Friday, June 29, 2018

Chromebooks with Linux app support will soon be able to install Debian packages

.deb support incoming chrome os chromebooks

Recent code updates indicate forthcoming support for no-fuss Debian .deb package installation on Chrome OS devices that support Linux apps. The forthcoming feature will bring a new flow for installing Linux applications through .deb packages. A string of commits shows that support isn't simply being turned on, but that all the finicky elements like interacting with the terminal, checking dependencies, and authentication will be hidden from the user.

The bug describes a user-friendly .deb package installation flow

The bug describes a user-friendly .deb package installation flow

The user interface flow still hasn't been finalized, but we can expect that .deb files will be clickable from the Chrome OS Files app, which then triggers the installation in your Linux app container directly with no need for the user to step in when the process trips up. Incidentally, the Files app is getting a major revamp to integrate better with the Android and Linux app environments.

Debian package in the Files app, soon to be clickable!

If you're curious about the full implementation, check out the bug tracker for this feature as it's rich with in-depth information. You'll also be able to see when the feature comes to fruition if you star it.

This feature will no-doubt simplify setup and installation for inexperienced users and make interacting with Linux apps less daunting for those not familiar with Linux.

Linux app support (also known as Project Crostini) is maturing fast. What started as a showcase on the Pixelbook two months ago is now available on dozens of devices. We expect Chrome OS version 69 to bring Linux apps to the Stable and Beta channels, but those on the Developer and Canary channels can enjoy all these new features right now.



from xda-developers https://ift.tt/2tQhp3g
via IFTTT

Posted by at No comments:

Xiaomi Mi A1 is getting the Android 8.1 Oreo update with June security patches

Xiaomi Mi A1 Android 8.1 Oreo update

The Xiaomi Mi A1 is the Chinese company's first and so-far only device in the Android One program. It's no surprise to see why the device is so popular in the West. It has near stock Android and Xiaomi's signature mix of decent specifications at a low price. The device launched with Android 7.1 Nougat on board but later received an update to Android 8.0 Oreo. After months of waiting, it seems that Xiaomi is now rolling out the official Android 8.1 Oreo update for the device.

We've been anticipating the Android 8.1 Oreo update for the Xiaomi Mi A1 for some time. A beta update leaked for the device at the end of April but apart from beta leaks hinting at an imminent launch, we haven't heard any official confirmation that the update would be rolling out today. It's great that Xiaomi is still supporting their one-and-only Android One device even while the company marches full steam ahead with their MIUI 10 launches.

XDA Senior Member joeyhuab reports that they received a 1.1GB update with the June security patches. The update seems to be rolling out globally with reports from users in India and the Philippines getting the OTA. Go to setting and mash that "check for updates" button to see if it's available for you!

Xiaomi Mi A1 Android 8.1 Oreo

Android 8.1 Oreo doesn't offer that many notable feature upgrades over 8.0 Oreo, though there are a few improvements such as the ability to view the battery level of connected Bluetooth devices and notification rate limiting to prevent abuse by apps. For those of you looking for a more feature-filled version of Android 8.1, then be sure to check out official LineageOS 15.1 which will drop soon for the Xiaomi Mi A1 along with several other devices that support A/B partitions for seamless updates.



from xda-developers https://ift.tt/2lG9Vfg
via IFTTT

Posted by at No comments:

Become a DevOps Engineer with This Course Bundle

In an age dominated by software development and coding, knowing just one or two programming languages is no longer sufficient if you want to land a career in tech. Instead, you have to be familiar with a series of development tools and tactics.

The practice of DevOps (Development and Operations) unifies the essential elements of software development and operation in order to automate coding infrastructures and streamline everything from software construction to bug testing and beyond.

With seven courses aimed at introducing you to a variety of DevOps foundations, this extensive DevOps Bundle will give you the skills you need to enter this field, and the best part is that you only have to pay what you want.

Using real-world examples and easy-to-follow instructions, this bundle walks you through how to build automated integration pipelines with Jenkins, how to create user-friendly and best-selling apps from scratch, how to write shell scripts and Docker programs, and much more.

Pay only what you want, and if that's less than the average price paid you'll still take home something great. Beat the average price and you take home the entire bundle.



from xda-developers https://ift.tt/2N9c6EM
via IFTTT

Posted by at No comments:

Google Home app testing a redesign with Google’s Material Theme

Google Home

Originally built with only the Google Chromecast in mind, the Google Home app (formerly known as the Chromecast app and Google Cast app) has seen many updates since its last rebranding to improve functionality for Google's suite of smart home devices. The Home app can now be used to set up and control the Google Chromecast, Google Home, Google Home Mini, Google Home Max, and several supported smart home devices. With a growing repertoire of features and supported devices, it seems that Google is working on a major redesign of the app in accordance with the company's latest Material Design guidelines.

