LightBlog

lundi 5 décembre 2016

Motorola: Expect to See 12 New Moto Mods in 2017

This was the year of the modular smartphones. Many were hoping for Google's Project ARA to see the light of day until reports said the project had been put on hold. LG started a big campaign with the launch of the LG G5, and were inviting developers to check out their modular system. Lenovo/Motorola even jumped into the game with the launch of their Moto Z series of phones and the modular back plates they call Moto Mods.

Motorola also started to invite developers to check out their modular system as well, and this resulted in a few 3rd-party company having their own Moto Mod for Motorola devices at launch. Just recently, we saw the launch of 2 new Moto Mods with one being a battery pack from Mophie and the other being a car dock from Incipio. Motorola says they're dedicated to their modular system and have recently began talking about the possibilities of future Moto Mods.

Just last month, they teamed with Indiegogo to get Motorola's modular platform even more exposure through the "Transform the Smartphone" challenge. The contest ends on January 31st, 2017 so be sure to enter as they'll be giving away Moto Z phones and MDKs to those who come up with the best ideas. Just a few days ago, John Touvannas, Motorola's senior director of product management, teased some possible Moto Mod ideas around that included e-ink displays, a baby monitor, and even a 5G modem.

It's nice to see the company standing behind their modular system, and next year looks even better for the platform. Motorola's 2017 fiscal year starts in April, and Touvannas says they expect to launch "more than 12 new mods for 2017". The company continued listing Moto Mod ideas that include things like a game controller, measurement tool, external storage, alarm clock, breathalyzer, remote control, LED lights and more. It remains to be seen how successful these Mods become in the market, if at all they transcend into the realm of reality.

Source: CNET



from xda-developers http://ift.tt/2g2r3GZ
via IFTTT

Verizon/EE’s Bootloader Unlock Method for Pixel to be Patched This Week

Hacking into the new Pixel and Pixel XL phones from Google has presented a new challenge to the community developers. We knew it would be this way even before they were officially launched because of the changes to system that Google undertook. We generally see things like root access and TWRP support released for a Google phone before they're available to the public, but it took a bit longer this time around.

As Chainfire and Dees_Troy were working on their projects for the Pixel phones, XDA Senior Recognized Developers beaups and jcase announced they figured out a way to unlock the bootloader of the Verizon Wireless and EE Pixel smartphones. They were even nice enough to agree to release their unlock method to the community entirely for free, and a couple of days later, dePixel8 was made available to the public.

Since then, these phones have received one security update (for November). But now, beaups informs us that the unlock method will be patched this week. He tells the community that if you want your Verizon or EE bootloader to be unlocked, then you'll need to act fast. He did not give a date on when the update would be pushed out, but the OTA generally starts rolling out toward the start of the week. You can go into Pixel's Developer Options menu to disable automatic system updates if you're worried about it.

When asked if there would be any potential issues with Pixel phones that have already had their bootloader unlocked via dePixel8, jcase replied and said this is doubtful. Jcase also says that downgrading to an older version of Android shouldn't let dePixel8 unlock the bootloader of your already patched Pixel phone. So, if you have a Verizon or EE Pixel phone and you want to unlock the bootloader before the update goes out, head to the SunShine website to download dePixel8 now.

Source: @firewaterdevs



from xda-developers http://ift.tt/2g0f69z
via IFTTT

dimanche 4 décembre 2016

Homescreen Critique: Beautiful Wallpaper Edition

In this episode of Homescreen Critique, Taylor is focusing on homescreen setups that feature amazing and beautiful wallpapers. These submission come from the XDA community. These are some of the best ones we have found.

d0pecr4wler

wall1

Check out the homescreen here.

carlandermatias

wall2

Check out this homescreen here.

phonetech101

wall3

No information on what apps were used in this setup. Looks great though!

Check out this homescreen here.

ernest_21

wall4

Check out this homescreen here.

 

Submit your own homescreen in this thread to be featured in the next video.



from xda-developers http://ift.tt/2h8vlBR
via IFTTT

samedi 3 décembre 2016

Moto Z and Moto Z Force Updated to Nougat

The Android Nougat update has recently been pushed to the Moto Z and Moto Z Force. Surprisingly, the Verizon variants were the first models to receive this update. That's a bit unheard of considering Verizon's  record of being a little late in the update game. This video shows some of the new features you can expect when running Nougat on the Moto Z.

