Android Phones

[danielpholt]

Get the One X man. Its my favourite phone ever. I love it.

[deanb]

Well I finally found out how long I've left on my contract (2months, and it's like pulling nails to get that info), so I've two months to turn my finances around (aka get a fairly stable job) and I might go for a nicer phone. Until them I'm looking at stuff like the Galaxy Ace 2

[Thorgi Duke of Frisbee]

Well, a few days ago the tablet got banned and now the Nexus got banned in the US. For now or forever. Got to see how it ultimately goes.

http://www.engadget....g-galaxy-nexus/

Since its Apple versus Samsung, perhaps the S3 will get banned as well.

 

I'm currently looking for a new phone to replace my current Samsung Epic in five months... getting shit like this does not help.

Glad I grabbed the Nexus when I did; it's a gorgeous phone. And I hope this gets lifted soon, so more people can enjoy it.

[danielpholt]

Completely contradicting me previous post about the One X being my favourite phone of all time, i think i'll go down the Nexus Path next time. The One X was such a step up from my iPhone 4 that i feel a little more confident that i can handle a vanilla Android device now. So if and when Google/Samsung release a new Nexus i'll be in line.

[Mal]

Not if Apple get the court to freeze the sale of any new Nexus or hell, any Google/Samsung phone.

[deanb]

Not if Apple get the court to freeze the sale of any new Nexus or hell, any Google/Samsung phone.

Dan is UK, so the ban doesn't apply.

 

Doubly so given just yesterday a UK judge called Apples slide-to-unlock "obvious"

http://www.bbc.com/news/technology-18709232

 

"HTC is pleased with the ruling, which provides further confirmation that Apple's claims against HTC are without merit. We remain disappointed that Apple continues to favour competition in the courtroom over competition in the marketplace."

Which is pretty much what's going on of late. Just like in the PC world their foray at leaser is shortlived as cheaper open devices bleed into the market. Making it so they're the only one allowed to use their software is always going to be a killer for them in the marketplace. Surely their billions are better spent than getting brief bans on phones? Like on some proper R&D instead of eyeing up random Android features n trying to mash em in. Like the Twitter/FB intergration, notification shades etc.

 

Kinda odd though that they lose in the UK for the same patent they won on in US. Different patent laws I assume? Is it first to file in US? So even if this swedish phone had it years before iPhone if they never filed/filed after Apple in US it won't count?

 

http://imgur.com/a/sRiLs

In other news, I'm starting to lean towards Galaxy Note again. Though the SII is a bit less Trigger Happy TV, but still decent enough that this could work. The Boulder is conflicted...

[Thursday Next]

Not so much different laws as different interpretation. The UK Judge felt that the US company's patent was weak and so didn't grant an injunction against the Korean company. The US Judge felt that the US company's patent was totally legit and issued a ban against the Korean company.

 

Not that I am for one minute suggesting that the US Judge expressed bias in favour of a US company... oh no.

[fuchikoma]

So you can send an exploit to a Galaxy S3 via NFC for quick wireless pwnage. I think it's a great looking handset, assuming you know a bunch of other people with them, but I wish it ran a more secure OS...

[Faiblesse Des Sens]

Like what? You're kidding yourself if you think the competition is any more secure.

[fuchikoma]

Yet the exploits found in iOS come nowhere near a given month on Android... And I don't mean to make this an OS war either - OS 5 blows for performance and stability, but it's like every couple weeks I hear about a new trojan or privilege escalation exploit, or other hack that gets out of the sandbox on Android. The handsets and tablets look awesome, if not for that.

[Eleven]

In the show Person of Interest, Reese hacks phones by pairing on what I assume to be bluetooth but I'm not sure because of the distance he has from his target. He uses an iPhone though so NFC is out.

 

Reading this, it's cool that you could really do something like that, without even touching the other person's device (granted the security flaw is there). It makes it really cool because it makes that crap they do on TV possible!

[deanb]

There's a reason DOD use Android phones. Anyway NFC is as much an "exploit" as WPS since...well the N = Near. You'd have to be right next to someone to do anything with it. The article also fails to mention which document viewer had the flaw. Which makes the App the insecure one not the OS.

 

As for POI: highly likely it's just a case of TV magic. Bluetooth usually requires a PIN or other phone owners acceptance.

[Eleven]

As for POI: highly likely it's just a case of TV magic. Bluetooth usually requires a PIN or other phone owners acceptance.

 

Yes that's what it is, but the point is, after reading the article, suddenly that kind of TV magic ain't too bad! It may actually be possible to do, compared to before where he doesn't confirm the bluetooth connection on the victim's phone.

 

Maybe next season Reese would have an Android, and actually use NFC to hack into other people's devices, instead of bluetooth.

[deanb]

Maybe, but NFC is a bit new for television to wholly embrace. Don't forget we're still in the age of tracking IPs with a visual basic GUI and hacking better by having two people on a keyboard at once. Bluetooth is old hat n folks know what it is, thus a simple concept to throw in without having to

At least we're past the age of hacking through 3D mazes (but still in an age where people think the Jurassic Park GUI was made up and not a proper UNIX UI)

[Eleven]

You're no fun.

