Tuesday, November 28, 2017

Xiaomi Redmi 5 Leaked by China Telecom, Has 5.7-inch HD+ Display and Snapdragon 625

Thanks to devices such as the Redmi 1s, which offers a great experience at a price point under $100, Xiaomi's Redmi series are some of the most popular devices out there. The Redmi 1s has since been followed up by the Redmi 2, the Redmi 3/3s, and most recently the Redmi 4/4X in 2017. Now, rumors about Xiaomi's 2017 budget smartphone, fueled by leaked TENAA listings and alleged live shots of Redmi phones, are positively flying. And on Tuesday, a China Telecom leak gave a tantalizing glimpse.

It's tentatively called the Redmi 5, and the design looks pretty similar to the Snapdragon variant of the Redmi Note 4. The phone has a metal body with plastic caps on the rear top and bottom, and its bezels are smaller than the Note 4. That's because the display is taller than any Redmi device released so far.

Xiaomi Redmi 5 Xiaomi Redmi 5 Xiaomi Redmi 5 Xiaomi Redmi 5

In the most drastic departure for the Redmi series yet, the Redmi 5 will be the first with a 18:9 aspect ratio. To be precise, it'll have a 5.7-inch 18:9 HD (1440×720) screen, which translates into an area equivalent to a 5.5-inch 16:9 display. That's a huge step up from the Redmi 4's 5-inch 16:9 HD (1280×720) display.

The Redmi 5 is said to be powered by Qualcomm's MSM8953 'lite' system-on-chip, better known as the Snapdragon 625 (seen on the Redmi Note 4, Mi Max 2, Mi A1 and others). The 'lite' label might have to do with the processor clock speed — the MSM8953 'lite' is said to be clocked at 1.8GHz instead of the standard Snapdragon 625.'s 2GHz clock speed.

The Redmi 5 will reportedly ship in configurations with 4GB of RAM and 64GB of storage, and all models will have a microSD card slot which supports expandable storage up to 128GB. It's said to have a 12MP rear camera, but the sensor and pixel size remain a mystery for now. The front-facing camera will have 5MP resolution, similar to current Redmi phones, and in terms of connectivity, the phone will reportedly have a 3.5mm headphone jack, a microUSB 2.0 port (isntead of USB Type-C), and dual SIM slots. It'll also have a fingerprint sensor.

The dimensions of the Redmi 5 will be 151.8mm x 72.8mm x 7.7mm, and it's said to weigh 157g. Unfortunately, it'll have a 3300mAh battery, which is a substantial downgrade from the 4100mAh batteries of the Redmi 4 and the Redmi Note 4. Coupled with the drastically larger display, it remains to be seen how the battery life will be affected.

Finally, the phone is said to ship with Android 7.1 Nougat and, strangely, Xiaomi's in-house MIUI software (version 8.5.1.1). We imagine that even if it ships with MIUI, which is unlikely given the Redmi lineup's history, it will soon receive an update to MIUI 9.

According to some reports, the Redmi 5 may be available starting from December 10. Stay tuned.

Source: Roland Quandt on Twitter



from xda-developers http://ift.tt/2AFhf4F
via IFTTT

Posted by at No comments:

NVIDIA Shield Tablet Update Patches KRACK and BroadPwn Vulnerabilities

NVIDIA released the original Shield Tablet back 2014, and followed it up with a more powerful model, the Shield Tablet K1, in 2015. It's not terribly common to see original equipment manufacturers (OEMs) support older devices long past their launch date, but the company continues to buck the trend by regularly upgrading its entire Shield lineup's software. Most recently, it announced Shield Tablet firmware version 5.3, which includes security patches for KRACK and BroadPwn.

Shield Tablet firmware version 5.3 adds every Android security patches through November 2017. It also fixes connectivity issues with Zagg Bluetooth keyboards, and includes stability improvements and optimizations.

NVIDIA Shield Tablet 5.3 Update Change Log

  • Addresses Wi-Fi vulnerabilities (KRACK and Broadpwn)
  • Fixes connectivity issues with Zagg Bluetooth keyboards
  • Overall system stability and security optimizations
  • Update to Android Security Patch Level November 5, 2017

The last NVIDIA Shield Tablet and Shield Tablet K1 update, which was in May, included April's security update.