As a side note, you can get an unlocked Moto Z for $200 off from Amazon right now.



from xda-developers http://ift.tt/2h0jlyb
via IFTTT

vendredi 2 décembre 2016

Gooligan Malware Compromises More than a Million Google Accounts on Android

Security is an important aspect of Android. Due to the sheer number and variety of devices, making an OS flexible enough to run on all hardware choices and fulfill varied customer needs, while still maintaining bullet-proof security, is a very difficult task.

While Google is hard at work enhancing the overall security of Android, new vulnerabilities and exploits keep popping up and slipping under the radar. Not to mention, the very task of distributing security updates is left to the whims of the OEM, and outside of the major OEMs and major flagships, very few devices ever receive a security-focused update.

The newest bad fish in the pond was discovered by security researchers at Check Point. Nicknamed "Gooligan", this malware attack campaign is part of the Ghost Push family of malware. Malware under this label is often downloaded through external and untrusted sources, and the apps so installed are then used to install other apps on the host device. Gooligan particularly used the Google credentials on older versions of Android to generate fraudulent installs of other apps.

gooligan_1Check Point mentions that Gooligan has so far breached and compromised over one million Google accounts, with the number also steadily rising at an additional 13,000 breached devices every passing day. Gooligan installs over 30,000 apps daily on breached devices, and over 2 Million installs have been accumulated since the campaign began. Gooligan "potentially" affects devices on Android 4.x and Android 5.x, which is bad news as combined, these versions have arond 74% of market share currently.

Interestingly, 57% of the infected devices are located in Asia, which is not surprising keeping in mind the attitude towards piracy among the general consumers in this region. North and South America follow along at a combined 19%, the African continent makes up 15% and Europe contributes at 9%. Australia, very interestingly, was not mentioned at all.

How does Gooligan work?

Check Point mentions in more detail how the malware works, so we recommend checking out their blog post.

Gooligan starts off with a legitimate-looking infected app that gets downloaded via third-party app stores or sideloaded by mistakenly clicking on malicious links in phishing attack messages. Once the infected app is installed, it sends data about the device to the main Command and Control server of the malware campaign. After device information is obtained, Gooligan downloads rootkits that are applicable to the particular Android version, such as Towelroot or VROOT. If root access is successfully obtained, Gooligan then has full control of the device, including the ability to remotely execute privileged commands.

gooligan_2

Gooligan then goes on to download and install a new malicious module from its main server. The modules purpose is to inject code into Google Play or Google Mobile Services to mimic user behavior to avoid detection. Further, the module allows Gooligan to steal the user's Google account and authentication token, install apps from the Play Store and rate them without consent, and install adware to generate revenue. Money is generated for the attacker when the ad network server innocently credits them for successful app referral installs. For good measure, Gooligan also leaves a high rating on the Play Store.

How do you know if you were infected?

Check Point has a good list of apps that they have identified as being infected with this malware. So if you have any of the apps mentioned in the list installed on your device, there is a good chance your account was compromised. The compromise extends over to enterprise accounts as well, so it will not hurt to double check.

If you do doubt that you may be infected and compromised, you can enter in your email on a website created by Check Point for the same purpose. Google's Director of Android Security, Adrian Ludwig, points to Check Point's blog in his Google+ post, as Check Point has been working closely with Google to understand the issue.

If your account is compromised, you would need to undertake a complete wipe and clean installation of the OS on your device to remove all traces of Gooligan and related module code. Then, you need to change your Google account passwords immediately after the process.

If your account is not compromised, you can undertake certain precautions to avoid getting infected. Common sense dictates that one should avoid shady websites and apps, particularly those relating to illegal distribution of content. Piracy portals, whether they be in the form of black market app stores or illegal media (songs, movies etc) re-hosters, are one of the easiest ways to phish users into installing infected apps, so staying away from them is a good idea.

image-014

On a different note and for added precaution, if you are a rooted user, do pay attention to the apps installed on your device through periodic checks and make sure to grant root access only to the applications you trust. If you have a choice in running newer versions of your OS with newer security version, please exercise such option.

