there.
I.e. What's the audio processor? Upgradable to 6.0? How many aux usb? External mic support? etc.
:good:
Click to expand...
Click to collapse
Indeed.
Actually, this is 3rd gen InDashNet head unit. 2USB hosts, external MIC, upgraded BT and 4 cameras interfaces.
mod edit - links removed
A bit long track here:
https://forum.xda-developers.com/an...cta-core-lollipop-head-units-t3353188/page111

nonstop2050 said:
Indeed.
Actually, this is 3rd gen InDashNet head unit. 2USB hosts, external MIC, upgraded BT and 4 cameras interfaces.
mod edit - links removed
A bit long track here:
https://forum.xda-developers.com/an...cta-core-lollipop-head-units-t3353188/page111
Click to expand...
Click to collapse
Great, i'm looking into this.
Upgraded BT? Parrot? Can you tell me more about this, which AD2P version it is etc.
Also, warranty info please.. where will this unit be serviced, if needed? Based on the links you've provided.. its to be open source, and people have purchased a developer option. Not sure what the difference is.. end user support for this?
Also, wifi, is the adapter now inbuilt or utilizing usb?

In for more info too.

I'd buy one in a minute if there was any support for the developer community. I'd buy it at this price just to play with it.

pilotbob3 said:
I'd buy one in a minute if there was any support for the developer community. I'd buy it at this price just to play with it.
Click to expand...
Click to collapse
Yes, that and literally no reviews makes me not want to waste that much though.. because it could be dead end..

pilotbob3 said:
I'd buy one in a minute if there was any support for the developer community. I'd buy it at this price just to play with it.
Click to expand...
Click to collapse
Lack of replies from anyone (including OP), probably says alot about the product/company.. haha. :laugh:

coolest35 said:
Lack of replies from anyone (including OP), probably says alot about the product/company.. haha. :laugh:
Click to expand...
Click to collapse
Seems to be an unpaid commercial.... nothing else.

rigattoni said:
Seems to be an unpaid commercial.... nothing else.
Click to expand...
Click to collapse
Sounds like it.. :silly:

nonstop2050 said:
Indeed.
Actually, this is 3rd gen InDashNet head unit. 2USB hosts, external MIC, upgraded BT and 4 cameras interfaces.
mod edit - links removed
A bit long track here:
https://forum.xda-developers.com/an...cta-core-lollipop-head-units-t3353188/page111
Click to expand...
Click to collapse
Thanks for these! I had actually purchased one through Amazon, and after browsing those threads, was thinking meh...I really only use BT for playing music off the phone now, and occasionally answering calls, so the BT issues really wouldn't affect me.
But after reading deeper, and finding a bunch of them have issues with GPS lock and GPS stability, that was a deal breaker, and I cancelled the order. Replaced it with a Joying instead single DIN. Actually, even if it did work correctly, I likely would have had to replace it anyways, as I wouldn't have been able to get the double DIN chassis in my car without serious surgery on the dash, and I don't want to do that on a 30 year old, clean, car (I test fit one of my older Joying double DIN units, and it was a no go. A USA market Pioneer, Alpine, etc would just barely squeeze in there, due to their smaller, non standard chassis though).

Is a reseller of all the same chinese units.
Click bait / promotion. From ealier posts its clear that seller operates as all promises and under delivers, while marketing in a way that appeals to the community. Just ask for the sources files for the very first unit - hasnt been released.
A quick thread search lists last three threads as "early bird" for the same unit over 1 year.
'Astroturfer'.

according to our forum rules
7. Do not spam, sell or trade on the forums.
If you wish to advertise a product, simply contact us. We can provide ads but you are not permitted to just post it in the forums. If you do, it will be removed and you're likely to receive a ban.
The buying, selling, trading and / or exchanging of any item is now prohibited on XDA, in any forum or via Private Messages. We now use www.swappa.com
You can add updates to your thread (ie new features for an app., etc), BUT only update if you are posting relevant to the topic and NOT with the sole purpose of getting the thread to the top of the page (known as "bumping") otherwise it will be considered as spam.
Click to expand...
Click to collapse
thread closed