Discover and read the best of Twitter Threads about #Android

Most recents (24)

1/11 We just released #AndroidStudio 3.6 canary 10 -- and we added some neat tweaks to the design tools in those latest canaries that you may want to check! (and also, we would *love* to get feedback on ^_^)

#AndroidDev #Android #AndroidDesignTools
2/11 Note that while canary releases are great to see the latest -- it's bleeding edge :) and you may encounter issues. If so, please file them on (under Android Studio > Design Tools), so that we can make sure to fix them!
3/11 Back to those new features -- First, we now allow you to very easily (and quickly!) switch the way you can edit your XML layouts. Simply toggle between the three buttons on the top-right of the panel :)

#AndroidDev #Android #AndroidDesignTools
Read 11 tweets
In Android 10, if you press back to finish an activity which is a task root, that activity will leak 🤯🔙🐤

Leak introduced when adding support for Bubbles (as chathead activities). Properly reported but: "We've deferred this issue for consideration in a future release."
This leak is happening because IRequestFinishCallback$Stub is an IPC callback that ends up being held by the activity manager process
Read 5 tweets
#SimonGautier, français en vacances en #Italie, appelle le 112. « Je suis tombé d'une falaise, j'ai les 2 jambes cassées, aidez-moi... je ne sais pas où je suis.» 5 jours plus tard, il reste introuvable.

Une telle histoire ne devrait pas arriver. (1/11)
Info en 🇫🇷:

Récemment, on a vu dans la presse plusieurs cas similaires où la localisation de personnes en détresse se révélait problématique... en #Roumanie, en #Espagne ou en #France par exemple.

Néanmoins, ce n’est pas un problème nouveau. (2/11)
En 2009, les services de secours avaient déjà été incapables de retrouver un randonneur perdu dans les Alpes bien qu’il soit resté au téléphone avec eux de longues minutes.

Des drames tels que ceux-ci vont continuer à arriver, à moins que les... (3/11)
Read 11 tweets
1 hour left! My talk « History if the worst #Android app ever: mAadhaar » is at 10am at the @AppSecVillage of #Defcon!

I will talk about #India, #Aadhaar, #Android app, #Frida and #disclosure
Ofc I’ll share the link when I have it
Oops I tagged the wrong handle it’s @AppSec_Village
Read 3 tweets
Hi @faceapp_ai 👋

Once you applied the filters, #FaceApp is storing insecurely your modified photo in the sdcard. As a consequence any app with the READ_EXTERNAL_STORAGE permission can get your FaceApp photos without your consent and know when you took the photos.

To be fair with #FaceApp, this is a very common error in the #Android world. For example, @WhatsApp and @WeChat store the attachments on the sdcard too.
The POC to show the problem is available on @Github, have fun!…
Read 5 tweets
In order to prepare my talk for the @AppSec_Village at #Defcon, I spent my night on the the official #Android app made by @UIDAI: mAadhaar.

Whatever the version of the app, you will get a "Technical Error" when you try to add a profile. 1/3
Few months ago, someone at the @UIDAI offices changed the APIs on the server side but forgot to update the mobile app. I decrypted the all thing and the "Technical Error" is in reality an "API ERROR" aka the mAadhaar don't know anymore how to discuss with the UIDAI's servers. 2/3
The quality of this app is a shame. Again, this shows how bad is the app and the mAadhaar team. This is ridiculous @UIDAI, fix your sh*t! 3/3
Read 3 tweets
My challenge of the night: create an app for #BHUSA 1/
The 1st challenge is to get the data. At @BlackHat there is 4 types of sessions:
- arsenal
- briefings
- sponsored-sessions
- training

After extracting the data from their website, I imported everything in a Firebase Realtime Database 3/
Read 6 tweets
Reuters: #Huawei can roll out Hongmeng OS in 6 to 9 months "if the circumstances force us to -executive
Reuters: #Huawei's OS to be based on #Android open source, meant for mobile but to support other devices later - executive
Reuters: #Huawei's foldable 5G Mate X coming to market in September - executive
Read 4 tweets
« #Huawei's 'HongMeng' operating system to gradually replace Android »

As I explained yesterday, if you don’t have access to the GApps and the Play Services, your only choice is to create another OS.…
#Huawei was ready for the ban and started to work on their OS since 2012. But, for the reasons I said yesterday, they also know that stay on #Android is better for the business.
After all these years, they didn’t release their OS for this exact reason.

