Slashdot Mirror

In Windows 8.1, Microsoft actually made significant changes just to lock down Windows RT more strongly. They created a new type of "protected process" that protects csrss.exe from debugging, which is exactly how the RT 8.0 jailbreak worked. They clearly spent a lot of engineering resources to do this.

I have a thread post here describing some of the changes in 8.1 that were clearly designed to target RT's jailbreak, for they have little other practical use.

They just need to open the desktop and native app development to everyone. It will immediately make WinRT much more useful. There are thousands of open source and closed source software which can quickly be compiled and made available for RT.

It has been proven that migrating windows apps to RT is very easy (without any further changes to Windows RT or VStudio).

  Desktop apps ported to Windows RT : http://forum.xda-developers.com/showthread.php?t=2092348

On Android you can use the XPrivacy module for the Xposed framework to spoof permissions to apps - i.e. fake location data, fake phone number, fake contacts, etc.

Very nice program.

XPrivacy Android 4.0+
http://forum.xda-developers.com/showthread.php?t=2320783
https://play.google.com/store/apps/details?id=biz.bokhorst.xprivacy

Requires Xposed to be installed first.
http://forum.xda-developers.com/showthread.php?t=1574401

I'll see (how / if) this works on my U.S. Motorola Xoom

On Android you can use the XPrivacy module for the Xposed framework to spoof permissions to apps - i.e. fake location data, fake phone number, fake contacts, etc.

Very nice program.

XPrivacy Android 4.0+
http://forum.xda-developers.com/showthread.php?t=2320783
https://play.google.com/store/apps/details?id=biz.bokhorst.xprivacy

Requires Xposed to be installed first.
http://forum.xda-developers.com/showthread.php?t=1574401

I'll see (how / if) this works on my U.S. Motorola Xoom

Defy XT does have an "official" update to ICS but it was only released in China. There is a guide how to flash it to your phone as well. Obviously I am not responsible if anything goes wrong.

http://forum.xda-developers.com/showthread.php?t=1827338

Uhh, you do know that Cyanogenmod isn't the only community ROM, right? The HTC Dream/G1 has ICS and the myTouch 4G has JB.

Uhh, you do know that Cyanogenmod isn't the only community ROM, right? The HTC Dream/G1 has ICS and the myTouch 4G has JB.

Look up any device you might be instered in here.

Leaving aside the tens of thousands of Windows programs that it *is* compatible with (Windows Store apps are still "Windows programs"), it's actually quite easy to run re-compiled native apps or recent .NET apps on RT, and for closed-source native apps, there's a dynamic recompilation layer which does a decent job with older or low-demand software.

It's not (yet) possible to run anywhere near the full breadth of Windows software, no... but it'll run a reasonable portion of it, with more being added all the time (either through recompiling apps, or through the x86 layer adding support for required capabilities of more apps).

http://forum.xda-developers.com/forumdisplay.php?f=2130

Actually, leaving aside the built-in apps (of which the only really performance-sensitive one is IE), it's actually pretty easy to enable running traditional Windows apps on Windows RT. The "jailbreak" script is public and dead easy to use. .NET apps will run un-modified. Native ones need to be recompiled, but there's already quite a few which have been (including a number of games, which will definitely benefit from improved performance). Alternatively, there's also an x86 dynamic recompilation layer which allows running native apps unmodified (handy since most Windows apps are closed source and thus can't be easily recompiled) although the performance is of course not great (which means that a faster CPU will help a lot there too).

http://forum.xda-developers.com/forumdisplay.php?f=2130

Qualcomm's "Adreno" GPU? The name is an anagram of Radeon.

That explains why the drivers blow so hard. With an assortment of tweaks you can increase Adreno 205 performance by literally 50%.

Congrats, you've just discovered an ATI (well, AMD) product. For a PC, their cards are built rock solid (and hot), but driver tweaks over the following 6-12 months will slowly increase the performance (and allow MOAR POWERZ or less heat). NVidia? Updates their drivers ... sometimes.

Qualcomm's "Adreno" GPU? The name is an anagram of Radeon.

That explains why the drivers blow so hard. With an assortment of tweaks you can increase Adreno 205 performance by literally 50%.

