Slashdot Mirror

If you have a rooted phone and use gingerbread, then try PDroid. It allows you to send a blank, random, or custom value to those applications, which prevents a poorly written application from crashing. It's essentially the same feature that CyanogenMod rejected (IMHO, clearly demonstrating where their loyalties lie).

Actually, nVidia just did that at their CES keynote. True, there was a PC involved but it didn't need to be in the room.

Which affordable, certified "real Android tablet" in the 7 to 8 inch range do you recommend instead of a Kindle Fire or Nook Tablet? Or are Kindle Fire and Nook Tablet like game consoles, sold at razor-thin margins or even at a loss to get people onto the manufacturer's store, and that's why they're so much cheaper than Google-certified devices?

They're coming. Of course if you're absolutely desperate for a tablet from a brand then $200-250 is probably the best you can hope for right now. But I expect next year the market will be flooded with tablets from $100 up running Ice Cream Sandwich or its successor.

At the time, the pledge was covered as the best thing to happen at the I/O Conference. It served its purpose--it comforted Android fans, served as a response to critics of Android fragmentation, and probably helped Google sell more Android licenses. To answer your question about why anyone would be surprised, it's because Google is still held in a glowing light, at least on tech sites, and people still take them for their word.

And here's a more recent one from the TweetDeck developers http://www.androidpolice.com/2010/11/14/developer-interview-series-tweetdeck-for-androids-max-howell/

"Android Police: Do you like developing for iPhone or Android better, and why?
Max Howell: iPhone honestly. The development tools for Android are raw and relatively unloved which can lead to frustration. Debug cycles on Android take half a minute at least. On iPhone you can be testing new code in seconds. And it takes less effort to make beautiful software on iPhone, and ultimately all that matters is: is my software gorgeous? Does it feel *amazing* to use? Because if it doesn't your app will not take off.
We had to work harder to make our app look great and feel great on Android. It's worth it though, and ultimately is achievable. Google could make it easier, currently the UI tools in the API feel like the wrong level of abstraction.
Partly this is because the iOS SDK is more mature. But I'm not 100% convinced Google has the right people working on the SDK and API in order to catch up."

Just more anecdotes.

That, and not having a group of blog vigilantes cause a bit of panic by shouting out at the top of their lungs, "oh my god, this company is TEH SPY".

Looking at the article, it appears they made no attempt to contact Dolphin to ask them just what was up before publishing, instead just Googling for a privacy policy. Which is tragic, as Dolphin had a perfectly valid reason for this behavior -- a similar behavior will be upcoming in the Amazon Silk browser (company-made, locally cached, browser specific versions of websites).

In fact, when Dolphin contacted them and tried to explain the issue, the Android Police writer comes off as just a utter jackass:

Update: Dana from Dolphin Browser's PR team got in touch and let us know a fix is incoming. She also said that "there was never any privacy or security breach or cause for concern". Damage control, we get it. The fact that all these urls were reported to a central server is already a privacy violation, and we can only take their word that a database never existed or was destroyed, and never breached.

And a bit of xenophobic scaremongering:

It's worth noting that Dolphin Browser has Chinese roots (just how deep they are is unclear, but the url mgeek.mobi which was used to communicate with us when Dolphin was launched is registered in China), though both dolphin-browser.com and mywebzines.com are now hosted on Amazon AWS in the U.S. on the same IP range. I have nothing against China or the company itself, but do we really have to have our private information broadcast to a foreign company (unless you're from China, of course - then you'll feel right at home)?)

"Won't someone think of the children?"

Dear God, I know blog authors aren't held up to a standard of discourse, but cripes. All but taunting a company who is trying to undo the very real damage you've ignorantly done to their name and product line is understandable damage control.

So in other words... this looks more and more like a piece of yellow-journalism, designed to drum up blog hits more than anything else. And it worked -- got the guy on Slashdot's front page.

Scary thing is, if it was a slow news day and someone wanted to, they could do the same thing to Google Chrome. "Warning: Popular THIRD PARTY browser Google Chrome relays every website you visit to a secret Google server." Microsoft would no doubt LOVE to do this, but Google has lawyers with very, very long knives.

In fact, the great thing about the Internet (and, well, media in general) is that they have a very real economic incentive to do a scare story like that -- hit counters. The more hits, the more their site is "worth," the more money they make from the last few people online not running ad blockers, etc etc.

Apparently what they're doing isn't necessarily illegal, according to Android Police.

http://www.androidpolice.com/2011/10/24/psa-verizon-locking-bootloaders-on-lte-devices-likely-does-not-violate-fcc-block-c-spectrum-rules/

http://www.androidpolice.com/2011/10/19/android-engineer-ice-cream-sandwich-aosp-source-code-will-be-released-but-not-before-galaxy-nexus-goes-on-sale/

Then I don't know why more hackers haven't done the fancy C&C stuff. Maybe they didn't need to yet?

Anyway it definitely isn't hard to do. Even I could do it. At work, one of our products has windows, linux/OSX/AIX/Solaris agents that communicate with a central server, but we're in the legit business so we are unlikely to need such C&C stuff. From my experience creating and fixing such agents (I didn't create the windows ones) it's much easier to do such stuff in perl than vbscript or C/C++. I'd gladly replace the windows agent with a bundled perl version if I could get it to be smaller than 1MB (it'll be at least 4MB).

Pwning linux devices/servers isn't that hard in practice. LAMP servers get pwned/defaced very often too (some say most often: http://antiphishing.com/reports/apwg_web_vulberabilities_survey_june_2011.pdf ). linux embedded routers do get pwned ( http://www.theregister.co.uk/2011/03/10/router_rooting_malware/ ). This sort of thing just doesn't become big news.

