December 17, 2012 By: jerdog
We recently told you about the Exynos4 security hole found by XDA Member alephzain. This is a security hole in the kernel that allows malicious code full access to all physical memory. XDA Elite Recognized Developer Chainfire would have none of it, and not only pointed out the security hole by creating an app that roots your device without ODIN, but also provided a way to plug it.
His application, aptly named ExynosAbuse APK, gains root privileges via the ExynosAbuse exploit and installs SuperSU. In addition, in version v1.10, it allows you to disable the exploit at boot. The downside of disabling the exploit is that your camera may break. However, this is not so bad considering how your device can no longer be compromised by this exploit. Lesser of two evils, right? If you absolutely must have your camera, the application allows you to re-enable the exploit.
Unlike the other app-based patches out there, Chainfire’s solution to patch on boot runs before any normal Android apps perform their launch after boot code, thus preventing that attack vector as well. One thing Chainfire points out is that the protections included in his APK are just workarounds, rather than actual fixes. For that, we’ll have to rely on our talented developers in the XDA Developer community or Samsung. (Do I hear crickets chirping?)
For more details on the exploit, you can head over to alephzain’s exploit thread or Chainfire’s application thread. When visiting the latter, be sure to help Chainfire test various Samsung devices by stating your device, its firmware, and whether the application and fix worked.
December 11, 2012 By: Jimmy McGee
A little over a month ago, the Big Android BBQ event happened and XDA was in attendance. XDA Developer TV Producer Erica was there with her camera, recording all things exciting and interesting. After sifting through hundreds of hours of video, Erica presents a video detailing all the fun at the Big Android BBQ.
Erica interviews many people including, XDA Elite Recognized Developer supercurio, Recognized Developer and AOKP creator Roman Birg, Creator of Awesomeness Tha Phlash, Recognized Developer and creator of ClockWorkMod Recovery Koush, Senior Moderator M_T_M, Elite Recognized Developer AdamOutler, Elite Recognized Developer Chainfire, Elite Recognized Developer Entropy512, and a special appearance from TV Producer azrienoch. Also, you get to see parts of all the fun events at the Big Android BBQ that you missed if you didn’t attend. What are you waiting for? Watch this video!
Unless you’ve been hiding under a rock somewhere, you know that Google has released a few new devices (Nexus 4 and Nexus 10), as well as a refresh to the Nexus 7. What makes this different from previous Nexus releases is that there are two new manufacturers added to the mix with Asus (Nexus 7) and LG (Nexus 4) joining Samsung (Nexus 10 as well as Nexus S and Galaxy Nexus) and HTC (Nexus One).
We recently told you about XDA Elite Recognized Developer Chainfire’s new project to automatically root devices and keep them as stock as possible, and we now have an important update to share with you, as Chainfire has added CF-Auto-Root support for the new Nexus devices. What makes this update different from previous versions is that fastboot support has been enabled, as well as an updated version of SuperSU (v0.99).
Follow the links below to learn more and to obtain the downloads.
November 23, 2012 By: Jimmy McGee
In this third part of our four-part series, XDA Elite Recognized Developer and TV Producer AdamOutler shows you how to root your Samsung Galaxy Camera with Odin, Elite Recognized Developer ChainFire’s CF-AutoRoot, and a PC. Before this episode, AdamOutler submitted a recovery to Chainfire to be CF-AutoRooted. AdamOutler shows how easy CF-AutoRoot is to use.
In this episode, AdamOutler gives you a list of reasons why you would want to root your Galaxy Camera. He then gives you the step-by-step process for rooting the Galaxy Camera. If you missed it, check out part one of this series, where AdamOutler unboxes the Galaxy Camera and shows of the basics. Also, be sure to check out part two for a detailed tear down of the internals of the device.
November 12, 2012 By: jerdog
If you’re anything like I am, as soon as I get a new device I have already spent hours researching what ROMs are available, the status of the bootloader (read: no HTC for me), and the availability of a proven root method. Seeing as the last 4 devices I have owned have been Samsung, there’s really only one option when it comes to rooting a Samsung device, and that is CF-Root from XDA Elite Recognized Developer Chainfire.