Not necessarily FUD. The original Google Android phone (the HTC G1) with stock firmware echoed all key presses on the home screen to a console running as root. Needless to say, made rooting the phone exceedingly simple. Start a telnet server, download a client from the app store, connect to localhost. See this for details.

I apologize. I should have provided links to start with. The most important link for you is to the XDA forums. That is where ALL of the interesting stuff is discussed: http://forum.xda-developers.com/forumdisplay.php?f=1493

The Blackstar ROM I was discussing can be found here: http://forum.xda-developers.com/showthread.php?t=1676086

The forum Android Development will be full of ROMs modified at the binary level (like Blackstar).

The forum Original Android Development will be full of ROMs modified at the source code level (like CyanogenMod).

I recommend ensuring that you have the latest modem firmware installed as the original firmware that was on my phone was absolutely terrible. You can find whatever the latest is via the XDA forums.

I apologize. I should have provided links to start with. The most important link for you is to the XDA forums. That is where ALL of the interesting stuff is discussed: http://forum.xda-developers.com/forumdisplay.php?f=1493

The Blackstar ROM I was discussing can be found here: http://forum.xda-developers.com/showthread.php?t=1676086

The forum Android Development will be full of ROMs modified at the binary level (like Blackstar).

The forum Original Android Development will be full of ROMs modified at the source code level (like CyanogenMod).

I recommend ensuring that you have the latest modem firmware installed as the original firmware that was on my phone was absolutely terrible. You can find whatever the latest is via the XDA forums.

Cyanogenmod isn't the only custom rom out there though. Looks like there are a few jellybean-based roms out there for you.

I have a Galaxy Note2, and rooting it was as simple as double clicking on a file. Took me 1 minute. Installing a new rom took me a good 5 minutes. There are plenty of sites for this like this one. I really enjoy my custom rom, it's called du@lNote, never had a random reboot ever. Or if you want something simple there is CleanROM. There is a good lists here.

Phillip.

I have a Galaxy Note2, and rooting it was as simple as double clicking on a file. Took me 1 minute. Installing a new rom took me a good 5 minutes. There are plenty of sites for this like this one. I really enjoy my custom rom, it's called du@lNote, never had a random reboot ever. Or if you want something simple there is CleanROM. There is a good lists here.

Phillip.

You mean those guys that package up the works of others with absolutely no attribution, specifically a complete lack of GPL compliance? Charming.

Why not get a better supported, free CM10.1 from here.

What you heard is correct. The full Win32 API is supported, as are most of the modern Windows libraries. Some of the older libs are missing - older versions of DirectX, for example - but most things are there, or can be made available.

There is a list (with links) of ported and known-to-work programs and libraries here: http://forum.xda-developers.com/showthread.php?p=36534446
Note that many .NET programs work just fine without even recompiling, as the default way to compile .NET programs produces an architecture-independent intermediate language (Common Intermediate Language or CIL, formerly called MSIL). However, that only works if they don't require anything that was deprecated and removed in .NET 4.0; Windows RT doesn't have any older versions of .NET than 4.0.

As for the rest, yes, you can recompile apps just fine. Most of what we have are open-source apps for Windows that were already being built using Visual Studio, although there are a few surprises in there; for example, you can get an official RT build of (G)Vim from ftp.vim.org. Some stuff has been too difficult to port thus far, though (there's a project to port Chromium, but it's going very slowly). There is a thread with instructions on how to set up Visual Studio 2012 (older versions won't work) for compiling RT desktop apps; it's pretty simple (change one line in a config file, then add the "ARM" platform in the place where you usually target "Win32" or "x64"). More info: http://forum.xda-developers.com/showthread.php?t=2096820

There are actually also some projects specifically targeting RT. Some are simple utilities and tweaker tools to just make life a bit easier, but the really big impressive one is an x86 emulation (well, dynamic recompilation) compatibility layer for running "normal" Windows apps on Windows RT. The performance obviously suffers, and many libraries don't work yet so there are only a relative handful of apps known to work with the current beta version (mostly but not entirely games), but it's under active development and new builds with improved performance, compatibility, and features are released about every couple weeks. Project thread: http://forum.xda-developers.com/showthread.php?t=2095934

What you heard is correct. The full Win32 API is supported, as are most of the modern Windows libraries. Some of the older libs are missing - older versions of DirectX, for example - but most things are there, or can be made available.

