Category Archives: Android

OnePlus suspends credit card transactions after fraud

Posted on by

Over the weekend, members of the OnePlus community reported cases of unknown credit card transactions occurring on their credit cards post purchase from oneplus.net. We immediately began to investigate as a matter of urgency, and will keep you updated.
[…]
As a precaution, we are temporarily disabling credit card payments at oneplus.net. PayPal is still available, and we are exploring alternative secure payment options with our service providers.

Source: An Update on Credit Card Security – OnePlus Forums

With the camera problems and data being sent quietly to a Chinese server, OnePlus is not exactly inspiring confidence, which is a shame after such succesful and valuable launch products in the Android space

Skygofree: Serious offensive Android malware, since 2014

Posted on by

At the beginning of October 2017, we discovered new Android spyware with several features previously unseen in the wild. In the course of further research, we found a number of related samples that point to a long-term development process. We believe the initial versions of this malware were created at least three years ago – at the end of 2014. Since then, the implant’s functionality has been improving and remarkable new features implemented, such as the ability to record audio surroundings via the microphone when an infected device is in a specified location; the stealing of WhatsApp messages via Accessibility Services; and the ability to connect an infected device to Wi-Fi networks controlled by cybercriminals.
[…]
The implant provides the ability to grab a lot of exfiltrated data, like call records, text messages, geolocation, surrounding audio, calendar events, and other memory information stored on the device.
[…]
In the latest implant versions there are 48 different commands. You can find a full list with short descriptions in the Appendix. Here are some of the most notable:

‘geofence’ – this command adds a specified location to the implant’s internal database and when it matches a device’s current location the malware triggers and begins to record surrounding audio.

”social” – this command that starts the ‘AndroidMDMSupport’ service – this allows the files of any other installed application to be grabbed.

‘wifi’ – this command creates a new Wi-Fi connection with specified configurations from the command and enable Wi-Fi if it is disabled.

‘camera’ – this command records a video/capture a photo using the front-facing camera when someone next unlocks the device.

Source: Skygofree: Following in the footsteps of HackingTeam – Securelist

Chinese Adups Backdoor Still Active on Many Android Devices

Posted on by

Back in mid-November 2016, US cyber-security firm Kryptowire revealed it discovered that firmware code created by a Chinese company called Adups was collecting vasts amount of user information and sending it to servers located in China.According to Kryptowire, the backdoor code was collecting SMS messages, call history, address books, app lists, phone hardware identifiers, but it was also capable of installing new apps or updating existing ones.
[…]
At the time, experts believed Adups shipped out the backdoored component to other phone vendors and the component eventually made its way inside over 700 million devices, most of which were low-budget Android phones, and in some cases, some Android Barnes & Noble NOOK tablets.

Following the revelations, many online stores reacted by refusing to sell phone models known to be vulnerable. With pressure from smartphone manufacturers and even the DHS, Adups eventually shipped out a version of the FOTA component without the backdoor and data collection code, even if in a presentation at the Black Hat 2017 security conference held in Las Vegas in August, Kryptowire researchers said that some devices were still sending data to the Adups servers.
[…]
But Malwarebytes says it found another Adups component doing bad things. Just like the previous Adups backdoor, this app is also unremovable, and users can’t disable it either.

This second component is found on phones under two names, such as com.adups.fota.sysoper or com.fw.upgrade.sysoper, which appear in the phone’s app list with the name UpgradeSys (FWUpgradeProvider.apk).

The good news is that this one does not collect user data, but instead only includes the ability “to install and/or update apps without a user’s knowledge or consent,” according to Nathan Collier, Senior Malware Intelligence Analyst.
[…]
The only way to remove the suspicious component is if users root their devices, something that many phone manufacturers recommend against, as it could open smartphones to even more dangerous threats

Source: Chinese Backdoor Still Active on Many Android Devices

Google collects Android location data even if you turn it off and don’t have a SIM card inserted

Posted on by

Since the beginning of 2017, Android phones have been collecting the addresses of nearby cellular towers—even when location services are disabled—and sending that data back to Google. The result is that Google, the unit of Alphabet behind Android, has access to data about individuals’ locations and their movements that go far beyond a reasonable consumer expectation of privacy

The cell tower addresses have been included in information sent to the system Google uses to manage push notifications and messages on Android phones for the past 11 months, according to a Google spokesperson.

Even devices that had been reset to factory default settings and apps, with location services disabled, were observed by Quartz sending nearby cell-tower addresses to Google. Devices with a cellular data or WiFi connection appear to send the data to Google each time they come within range of a new cell tower. When Android devices are connected to a WiFi network, they will send the tower addresses to Google even if they don’t have SIM cards installed.

Quartz

why this is a really bad thing(tm) and shouldn’t go unpunished by the Register

Lenovo Folio: 5.5″ phone that unfolds into 8″ tablet seamlessly

Posted on by
Reply

At the third annual Lenovo Tech World last week, the Chinese tech giant wowed attendees with the Lenovo Folio, a tablet with a screen that folds in half into a phone.

Before you start getting too excited, you should know that the Folio is a concept device, which means it may not be released as a consumer product anytime soon. Even so, that doesn’t make the device any less impressive.

The tablet has a 7.8-inch screen with 1,920 x 1,440 resolution, a Qualcomm Snapdragon 800 processor, and runs Android 7.0 Nougat. It’s not exactly peak performance in 2017, but that’s not why’d you want this thing — you’d want it for the bendable screen.