What has Google done so far to combat Gooligan?

Adrian Ludwig mentioned key details on Gooligan and Ghost Push on his Google+ post. Gooligan and Ghost Push were made with the primary intention to fraudulently market apps and make money through referrals, so Google has not found any evidence of user data access, even though that gate was open. There was no targeting of specific user groups or enterprises either, as the malware aimed to install itself on older devices opportunistically. Further, as Ghost Push malware family makes use of publicly known vulnerabilities, newer devices with up-to-date security patches are not affected as these vulnerabilities have been subsequently patched.

To protect users from infection, Google has deployed improvements to the "Verify Apps" functionality to warn users from installing any of the apps from the infected list, even if the source is outside the Play Store. The offending apps have been removed from the Play Store, which is an obvious course of action. Along with those, Google has also removed the apps that benefited from Ghost Push installs to further reduce the incentive of such abuse in the future. They have also revoked Google Account tokens of affected users and provided them with instructions on how to sign in securely. Going one step beyond, Google is also working with organizations that provided the infrastructure used to host and control the malware, in an effort to take down the main control servers to disrupt the existing malware ad slow down future efforts.


The emergence of Gooligan among other kinds of malware and exploits show that Android still has a long way to go in terms of security. Fragmentation is often at the core of the issue here, as a lot of these exploits are patched up in newer Android releases, but unfortunately, will never be deployed across many existing devices. A very large part of the blame here lies on the lack of after-sales service and OEM apathy, and such scenarios are very much unlikely to change anytime soon, especially in the entry-level smartphone market. Malware like these makes one appreciate what BlackBerry is doing with its security-focused Android fork.

What are your thoughts on Gooligan and Android's current state of security? Let us know in the comments below!



from xda-developers http://ift.tt/2gP65Qo
via IFTTT

What Do You Think About Smart Homes / Smart Assistants?

Google Home and Amazon Echo have been battling it out for that coveted spot in your house, to become the central hub for operations of other connected smart products. IoT as a new technology is gradually taking off, so we see both companies adding value with services like improved Voice Search on Google Home and Alexa Skills on Amazon Echo.

Both the devices give us a taste of the future, where we can control every aspect of our lives by just talking into thin air. However, not everyone has able to adopt this new technology and many see no reason to embrace either standard. We ask you,

What do you think about Smart Home Assistants as a concept? Are the current implementations of home assistants in line with your vision of what a home assistant should be? Do you think there are flaws or limitations in the home assistant concept? Do you own either Google Home or Amazon Echo? Why/why not?

Let us know in the comments below!



from xda-developers http://ift.tt/2fTR3Ei
via IFTTT

LG Appoints Jo Seong-jin as the Company’s New CEO

It's no secret that LG has been struggling to make a profit with some of its divisions within the company. LG's mobile division lost $389 million last quarter, and which was even worse than Q2 when they lost $132 million. Most of the profits LG has been able to bring in over the last couple of years is thanks to their home appliance and TV divisions. They specifically credit sales of TVs and home appliances when they made an overall profit of $503 million back in the second quarter of this year.

Some believe LG is having a bit of an identity crisis when it comes to their smartphones. Others have blamed their marketing campaigns (or lack thereof) and feel that LG could have done very well with the LG V20 if they would have marketed it better. The LG G5 had a lot of hype around it before it was officially unveiled, and the head of their mobile division said they would "need to overspend a bit in order to get the word out and create fans."

This didn't bode very well when their 2016 flagship smartphone sold less than expected, and resulted in multiple executives within the mobile division losing their jobs. Yesterday, the company announced they would be appointing a new CEO in charge of the entire company. The new CEO is Jo Seong-jin, and he was actually in charge of their home appliance division. The same division that has helped keep LG afloat for the last couple of years.

This change has gone into effect immediately, and will put Jo in charge of all LG Electronics' business divisions including the H&A Company, Mobile Communications, Home Entertainment, and Vehicle Components. He will even have oversight of over 120 operations around the world. Song Dae-hyun used to be the head of the CIS Region and president of LG Russia, but will now be taking the place of Jo as the president and CEO of the Home Appliance & Air Solutions Company.

Source: LG Newsroom



from xda-developers http://ift.tt/2fTlSZR
via IFTTT