LightBlog

mercredi 26 octobre 2016

Google Pixel XL costs $285.75 to Manufacture – in line with Rival Smartphones

When Google finally unveiled the Pixel and Pixel XL on October 4th, many people were put off by the price tag of the two phones. While Google is no stranger to sticking a premium price tag on their products, many users hoped that the two Pixel phones would continue bucking the trend of expensive off-contract prices. Alas, this was not the case, but at least most users appear to be very satisfied with their purchase judging by early user reviews of the devices on our forums. Although many technology journalists have drawn similarities between the Pixel and iPhone in terms of price, just how true is this similarity? According to an IHS Markit teardown of the device, it appears that the cost to manufacture the Pixel XL is $285.75. At an unsubsidized price of $769 before taxes, this means that the cost-to-sales price ratio for the Pixel XL is similar to the iPhone 7 Plus and Samsung Galaxy S7 Edge.

google_pixel_xl_chart_exploded_version_two_revised

Pixel XL Price Teardown

In its press release, IHS Markit detailed how it determined the cost to manufacture the Pixel XL. The company deconstructed the Pixel XL to its base parts and then determined the approximate price point of each component, while adjusting for bulk purchasing costs. After assessing the cost of each component, IHS Markit determined that the bill of materials for the base Pixel XL model with 32GB of internal storage costs $278. Add to that a $7.75 cost to manufacture the phone in an HTC factory, and you get the $285.75 price figure.

googlepixelteardown

The company directly compares the manufacturing cost and design decisions of the Pixel XL to that of the iPhone and Samsung Galaxy S7 series, stating that the "total BOM costs for the Google Pixel XL are, not surprisingly, in line with those of other competitors, because the supply base and specs are very similar from phone to phone—whether it's an iPhone, a Galaxy-series phone or the Google Pixel XL" – Andrew Rassweiler, senior director of cost benchmarking services for IHS Markit. While Samsung is facing a tumultuous time with its Note 7 disaster, Google's Pixel XL arrives at the perfect time to challenge Samsung's dominance in the high-end Android smartphone market. It's clear that the Pixel XL was designed to compete with the upper echelon of premium flagship phones, and IHS Markit's price teardown only solidifies that point.

Source: IHS Markit



from xda-developers http://ift.tt/2eH4Kac
via IFTTT
Publié par à Aucun commentaire:

Android Wear 2.0 will Require Installing Apps from new Wear-based Play Store

Ian Lake is an Android Developer Advocate who has been responding to some Android Wear 2.0 questions over in the Android Wear Developers Google+ community. In one particular Google+ thread, a user inquired about the current distribution numbers for the various Android Wear platform versions. For now, Mr. Lake says that all watches are capable of running the latest version of Android Wear, so developers targeting minSdkVersion 23 in their app's manifests is fine. But then things started to get interesting as the discussion pivoted towards the upcoming Android Wear 2.0 update.

A developer asks if Android Wear 2.0 devices will support embedded APKs rather than the current method which requires installing the main application on the linked smartphone and beaming the Wear component to the smartwatch. In response to this question, Mr. Lake reveals an interesting change to Android Wear 2.0: with the upcoming wearable update, all users will need to visit the Play Store from their smartwatch in order to install an application on it. With the new update, users will no longer automatically load their smartwatch with apps from their smartphone, and will instead need to interact with their smartwatch to install new apps. In preparation for this change, Android Wear 2.0 applications will be allowed full network access and can be installed completely separately from the smartphone app.

Mr. Lake continues and tells us that Google is expanding the PlayStoreAvailability APIs for the developers who have apps that still utilize the companion app model, but he reminds developers that users will be able to download their apps independent of what's on the user's smartphone. The Play Store application for Android Wear 2.0 will show apps that you have currently installed on your phone at the top of the list for convenience, but the user will have the ability to choose whether or not they want to install it to their smartwatch.

This move is a significant departure from the original Android Wear user experience. Mr. Lake states that internal user studies show that users are not happy with the way the platform currently automatically installed apps to the smartwatch without the user's permission. This route should simplify things when the smartphone and smartwatch application are not required to be linked together. So for the Android Wear developers out there, be sure you're ready to provide support for Android Wear 2.0 as there are many changes included in the next big update for the wearable platform.

