Discover and read the best of Twitter Threads about #android

Most recents (24)

1/11 We just released #AndroidStudio 3.6 canary 10 -- and we added some neat tweaks to the design tools in those latest canaries that you may want to check! (and also, we would *love* to get feedback on ^_^)

developer.android.com/studio/preview

#AndroidDev #Android #AndroidDesignTools
2/11 Note that while canary releases are great to see the latest -- it's bleeding edge :) and you may encounter issues. If so, please file them on issuetracker.google.com (under Android Studio > Design Tools), so that we can make sure to fix them!
3/11 Back to those new features -- First, we now allow you to very easily (and quickly!) switch the way you can edit your XML layouts. Simply toggle between the three buttons on the top-right of the panel :)

#AndroidDev #Android #AndroidDesignTools
Read 11 tweets
In Android 10, if you press back to finish an activity which is a task root, that activity will leak 🤯🔙🐤

Leak introduced when adding support for Bubbles (as chathead activities). Properly reported but: "We've deferred this issue for consideration in a future release."
This leak is happening because IRequestFinishCallback$Stub is an IPC callback that ends up being held by the activity manager process
Read 5 tweets
#SimonGautier, français en vacances en #Italie, appelle le 112. « Je suis tombé d'une falaise, j'ai les 2 jambes cassées, aidez-moi... je ne sais pas où je suis.» 5 jours plus tard, il reste introuvable.

Une telle histoire ne devrait pas arriver. (1/11)

tinyurl.com/y5urksoj
Info en 🇫🇷: tinyurl.com/y69c2dey

Récemment, on a vu dans la presse plusieurs cas similaires où la localisation de personnes en détresse se révélait problématique... en #Roumanie, en #Espagne ou en #France par exemple.

Néanmoins, ce n’est pas un problème nouveau. (2/11)
En 2009, les services de secours avaient déjà été incapables de retrouver un randonneur perdu dans les Alpes bien qu’il soit resté au téléphone avec eux de longues minutes. tinyurl.com/y25smkeu

Des drames tels que ceux-ci vont continuer à arriver, à moins que les... (3/11)
Read 11 tweets
1 hour left! My talk « History if the worst #Android app ever: mAadhaar » is at 10am at the @AppSecVillage of #Defcon!

I will talk about #India, #Aadhaar, #Android app, #Frida and #disclosure
Ofc I’ll share the link when I have it
Oops I tagged the wrong handle it’s @AppSec_Village
Read 3 tweets
Hi @faceapp_ai 👋

Once you applied the filters, #FaceApp is storing insecurely your modified photo in the sdcard. As a consequence any app with the READ_EXTERNAL_STORAGE permission can get your FaceApp photos without your consent and know when you took the photos.

Regards,
To be fair with #FaceApp, this is a very common error in the #Android world. For example, @WhatsApp and @WeChat store the attachments on the sdcard too.
The POC to show the problem is available on @Github, have fun! github.com/fs0c131y/FaceA…
Read 5 tweets
In order to prepare my talk for the @AppSec_Village at #Defcon, I spent my night on the the official #Android app made by @UIDAI: mAadhaar.

Whatever the version of the app, you will get a "Technical Error" when you try to add a profile. 1/3
Few months ago, someone at the @UIDAI offices changed the APIs on the server side but forgot to update the mobile app. I decrypted the all thing and the "Technical Error" is in reality an "API ERROR" aka the mAadhaar don't know anymore how to discuss with the UIDAI's servers. 2/3
The quality of this app is a shame. Again, this shows how bad is the app and the mAadhaar team. This is ridiculous @UIDAI, fix your sh*t! 3/3
Read 3 tweets
My challenge of the night: create an app for #BHUSA 1/
The 1st challenge is to get the data. At @BlackHat there is 4 types of sessions:
- arsenal
- briefings
- sponsored-sessions
- training

2/
After extracting the data from their website, I imported everything in a Firebase Realtime Database 3/
Read 6 tweets
Reuters: #Huawei can roll out Hongmeng OS in 6 to 9 months "if the circumstances force us to -executive
Reuters: #Huawei's OS to be based on #Android open source, meant for mobile but to support other devices later - executive
Reuters: #Huawei's foldable 5G Mate X coming to market in September - executive
Read 4 tweets
« #Huawei's 'HongMeng' operating system to gradually replace Android »

As I explained yesterday, if you don’t have access to the GApps and the Play Services, your only choice is to create another OS.

nst.com.my/world/2019/05/…
#Huawei was ready for the ban and started to work on their OS since 2012. But, for the reasons I said yesterday, they also know that stay on #Android is better for the business.
After all these years, they didn’t release their OS for this exact reason.