Here is the current design of the app:

Google Home app old design Google Home app old design Google Home app old design Google Home app old design

And here is the redesign in testing, as discovered by XDA Recognized Developer Quinny899 (AKA Kieron Quinn of Mighty Quinn Apps):

Google Home Material Theme redesign Google Home Material Theme redesign Google Home Material Theme redesign Google Home Material Theme redesign

As you can see, the biggest difference is that the sidebar menu has been removed in favor of a bottom toolbar. The home screen and the content browse screen haven't changed all that much, but the devices page has changed considerably. The device page is now much cleaner than before as the devices are now displayed with smaller icons rather than large cards full of wasted space. Lastly, the settings page also feels a bit less crowded even though the only change is the removal of the dividers between the options.

We're not sure when Google will roll out their latest Material Theme to the Home app, but we'll let you know when it goes live. Given it's mostly completed state, we suspect it won't be too long before it starts rolling out for some users. You can install the latest version of the Home app from the Play Store below.

Google Home (Free, Google Play) →



from xda-developers https://ift.tt/2IAut1P
via IFTTT

Posted by at No comments:

Every Android device is susceptible to a hardware vulnerability called RAMpage

rampage hardware vulnerability

We have consistently seen various vectors of attack rear their head when it comes to Android smartphones. We've seen Shattered Trust, Cloak and Dagger, and Rowhammer, just to name a few. RAMpage is the latest one on the block, and while it is a hardware vulnerability, it doesn't necessarily need physical access to your device to exploit. How it works is relatively simple.

When a CPU reads or writes a row of bits in the RAM module present on the device, the neighboring rows are slightly affected due to a tiny electric discharge. This isn't usually a problem as we know RAM does this and that's why it's periodically refreshed to make sure nothing goes wrong. But what if we start "hammering" the same "row"? What if we continuously read or write to the same row in order to disrupt neighboring rows? This can cause a bit-flip in a memory row that we shouldn't own or have access to at all. That's what Rowhammer is, and it's being used as part of a larger vulnerability called RAMpage. The CVE is CVE-2018-9442 and it affects devices shipped with LPDDR2, LPDDR3, or LPDDR4 RAM. We've already covered Rowhammer in greater depth here.

The Team Behind RAMpage

What is RAMpage?

RAMpage isn't exactly new, so to say. RAMpage is a hardware vulnerability which implements Rowhammer and other, smaller exploits. RAMpage can be used to gain root access on a device, but the researchers managed to get it to do a whole lot more as well. It could be used to bypass JavaScript sandboxes and even perform an attack running on another virtual machine on the same computer on x86 devices. ARM-based devices are also vulnerable, and that's where our Android phones come in. DRAMMER stands for "Deterministic Rowhammer Attacks on Mobile Devices," and it was able to be used against a number of Android phones in the past to gain root access.

How does RAMpage work?

RAMpage works primarily by abusing Android's memory management system – the Android ION memory allocator. ION was introduced with Android 4.0 back at the end of 2011 and simply gives applications the memory they require to run. However, breaking this down means that you can access all memory on the device from within any application – an extremely dangerous situation. What was once protected memory no longer is once ION is broken down, and any malicious applications looking for data leakage could sift through this memory. While it's hard to protect against DRAMMER (and, incidentally, Rowhammer) because it's a hardware vulnerability, building safeguards around Android ION will mitigate most of the damage that can be done. The researchers call it GuardION and have released it open-source on GitHub.

What is GuardION?

GuardION is the proposed mitigation method put forward by those who discovered RAMpage. It simply sets up buffer rows around potentially exploitable software in RAM, such as Android ION. It's a simple method, but it's better for a few reasons. The first being that you obviously can't replace the RAM module in every Android device released. The second is that, even in newer devices, hardware fixes will be harder on the battery as they will constantly have to refresh the memory. Hence protecting memory with software is easier. The researchers showed that GuardION has negligible memory overhead, better performance than Google's attempts at preventing the exploit and prevents all known DMA (Direct Memory Access) attacks. However, while the researchers are in contact with Google, the company has determined that GuardION presents too large of a performance overhead for it to be incorporated into AOSP. GuardION doesn't fix the hardware vulnerability, instead, it simply accounts for it and reduces the amount of damage it can do.

Am I vulnerable to RAMpage?

While chances are if you own an Android phone released since 2012 you are vulnerable, you can still install the DRAMMER test application from their official website below to see for yourself. While all of this seems scary, there is no public exploit available yet. While you should still be careful out there, there is currently no reason to worry as the exploit is not in the public domain. The researchers do not intend to release it at this point in time either. You can check out the original research paper below.