There is a list (with links) of ported and known-to-work programs and libraries here: http://forum.xda-developers.com/showthread.php?p=36534446
Note that many .NET programs work just fine without even recompiling, as the default way to compile .NET programs produces an architecture-independent intermediate language (Common Intermediate Language or CIL, formerly called MSIL). However, that only works if they don't require anything that was deprecated and removed in .NET 4.0; Windows RT doesn't have any older versions of .NET than 4.0.

As for the rest, yes, you can recompile apps just fine. Most of what we have are open-source apps for Windows that were already being built using Visual Studio, although there are a few surprises in there; for example, you can get an official RT build of (G)Vim from ftp.vim.org. Some stuff has been too difficult to port thus far, though (there's a project to port Chromium, but it's going very slowly). There is a thread with instructions on how to set up Visual Studio 2012 (older versions won't work) for compiling RT desktop apps; it's pretty simple (change one line in a config file, then add the "ARM" platform in the place where you usually target "Win32" or "x64"). More info: http://forum.xda-developers.com/showthread.php?t=2096820

There are actually also some projects specifically targeting RT. Some are simple utilities and tweaker tools to just make life a bit easier, but the really big impressive one is an x86 emulation (well, dynamic recompilation) compatibility layer for running "normal" Windows apps on Windows RT. The performance obviously suffers, and many libraries don't work yet so there are only a relative handful of apps known to work with the current beta version (mostly but not entirely games), but it's under active development and new builds with improved performance, compatibility, and features are released about every couple weeks. Project thread: http://forum.xda-developers.com/showthread.php?t=2095934

What you heard is correct. The full Win32 API is supported, as are most of the modern Windows libraries. Some of the older libs are missing - older versions of DirectX, for example - but most things are there, or can be made available.

There is a list (with links) of ported and known-to-work programs and libraries here: http://forum.xda-developers.com/showthread.php?p=36534446
Note that many .NET programs work just fine without even recompiling, as the default way to compile .NET programs produces an architecture-independent intermediate language (Common Intermediate Language or CIL, formerly called MSIL). However, that only works if they don't require anything that was deprecated and removed in .NET 4.0; Windows RT doesn't have any older versions of .NET than 4.0.

As for the rest, yes, you can recompile apps just fine. Most of what we have are open-source apps for Windows that were already being built using Visual Studio, although there are a few surprises in there; for example, you can get an official RT build of (G)Vim from ftp.vim.org. Some stuff has been too difficult to port thus far, though (there's a project to port Chromium, but it's going very slowly). There is a thread with instructions on how to set up Visual Studio 2012 (older versions won't work) for compiling RT desktop apps; it's pretty simple (change one line in a config file, then add the "ARM" platform in the place where you usually target "Win32" or "x64"). More info: http://forum.xda-developers.com/showthread.php?t=2096820

There are actually also some projects specifically targeting RT. Some are simple utilities and tweaker tools to just make life a bit easier, but the really big impressive one is an x86 emulation (well, dynamic recompilation) compatibility layer for running "normal" Windows apps on Windows RT. The performance obviously suffers, and many libraries don't work yet so there are only a relative handful of apps known to work with the current beta version (mostly but not entirely games), but it's under active development and new builds with improved performance, compatibility, and features are released about every couple weeks. Project thread: http://forum.xda-developers.com/showthread.php?t=2095934

If you have the TF700 version of the Transformer, try installing Ubuntu on it (see here)! Dual booting Android and Ubuntu gives the best of the both worlds -- Android is good for media consumption or gaming, while on Ubuntu you will be almost as productive as if using a regular laptop. There's plenty of screen estate, as TF700 comes with Full HD display.

Just because Google isn't actively providing updates it doesn't mean you can't still install them. If your phone has a locked bootloader that isn't the case.