After logging over 9 million downloads of CF-Root, beginning with the Samsung Galaxy S GT-I9000, Chainfire has come up with something more streamlined and he’s calling it CF-Auto-Root. The premise is that you find your particular device, download the CF-Auto-Root file and flash with ODIN. Upon a successful flash you’ll have a rooted device with SuperSU installed and the stock recovery still in place. Chainfire describes the difference between CF-Root and CF-Auto-Root:
CF-Root (non-Auto) are manually built rooted kernels and/or flashables that usually provide more than “just root”. CF-Auto-Root is built on an automated system that I am constantly improving that takes a stock recovery image and returns an automated rooting packages. These packages are designed to install and enable SuperSU on your device, so apps can gain root access, and nothing more.
On his CF-Auto-Root webpage, Chainfire has the following information:
Use at your own risk, I’m not responsible for bricking your device.
If you have locked bootloaders, flashing one of these will brick your device.
GET THE RIGHT FILE
Make sure you get the correct file. Using the incorrect file may brick your device.
If your target device has a custom firmware flash counter, CF-Auto-Root will trigger it. If you’re lucky, Triangle Away has support for your device and can be used to reset the counter.
When you say “superuser” some might make the mental jump to an image of Superman flying around with a computer strapped to his back and a keyboard in hand to ward off the hacking attempts of mere mortals; others might jump to an image of Wonder Dog helping Wendy and Marvin fight the super villains; and still others will wonder if you’re referring to the latest culinary creation down at the corner of 8th & Sixth in NYC. Regardless, it evokes imagery that requires context to decipher what it is you’re discussing.
In the context of Android, Superuser has become synonymous with the Superuser app created by XDA Recognized Developer ChainsDD that grants you (and applications) root privileges by allowing you to accept the request or not. His app and process for obtaining root were the only options on the block for a long time, until XDA Elite Recognized Developer Chainfire sought a different solution to requesting and granting root privilege requests. The result of that endeavor was SuperSU, which has increasingly become a mainstay and is being included in more and more new custom ROM development these days.
Back in July Chainfire started a discussion on Google+ about his investigations on how developers were using root privileges, and had this to say about what he had begun to find:
Since I started writing SuperSU, I have investigated and reverse engineered a large number of apps that had problems with SuperSU, Superuser, or both. Aside from a few bugs in SuperSU (yes, they do happen), by far most problems were one of these two:
(1) Improper code calling “su”. I’ve seen a lot of weird Java code to execute commands as root – some you would not believe!
(2) Calling “su” from the main UI thread. “su” can be a blocking call. There is no excuse to run it from your main thread. EVER.
Even though #1 is not insignificant, #2 here is by far the most likely reason of crashes of a rooted app !
He then promised that he would have more to share after his holiday, and the Big Android BBQ is where he first teased us with his findings. He presented information about the correct (and incorrect) ways for an application to request root privileges and then promised that he would release his full article along with sample code. Now, he has. You can visit the original thread for more information or read the article on his website.
October 23, 2012 By: jerdog
On Saturday, October 20, I moderated “The Future of Android Development” with a panel of XDA Recognized Developers consisting of:
The session was attended by over 100 people, with standing room only. At one point there were over 130 people listening to some of our developers discuss their projects, what excites them about Android development, and what they see as the future of development on Android. Here are some highlights:
Thanks goes out to the developers involved who helped make this presentation a success. If you weren’t there, you really missed a great session. Below you can find some pictures from the presentation. Those who would like relive the experience or feel like they were there can view the slide deck on SlideShare.
Having amassed almost 8 million downloads for its different device iterations in just over a year, CF-Root is a phenomenon in the Android development arena; and it’s not even a cheesy game! With versions available for the Samsung Galaxy Tab, Galaxy S, Galaxy S II, Galaxy Nexus, Galaxy Note, and Galaxy S III, it’s a venerable cornucopia of options. And with the release of the Samsung Galaxy Note 2, XDA Elite Recognized Developer Chainfire adds another device to the fold.