So no, the ban is not a good news for them at short term. On the long term they might benefit from it but nobody is really able to say it.
Read 3 tweets
#Android is not open source.

Nothing new to that. It's like that for a long time and everyone knows it
Not having access to the GApps, the Google Play Services, the PlayStore and the security update for his new products is a VERY BIG problem for #Huawei
#Google has the full power in the Android ecosystem.

Yes. Nothing new to this. Don't be surprised.

Yes. This is a problem
Read 10 tweets
My @eversendapp experience has been smooth…

I have loaded it on my rooted #Android phone with #LineageOS 16.1, uploaded by identification for KYC and was verified within minutes…

I was so shocked that it had happened so fast, I am feeling the slacker
@eversendapp Why install the app, needed to make a payment to a service provider in Kenya and was stuck without a way to do it from my current location
@eversendapp The next steps were soooo smooth

1. Added a Visa card, which was charged for verification process

2. Loaded funds, converted to KES in 2 clicks…. The exchange rate was very close to what Google and XE gave me (as compared to my bank)

#FinTech #4IR
Read 7 tweets
0/ 🔷 We've got a 20-part daily recap coming in hot!

I get it. It's hard to stay in-the-know with so much happening in the crypto space. Let me help you. Here's what you ought to know - all in one place!
1/ 🔥 Twitter and Square CEO Jack Dorsey sent #CryptoTwitter into overdrive when he tweeted "Square is hiring 3-4 crypto engineers and 1 designed to work full-time on open source contributions to the bitcoin/crypto ecosystem." @SqCrypto launched, too!
2/ 🔦 @KuCoinCom [ $KCS ] unveiled KuCoin Spotlight, an investment channel aiming "to assist blockchain projects in raising the needed funds, attracting market attention and improving industrial influence." First Spotlight project announced within a week.…
Read 21 tweets
Q post 2985 regarding the DARPA Lifelog project which ceased on the day Facebook was founded

Feb 4 2004

#QAnon #WWG1WGA #MEGA #FaceBook #Zuckerburg #DarkToLight #GreatAwakening #DARPA
Q 2984

Facebook and DARPA
Part [1 of 9]
What former US president was the C_A director?

Facebook returns to the news

#QAnon #WWG1WGA #MEGA #FaceBook #Zuckerburg #DarkToLight #GreatAwakening #DARPA #Bush
Read 26 tweets
0/ Hey hey heyyyyyyy. Hope everyone is doing well!

Below is a 20-part thread covering the latest happenings in the #crypto/#blockchain space from the past 24 hours. Enjoy!
1/ 🤯 @GetNuo unveiled @UniswapExchange- and @KyberNetwork-powered non-custodial margin trading!

Users can LONG or SHORT #bitcoin [ $BTC ], #ether [ $ETH ], Maker [ $MKR / $DAI ], 0x [ $ZRX ] and other ERC20-compliant tokens with up to 5x leverage.…
2/ 🤝 @Coinbase announced the acquisition #blockchain intelligence startup Neutrino. Their team of eight will continue to operate as a standalone business based out of Coinbase's #London office.
Read 22 tweets

This #Android app is asking their user to link their #Aadhaar card with the app. I thought it was illegal 🤔... and you?
The app description is priceless...
Apparently, nobody told to the guys in the "Made in #India" wagon that https exist.
Read 11 tweets
0/ Hot start to the week in the #crypto/#blockchain ecosystem! Successful fundraising rounds. New records set. Several products launched. Below is a 34-part thread on events that took place between Monday and Tuesday.

1/ 🆕 @Guesserio launches today! Built on @AugurProject [ $REP ], the California-based #crypto project promises their release “will fundamentally change the way you participate in Augur prediction markets.”

