It should come as no surprise that here at XDA, we are always calling on the OEMs to do a better job of removing the bloat of their custom UIs (Samsung – we’re looking at you and your now insane TouchWiz size) and improving the overall user experience. What may come as a shock to some, though, is that a recent study by researchers at North Carolina State University says that those same OEMs, and their incessant need to have a custom UI as some sort of “branding,” are directly responsible for most of the security issues found with Android. Cue Home Alone face.
In all honesty, we really shouldn’t be all that surprised. XDA Elite Recognized Developer jcase gave a great talk at XDA:DevCon13 where he discussed “Android Security Vulnerabilites and Exploits.” There, he identified how OEMs (LG was his main example) are directly responsible for many of the vulnerabilities and exploits he finds.
The researchers at NC State found that 60% of the security issues were directly tied to changes OEMs had made to stock Android, specifically related to apps requesting more permissions than were necessary. They looked at 2 devices from each 4 different OEMs (Sony, Samsung, LG and HTC), with one running a version of Android 2.x and another running 4.x from each OEM, along with the Nexus S and Nexus 4 from Google.
Here are a few of the findings:
For the user, this should be a warning to pay attention to the permissions used when you install an app and take steps to protect yourself, like with the Xposed module XPrivacy. For OEMs, shame on you. Consumers place trust, no matter how unfounded and risky that is, on you. For you to be breaking that trust by not being responsible and open in your dealings and development is just plain careless.
The full study, presented yesterday at the ACM Conference on Computer and Communications Security in Berlin, is definitely a good read, with specific case studies done on the Samsung Galaxy S3 and LG Optimus P880.
Source: MIT Technology Review
[Thanks to XDA Elite Recognized Developer toastcfh for the tip.]
So it’s been a week since XDA:DevCon 13 passed, and I am still blown away by the excitement, energy, and community that flowed out of the event. With top-notch speakers and sponsors giving their all, and a hotel staff that was committed to making sure everything went smoothly, there was hardly a chance for Uncle Murphy (the bad luck icon, not our amazing opening speaker Mark Murphy) to make an appearance.
Going into this event I didn’t know what to expect—much like when you and your significant other find yourselves expecting a child, you spend months planning something, but you still don’t know what is really in store. Is it going to come out looking like this or more like this?
So many exciting things happened, some of which XDA TV Producer Jordan Keyes spoke about in his recap last week, while others will probably never see the light of day (but have something to do with a dancing video bomb, crazy developer drink shots, and a dancing penguin, to name a few). One thing’s for certain though: without the support of the XDA community, and willingness to take a risk and show up to a new conference, this would have never been a success. Also, a big thanks goes out to XDA Staff, Sponsors, and Speakers who made it possible for this baby to be born.
It’s with that in mind that I want to give a shout out to those sponsors below. Without each and every one of them, XDA:DevCon would not have had the amazing giveaways and allow us the ability to serve amazing food during the conference. We thank you for your commitment and willingness to join us at our first ever developer conference.
August 10, 2013 By: Samantha
Greg Sony”. It’s a rather affectionate title that Sony’s been given for the past few months, particularly for their leading track record in GPL compliance as displayed on multiple occasions. So to make sure that they’re continuing their fairly extraordinary performance, they’ve just released the open source files for the recently announced Xperia Z Ultra and M.
Much in the spirit shown by Sony back with the Xperia Z, the company’s gone ahead to make sure developers can play with the workings behind both the yet-to-be-released Xperia M and the just released Xperia Z Ultra. It’s been iterated before, and it has to be done again, but nothing but commendation can be given to Sony Mobile for this.
The Xperia Z Ultra is Sony’s answer to the very successful Note series from Samsung, boasting a 6.4-inch display at 1080p resolution. Keeping it going is the 2.2GHz quad-core Snapdragon 800 processor, 2 GB of RAM, and a 3000 mAh battery. With a thickness, or thinness rather, of 6.5mm, it retains the attractive OmniBalance design we’ve seen featured in the 2013 Xperia family. This is also true for the Xperia M, a mid range device with quite a modest spec sheet. Yet despite its 1GHz dual-core Snapdragon processor and 1GB of RAM, it definitely still has enough horsepower to go about the uses of the average user.
So if you’re thinking of thinking about getting either of these devices, or curious about their “behind the scenes,” you can find the files for the Xperia Z Ultra and the Xperia M at their respective posts on Sony Developer’s Open Source Downloads site here and here.