The current iteration of CF-Root for the Galaxy Note 2 has been named CF-Auto-Root and comes with some key caveats along with the typical installation notes:
- The previous root methods via recovery broke the CACHE partition, causing issues with Triangle Away and Mobile ODIN. This release of CF-Root is preliminary to resolve these issues.
- This is a one-flash-root thing which automatically installs root, then returns your device to the stock recovery. This is required for OTAs and some DRM-style appsInstallation and usage
Flash the CF-Auto-Root package as PDA in ODIN (details on how to do that are in next post), and your device should reboot into a modified recovery (signified by a large red Android logo) and it will install SuperSU for you and restore the stock recovery, and reboot back into Android.If you don’t get to the red Android logo, boot into recovery manually (“adb reboot recovery”, or boot while holding Power+VolUp+Home).Using this root increases your flash counter. You should run Triangle Away (see below) after rooting to reset the counter. Note that if you want to run custom kernels or custom recoveries, your flash counter will be set to 1 at every boot. Either configure Triangle Away to reset the counter at every boot (Play version only) or only reset the counter when you need to go into warranty.
October 15, 2012 By: Jimmy McGee
Unless you have been living under a rock, you know what Triangle Away is. If you don’t, Triangle Away is a way to reset the flash counter on Samsung devices. That’s right. In their infinite wisdom, Samsung decided to keep track of the number of times you flash custom firmware to your device. Obstinately, this is to allow them to deny warranties and blame the hardware issues on unauthorized firmware. The logic seems flawed with the solid firmware available on XDA.
Recently XDA Elite Recognized Developer Chainfire released an update to his Triangle Away application, ticking the version number to v2.05. This latest update adds support for the Samsung Galaxy S3 LTE GT-I9305 and the Samsung Galaxy Note 2 LTE GT-N7100. Chainfire says that this update should work on various Qualcomm-based Samsung devices. Chainfire could use your help to determine which of the Qualcomm-based Samsung devices this works on that haven’t been identified.
On October 9th the new 5.5 inch screen wielding Samsung Galaxy Note 2 GT-N7100 was added to the supported devices list. Since our last Triangle Away article support has also been added for the Samsung Galaxy S3 SHV-E210K, Samsung Galaxy S3 SHV-E210S, Samsung Galaxy Note GT-N8000 10.1″ 3G and Samsung Galaxy Note GT-N801x 10.1″ Wi-Fi.
Check out the application thread for more information and to help Chainfire find out what devices this latest update works on.
October 13, 2012 By: jerdog
In the course of developing an application, or even looking at deploying a new kernel or ROM, it is often necessary to benchmark your changes and see what effect your efforts yield. No one should deploy something that gives your users a negative experience. XDA Elite Recognized Developer and Senior Moderator Chainfire feels the same way, so has added a new application to his repertoire: PerfMon.
PerfMon is a “floating” performance tool, which operates as an overlay to your existing application. It will provide real-time stats for the foreground app, CPU, disk I/O and network I/O. These can be used to see exactly how your application performs in any given situation. It also has a new performance metric unique to PerfMon called CPU Capacity Usage. As described by Chainfire:
The CPU usage percentage traditionally used to measure and compare how much of the computational resources an app (or the entire device) is currently using does not make sense in a mobile multi-core setting. The capacity metric will take the CPU usage and scale it to what it would be if all cores were running at full capacity.
For example: if you have a 1.6ghz quad-core running a light app, it could be using 10% CPU with only one of the four cores active, and that core running at 200mhz. If you translate that to all four cores running at 1.6ghz, that app is using only 0.3% of total CPU capacity.
It’s the only CPU Usage metric that makes any sense!
Chainfire has posted the full version in the application thread, where you can find out more about how this works. He also has a link to the Google Play version, so head over there and provide feedback and support his efforts. And if you haven’t already heard, Chainfire will be at the BigAndroidBBQ so if you want to meet the iconic man, and experience what Willverduzco did, make sure you stop by XDA’s booth and say hello.