It cannot be that big of a problem. Let's see which cases I can think of on the top of my head that an app needs to handle gracefully anyway: - network/wifi: can be out of range - write access: sd can be full - gps: no lock possible - contacts: there are no contacts - send sms/make call: out of range - get installed apps: no apps installed - camera/voice: some tablets have no camera/voice etc. pp. There is no reason for fine grained app permissions not to be included except political considerations. And I would not have even considered installing that new Facebook version had I not right now learned about OpenPDroid. I'm patching my CyanogenMod as we speak. If you're interested, see these two threads: for the patches http://forum.xda-developers.com/showthread.php?t=2098156 for the gui managing app http://forum.xda-developers.com/showthread.php?t=1994860

It cannot be that big of a problem. Let's see which cases I can think of on the top of my head that an app needs to handle gracefully anyway: - network/wifi: can be out of range - write access: sd can be full - gps: no lock possible - contacts: there are no contacts - send sms/make call: out of range - get installed apps: no apps installed - camera/voice: some tablets have no camera/voice etc. pp. There is no reason for fine grained app permissions not to be included except political considerations. And I would not have even considered installing that new Facebook version had I not right now learned about OpenPDroid. I'm patching my CyanogenMod as we speak. If you're interested, see these two threads: for the patches http://forum.xda-developers.com/showthread.php?t=2098156 for the gui managing app http://forum.xda-developers.com/showthread.php?t=1994860

The Pdroid http://www.xda-developers.com/android/pdroid-the-better-privacy-protection/ patches are a "better" approach. They allow apps to keep the permissions they are designed to use, but feeds them fake data when they use them.

This protects privacy without crashing apps. However, it requires either a custom firmware with it already baked in, or running the patches against official firmware+root. This places it out of the comfort zone of many.

"I'm a little surprised Android hasn't copied iOS's behavior, where it asks the user whether or not to grant permissions to a specific thing (e.g Contacts or Location) at the time the app tries to do so - it just makes sense, and it's not like both OSes haven't copied from each other before."

There are apps for that, eg:
https://play.google.com/store/apps/details?id=com.lbe.security.lite
http://forum.xda-developers.com/showthread.php?t=1091065

But can you trust these kind of apps? So far I do, worst case scenario is there is now 1 more app that can access my data.

For a few office apps only so no that doesn't count.

Indeed.

It actually has the normal desktop mode. Office, the legacy Control Panel, Windows Explorer, all the old admin tools (from Task Manager to Registry Editor and Local Security Policy editor), all the command-line or scripting environments (CMD and PowerShell, plus WSH scripts), the built-in Remote Desktop (there's another one in the store), and one of the two Internet Explorer modes (the one that looks like, and includes all the features of, IE9 on Win7) all must run in the Desktop. It's definitely still there.

However, by default, desktop mode applications must be signed by Microsoft before they can run on RT. This has only limited impact on scripts - there are .CMD and .PS1 scripts to automate a number of things in RT, both written by MS and by independent third parties - but it means that the average independent software vendor can't just distribute an ARM-compiled version of their Win32 app and expect it to work. That said, there's a hack which has been out for months (and multiple Patch Tuesday cycles) which unlocks (some say "jailbreaks") Windows RT to remove this signature restriction. At that point, you actually can just fire up Visual Studio, set the target platform to ARM instead of Win32/x86 or x64, compile your app (VS will complain a little, but it's easily fixed), and run it on RT. In fact, you can even just download a .NET 4.x (4.0 or 4.5, currently) app and run it right on RT with no forther effort at all, assuming it was compiled with the "AnyCPU" target platform.

Link: http://forum.xda-developers.com/showthread.php?t=2092158

Strictly speaking, this is actually possible. http://forum.xda-developers.com/showthread.php?t=2096820
It requires some hacks, though, and RT is missing most of the legacy libraries plus missing any form of OpenGL support. Nonetheless, there are a reasonable handful of programs which have been ported ( http://forum.xda-developers.com/showthread.php?t=2092348 ) and a few written specifically for (desktop mode) RT ( http://forum.xda-developers.com/showthread.php?t=2095934 ).

Strictly speaking, this is actually possible. http://forum.xda-developers.com/showthread.php?t=2096820
It requires some hacks, though, and RT is missing most of the legacy libraries plus missing any form of OpenGL support. Nonetheless, there are a reasonable handful of programs which have been ported ( http://forum.xda-developers.com/showthread.php?t=2092348 ) and a few written specifically for (desktop mode) RT ( http://forum.xda-developers.com/showthread.php?t=2095934 ).

Strictly speaking, this is actually possible. http://forum.xda-developers.com/showthread.php?t=2096820
It requires some hacks, though, and RT is missing most of the legacy libraries plus missing any form of OpenGL support. Nonetheless, there are a reasonable handful of programs which have been ported ( http://forum.xda-developers.com/showthread.php?t=2092348 ) and a few written specifically for (desktop mode) RT ( http://forum.xda-developers.com/showthread.php?t=2095934 ).

