All About Android 37

All About Android Episode 37

"Rounding Error"Hosts: Jason Howell, Eileen Rivera, and Ron Richards Recorded: December 5, 2011 Published: December 5, 2011 Duration: 1:14:45 Transcript Previous episode – Next episode

Contents 1 All About Android 37: Rounding Error 2 Guests 2.1 News 2.2 Email 2.3 Hardware 2.4 Email 2.5 Apps 2.6 Email 2.7 Android Arena! 3 Sponsors 3.1 Ford 3.2 Netflix 4 Production Information

All About Android 37: Rounding Error

Galaxy Nexus on the set! Motorola Xyboard, Wimm One and Droid Razr preview, a costly mistake in the arena, and more!

Guests

• Nicole Lee (@nicole)
• Jason Appelbaum
  • hak5.org

News

• Carrier IQ
  • What is Carrier IQ?
  • It's Bugs All the Way Down
  • Carrier IQ is a third-party metric system. It allows carriers and manufacturers to know how your phone is being used. Android developer Trevor Eckhart detailed the many things the software does in a comprehensive video, including logging and purportedly transmitting data around your calls, location, keystrokes... in theory, much of your sensitive data, of which Carrier IQ has denied any wrongdoing.
  • Carrier IQ is not only found on many Android devices but also Blackberry and iOS before iOS5 among others. However, Eckhart's discovery was found using an Android device.

• Nexus owners, rejoice! Google Nexus One, Nexus S and Galaxy Nexus are all free of Carrier IQ software. Dan Rosenberg analyzed CarrierIQ's operation on the Samsung Epic 4G Touch to see exactly what Carrier IQ records.
  • 1. CarrierIQ cannot record SMS text bodies, web page contents, or email content. There is simply no metric that contains this information.
  • 2. CarrierIQ (on this particular phone) can record which dialer buttons are pressed, something cell carriers have anyways when you place a call.
  • 3. CarrierIQ (on this particular phone) cannot record any other keystrokes besides those on the dialer.
  • 4. CarrierIQ can report GPS location data in some situations.
  • 5. CarrierIQ can record the URLs that are being visited (including for HTTPS resources), but not the contents of those pages or other HTTP data.
• Finding and cleaning out your smartphone’s Carrier IQ poison (requires root for Android)
• CyanogenMod updates on CM9 progress, reminds us all it doesn't use Carrier IQ

• Researchers find big leaks in pre-installed Android apps
  • NC State university researchers Michael Grace, Yajin Zhou, Zhi Wang, and Xuxian Jiang published a paper finding Android smartphones from Motorola, HTC, and Samsung don't properly protect privileged permissions from untrusted applications.
  • HTC Legend, EVO 4G, and Wildfire S; the Motorola Droid and Droid X; the Samsung Epic 4G; and the Google Nexus One and Nexus S.
  • Google and Motorola have confirmed vulnerabilities, HTC and Samsung "having trouble" accepting the reporting
  • Allow applications to exploit a public interface or service of another app without making a permission request
  • Also allows other applications to get permissions from another app signed with the same digital certificate
  • "an untrusted app on these affected phones can manage to wipe out the user data on the phones, send out SMS messages (e.g., to premium numbers), record user conversation, or obtain user geo-locations—all without asking for any permission."

Email

"Hi Jason, Eileen and Ron,

I was at Best Buy over the weekend and looked for a simple docking station so I can play music from my Android. There must have been at least 15 different kinds made for the iPhone and a measly one for the Android. What’s the deal here? I thought there were thousands and thousands of Android phones being activated a day. If so why aren’t more companies making accessories for them? Of course it’s much easier and cost efficient making a accessories for a device that only comes in one shape and size. But I wouldn’t think this would be such a factor for something like a docking station where it doesn’t have to be an exact fit. Any insight would be appreciated.

I attached a couple of pictures I took at Best Buy.

Thanks,

Brad Buntin"

• The many options for iOS
• The single option for Android

Hardware

• Droid Xyboard (aka Xoom 2/Media edition)
  • • Motorola Droid Razr/WIMM One previe - plasticky not cheap, grippy not rubbery

• Verizon’s Galaxy Nexus Shipments Headed to Stores, Retail Packaging Pictured?

Email

"Hey Hey Triple A -

I just got my Samsung Galaxy Player 4 and was wondering if there's an SMS app I can use on it? I'd love to text my family and friends that have SMS on their phones, but I can't seem to find a decent app for my wifi-only device. Any ideas?

Thanks! b"

• Google Voice to send and receive SMS, no MMS unless you are on sprint sending to sprint yet.
• Pinger gives you a free number to send and receive SMS and MMS.

Apps

• Path 2
• Path for Android
• Google Maps 6.0 for Android adds indoor mapping, more
• Google Maps for Android

Email

Charles shows us how he improved his Nook Tablet

Android Arena!

• Last Week's Poll
• This week's face-off: $.99 apps!
• Jason H. - Go Locker - Ice Cream Sandwich
• Ron - X-Men
• Nicole - Where's My Water?
• Jason A. (other Jason) - Pocket God
• This Week's Poll

Outro Video AndroidLand - The first Android store!

Sponsors

Ford

• ad times: :22-:37 and 18:27-20:12

Netflix

• ad times: :37-:50 and 53:25-54:12

Production Information

• Edited by: Jason
• Notes:

This area is for use by TWiT staff only. Please do not add or edit any content within this section.