Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Even the Dumbest Ransomware Is Almost Unremovable On Smart TVs ( 148

An anonymous reader writes: Apparently even the easiest-to-remove ransomware is painfully hard to uninstall from smart TVs, if they're running on the Android TV platform, and many are. This didn't happen in a real-world scenario (yet), and was only a PoC test by Symantec. The researcher managed to remove the ransomware only because he enabled the Android ADB tool beforehand, knowing he would infect the TV with the ransomware. "Without this option enabled, and if I was less experienced user, I'd probably still be locked out of my smart TV, making it a large and expensive paper weight," said the researcher.

Google Previews Android Studio 2.0 ( 40

dmleonard618 writes: Google is gearing up to release Android Studio 2.0 with three key features. The company has released the preview version of the release, and says it focuses on speed of delivery and testing. The new features include Instant Run, which lets developers see the impact of their code changes; Android Emulator, a rebuilt user interface; and an early preview of a new GPU Profiler that allows developers to record and replay graphics-intensive apps frame by frame.

Stack Overflow and the Zeitgeist of Computer Programming ( 169

An anonymous reader writes: Stack Overflow remains one of the most widely-used resources in the developer community. Around 400,000 questions are posted there every month. The Priceonomics blog is using statistical analysis to ask, "What does the nature of these questions tell us about the state of programming?" They see tremendous growth in questions about Android Studio, as well as more generic growth in work relating to data analysis and cloud services. Topics on a significant decline include Silverlight, Joomla, Clojure, and Flash (not to mention emacs, for some reason). The article also takes a brief look at the site's megausers, who receive a lot of credit for keeping the signal-to-noise ratio as high as it is, while also taking flack for how the Stack Overflow culture has progressed. "Others are worried about how Stack Overflow has impacted programming fundamentals. Some critics believe that rather than truly struggling with a problem, developers can now just ask Stack Overflow users to solve it for them. The questioner may receive and use an answer with code they do not truly understand; they just know it fixes their problem. This can lead to issues in the long run when adjustments are needed."
The Almighty Buck

Exploit Vendor Publishes Prices For Zero-Day Vulnerabilities 21

An anonymous reader writes: An exploit vendor published a price list for the zero-day bugs it's willing to buy. The highest paid bugs are for remote jailbreaks for iOS. Second is Android and Windows Phone. Third there are remote code execution bugs for Chrome, Flash, and Adobe's PDF Reader. This is the same company that just paid $1 million to a hacker for the first iOS9 jailbreak.

Microsoft's Plan To Port Android Apps To Windows Proves Too Complex ( 131

An anonymous reader writes: The Astoria project at Microsoft has failed because a breakthrough was needed to overcome the complexity of the software development challenge. Microsoft tried to automate mapping the Android UI into the Windows 10 UI and to map Google services within the app such as maps, payments and notifications into Microsoft equivalents. Automated conversion of a UI from one platform to another has never been successfully demonstrated. When I first saw Microsoft's Android bridge at Build 15, I thought it was achievable. But project Astoria, as it is called, is much too complex. Drawing on my architectural knowledge of the underlying Microsoft/Lumia hardware that is very similar to Android phones.I concluded that in the context of partitioning the device or running a VM Microsoft would succeed. But Microsoft tried something much more ambitious. Rather than "failed," The Next Web reports that for now the project may have only been delayed.

Chrome V8 JavaScript Exploit Leaves All Android Devices Ripe For Attack ( 107

MojoKid writes: If you're an Android user that makes heavy use of Google's Chrome web browser (and what Android user doesn't?), you'll want to pay close attention to a new exploit that has the capability of taking your smartphone hostage. The exploit was demonstrated at MobilePwn2Own, which was held at a Tokyo-based PacSec conference. Quihoo 360 security researcher Guang Gong first uncovered the vulnerability, and thankfully, he hasn't publicly revealed detailed specifics on its inner workings. As soon as a phone accessed the website, the JavaScript v8 vulnerability in Chrome was used to install an arbitrary application (in this case a game) without any user interaction, to demonstrate complete control of the phone. Google reportedly has been made well aware of the exploit and will likely act quickly to resolve it.

New Android Phones Hijackable With Chrome Exploit ( 45

mask.of.sanity writes: Google's Chrome for Android has been popped with a single exploit that could lead to the compromise of any handset. The exploit, showcased at MobilePwn2Own at the PacSec conference, targets the JavaScript v8 engine and compromises phones when users visit a malicious website. It is also notable in that it is a single clean exploit that does not require chained vulnerabilities to work.