Source: Android Wear Developers

Via: 9to5Google



from xda-developers http://ift.tt/2ebv0Jp
via IFTTT
Publié par à Aucun commentaire:

XDA Forums Live for the Xiaomi Mi Note 2 and Xiaomi Mi MIX

Xiaomi's latest flagship, the Mi Note 2, and its "concept" phone, the Mi MIX are the latest devices that can call XDA their home! Head on over to the forums to interact with other users!



from xda-developers http://ift.tt/2dXgjMa
via IFTTT
Publié par à Aucun commentaire:

9 Year Old Linux Kernel bug dubbed ‘Dirty Cow’ can Root every version of Android

Despite the fact that tens of thousands of users actively pore over the Linux kernel source code actively looking for security flaws, it's not unheard of for serious bugs to go unnoticed. After all, though the chances of missing something incredibly serious are lowered by having more eyes auditing the code, we're all still human and are bound to make a mistake. The mistake this time seems to be quite serious, unfortunately. A privilege-escalation exploit was recently discovered last week, and although it has already been patched in the mainline Linux kernel, the bug could potentially be exploited on nearly every Android phone on the market until each device receives the appropriate kernel patch.

Enter Dirty Cow

screenshot-dirtycow-ninja-2016-10-26-11-23-31

The privilege-escalation bug is known colloquially as the Dirty Cow exploit, though it is cataloged in the Linux kernel's bug tracker system as CVE-2016-5195. Though only discovered last week, the bug has existed within the Linux kernel's code for 9 years. Furthermore, the exploitable code is found in a section of the Linux kernel that is shipped on virtually every modern operating system built on top of the Linux kernel – that includes Android, by the way. What's worse is that the researchers who uncovered the exploit have found evidence that the exploit is being used maliciously in the real-world, so they are advising any and all vendors shipping software built on the Linux kernel to immediately patch the exploit.

Dirty Cow is itself not an exploit, but rather a vulnerability. However, this vulnerability allows for escalating the privilege of a user space process, granting it super user privileges. By exploiting this vulnerability, a malicious user space process can have unfettered root access on a victim's device. In more technical terms, the bug involves a race condition of the Linux memory duplication technique known as copy on write. By exploiting this race condition, users can gain write-access to memory mappings that are normally set to read-only. More details of the vulnerability can be gleaned from here, here, and here.

The security vulnerability is said to be rather trivial to exploit, and indeed within mere days of the vulnerability being made public a proof-of-concept privilege-escalation exploit has been demonstrated for all Android devices. Any Android device running a Linux kernel version greater than 2.6.22 (read: every single Android distribution in existence) can potentially fall victim to this proof-of-concept exploit. Though the proof-of-concept exploit does not actually attain root access, attacking the system using this vulnerability makes that quite simple. In an e-mail sent to ArsTechnica, Phil Oester, a Linux kernel developer who is cataloging known real-world exploits of Dirty Cow on his website had this to say about the bug:

Any user can become root in < 5 seconds in my testing, very reliably. Scary stuff.

The vulnerability is easiest exploited with local access to a system such as shell accounts. Less trivially, any web server/application vulnerability which allows the attacker to upload a file to the impacted system and execute it also works.

The particular exploit which was uploaded to my system was compiled with GCC 4.8.5 released 20150623, though this should not imply that the vulnerability was not available earlier than that date given its longevity. As to who is being targeted, anyone running Linux on a web facing server is vulnerable.

For the past few years, I have been capturing all inbound traffic to my webservers for forensic analysis. This practice has proved invaluable on numerous occasions, and I would recommend it to all admins. In this case, I was able to extract the uploaded binary from those captures to analyze its behavior, and escalate to the appropriate Linux kernel maintainers.

After further work by developers on demonstrating the effectiveness of exploiting Dirty Cow on Android, one developer was able to successfully root his HTC device within seconds by exploiting the vulnerability. We at XDA generally welcome the ability for users to acquire root access, but we do not celebrate the existence of root exploits such as this, especially one which is so widespread and potentially incredibly dangerous to end users. To give you an idea of how dangerous Dirty Cow can be in the wild, YouTuber Computerphile put together a quick video demonstrating the potential malicious attack vectors that hackers can use to quietly attain root access on your device.