The BroadPwn vulnerability — a flaw in Broadcom's Wi-Fi code — was patched in Android's July 2017 security update. Along with a fix for BroadPwn, that month's patch addressed 138 exploits and vulnerabilities, 18 of which were Remote Code Execution, which allow attackers to execute code remotely.

KRACK was more recent. Security researchers uncovered the exploit in October, which spoofs legitimate access points. If a connection to a vulnerable device is successful, attackers can use a program called sslstrip to manipulate all traffic that isn't on port 80 to port 10,000. Once that's done, they're free to snoop on all of the data that's being transmitted to and from the aforementioned device.

Needless to say, it's a good idea to update all of your Shield devices.

Source: NVIDIA



from xda-developers http://ift.tt/2ieFm2q
via IFTTT

Posted by at No comments:

SwiftKey Beta Adds Location Sharing, Quick Paste, and More

Every developer debugs updates differently. Some choose to use Google Play's built-in beta-testing feature, while others like to separate their releases into several branches. SwiftKey takes the latter approach, and folks who've opted into the beta program will be glad to hear that a major update's rolling out this week.

The SwiftKey Beta offers a way to try out bleeding-edge tweaks before they make their way into the stable build, and the newest release, version 6.7.3.25, doesn't disappoint. It adds support for languages such as Chamorro, Ju|'hoan, Lisu, Palauan, Piedmontese, Sicilian, and Scots, and new layouts including Naratgul and VEGA. It also improves on SwiftKey's touch accessibility feature, which can now be accessed with a long-press gesture.

The update's other two standout features are location sharing and Quick Paste. Location sharing, which is limited to users in the United States for now, lets you send your coordinates to friends and family through SwiftKey. Quick Paste, meanwhile, puts any text you've copied next to the SwiftKey prediction bar for quick and easy access.

SwiftKey is one of the most popular 3rd-party keyboards available for Android in the Play Store. Its meteoric growth gained the attention of Microsoft, in fact, which acquired it for $250 million. Since then, the team's expanded it to iOS, released free themes, and introducing a number of new features.

Source: SwiftKey Via: Android Police



from xda-developers http://ift.tt/2jv12Ur
via IFTTT

Posted by at No comments:

Samsung Granted Patent for Under-Screen Fingerprint Sensor

Samsung's effort to develop an under-screen fingerprint sensor is an open secret. As early as Spring 2017, shortly before the release of the Galaxy S8, the Seoul, South Korea-based was developing a fingerprint sensor that could be embedded in a smartphone screen. It reportedly tried to build one for the Galaxy Note 8 but, but couldn't overcome key technical limitations. But if a new patent is any indication, Samsung hasn't given up on the idea.

On Tuesday, the company was granted a patent for an under-screen fingerprint scanner by the World Intellectual Property Organization (WIPO). It describes a 12 pressure point-sensor sandwiched between cover glass and a display panel, and accompanying software that unlocks applications depending on who's using the smartphone.

Historically, Android smartphone manufacturers have placed fingerprint sensors either below phone displays (see: Lenovo's Moto G5 Plus) or on the rear cover (Samsung's Galaxy S8 Plus). In July, though, Vivo partnered with Qualcomm to prototype under-display technology that the company had been working on for the better part of a year. The new scanner passes ultrasonic signals through an OLED panel up to 1200 μm thick to read the contours of a fingerprint, obviating the need for direct skin contact.

As impressive as Qualcomm's solution is, though, it isn't as fast as traditional capacitive fingerprint scanners, and it requires an OLED panel in order to work properly. If Samsung's sensor solves those problems, it might just give it a leg up on the competition.

Via: GSM Arena Source: World Intellectual Property Organization



from xda-developers http://ift.tt/2BkEUU8
via IFTTT

Posted by at No comments:

Google Talks About Detecting and Blocking Tizi Android Spyward

We've reported in the past on the things Google does to keep Android smartphones and tablets safe from malware — for example, the Play Store detects Potentially Harmful Applications (PHAs) using a combination of algorithms and human screening. But sometimes new malware slips through the cracks. Case in point? Tizi, a spyware program that targets a small number of devices in specific geographic areas.