If you have been living under a rock, XDA has been running an amazing contest the past two weeks involving the latest tablet to hit the market, the Sony Xperia Tablet Z. After almost 100 entries, the judges were able to narrow it down to the following 10 winners (in no particular order) along with a brief description of their winning entry:
1. lilstevie – LittleKernel development to allow separate boot and recovery kernels
2. zacthespack - native port of, and custom ROM for, LinuxonAndroid
3. Apache14 - open source IR blaster
4. bluefa1con - bringing official PACman ROM to the Tablet Z
5. mamenyaka - Ubuntu Touch port to the Tablet Z
6. rayman - functional multiboot of different android variants as well as booting third party linux distributions
7. rydo88 - ‘smart environment’ setup utilizing NFC tags and Sony’s entertainment packages with the Tablet Z
8. sagarmane4u - education based solutions for studying and exam prep
9. sailnw - boat management application for cruisers and sailors
10. anthonycr - open source Lightning Browser development for 10″ tablets
We really thank everyone for submitting ideas, and only wish that we had more to give away. Be sure to look for these projects to start appearing in the Sony Xperia Tablet Z Original Android Development forum, and check back over the next few weeks to see articles featuring these winners and their projects. Also we’ll let you know when it’s time to start voting on the Grand Prize winner of the Sony NEX-6 camera.
It seems that smartwatches are all the rage these days. From Pebble to Metawatch to I’m Watch, there are no shortages of smartwatch devices out there. And if the rumor mill is to be believed, there are more to come from the big players. The Sony Smartwatch was one of the original options, starting back in early 2012, and has continued to be a force with their Smart Extensions APIs being available and a large number of apps out there on the Google Play Store. However, in comparison to the Metawatch, the Sony Smartwatch lacks one thing: hackability.
On Sony’s Developer World portal they announced today that they are opening up the Smartwatch to allow for custom firmware to be used with their new “Open SmartWatch Project“. By doing this, they are essentially allowing the developer to create their own implementations of the stock firmware—much like all the custom ROMs available already here on XDA. The custom firmware is flashed using the DFU utility (Device Firmware Upgrade), and Sony has even made a SmartWatch Hacker Guide available that lists the specific reference information needed to start developing your own firmware.
Make sure to visit their announcement for more information, and also check out their upcoming SmartWatch Arduino Hackathon.
Everyone loves a good competition; there’s no denying it. Generally, we don’t just give away devices for the sake of giving them away. Sure it drives traffic, but that traffic usually ends up going away until the next giveaway. Wash. Rinse. Repeat. We would rather showcase the amazing work done by the developers on XDA and let that drive traffic than to try and drive traffic by giveaway. However, when given an opportunity to give away something that promotes development, we are all in. This is just such an example.
The Sony Xperia Tablet Z is the latest tablet out in the marketplace, and it’s one of the top ones right out of the gate. With a 10.1″ Full HD Reality Display, 1.5 GHz Quad Core Qualcomm Snapdragon S4 Pro, NFC, IR-blaster, 8.1 MP rear-facing and 2.2 MP front-facing HD cameras, 2 GB of RAM and 16 GB storage in a water resistant and dustproof case coming in at 6.9 mm and under 500 grams, this tablet is powerful and beautiful.
XDA is pleased to announce that we have 10 of these tablets to give away, but not in the normal way. For this contest we’re going to do things a bit differently. Here’s how this is going to work:
A few Terms & Conditions for the contest:
So don’t wait, get out there and come up with some truly great ideas!
If there’s one thing that Sony Mobile has done over the past year to change its image, that’s been to support the independent Android developer community. From open-sourcing DASH to releasing an ALPHA build of Jelly Bean with the kernel source to contributing to AOSP projects, Sony has signaled that they are a company that embraces open source and (by extension) the community as a whole. If you haven’t already, you should really check out their Developer World site where you’ll find tutorials, source code, and all sorts of interesting announcements.
Due to their contributions, it comes as no shock that Sony Mobile is sponsoring XDA:DevCon 2013 at the “Elite Recognized Sponsor” level. What this means is they are committed to helping bring the highest level of content and participation possible. They’ll be sponsoring their own “supersession,” as well as hosting a booth for you to meet and greet some Sony engineers.
We can’t say enough how happy we are to have Sony Mobile join us on this adventure, and we look forward to bigger and better things to come. And to provide further incentive, register to attend using this link for exclusive savings.