The aspect ratio of 4:3 is quite close to A-type paper sizes, so it's nice for PDFs.

Yes, and it's closer to US letter-sized paper than 16:10 is. I've also long thought that a 4:3 screen is better for using the tablet as a laptop replacement with a bluetooth keyboard. At 16:10 the screen is too wide in landscape and too narrow in portrait. 4:3 is much better for this (though of course generally worse for watching video).

So I really want a 4:3 tablet, but I don't want to buy an iPad. The list of 4:3 Android tablets is short and undistinguished, owing (I presume) to Android being aimed at the 16:10 form factor. I don't especially want to buy a Windows 8 tablet, but a Windows tablet is likely to be more flexible than an iPad, and eventually there will be one with a better build quality and a better screen than most or all of the Android tablets in the link above.

So good for Microsoft and whatever hardware vendors winkled this out of them. I'd rather have a really nice 4:3 Android tablet, but that doesn't exist right now. "OK" might not be as good as "good", but it's better than "meh".

IMHO, there needs to be a list of companies that sell e-mail addresses so users can know before registering with them. I've used the same approach as the OP and have accumulated quite a blacklist over the years. Here are the companies that have spammed me recently:

• FAFSA - Very worrisome given that it's a government entity which has tons of information about me. I've received a lot of pharmaceutical spam lately at this address.
• Arbys - Generic spam very recently, I e-mailed them and they gave me a boilerplate "we'll keep this in mind with our corporate strategy".
• Dealextreme - I've used two different e-mail addresses to complete orders with them, and both were spammed for some new shopping sites (no affiliation with DX mentioned anywhere, so I had to check my e-mail server) in an identical format to their periodic promotional e-mails. I complained on their forums but without any response from them.
• AquaGlobes, Assessment.com, and QuizRocket - These sites looked sketchy when I first saw them so no surprises there, but it's been five years and they're still the predominant address getting blocked by my e-mail server.
• XDA Developers - I get periodic "Diablo III account locked" phishing attempts. There's an active forum topic where many people have reported this and the admins haven't been able to figure out what happened.

There are plenty of older forums, but I figure it wouldn't be fair to list them for being hacked several years ago. Several retailers also made the list, but I blocked them for persistence rather than third party spam.

The Android-derived tablet he got is horrible! The battery is the least of its problems.

As a rule of thumb, if someone offers you a tablet for Christmas with resistive touch, you shouldn't even open the box and you should try to return it for a full/partial refund as soon as possible. As to the security issues, the article he pointed to talks about apps being "security risks" or "malware" for requesting GPS permissions when they shouldn't (which is really FUD). In any case, since his tablet doesn't have a GPS chip in it, that issue doesn't apply to him.

Also since he doesn't have access to the official Android Market/Google Play, he should just look on the XDA forums, root his device, install Cyanogen on it, and go through the Cyanogen repo for apps. And he should refrain from installing apps from other locations

You're making an awful lot of assumptions about his tablet when he's told us nothing useful about it other than the price. FWIW, I suspect you're wrong on 2 of the 3 conclusions you draw here: it's perfectly possible to get an $89 tablet that has capacitative touch and Google Play these days, but GPS will likely be out of the question.

But your suggested solution highlights the real problem with buying cheap-ass chinese hardware: there will likely not be an open source build available for it. There's a small chance that this build will work for him, but it's quite unlikely. Probably, nobody even knows what hardware he has in there. So he can't put cyanogenmod, or any of the "kick-ass ROMs" he's asking for, on it. He's stuck with the slightly-dubious build of AOSP the manufacturer came up with. And for his information, "MID" is not the manufacturer -- it's an abbreviation for "mobile internet device" that's used by several manufacturers who prefer not to put their own branding on the devices they make.

Less money, higher screen resolution, Micro-SD memory slot, no adware.
http://www.barnesandnoble.com/p/nook-hd-plus-barnes-noble/1110060512

Workarounds for side-loading apps:
http://www.barnesandnoble.com/p/nook-hd-plus-barnes-noble/1110060512

Root:
http://www.xda-developers.com/android/permanent-root-for-the-nook-hd-and-hd-unofficial-cm10-for-the-hd/

Which smartphones even approach that level of battery life - even with minimal use?