Tizi is part of a larger family of malware discovered by the Google Play Protect security team in September, which spotted it on device scans of root applications that exploited old vulnerabilities. After conducting an investigation this year, the team found more applications in the Tizi family, the oldest of which dated back to October 2015.

Tizi was used in targeted attacks against 1,300 devices in a number of African countries, particularly Kenya, Nigeria, and Tanzania. The early versions didn't have rooting capabilities or obfuscate their code, but the malware, which works by stealing sensitive data from popular social media apps like Facebook, Twitter, WhatsApp, Viber, Skype, LinkedIn, and Telegram, gained those features over time.

That's not the scariest part. The newest version of Tizi executes several info-stealing processes common to commercial spyware, including recording calls in WhatsApp, Viber, and Skype; sending and receiving SMS messages; and accessing calendar events, call logs, contacts, photos, Wi-Fi encryption keys, and a list of all installed apps. Tizi's developer went as far as to create a website and used social media to drive app installs from Google Play and third-party websites.

But Tizi shouldn't be a threat much longer. With Google's investigation now concluded, the search giant updated its on-device security services as well as the server-based systems that search for PHAs. The changes will help discover this kind of malware in the future, Google says.

For a technical breakdown of Tizi and a five-step checklist about how to reduce your chance of being affected by it, follow the source link.

Source: Google Security Blog



from xda-developers http://ift.tt/2iYxvDa
via IFTTT

Posted by at No comments:

Ubuntu 17.10 Brings Back GNOME Desktop Environment

Ubuntu is one of the most popular Debian-based Linux distributions, and it's undergone a lot of changes. Most recently, Canonical, the developer collective behind Ubuntu, switched from the GNOME desktop environment to an in-house alternative called Unity. But the most recent version of Ubuntu, 17.10, brings back GNOME 3.26.

With GNOME comes GDM (GNOME Display Manager), a tweakable settings menu that replaces Unity's LightDM. GNOME's ecosystem makes it arguably easier to customize than the latter — unlike previous versions of Ubuntu, for example, you can change the location of the Windows control buttons (minimise, fullscreen and close) in just a few button presses.

The flip-flop to GNOME follows Canonical's abandonment of Ubuntu Touch, a phone-optimized version of Ubuntu that used Unity as the default interface, and it's the first big change to Ubuntu in a while. It's not the only one: Ubuntu 17.10 has a new default display server, Wyland, that replaces the deprecated Mir (which is now only enabled on Internet of Things (IoT) devices.). Other changes include improved Bluetooth audio playback, the discontinuation of 32-bit ISO images, and a Linux kernel update to the newest version (version 4.13).

Ubuntu 17.10 also marks the second version of the operating system that starts with the letter "A". Ubuntu's names are ordered alphabetically, just like Android, and Canonical's started over again. Ubuntu 17.10 is "Artful Aardvark".

For a full list of changes, follow the source link.

Source: Canonical Via: Ars Technica



from xda-developers http://ift.tt/2AFOAfM
via IFTTT

Posted by at No comments:

WireGuard, a Revolutionary VPN Project, Adds Support for Android ROMs

It's hard to imagine the modern Internet without a VPN. For many years, VPNs have extended private networks across public networks, enabling users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. This consequently has had the effect of allowing users to bypass particular geographical restrictions as well as to keep data secure. The VPN software landscape, however, has had a myriad of problems, which WireGuard, a new secure tunneling protocol, aims to address.

OpenVPN, IPsec, and their problems

Today's well-known VPN solutions on Android are OpenVPN and IPsec, but they are not without problems. The popularity of OpenVPN sort of makes sense as it is easier to configure than IPsec and has been around for a long time. While the project is a somewhat acceptable solution for most users, its complexity is overwhelming. OpenVPN consists of around 120,000 lines of code. Such amount of code makes the project almost impossible to audit and secure, as witnessed by the massive trail of security bugs over the last few years. OpenVPN also lives in userspace, making it quite slow, since every packet must be copied several times and incur several context switches. IPsec, IKEv2, L2TP, PPTP, and related 90s technologies are also quite popular, but similarly problematic, being large bulky codebases — StrongSwan is around 430,000 lines of code, in addition, the entire kernel XFRM layer — and based on outdated 90s cryptographic wisdom. The ordinary use of these protocols is also very "chatty," sending traffic unnecessarily, resulting in reduced battery life on laptops and mobile phones.