There are many of elements that go into compiling any source code. Not only are there various files that need to be compiled, but multiple processes are used to compile them. Sometimes, those processes aren’t always as fast or optimized as they could be. One such example is is AAPT—which stands for Android Asset Packaging Tool. It’s commonly used in compiling Android applications.
While compiling some applications like DSLR Controller, XDA Elite Recognized Developer and Senior Moderator Chainfire noticed that compile times were higher than they ought to be. This warranted an investigation. Chainfire concludes his investigation as such:
So I set out to fix this. I had done all the usual tricks, even gave Eclipse loads more memory (helped with regular performance, but not building) but nothing major seemed to change. Then I figured out most of the time building was spent in AAPT
Based on this find, Chainfire was able to develop a hack that help correct the issues behind the slow build times. Chainfire provided a first build of this hack/fix along with instructions on how to determine if you have the problem that this hack/fix rectifies:
A quick way to spot if this will have effect on your slow build is as follows:
- In Eclipse, set Build output to Verbose under Window -> Preferences -> Android -> Build.
- Clean and build your project.
- If the build pauses on lines in the “(new resource id from )” format, you have the problem FAAPT fixes
As per the norm with Chainfire applications, user response has been quite positive. Nearly everyone who has used this to fix slow build times has seen a decrease in build times to some extent. How much this helps will of course depend on what you’re building and what OS you’re using. Currently, there’s a version for Windows and a version for Linux. It is important to note that Chainfire warns that this is a first release, and to not test it on production builds.
If you’d like to learn more about the fix or take it for a spin, check out the original thread.
That last thing you want to hear when submitting your device for a warranty repair is, “You rooted your device and broke the warranty so I can’t help you. Enjoy your bricked device!” The tech in the store or at the repair center rarely knows exactly what was done, but they tend to pay attention to the status of your bootloader and if you have a rooted device and/or custom firmware. In the case of newer Samsung devices, after flashing a custom kernel, the screen displays a nice yellow triangle on boot signifying you’ve done something that the manufacturer didn’t want you to.
XDA Elite Recognized Developer Chainfire recently created an app called Triangle Away, which clears the system flag on select Samsung devices so that the annoying triangle goes away. Today, he updated the app to version 1.80, which adds support for the US Cellular Samsung Galaxy S III, along with the entire Samsung Galaxy Tab 2 series. Recently added devices:
Samsung Galaxy S2 GT-I9100 **
Samsung Galaxy Note GT-N7000 **
Samsung Galaxy Note GT-I9220 **
Samsung Galaxy S3 GT-I9300 **
Samsung Galaxy S3 GT-I9300T **
Samsung Galaxy S3 AT&T
Samsung Galaxy S3 Sprint
Samsung Galaxy S3 T-Mobile
Samsung Galaxy S3 Verizon
Samsung Galaxy S3 Canadia
Samsung Galaxy S3 US Cellular
Samsung Galaxy Tab 2 GT-P310x 7″ 3G
Samsung Galaxy Tab 2 GT-P311x 7″ Wi-Fi
Samsung Galaxy Tab 2 GT-P510x 10″ 3G
Samsung Galaxy Tab 2 GT-P511x 10″ Wi-Fi
** Various related models are supported depending on firmware, but only the exact model numbers listed are supported regardless of firmware version.
Head on over to the original thread to get more information and to download the application.
August 2, 2012 By: Jimmy McGee
Here at XDA Developers, we love to flash our devices to our hearts content. However, Samsung has introduced a kernel flash counter that keeps track of custom kernel flashes. XDA Elite Recognized Developer Chainfire then created an app to reset the counter and make the triangle go away. Chainfire has adapted that to many devices.
In this video our buddy TK reviews the application. He reviews what features he likes and talks about the application. He discusses Chainfire’s back and forth with Samsung. They try and work around his application, and Chainfire figures out how to make TriangleAway.