[fuchikoma]

There's a reason DOD use Android phones. Anyway NFC is as much an "exploit" as WPS since...well the N = Near. You'd have to be right next to someone to do anything with it. The article also fails to mention which document viewer had the flaw. Which makes the App the insecure one not the OS.

 

As for POI: highly likely it's just a case of TV magic. Bluetooth usually requires a PIN or other phone owners acceptance.

 

There is a reason the DoD uses Android... they could hypothetically audit the code themselves, and put their own apps on it easily. This isn't the same as most handsets though - it's the Dell Streak, without Wi-fi, Bluetooth, or the Google Marketplace, with a special custom API to provide secure services like cryptography. Also, the US Navy used WinNT 4 to control whole ships... 13 years ago, I cracked locked up NT controlled manufacturing equipment in 30 minutes with a crappy surplus desktop PC. President Obama uses an iPad with Wi-fi disabled. Who uses something doesn't make it secure.

 

RFID was supposed to be largely for a form of NFC at around 5-10cm, but souped-up readers have managed to work at 69ft.

 

They called it "the Android document viewer" as do all the articles I can find, so that sounds like one that's included by default - if not with all Android distributions, then with the Galaxy S3 and maybe others with NFC?

 

Also, it used vulnerabilities in the app AND the OS - they said they used NFC for showmanship, but the payload was your typical privilege escalator, which in turn installed a trojan that gave seemingly complete control to a remote user.

Edited September 20, 2012 by fuchikoma

[deanb]

There's not really any default document viewer. I guess it would also depend on the document viewed. My phone came with Polaris Office included, though it could be a PDF reader (which might make sense) or anything else. While the NFC is showmanship, they do require something to trigger the intent. Throwing a file on Android won't do much unless you go and activate it, and then pick your "document viewer" from there. The main weak link in it all does seem to be the unnamed document viewer. If you wanted to install stuff on an Android phone it's much simpler than using NFC; just work your way into their Google account and hey presto.

 

As for the "RFID at 69 feet" thing, this would be it, and it's not your average phone equipment. (Though yes rather impressive for what is mean to to be a rather close range tech)

[Faiblesse Des Sens]

Throwing a file on Android won't do much unless you go and activate it, and then pick your "document viewer" from there.

 

One reason that they used NFC is because the phone has it do things automatically.

 

Anyways, I wonder if it's the ultra-generic built in document viewer. If you've done any sort of number of weird things with ROMs and APKs you've probably come across it when attempting to open a file it doesn't know what to do with.

 

This seems like something they could fix quite easily, from a non-technical perspective. Anyone have any insight on the technical side that might make this vulnerability matter? I understand that they can do this without NFC, but like Dean said, the big difference there is that at that point it requires user action.

[fuchikoma]

It sounds like it will be fixed (at least temporarily) with an update. It's more of a wakeup call that this is a viable vector for a no-user-interaction hack (though some have said the phone has to be on and unlocked.) (edit: Also, that their hack mitigation efforts like address space randomization can still be worked around fairly relaibly.)

 

And the extreme RFID hack was to illustrate that "oh, it only works at 5-10cm" has been said before, but soundly disproven. Since radio waves don't just stop sharply at their effective range, it stands to reason something like this could be set up by someone to work at 2-5m, then hit active phones going past an apartment, a car in a parking lot, or less likely spots like a construction site or a storefront, even if it took a 3-5 ft antenna to pull off.

Edited September 20, 2012 by fuchikoma

[Mal]

Is a smartphone having a slide keyboard such a niche market? Is thickness really worst than wideness? I see no phone with recent recent tech with a slide keyboard and my upgrade time is pretty much here. I could wait til the holidays but even by then there won't be a new slide phone coming out for Sprint.

[deanb]

I would swear I've seen news of a Samsung Galaxy phone with a qwerty on it. Doubt it'll be SIII power like hte Note 2, but close enough. Don't the Moto Droids do QWERTY slide out?

[Faiblesse Des Sens]

IIRC Motorola just released one that has the specs of the RAZR.

[Mal]

Yeah, the Photon. I'm just unsure if I should since I'll be using this phone for two years. So I do want to have more top specs for the rest of the year. I heard about Sprint maybe having the Eclipse which seems to be the top of the line at the moment.

 

At the time, the Epic was one of, if not the largest smartphone in the market. It also had one of the best specs. The keyboard was one of the biggest thing that drew me to the phone though. I use my keyboard on my Epic a ton for email and well, internet usage. A fair share of my posts on here are from my phone. So I guess I am a bit iffed that I don't have that situation now.

 

Edit:

There seems to be another slide phone coming from LG called Cayenne. It should come out this year. Somewhat similar to the Photon (Corrections, not the Eclipse).

Edited September 29, 2012 by MaliciousH

[Faiblesse Des Sens]

Whoa, didn't know about the Eclipse, that's actually some pretty rockin' specs.

[Mal]

Actually, correction, Cayanne is not like the Eclipse. Its more like the Photon. I dream of such a thing that it made me make that typo.