When folded, the tablet shrinks down into a 5.5-inch phone that could fit into your pocket. As you can see in the demo videos above and below, the display folds neatly in half with pixels filling all the space where a hinge would normally. The UI automatically adjusts to work as if there are two displays. It’s pretty bananas!

Mashable

8″ is the perfect tablet size IMHO – a real shame nobody makes them anymore either…

Samsung forces unkillable adverts down Galaxy S8 buyers’ throats

Posted on by
Reply

“Hier heb ik geen 1000 dollar voor betaald!”

Source: Samsung verrast gebruikers met advertenties op Galaxy S8 – Webwereld

They come with the gaming service which cannot be disabled or uninstalled unless you’re root. Considering you pay through the nose for the most breakable piece of hardware there is, this sounds like a great reason to not buy Samsung any more.

Samsung blocks ability to remap Galaxy S8’s Bixby button

Posted on by
Reply

Samsung wants to keep you locked in the Bixby AI ecosystem in its fight against Amazon Alexa, Apple Siri, Google Assistant, and others.

Source: Samsung blocks ability to remap Galaxy S8’s Bixby button | ZDNet

And Bixby won’t work at all during launch. I’m actually not so very happy with Samsung deciding to ditch the hardware buttons, so not being able to remap at all sucks. Time to start looking for a new smartphone manufacturer: my S6 edge + wasn’t particularly great either. It’s battery life is half of what it was, the screen glass is cracked (and not repairable, even though the underlying LEDs are all fine) and the camera broke and had to be repaired. Not particularly impressive for a flagship phone.

DeskDock – use your android device as a second PC monitor

Posted on by
Reply

DeskDock allows you to share your computer’s mouse with your Android devices via a USB cable. The app enables you to control your Android device as if it was an additional monitor for your computer. Simply move your computer’s mouse cursor over the screen boundaries to use it with your Android devices.

Source: DeskDock Free – Android Apps on Google Play

It’s just like synergy but for Android

Rabobank puts NFC payment on all KPN simcards

Posted on by
Reply

The simcards have an NFC element that belongs to the Rabobank. I guess that means that Rabobank must then get quite a lot of information from the telco provider that you wouldn’t necessarily want them to have. Worrying.

KPN geeft sinds begin dit jaar een nieuw type simkaart uit dat contactloos betalen per telefoon mogelijk maakt. Dat zijn simkaarten met een NFC-element erin. Rabobank huurt als het ware een veilig kluisje op KPN-telefoons. Er zijn geen plannen om vergelijkbare overeenkomsten te sluiten met telecomaanbieders. Omgekeerd staat KPN wel open voor andere banken om ruimte om zijn NFC-simkaarten te huren.

Source: Rabobank zet contactloos betalen op alle KPN-simkaarten – Emerce

Debloater(Lets remove all that carrier bloat !! Root not required..)

Posted on by
Reply

It will disable / block any system and third party application on your device with ease and allow you to enable / unblock the application just as easy. It also reads everything, real-time, directly from your device, so that there are no messy batch files, scripts and txt files, etc. that you have to maintain and keep track of for every device you own

Source: V3.90 Debloater(Lets remove all that carrier bloat !! Root not required..)

New tool could reduce smartphone battery drain by intelligently suppressing background activities

Posted on by
Reply

he first large-scale study of smartphones in everyday use by consumers has revealed that apps drain 28.9 percent of battery power while the screen is off. To address the problem, researchers have created a software tool that reduces the energy drain by about 16 percent.

Researchers at Purdue University, Intel Corp. and startup company Mobile Enerlytics studied the use of 2,000 Samsung Galaxy S3 and S4 phones served by 191 mobile operators in 61 countries.”This was the first large-scale study of smartphone energy drain ‘in the wild,’ or in everyday use by consumers,” said Y. Charlie Hu, a Purdue professor of electrical and computer engineering.

Out of the 45.9 percent of daily battery drain where the screen is off, 28.9 percent is due to apps that frequently wake up and run in the background. Out of this 28.9 percent, researchers have shown how to save 15.7 percent with a new system called HUSH, which is available for free at http://www.github.com/hushnymous

Source: New tool reduces smartphone battery drain by intelligently suppressing background activities – Purdue University

It’s not an app yet, but could be soon – hopefully.

Recon Jet finally ships – HUD sunglasses, not as creepy as Glassholes and works better

Posted on by
Reply

Jet’s display is equivalent to a 30” screen viewed from 7 feet (2 m) away. It’s crisp and vibrant in all lighting conditions—and thanks to our patented Glance Detection technology, it wakes up instantly when you glance down, then turns off again when you look away, minimizing distractions and maximizing power efficiency.

Only $699

Recon Jet – Smart eyewear for your active lifestyle.

Google Handwriting Input – Finally Graffiti but better!

Posted on by
Reply

Google Handwriting Input allows you to handwrite text on your phone or tablet in 82 languages. It supports printed and cursive writing, with or without a stylus. Google Handwriting Input also supports hundreds of emojis, so you can express yourself in any Android app.

via Google Handwriting Input – Android Apps on Google Play.

I’ve been trying this out on my tablet and my smartphone and I’m completely impressed! About time that Android got this basic Palm functionality 🙂

Pixel OFF save battery on amoled screens

Posted on by
Reply

Some AMOLED screen powered devices are able to “turn off” those pixels which are showing black colour. This app will let you to turn off some pixels in order to save your appreciate battery by showing very small black points.
As newer devices comes with very high density screens those points will be insignificant to the user´s sight and will be offset by lower spending battery

https://play.google.com/store/apps/details?id=com.anrapps.pixelbatterysaver