I get 4 to 6 days of regular (for me - about 1.5 hours of screen time per day) use on a single charge. This is on a Motorola Defy+ running Jelly Bean. I'm in the process of tracing down some bugs which cause the battery to drain faster than it should, once found I'd expect the battery to hold for about a week.

The Defy is a smartphone. It runs Android, Gingerbread by default but ICS and Jelly Bean are also available. There is an initial port of the Mozilla OS for this phone. Being an Android phone, it also runs Debian (and Ubuntu and Fedora and Arch and many more) if so wanted. Using LXDE on the smallish (3.7" 854*480) screen is possible but rather futile. Of course you don't need to use X - just use the command line.

Which smartphones even approach that level of battery life - even with minimal use?

I get 4 to 6 days of regular (for me - about 1.5 hours of screen time per day) use on a single charge. This is on a Motorola Defy+ running Jelly Bean. I'm in the process of tracing down some bugs which cause the battery to drain faster than it should, once found I'd expect the battery to hold for about a week.

The Defy is a smartphone. It runs Android, Gingerbread by default but ICS and Jelly Bean are also available. There is an initial port of the Mozilla OS for this phone. Being an Android phone, it also runs Debian (and Ubuntu and Fedora and Arch and many more) if so wanted. Using LXDE on the smallish (3.7" 854*480) screen is possible but rather futile. Of course you don't need to use X - just use the command line.

Here you go: unofficial CM9 for the Nexus One

All forums on XDA Developers

The list comes to around 42 A4 pages of devices. There's a handy search box at the top if you don't want to look through the whole list :)

The real reason why Android is lacking in security is because Google hasn't focused on security. They decided not to include iptables/netfilter (the Linux firewall) as a standard facility in Android, which would have been very easy to do.

That's why I installed the free DroidWall app from Google Play. Now I have an Android iptables firewall that is very versatile.

And they haven't allowed users to block privileges demanded by apps after install. Instead you're offered only a package deal, either let the app do whatever it wants or don't install it, period.

That's why I built and installed the free PDroid framework into my free custom ROM. Now I can grant, deny, or spoof the permissions on all my apps.

If anyone's interested, I currently recommend using Auto-Patcher as the tool to inject PDroid into your ROM. I also recommend using the OpenPDroid option in Auto-Patcher, with PDroid Manager as the front-end UI app.

So, both of the Android security problems you cited have solutions. Yes, these solutions require rooting, and PDroid requires a custom ROM; however, since you were talking about Linux distros and iptables, I anticipated you might be able interested and capable.

As an aside, being able to do things like this is why I will never consider iOS or (*shudder*) Windows Phone for my devices.

The real reason why Android is lacking in security is because Google hasn't focused on security. They decided not to include iptables/netfilter (the Linux firewall) as a standard facility in Android, which would have been very easy to do.

That's why I installed the free DroidWall app from Google Play. Now I have an Android iptables firewall that is very versatile.

And they haven't allowed users to block privileges demanded by apps after install. Instead you're offered only a package deal, either let the app do whatever it wants or don't install it, period.

That's why I built and installed the free PDroid framework into my free custom ROM. Now I can grant, deny, or spoof the permissions on all my apps.

If anyone's interested, I currently recommend using Auto-Patcher as the tool to inject PDroid into your ROM. I also recommend using the OpenPDroid option in Auto-Patcher, with PDroid Manager as the front-end UI app.

So, both of the Android security problems you cited have solutions. Yes, these solutions require rooting, and PDroid requires a custom ROM; however, since you were talking about Linux distros and iptables, I anticipated you might be able interested and capable.

As an aside, being able to do things like this is why I will never consider iOS or (*shudder*) Windows Phone for my devices.

The real reason why Android is lacking in security is because Google hasn't focused on security. They decided not to include iptables/netfilter (the Linux firewall) as a standard facility in Android, which would have been very easy to do.

That's why I installed the free DroidWall app from Google Play. Now I have an Android iptables firewall that is very versatile.

And they haven't allowed users to block privileges demanded by apps after install. Instead you're offered only a package deal, either let the app do whatever it wants or don't install it, period.

That's why I built and installed the free PDroid framework into my free custom ROM. Now I can grant, deny, or spoof the permissions on all my apps.