WireGuard VPN

An Exciting New VPN Project: WireGuard

Recently we had the pleasure to talk to one of our Recognized Developers, zx2c4. In real life, he is Jason Donenfeld and is an author of WireGuard, a next-generation VPN tunnel, that may soon dethrone OpenVPN and IPsec. Launched in 2015, WireGuard offers cutting edge cryptography, is easier to audit since it is less than 4,000 lines of code, and is quite easy to use.

WireGuard is a novel VPN that runs inside the Linux Kernel and utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPSec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN. WireGuard is designed as a general purpose VPN for running on embedded interfaces and super computers alike, fit for many different circumstances. It runs over UDP.

The reception to WireGuard has been very positive, both inside the security community and inside the kernel community, with Greg KH, the stable maintainer of the Linux kernel, endorsing it after a thorough code review. It has been presented around the world, with the FOSDEM presentation being perhaps particularly relevant for XDA readers. The WireGuard white paper has been peer-reviewed by the academic community as well.

The protocol is very nice for mobile phones because it was developed as a "stealth VPN," by default not sending any packets unless there is actual data to be sent. This has the effect of not draining the battery like other VPN clients commonly do. Additionally, WireGuard allows roaming freely between different IP addresses, meaning you can transition between WiFi and cellular connections, or between any other kinds of connections, without having to establish any connections; it's entirely seamless.

The speed is best in class, offering SSSE3, AVX, AVX2, AVX512, and NEON-accelerated implementations of its ciphers. Its use of ChaCha20 means that it is extremely fast on nearly all hardware. In testing, WireGuard handily beats other protocols.

WireGuard VPN Speed

WireGuard is not only the fastest VPN on the block, but the cryptography has also been formally verified, which means there are mathematical proofs that its cryptographic constructs are secure in the symbolic model. While the cryptography is modern it is also conservative, erring on the side of paranoia rather than the side of frivolousness. That combined with its tiny and easily auditable code base make WireGuard very reliable from a security perspective.

WireGuard and Android Support

While WireGuard is primarily developed as an optimized kernel module for Linux, there is a userspace portable version in the works, so that it can be distributed in apps in the Play Store without needing root access. However, while the userspace implementation is still faster than the competition, much of the WireGuard magic shines when the native kernel module is used. For this reason, the primary interest of WireGuard to the XDA development community lies in integrating the kernel module into ROMs directly.

WireGuard has already made its way into some ROMs, in fact. Most notably, it's integrated into Sultanxda's popular ROMs for the OnePlus 3/3T and other developers will surely follow. The patching procedure is quite simple and can be done with a few simple steps. The best place to find the reference is the android_kernel_wireguard git repository page as well as zx2c4's XDA thread on adding it to ROMs.

The currently in development Android app uses the kernel module opportunistically, if it is available, and otherwise falls back to using the userspace implementation. The app has a GUI for defining VPN tunnels, checking status, and very nicely adds a toggle switch to the notification area to turn on and off tunnels. Below you can have a glimpse of the simple toggling interface of the early versions of the app.

The WireGuard development team is currently recruiting Android GUI developers to work alongside them as they make advances in the core technology. If any XDA developers are interested, they shouldn't hesitate to reach out to zx2c4. The WireGuard project is completely open-source and transparent.

Overall, WireGuard appears to be the future of VPNs and secure network tunnels, embracing rock solid modern cryptography, a secure auditable code base, and an innovative protocol well suited for smartphones. Its usage on the Linux server and desktop is already highly regarded, marching solidly ahead into mainline Linux. We at XDA look forward to seeing WireGuard come to Android and our ROMs.

If you are eager to test out WireGuard on your device, contact your ROM developer or, re-compile the ROM on your own. You can also grab the alpha version of the application from the official thread or Google Play store.

Visit the WireGuard thread on XDA



from xda-developers http://ift.tt/2AGbTWM
via IFTTT

Posted by at No comments:
Subscribe to: Posts (Atom)