So no, the ban is not a good news for them at short term. On the long term they might benefit from it but nobody is really able to say it.
Read 3 tweets
#Android is not open source.

Nothing new to that. It's like that for a long time and everyone knows it
Not having access to the GApps, the Google Play Services, the PlayStore and the security update for his new products is a VERY BIG problem for #Huawei
#Google has the full power in the Android ecosystem.

Yes. Nothing new to this. Don't be surprised.

Yes. This is a problem
Read 10 tweets
My @eversendapp experience has been smooth…

I have loaded it on my rooted #Android phone with #LineageOS 16.1, uploaded by identification for KYC and was verified within minutes…

I was so shocked that it had happened so fast, I am feeling the slacker
@eversendapp Why install the app, needed to make a payment to a service provider in Kenya and was stuck without a way to do it from my current location
@eversendapp The next steps were soooo smooth

1. Added a Visa card, which was charged for verification process

2. Loaded funds, converted to KES in 2 clicks…. The exchange rate was very close to what Google and XE gave me (as compared to my bank)

#FinTech #4IR
Read 7 tweets
0/ 🔷 We've got a 20-part daily recap coming in hot!

I get it. It's hard to stay in-the-know with so much happening in the crypto space. Let me help you. Here's what you ought to know - all in one place!
1/ 🔥 Twitter and Square CEO Jack Dorsey sent #CryptoTwitter into overdrive when he tweeted "Square is hiring 3-4 crypto engineers and 1 designed to work full-time on open source contributions to the bitcoin/crypto ecosystem." @SqCrypto launched, too!
2/ 🔦 @KuCoinCom [ $KCS ] unveiled KuCoin Spotlight, an investment channel aiming "to assist blockchain projects in raising the needed funds, attracting market attention and improving industrial influence." First Spotlight project announced within a week. kucoin.com/news/en-introd…
Read 21 tweets
Q post 2985 regarding the DARPA Lifelog project which ceased on the day Facebook was founded

Feb 4 2004

#QAnon #WWG1WGA #MEGA #FaceBook #Zuckerburg #DarkToLight #GreatAwakening #DARPA
Q 2984

Facebook and DARPA
Part [1 of 9]
What former US president was the C_A director?

Facebook returns to the news

#QAnon #WWG1WGA #MEGA #FaceBook #Zuckerburg #DarkToLight #GreatAwakening #DARPA #Bush
Read 26 tweets
0/ Hey hey heyyyyyyy. Hope everyone is doing well!

Below is a 20-part thread covering the latest happenings in the #crypto/#blockchain space from the past 24 hours. Enjoy!
1/ 🤯 @GetNuo unveiled @UniswapExchange- and @KyberNetwork-powered non-custodial margin trading!

Users can LONG or SHORT #bitcoin [ $BTC ], #ether [ $ETH ], Maker [ $MKR / $DAI ], 0x [ $ZRX ] and other ERC20-compliant tokens with up to 5x leverage. medium.com/nuo-news/nuo-i…
2/ 🤝 @Coinbase announced the acquisition #blockchain intelligence startup Neutrino. Their team of eight will continue to operate as a standalone business based out of Coinbase's #London office.
Read 22 tweets
Hi @UIDAI,

This #Android app is asking their user to link their #Aadhaar card with the app. I thought it was illegal 🤔... and you?
The app description is priceless...
Apparently, nobody told to the guys in the "Made in #India" wagon that https exist.
Read 11 tweets
0/ Hot start to the week in the #crypto/#blockchain ecosystem! Successful fundraising rounds. New records set. Several products launched. Below is a 34-part thread on events that took place between Monday and Tuesday.

Enjoy!
1/ 🆕 @Guesserio launches today! Built on @AugurProject [ $REP ], the California-based #crypto project promises their release “will fundamentally change the way you participate in Augur prediction markets.”