If anyone's interested, I currently recommend using Auto-Patcher as the tool to inject PDroid into your ROM. I also recommend using the OpenPDroid option in Auto-Patcher, with PDroid Manager as the front-end UI app.

So, both of the Android security problems you cited have solutions. Yes, these solutions require rooting, and PDroid requires a custom ROM; however, since you were talking about Linux distros and iptables, I anticipated you might be able interested and capable.

As an aside, being able to do things like this is why I will never consider iOS or (*shudder*) Windows Phone for my devices.

Nearly no phone can actually be bricked.

In most cases, you're right. I do know that the Samsung Epic 4G Touch has a bug that can permanently brick your phone. Not "brick" as in, "reboot into download mode and re-flash," but rather "brick" as in, "your phone will never be usable again". XDA Developers even have a thread, How not to brick your E4GT At this point, it's well documented as to how to avoid the problem, but if you come to the Touch from a different Android phone and you just jump in and start flashing ROMs, you might end up with an expensive paperweight.

Heh, no. You're stuck with Gingerbread only if you stick with CyanogenMod official release. If you want Honeycomb / ICS / JB switch to another AOSP ROM.

Here is the XDA-Developers forum for Android development on the Nexus One. I like CM9 on my Desire HD, so I stuck with the Unofficial CM9 on mine, though they have nightly CM10 for the Desire HD too, as well as other 4.x AOSP-based ROMs. There are plenty of 4.x ROMs for your phone on there, too. CyanogenMod is by no means the only one available.

The previous guy commenting about "sabotaging free software" got marked as a troll... But this is pretty similar to a major eMMC firmware bug present in many of Samsung's phones manufactured in 2011.

The eMMC flash chip is NOT JEDEC compliant, and the wear leveller can go out into la-la-land if you issue a secure erase command to the chip.

Starting with ICS, Google started performing eMMC erase when wiping data in recovery for privacy reasons. This would kill Samsung flash chips.

In the Galaxy Nexus, Google forced Samsung to fix the damn chip with an internal firmware update.

However, in other devices, Samsung worked around it in two ways:
1) Disabling MMC_CAP_ERASE in I9100 kernels for a while
2) Replacing secure erase with nonsecure erase and not documenting this anywhere

Without the assistance of an engineer from Google (whom Samsung later tried to silence as far as I can tell) providing critical information, the opensource community would have been fucked.

Eventually, Samsung claimed they were "working hard" on the issue in early June 2012 - http://www.xda-developers.com/android/samsung-diligently-working-towards-hardbrick-fix/

A month later, in early July, they added MMC_CAP_ERASE to I9100 kernels without providing even the slightest warning - Within a day, a pile of bricks showed up:
http://forum.xda-developers.com/showthread.php?t=1756242

In late August/early September, they submitted a patch to the Linux kernel to work around the issue at a kernel level - It was merged to mainline on September 4.

In early October, they released an update for Sprint devices WITHOUT THE FIX. "testing takes time" is an invalid excuse, as the build date for Sprint FI27 was September 27, 2011 - Almost a MONTH after the patch had been mainlined. The patch is very easy to backport to their I9100 kernel source baseline, so there is no excuse for this.

As a result, I still get PMs on XDA once or twice a week due to people accidentally digging up userspace binaries that perform secure erase. This shouldn't be an issue, as it is the kernel's responsibility to protect hardware from getting damaged by userspace. Samsung's position was that it was an "open source problem" and hence refused to fix it in the end.

Now that the exynos-abuse vulnerability is known and an exploit has been published, it's not an open source problem any more - Anyone who has not yet received an update to patch the exynos-abuse hole is dependent on this planet, out of 7 billion people, not having a SINGLE asshat who decides they want to permanently destroy a few Samsung devices. Even if exynos-abuse is patched, as long as the kernel still allows secure erase commands through, any other privilege escalation exploits will endanger devices again. Despite this, Samsung released an update for Sprint devices (FL24) at the end of December 2012 that *did not contain any protection against this issue in the kernel*

So yeah, Samsung wishes free software would go away - they claim otherwise, and make promises that they care and are trying to fix things, but they never deliver on such promises. Actions speak louder than words, and Samsung's actions send a pretty clear message to open source software - "fuck off and die".