With Respect To Gaming, Android Still Lags Behind iOS ( 166

An anonymous reader writes: No matter what you think about the Android/iOS divide from either a hardware or software perspective, there's simply no getting around the fact that many developers still take an iOS-first approach with respect to app development. With games, where development costs are already sky-high, the dynamic is even more pronounced. For instance, one of the most addictive, successful, and highly rated apps currently available on the App Store is a great snowboarding game called Alto's Adventure. It was originally released this past February for the iPhone and iPad (and now the Apple TV). Still today, nine months after its initial release, an Android version of the app remains non-existent. Now if you're an Android user who happens to enjoy mobile gaming, it's easy to see how this dynamic playing out over and over again can quickly become an endless source of frustration.

TAG Heuer Launches "Connected" Android Wear Smartwatch With Intel Inside ( 55

MojoKid writes: Today, TAG Heuer officially announced its Connected Watch, which is its fist watch to run Google's Android Wear operating system. $1,500 may sound like a lot to spend on a smartwatch, but TAG Heuer reckons that the high price tag won't matter given the pedigree attached to its newest wearable. The Connected takes more than a few cues from TAG Heuer's own Carrera analog watch, but replaces the intricately designed and assembled mechanical internals with microchips. TAG Heuer worked closely with both Google and Intel while developing the Connected. The smartwatch is powered by an Intel Atom Z34XX processor and offers Bluetooth LE, Wi-Fi, 4GB of internal storage, gyroscopic sensors and a grade 2 titanium casing./i

Report: Google Wants To Design Its Own Smartphone Chips ( 90

An anonymous reader writes: Google has been stepping up its efforts to build higher quality Android phones, and one thing holding it back is Qualcomm's SoC technology. According to two reports in The Information (paywalled: [1], [2]) Google is now looking for other partners, and may even jump into chip design itself. The company has already done some design work, hoping to co-develop it with a manufacturer. "The new chips are reportedly needed for future Android features that Google hopes to release 'in the next few years.' By designing its own chips, Google can make sure the right amount of horsepower gets assigned to all the right places and remove bottlenecks that would slow down these new features. The report specifically calls out 'virtual and augmented reality' as use cases for the new chips."

Another big area Google wants better hardware for is video processing tech. The article notes, "Qualcomm has a near monopoly on Android SoCs, but it is more marketing driven than performance driven and has been doing a disservice to the mobile space lately. It rushed to get 64-bit support out the door when it was beaten to the punch by Apple, which resulted in the very hot Snapdragon 810 SoC."


Android App Mutates Source Code, Spreads Virally and Enables Mesh Networks ( 74

An anonymous reader writes: Researchers from the Delft University of Technology have developed a self-replicating, mutating Android app which can create on-the-fly mesh networks in the event of an infrastructural disaster, or the enabling of internet kill switches by oppressive regimes. The app's source is available at GitHub, and the app itself requires no root privileges to propagate. It can self-compile while it mutates — for example, from a game to a calculator — in transit from one Android device to another, and compatibility with iOS and Windows phones is anticipated.

First Remote-Access Trojan That Can Target Android, Linux, Mac and Windows 63

An anonymous reader writes: Hackers have put on sale OmniRAT, a remote access trojan that can target Androids, Linux, Mac, and Windows PCs. The tool costs $25-$50, which is only a fraction of $200-$300,the price of DroidJack, another Android RAT. Avast is currently reporting that the RAT was used this summer in Germany, spread to victims via SMS messages. The Softpedia article about OmniRAT includes a video, but declined to post the tool's homepage. You can easily find it via a Google search.

Firefox 42 Arrives With Tracking Protection, Tab Audio Indicators 134

An anonymous reader writes: Mozilla today launched Firefox 42 for Windows, Mac, Linux, and Android. Notable additions to the browser include tracking protection, tab audio indicators, and background link opening on Android. The new private browsing mode goes further than just not saving your browsing history (read: porn sites) — the added tracking protection means Firefox also blocks website elements (ads, analytics trackers, and social share buttons) that could track you while you're surfing the web, and it works on all four platforms. The feature is almost like a built-in ad blocker, though it's really closer to browser add-ons like Ghostery and Privacy Badger because ads that don't track you are allowed through.