Invest in the outcome of real-world events at your fingertips!
2/ 🔧 #Ethereum- and #IPFS-powered #blockchain platform for decentralized marketplaces, @OriginProtocol, unveiled its 'Marketplace Creator' tool.

This allows users to construct a decentralized marketplace in just a matter of minutes! medium.com/originprotocol…
Read 38 tweets
Thread: I'm back from lunch, it's time to show you how to remove the root detection and the anti tampering mechanism from the mAadhaar app, the official #Android app of @UIDAI. 1/n
Like yesterday, I will work on version 1.1.4 of the application 2/n
Read 23 tweets
So @uidai developers used the IMEI as a password for the local database of the mAadhaar #android app but why it is a problem? What are the dangers? Small thread 🔽🔽🔽
As said yesterday, they used sqlcipher which is a good thing
SQLCipher will encrypt the database. To decrypt it, you need to define a "password" and this is where the problems come
Read 13 tweets
Thread: Tonight, I will try to find the password of the local database created on my phone by the mAadhaar app, the official #Android app of @UIDAI. I'm not sure I will manage to do it but hey keep in touch 🤷‍♂️ 1/n
The goal of this thread is to share with you the process and the tool I'm using 2/n
For my recent followers: I worked on this app last year, the result was not good for them... 3/n
Read 14 tweets
L'app GJ-France est l'app #Android "officiel" du mouvement des #GiletsJaunes en #France. Dans l'appli, il y a une section "Les VRAIS chiffres". Grâce à leur code désastreux, les vrais chiffres peuvent être manipulés avec une ligne de commande
Comme je suis sympa, je vous ai fait un script python juste pour vous github.com/fs0c131y/GJ-FR…
Cette app faite avec Cordova par une "agence" appelé Whelp possèdent de nombreux problèmes. Je n'ai jamais vu un côté serveur aussi mal codé de ma vie. Il n'y a pas de mécanisme d'authentification, toutes les requêtes sont des requêtes POST, ...
Read 10 tweets
With more than 100,000,000 downloads ES File Explorer is one of the most famous #Android file manager.
The surprise is: if you opened the app at least once, anyone connected to the same local network can remotely get a file from your phone
Technically, everytime a user is launching the app, a HTTP server is started. This server is opening locally the port 59777. On this port, an attacker can send a JSON payload to the target
You can find the proof of concept on this Github repo github.com/fs0c131y/ESFil…
Read 15 tweets
Tomorrow, I will publish on Twitter a #0day for a very famous #Android app 😁
No, it’s not the NaMo app but thanks for giving me my next topic ☺️
Read 3 tweets
There are just over two weeks left to submit a talk for #GR8Conf EU 2019 at cfp.gr8conf.org

If you need ideas, here's a thread.

#groovylang #grailsfw #gradle #spockfw #gebish #griffon #springboot #micronautfw #ratpackweb #sdkman #android #devops #ci #cd #cfp #jenkins
Feel free to like/❤ a topic you’d attend and @ people you think should submit a talk on this topic. I have A LOT of ideas so I’ll spread this out over a few days maybe a week depending on how this goes.
1/ an intro to @spockframework

including:
- using #spockfw in a polyglot organization including any tips/tricks for integrating with other languages like #Java and #Kotlin
- the top things you wish you knew when you started using spock
- good testing practices in general
Read 15 tweets
0/ Been away from the #crypto and #blockchain space for a while and now find yourself out-of-the-loop?

Fear not! I've pieced together a thread dedicated to ecosystem events that occurred over the past day or two. Read on to get back up to speed.
1/ 🥼 Over on #EthResearch, @JieyiLong proposed a SNARK-based sidechain for #ERC20 tokens.

Can reduce processing time per transaction significantly on the #Ethereum network, relative to a fully on-chain ERC20 smart contract. Click below for more! ethresear.ch/t/snark-based-…
2/ 🤝 @FantomFDN x Fuiou Group

Having partnered with one of China's leading payment solution provider, #Fantom will work to integrate its pioneering DAG-based smart contract platform to give Fuiou users access to a faster, more scalable payment service. medium.com/@FantomFDN/fan…
Read 25 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!