Invest in the outcome of real-world events at your fingertips!
2/ 🔧 #Ethereum- and #IPFS-powered #blockchain platform for decentralized marketplaces, @OriginProtocol, unveiled its 'Marketplace Creator' tool.

This allows users to construct a decentralized marketplace in just a matter of minutes!…
Read 38 tweets
Thread: I'm back from lunch, it's time to show you how to remove the root detection and the anti tampering mechanism from the mAadhaar app, the official #Android app of @UIDAI. 1/n
Like yesterday, I will work on version 1.1.4 of the application 2/n
Read 23 tweets
So @uidai developers used the IMEI as a password for the local database of the mAadhaar #android app but why it is a problem? What are the dangers? Small thread 🔽🔽🔽
As said yesterday, they used sqlcipher which is a good thing
SQLCipher will encrypt the database. To decrypt it, you need to define a "password" and this is where the problems come
Read 13 tweets
Thread: Tonight, I will try to find the password of the local database created on my phone by the mAadhaar app, the official #Android app of @UIDAI. I'm not sure I will manage to do it but hey keep in touch 🤷‍♂️ 1/n
The goal of this thread is to share with you the process and the tool I'm using 2/n
For my recent followers: I worked on this app last year, the result was not good for them... 3/n
Read 14 tweets
L'app GJ-France est l'app #Android "officiel" du mouvement des #GiletsJaunes en #France. Dans l'appli, il y a une section "Les VRAIS chiffres". Grâce à leur code désastreux, les vrais chiffres peuvent être manipulés avec une ligne de commande
Comme je suis sympa, je vous ai fait un script python juste pour vous…
Cette app faite avec Cordova par une "agence" appelé Whelp possèdent de nombreux problèmes. Je n'ai jamais vu un côté serveur aussi mal codé de ma vie. Il n'y a pas de mécanisme d'authentification, toutes les requêtes sont des requêtes POST, ...
Read 10 tweets
With more than 100,000,000 downloads ES File Explorer is one of the most famous #Android file manager.
The surprise is: if you opened the app at least once, anyone connected to the same local network can remotely get a file from your phone
Technically, everytime a user is launching the app, a HTTP server is started. This server is opening locally the port 59777. On this port, an attacker can send a JSON payload to the target
You can find the proof of concept on this Github repo…
Read 15 tweets
Tomorrow, I will publish on Twitter a #0day for a very famous #Android app 😁
No, it’s not the NaMo app but thanks for giving me my next topic ☺️
Read 3 tweets
There are just over two weeks left to submit a talk for #GR8Conf EU 2019 at

If you need ideas, here's a thread.

#groovylang #grailsfw #gradle #spockfw #gebish #griffon #springboot #micronautfw #ratpackweb #sdkman #android #devops #ci #cd #cfp #jenkins
Feel free to like/❤ a topic you’d attend and @ people you think should submit a talk on this topic. I have A LOT of ideas so I’ll spread this out over a few days maybe a week depending on how this goes.
1/ an intro to @spockframework

- using #spockfw in a polyglot organization including any tips/tricks for integrating with other languages like #Java and #Kotlin
- the top things you wish you knew when you started using spock
- good testing practices in general
Read 15 tweets
0/ Been away from the #crypto and #blockchain space for a while and now find yourself out-of-the-loop?

Fear not! I've pieced together a thread dedicated to ecosystem events that occurred over the past day or two. Read on to get back up to speed.
1/ 🥼 Over on #EthResearch, @JieyiLong proposed a SNARK-based sidechain for #ERC20 tokens.

Can reduce processing time per transaction significantly on the #Ethereum network, relative to a fully on-chain ERC20 smart contract. Click below for more!…
2/ 🤝 @FantomFDN x Fuiou Group

Having partnered with one of China's leading payment solution provider, #Fantom will work to integrate its pioneering DAG-based smart contract platform to give Fuiou users access to a faster, more scalable payment service.…
Read 25 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!