Source: RAMpage Official Website Via: Bleeping Computer



from xda-developers https://ift.tt/2yWTuVw
via IFTTT

Posted by at No comments:

Custom themes now possible on rooted Android P devices with Substratum

Android P Substratum

Android P's user interface changes were initially met with some controversy (mostly due to perceived similarities with iOS and obvious accommodations for devices with notched displays), but it seems that the criticisms have died down some as people have gotten used to the changes. There's one missing feature that Android enthusiasts have begging for over the past few years: custom themes. Android Oreo introduced Sony's theme framework which the popular third-party Substratum theme manager hooked into to provide rootless custom themes. Unfortunately, Android P blocked third-party overlays from being installed by requiring overlays to be signed by the system. For those of you itching to get a system-wide dark theme on Android P, however, the Substratum team has just released a new beta that supports rooted devices.

Android P Dark Custom Theme Android P Dark Custom Theme

Android 8.1 Oreo added a partial dark theme but there are some obvious disadvantages to this theme. For starters, the theme is only applied when using a dark-colored wallpaper (though a future update will allow for this theme to be applied manually.) Next, it only themed parts of the Google Pixel Launcher, the quick settings tiles, and the volume panel rather than the entire SystemUI and Framework. In comparison, rootless Substratum gave users the freedom to install whatever custom theme they wanted (sometimes at their own peril.) Google blocked third-party overlays from being installed but if you have root access via Magisk, SuperSU, or LineageOS' addonSU, then you'll be able to bypass these restrictions.

The latest beta, version 997, should work on any device that is on the Android P beta program. That includes the following devices:

Here's the full changelog of the release:

Substratum public release 995 and beta release 997 changelog

Summary:

  • Stable release 995 brings about more fixes for Sungstromeda mode, along with updated translations.
  • Beta release 997 targets Android P support for rooted devices.

Full Changelog

  • Beta release 997
    • Packages: Ensure installed packages have a valid path
    • SettingsFragment: Remove ternary operator spaghetti and account for Android P
    • Updated P-fix to utilise now-finalised APIs
    • OverlaysManager: Do not wait for intent response on P
    • ThemeManager: Implement uninstall for P
    • Substratum: Implement initial support for Android P
  • Public release 995
    • SubstratumTile: Launch with FLAG_ACTIVITY_NEW_TASK
    • substratum: Update all gradle dependencies
    • substratum: Re-add some languages
    • Substratum: Update localisations
    • ShowcaseActivity: Minor cleanup
    • SubstratumUI: Fix navigation bar for API 27
    • OverlaysAdapter: Remove blue state
    • SubstratumCleanup: Remove more incomplete localisations
    • SubstratumCleanup: Remove all incomplete/unused localisations
    • InformationActivity: Fixup garbled variable name
    • FileDownloader: Rewrite using try-with-resources
    • Fairly automated lint cleanup
    • ThemeManager: use HashSet to avoid duplicated overlays

How to Install Substratum and set-up custom themes

Join the beta program here then download the app from the Play Store below. Visit the Substratum forum on XDA to stay up to date with the latest news on the theme manager. Installing a custom theme is quite simple if you're rooted. You can follow our previous guide for Android Oreo except you can skip Part 1 entirely.

substratum theme engine (Free, Google Play) →



from xda-developers https://ift.tt/2Kvv2fa
via IFTTT

Posted by at No comments:

Google Maps is starting to get Waze’s incident reporting

Google Maps

For those who aren't familiar with it, Waze is a live traffic reporting application that can notify other users of road events in the near vicinity. It can help re-route traffic in major cities such as Toronto. It's just, in general, a better alternative to Google Maps for some. Funnily enough, Google also owns Waze having acquired the company way back in 2013. They've not really done a huge amount with the company, though they did introduce points of interest and advertisements a while back. Google now appears to be introducing Waze's incident reporting into Google Maps, according to a report from AndroidPolice.

google maps waze google maps waze

Images: AndroidPolice

According to the report, incident reporting started showing up around version 9.79 of the Google Maps application. The screenshots are taken in version 9.81 though, so it's unclear whether everyone is getting it or not just by updating to the latest available version of the app. The prompts themselves are very simple. Google Maps will ask you a question regarding the surrounding area, and you just answer it by either tapping "yes", "no", or "not sure". This data is then pooled together and used to recommend new routes to other drivers, along with showing icons on the map to other users to signify the situation.

Waze technically works everywhere, as it relies on other drivers using the app to report information. As a result, we shouldn't expect to see many restrictions on where we can use Google's incident reporting in Google Maps once it rolls out worldwide. Interestingly, we could be seeing the beginning of a bigger merge between Waze and Google Maps. Google certainly could try to do so, but then that may mean monetizing Google Maps as well. We'll see what happens in the future, but for now, this is a pretty cool feature to have.

Have you got the update yet? Let us know in the comments!

Source: AndroidPolice



from xda-developers https://ift.tt/2IDVO3h
via IFTTT

Posted by at No comments:
Subscribe to: Posts (Atom)