Source: ArsTechnica [1]

Source: ArsTechnica [2]



from xda-developers http://ift.tt/2dKT7xv
via IFTTT
Publié par à Aucun commentaire:

The XDA Crew at the Big Android BBQ

Have you ever wondered who is behind the XDA-Developers website? Here are some of the people that work to create great content for the community and keep everything running smoothly. Check out this video to see all the XDA people that attended the BBQ.

There were a few awesome booths this year at the Big Android BBQ. We took a tour of the event and checked out some of the best booths.

We had a lot of fun at the Big Android BBQ which was made possible by our sponsor UMi. Their latest phone, the UMi plus, has 4GB RAM, a 4,000mAh battery, and stock Android for $149. Click here to check it out!
umidigi.com

 



from xda-developers http://ift.tt/2dWzaaa
via IFTTT
Publié par à Aucun commentaire:

Samsung Pay to Launch in 3 New Countries, New Features Coming

Samsung Pay was able to jump ahead of the other mobile payment services in part because Samsung acquired LoopPay back in February of last year. They ended up announcing Samsung Pay the very next month, but the service wasn't launched until August. Samsung Pay was first introduced in both the United States as well as South Korea and Samsung has been working hard to get it widely adopted ever since.

The company has had an advantage over other mobile payment services because of the technology it uses. Instead of requiring the payment terminal to be upgraded for contactless payments, Samsung Pay will actually work with payment systems that only support magnetic stripes. Samsung is able to do this by transmitting the credit card data to the terminal's swipe slot using an an electromagnetic field.

Samsung has just announced that Samsung Pay will be launching in Malaysia, Russia and Thailand by the end of the year. This brings the total number of countries that Samsung Pay is available in up to 10. Similarly to the announcement that Google recently made with Android Pay, Samsung Pay has also partnered up with MasterCard to offer a simplified and fast online payment and checkout option.

In this latest announcement, Samsung also talked about three new features that will be coming to their mobile payment service in the near future. Starting in November, users of Samsung Pay will be able to find deals from retail locations that are close to them. Another feature coming in November is the ability to use Samsung Pay for in-app payments thanks to a partnership with select merchants. Samsung say this feature is coming to Velocity, Raise, Fancy, Hello Vino, Wish, Touch of Modern and promises that more will be coming too.

With the company's latest financial partners (Capital One and USAA), Samsung Pay now supports over 500 banks and credit unions that represent over 85% of the debit and credit card market in the United States.

Source: Samsung Newsroom



from xda-developers http://ift.tt/2eGhw8Z
via IFTTT
Publié par à Aucun commentaire:

HTC’s Q3 Financial Results Reveal $57 Million Loss

Since the glory days of the HTC Evo 4G, HTC has failed to make significant waves with most of their smartphone products. Even the much venerated HTC One was unable to dethrone its Samsung flagship counterpart. Continuing on that downward trend, it seems HTC is still struggling to recover from the financial issues they've been having all year. HTC has been able to slow down their continual revenue loss each quarter, but their efforts haven't been enough to actually bring a net profit to the company. Although, HTC fans and investors can still point to the fact that there is a slight upward trend in revenue each quarter when they discuss how the company is improving the business.

For the third quarter of 2016, HTC was able to bring in $700 million in overall revenue. This is good news for the company because the earnings are actually up 18% when compared to the second quarter of this year. The overall revenue for HTC in the third quarter of 2016 is also up by 4% when compared to the third quarter last year. HTC attributes this short-term success due to how well the company did in September when revenue was up 42% compared to August, and up 31% compared to last September.

Unfortunately, HTC was still unable to bring in any profits for the quarter. It's unclear exactly where all of the money is distributed, but it's possible they are investing in future technology, future designs, or simply pumping it into the company's marketing budget. We have been hearing rumors about the HTC Ocean series of phones and how HTC is attempting to innovate when it comes to how we interact with our smartphones, so it's possible that they are betting big on some unannounced project.

Still, for the third quarter of this year, HTC actually lost $63 million, which adjusts to be $57 million post-taxes. This is much better performance than we have seen from HTC in the past, but there still isn't any profit to be found. The company will either need to bring down costs somewhere, or they will need a new product that boosts sales to finally be able to take them out of the red.

Source: HTC (PDF)



from xda-developers http://ift.tt/2dWu65T
via IFTTT
Publié par à Aucun commentaire:
Inscription à : Articles (Atom)