(I won't even go into Samsung's constant and incessant GPL violations here... But it's incredibly rare for any Samsung source drop to correspond to any existing firmware release for a given device. When asked about this inconsistency, Samsung will claim that the firmware that came preinstalled on the device you purchased on launch day at Best Buy is a "leak" and thus they do not need to provide source that matches it.)

The previous guy commenting about "sabotaging free software" got marked as a troll... But this is pretty similar to a major eMMC firmware bug present in many of Samsung's phones manufactured in 2011.

The eMMC flash chip is NOT JEDEC compliant, and the wear leveller can go out into la-la-land if you issue a secure erase command to the chip.

Starting with ICS, Google started performing eMMC erase when wiping data in recovery for privacy reasons. This would kill Samsung flash chips.

In the Galaxy Nexus, Google forced Samsung to fix the damn chip with an internal firmware update.

However, in other devices, Samsung worked around it in two ways:
1) Disabling MMC_CAP_ERASE in I9100 kernels for a while
2) Replacing secure erase with nonsecure erase and not documenting this anywhere

Without the assistance of an engineer from Google (whom Samsung later tried to silence as far as I can tell) providing critical information, the opensource community would have been fucked.

Eventually, Samsung claimed they were "working hard" on the issue in early June 2012 - http://www.xda-developers.com/android/samsung-diligently-working-towards-hardbrick-fix/

A month later, in early July, they added MMC_CAP_ERASE to I9100 kernels without providing even the slightest warning - Within a day, a pile of bricks showed up:
http://forum.xda-developers.com/showthread.php?t=1756242

In late August/early September, they submitted a patch to the Linux kernel to work around the issue at a kernel level - It was merged to mainline on September 4.

In early October, they released an update for Sprint devices WITHOUT THE FIX. "testing takes time" is an invalid excuse, as the build date for Sprint FI27 was September 27, 2011 - Almost a MONTH after the patch had been mainlined. The patch is very easy to backport to their I9100 kernel source baseline, so there is no excuse for this.

As a result, I still get PMs on XDA once or twice a week due to people accidentally digging up userspace binaries that perform secure erase. This shouldn't be an issue, as it is the kernel's responsibility to protect hardware from getting damaged by userspace. Samsung's position was that it was an "open source problem" and hence refused to fix it in the end.

Now that the exynos-abuse vulnerability is known and an exploit has been published, it's not an open source problem any more - Anyone who has not yet received an update to patch the exynos-abuse hole is dependent on this planet, out of 7 billion people, not having a SINGLE asshat who decides they want to permanently destroy a few Samsung devices. Even if exynos-abuse is patched, as long as the kernel still allows secure erase commands through, any other privilege escalation exploits will endanger devices again. Despite this, Samsung released an update for Sprint devices (FL24) at the end of December 2012 that *did not contain any protection against this issue in the kernel*

So yeah, Samsung wishes free software would go away - they claim otherwise, and make promises that they care and are trying to fix things, but they never deliver on such promises. Actions speak louder than words, and Samsung's actions send a pretty clear message to open source software - "fuck off and die".

(I won't even go into Samsung's constant and incessant GPL violations here... But it's incredibly rare for any Samsung source drop to correspond to any existing firmware release for a given device. When asked about this inconsistency, Samsung will claim that the firmware that came preinstalled on the device you purchased on launch day at Best Buy is a "leak" and thus they do not need to provide source that matches it.)

"lag" has never been an issue.

So the discussion here is based on nothing, everyone reporting differences here is wrong, and all the people discussing lag here are wrong and that project butter was completely unnecessary and does nothing and google are lying because "Android lag" is just one huge conspiracy? Blind fanboys are one thing, but idiots like you are in such denial you take it to a whole new level of ridiculousness.

Gwala is correct, and the purpose of this hack is to remove that restriction. There are a handful of apps which have already been ported. PuTTY, TightVNC, Bochs, and 7-Zip were the first. There are ongoing efforts to port more (including some mildly ambitious projects, like Firefox, Chromium, Thunderbird, Java, and Python).

Additionally, any pure .NET 4.5 app will run, unmodified, on the Surface RT after "jailbreaking". It has to be entirely 4.5 though; Windows RT doesn't include the legacy versions.

There's a thread on the XDA-Developer forums with a list of ported software: http://forum.xda-developers.com/showthread.php?t=2092348