Android is more a "java" sort of environment (no perl by default), until the user "roots" it. IIRC some rooted phones end up with an "open" sshd. Some users didn't set passwords and then complained that hackers were slowing their phones down. I think the automated hacks and payload worked on the assumption the victim machine would be more powerful than a phone (and had better internet connections). Doubt that worked so well ;).

Android phones do seem to have more malware than iPhones. Example: http://www.androidpolice.com/2011/03/01/the-mother-of-all-android-malware-has-arrived-stolen-apps-released-to-the-market-that-root-your-phone-steal-your-data-and-open-backdoor/
http://www.msnbc.msn.com/id/41867328/ns/technology_and_science-security/t/malware-infects-more-android-apps/
http://www.informationweek.com/news/security/mobile/231300257

This new malware might be a sign that the hackers are starting to need to do more fancy stuff, or someone got bored and decided to do the fancy stuff :).

I'm usually skeptical to "GAPING HOLE" stories like this, but the Android Police article referenced in the article provided (link here) clearly demonstrates that this is a serious problem.
Google or, I think, HTC can just remove the app OTA until they clean this up. I can see why they need SOME of that data (build information, phone information, stack trace, etc), but what are they going to do with SMS messages and call history??

i like t mobile's plan scheme, where the first 2gig is at full speed and then your speed gets knocked down. instead of paying an arm and a leg for the data. their data plans are $10 a month and i've always been able to tether for free using the phone off the shelf. i hate to say it, but with their shitty service and all but they've got the best setup. all told i think that is a $20-50 per month saving

I've got T-mo as well. My (un-rooted) Vibrant came with a option in the settings to enable it to be a WiFi AP. When I bought the phone I was told that I could tether with no extra charges. Then a couple of months after I got it, this came out:

T-Mobile recently announced the upcoming availability of a Tethering and Wi-Fi Sharing service plan that enables select smartphones to function as wireless modems for connecting devices, such as laptops, tablets and netbooks, to the Internet through the T-Mobile network.

I've only used it a couple of time, for my iPad, and so far they haven't modified my plan. But from the wording, it looks like they could. I suppose they'll only go after the biggest data hogs.

http://www.androidpolice.com/2011/05/09/european-samsung-galaxy-s2-source-code-released-download-it-now/

Not mine. :( I'm still stuck on 2.1 for that matter. I know there's a way to get to 2.2 but everytime I try to find it on SDX, there are new 2.2 roms that require that you already be on 2.2 (*facepalm*) so I'm still hunting down that missing link.

I was going to consider Cyanogen compatibility as part of my next phone decision, but they apparently buckled to Swype's little hissy fit -- Yes, I've read the thread where it was debated. The logic for refusing to ever implement such a feature was that it would piss off developers (read: the same people who are writing this spyware in the first damn place) and thus Google. They threw in, AFAIC, with the wrong side and that removed them from the running.

The first link has a partial list (17) of the apps which were pulled- here is a full list of apps from publisher Myournet (from this site: * Falling Down * Super Guitar Solo * Super History Eraser * Photo Editor * Super Ringtone Maker * Super Sex Positions * Hot Sexy Videos * Chess * _Falldown * Hilton Sex Sound * Screaming Sexy Japanese Girls * Falling Ball Dodge * Scientific Calculator * Dice Roller * * Advanced Currency Converter * App Uninstaller * _PewPew * Funny Paint * Spider Man *

Neat, I've got all those!

The first link has a partial list (17) of the apps which were pulled- here is a full list of apps from publisher Myournet (from this site: * Falling Down * Super Guitar Solo * Super History Eraser * Photo Editor * Super Ringtone Maker * Super Sex Positions * Hot Sexy Videos * Chess * _Falldown * Hilton Sex Sound * Screaming Sexy Japanese Girls * Falling Ball Dodge * Scientific Calculator * Dice Roller * * Advanced Currency Converter * App Uninstaller * _PewPew * Funny Paint * Spider Man *

Nexus S had me interested until I found out the phone has no SD card slot. This may not be important to some but not being able to change rom's on the fly via the SD card is a bit of a downer for me.

More recent ones have anti-tamper (Droid X) or auto-reflash (G2), making it a pain to root.

I honestly think Google is very disingenuous to say Android is open when many currently-selling actual devices are locked tighter than the iPhone.

Perhaps Google is just happy that Android is "open to the carriers".

You want a sure bet for an open system, go with the N900.

by "root" I mean wait for someone to find a bug in the firmware so a program can be created to re-program the flash.i.e. see Droid 2. It is not open. http://www.androidpolice.com/2010/08/25/motorola-droid-2-rooted/

by "root" I mean wait for someone to find a bug in the firmware so a program can be created to re-program the flash.

i.e. see Droid 2. It is not open.
      http://www.androidpolice.com/2010/08/25/motorola-droid-2-rooted/

Unfortunately with 6 month or less shelf lives of phones, there's not a lot of motivation for manufacturers to upgrade old handsets, unless there are glaring support problems that are costing them money. Having said that, most android phones do seem to be getting an encouraging level of upgrades, even if it takes the vendors a bit longer to release the upgrades than many people might like.

What I don't understand is why is no one complaining about the state of fragmentation of iOS?

Given Apple are a single manufacturer with a very small (iOS) product range, they seem to have done a pretty good job of messing things up, arguably worse than Android even with the far greater diversity of companies and products involved.

Despite Google being the unifying factor, the carriers are even more greedy and less capable than the Unix vendors of old, and meanwhile Apple remains ascendant and proprietary.

Inconsistent user interfaces diminish network effects and will suppress Android adoption... then there are abominations like the Verizon vCast store.