There are a number of different apps on the Play Store that make browsing the XDA portal and forums a fun experience on mobile, but we want to know: What's your favorite way to access the XDA forums? Do you prefer browsing on the desktop, mobile app, or mobile browser? If you use a mobile app, which one? Let us know how you connect with our community in the comment section below.
Source Code Commits in Android 4.4.2 KOT49H Reveal Flash SMS Attack Fix and App Ops Removal
Just a few hours ago, we talked about how the source code for Android 4.4.2 had made its way into the AOSP. Now, the fine folks over at FunkyAndroid have once again created an exhaustive change log detailing all of the commits made between 4.4.1 and 4.4.2.
Nexus device owners who upgraded from 4.4.1 to 4.4.2 will attest to the small size of the incremental OTA. Accordingly, only four source code commits differentiate the two versions. But never fear, as these changes are actually significant. And if you haven’t already updated, they definitely warrant a few minutes of your time.
Chief among the fixes, 4.4.2 brings a solution to the previously covered low risk Flash SMS vulnerability. Although they went about “fixing” the problem the wrong way initially, we’re glad to see a legitimate solution appear. There is also a fix for the OOBE Denial-of-Service crash after receiving 0-byte WAP push messages, as well as reduced camera logging.
In addition to the fixes, the much loved App Ops program that we covered not too long ago has been further hidden away. As such, it is no longer accessible through the previous means. This change is entirely intentional, as Google always meant to keep the program for internal debugging. As stated by Google Framework Engineer Dianne Hackborn:
That UI is (and it should be quite clear) not an end-user UI. It was there for development purposes. It wasn’t intended to be available. The architecture is used for a growing number of things, but it is not intended to be exposed as a big low-level UI of a big bunch of undifferentiated knobs you can twiddle. For example, it is used now for the per-app notification control, for keeping track of when location was accessed in the new location UI, for some aspects of the new current SMS app control, etc.
To get started, make your way over to the FunkyAndroid KOT49E Changelog and check out those commits. The complete (and miniscule) changelog can be found in its entirety at the bottom of this post. What are your thoughts on the update to 4.4.2? Are you glad that Google finally fixed the SMS and OOBE crash bugs? Despite Dianne’s explanation, are you still a little peeved about the further hiding of App Ops? Let us know in the comments below.
[Source FunkyAndroid | Via AndroidPolice]
Full Changelog, as reported by FunkyAndroid:
567ea11 : Fix OOBE crash/DoS after receiving 0-byte WAP push.
3574026 : Reduce logging of flattened Preferences
d00f7cd : Android denial of service attack using class 0 SMS messages
37f06a4 : Put fragment in specific activity’s whitelist
Want something on the XDA Portal? Send us a tip!
Once a year, top players in the mobile sphere gather for MWC, to show off what they've been working on and collectively set the standard for the year to come. Yesterday was a big day with the launch of HTC and Samsung's flagships, alongside numerous other announcements, and today it was Google's turn to take the stage. SVP Sundar Pichai took the stage in Barcelona to speak about Google's network initiatives, Project Link and Project Loon, as well as to...
Intel showed its face at MWC 2015 to give the world a yearly update on their upcoming line of chipsets for mobile. While last year the company focused on gathering partnerships and strengthening up their services, architectures and production, now they are revamping their Atom line of SoCs for mobile with a new brand name and a distinctive category format much like that of their i3/i5/i7 line of personal computing processors. The new scheme will be naming the chips x3, x5...