Google Patches More Stagefright Vulnerabilities In Android ( 56

msm1267 writes: The Stagefright vulnerabilities are the gifts that keep on giving. Months after the potentially devastating security flaws in the mobile OS were publicly disclosed, Google continues to send out patches addressing vulnerabilities related to the initial reports. Today's monthly Android security bulletin includes a fix for another flaw in the Stagefright media playback engine, one in libutils where the Stagefright 2.0 vulnerabilities were found, and two in Android Mediaserver where all the vulnerable code runs. The over-the-air update was released today to Google's Nexus devices and will be added to the Android Open Source Project (AOSP) repository in the next two days; Google partners including Samsung were provided the patches on Oct. 5, Google said, adding that the vulnerabilities are patched in Build LMY48X or later, or in Android Marshmallow with a patch level of Nov. 1.
Emulation (Games)

Hacking Jules Coaxes Android Wear To Run Nintendo 64 and PSP Emulators ( 37

Espectr0 writes: YouTube user Hacking Jules would like you to see his collection of game emulators running on Android Wear. He manages to play classic 3D Mario and Zelda games running in a Nintendo 64 emulator on the original LG G-Watch, while also running Monster Hunter on the PPSSPP emulator.As the linked article admits, this is a work of passion rather than practicality -- if you actually want to play those games enjoyably, don't trade your console or conventional emulator for a smart watch.

Report: Google To Fold Chrome OS Into Android ( 104

An anonymous reader writes: According to a report at the Wall Street Journal (paywalled) Google plans to merge its Chrome operating system into Android. Google engineers have already been working on this transition for two years; the company expects to have a functioning preview next year, and a finished product in 2017. "The move is also an attempt by Google to get Android running on as many devices as possible to reach as many people as possible. The operating system runs phones, tablets, watches, TVs and car infotainment systems. Adding laptops could increase Android's user base considerably. That should help Google woo more outside developers who want to write apps once and have them work on as many gadgets as possible, with little modification." This doesn't mean Chrome OS is on its way out. According to public statements from Google execs, it will continue to exist and see active development.

Motorola Unveils Droid Turbo 2, Claims Shatterproof Display, 48 Hour Battery ( 111

MojoKid writes: We've seen leaks and teasers for Motorola's new Droid Turbo 2 Android flagship for weeks. However, the Lenovo-owned company officially announced the smartphone, and it offers two highly sought after features: a long-running battery and a shatterproof display. Its battery has a 3760mAh capacity, allowing the Droid Turbo 2 to operate for up to 48 hours per charge. And if that wasn't enough, Motorola has incorporated Quick Charging support which allows the device to achieve 13 hours of battery life from a mere 15-minute charge. The most talked about feature, however, is its shatterproof display, which Motorola calls Moto ShatterShield. Motorola says that it's "the world's first phone screen guaranteed not to crack or shatter. The display sports a flexible AMOLED panel to absorb shocks, dual touch layers, a rigid aluminum backing, as well as interior and exterior lenses. At the launch event, Motorola was dropping the phone from about 6 feet up, direct to concrete and it was holding up to the abuse just fine.

Hands-On With the Fairphone 2 Modular Android Smartphone ( 107

An anonymous reader writes: In just a couple of months, the world's first consumer-ready modular smartphone will start shipping. It's called the Fairphone 2, and it will run Android 5.1. Ars Technica got hands-on time with the device, and they say it works surprisingly well. It's a bit thicker than most modern phones, but that's the trade-off for being able to swap out components. "The smartphone consists of seven major building blocks: the back cover, removable battery, display assembly, main chassis, receiver module, rear camera module, and speaker module. Positioned this way, the components that break most often, like the screen, are isolated for better repairability. In addition to swappable blocks, you can even change things inside the modules: for example, a mic or a speaker. They are press-fit, not glued, and can be extracted with simple tools."

Assembly and disassembly is pretty straightforward, as well: "The modules are held together by Phillips screws marked with blue circles. All screws are the same, so you won't have to remember which one goes where. It's quite hard to make a mistake in the assembling process, however Fairphone promises to release additional manuals and video instructions in collaboration with iFixit." The company also thinks it's important to get the phone's materials and components from ethical sources.


Google Makes Full-Disk Encryption Mandatory For Some Android 6.0 Devices ( 150

itwbennett writes: Google's plan to encrypt user data on Android devices by default will get a new push with Android 6.0, also known as Marshmallow. Devices with enough memory and decent cryptographic performance will need to have full-disk encryption enabled in order to be declared compatible with the latest version of the mobile OS. From the ITWorld article: "The move is likely to draw criticism from law enforcement officials in the U.S. who have argued over the past year that the increasing use of encryption on devices and online communications affects their ability to investigate crimes. In addition to encryption, Google also mandates verified boot for devices with AES performance over 50MB/s. This is a feature that verifies the integrity and authenticity of the software loaded at different stages during the device boot sequence and protects against boot-level attacks that could undermine the encryption."