The Android Open Source Project (AOSP) is Google giving the entire community (manufacturers, enthusiasts, developers, etc.) the necessary building blocks to bring what many refer to as “stock Android” (more accurately “vanilla Android”) to a device. The inherent problem with this is that the manufacturers are often the roadblock to such endeavors. Too often manufacturers (like HTC, Samsung, etc.) and suppliers (like Qualcomm) all claim that they can’t release certain drivers, and label them as “proprietary” so that no one can use them. Of course, since there’s nothing really “new” under the sun, this just serves to hinder innovation and development. And often times manufacturers will claim it’s the suppliers who are really hindering things, but who is it that chooses the suppliers? I’ll let the obvious rhetorical question be obvious.
In this mix, it’s refreshing to see a mainstream company attempt to shuck all of these trends and actually release the AOSP source for a device, with the Xperia S being the first non-Nexus device to be included in the AOSP device tree. This experiment ended on a positive note, with Sony moving the source for the Xperia S into their own managed GitHub repository. But Sony hasn’t stopped there.
While companies like Samsung, which used to be rather developer-friendly, now moving away from being open to the community, Sony instead is welcoming them with open arms. Their latest flagship device, the Xperia Z, has joined the Xperia S with having its AOSP source files available on their GitHub. They even posted a lot of information over on their Developer World blog, listing SD Card, WiFi, Bluetooth, GPS, LED light, and sensors working (partially), and they state plans to include NFC in the future. They also have a link to the proprietary Qualcomm binaries needed in order for this to work. You can see the video below, and visit their blog post for more information.
February 13, 2013 By: jerdog
We have always strongly encouraged developers from the various OEMs to take an active role in the open source community. At times we have seen involvement, but often that doesn’t happen for many different reasons. One of those reasons boils down to an OEM placing their developers in virtual walled gardens, away from “prying eyes” and the rest of the open source community.
At the risk of belaboring the point too much, Sony Mobile continues to raise the bar for the rest of the OEMs out there. They actively encourage their developers to participate in the open source community, and as a result, their developers answer the call and step forward with great tools. One such tool, by Sony Mobile Developer pal.szasz, adds incredible value to mobile app developers out there. And to top it off, it is fully open source. XAppDbg is a tool which you can include in your existing app to allow you to test out certain features and changes without having to rebuild each time. As Pal explains it, the big advantage this brings is when working on the UI for your app, you can try out different settings and immediately see the effects inside the running application.
XAppDbg consists of the server, which runs on the phone, and a client, which runs on the computer. Utilizing Java reflection to scan for fields and methods in the code, XAppDbg opens up the public fields, properties and commands to the client, allowing you to enter in specific arguments to adjust during runtime. Because XAppDbg is written in J2SE, you can use the tool with desktop Java applications as well as Android mobile applications.
Pal created a thread on XDA, as well as a more detailed write up along with instructions and code examples over on Sony’s Developer World and made his source freely available. Make sure to visit both, and show support for his endeavors.
February 12, 2013 By: jerdog
One of the most highly-anticipated devices debuted at CES 2013 is the Sony Xperia Z. With a 5″ 1080p screen with a ~441 ppi, sitting atop a quad-core 1.5GHz Qualcomm S4 Pro with 2 gigs RAM and a 13.1 MP camera, there’s no doubt that anticipation is warranted. With the device recently released in Japan, and a worldwide release date is speculated to be in the next few weeks, what is this? Kernel source already?
This year, Sony Mobile has already demonstrated with their commitment to supporting the open source developer community. The most recent previous example is their kernel source code release for their alpha Jelly Bean build for the Xperia T (massive GPL-compliance anyone?). Now, they’ve released the kernel source code for the Xperia Z, which hasn’t even gone on sale around the world yet. Sure Sony isn’t the first OEM to do this, but they have a track record of releasing complete, compilable, and working kernel source (cough, cough Samsung). They also have shown consistency at releasing source immediately (sneeze, HTC). And to top it off, they just plain release the source (ahem, Rockchip, Huawei, and countless others) like the GPLv2 requires you to.
So if you are in the mood for compiling a kernel for a new, top-of-the-line device even though you don’t have it in front of you, head on over to Sony Developer’s Open Source Downloads site. Obviously, you won’t be able to test out the source, but it can provide a good indication of what they have planned for a device that is slated to be the big one for Sony Mobile in 2013.