Slatedroid info

Everything about android tablet pc [slatedroid]

Android Donut Running On A Graphing Calculator

Posted by wicked June - 26 - 2015 - Friday Comments Off

[Josh] is trying to fight a misconception that Android only runs on fast, powerful smartphones. He’s convinced Android will run on extremely low-end hardware, and after a great deal of searching, hit upon a great combination. He’s running Android Donut on a TI nSpire CX graphing calculator.

Unlike just about every other TI calculator, homebrew developers are locked out of the nSpire CX and CX CAS. Without the ability to run native applications on this calculator, [Josh] would be locked out of his platform of choice without the work of the TI calculator community and Ndless, the SDK for this series of calculators.

With the right development environment, [Josh] managed to get the full Android stack up and running and ironed the bugs out. Everything he’s done is available on the GitHub for this project, and with the instructions on the xda developers post, anyone can get a version of Android running on this TI calculator.

While [Josh] has Android Donut running along with most of the 1.6 apps, a terminal emulator, keyboard, WiFi, USB, and Bluetooth running, this calculator-come-Android isn’t as useful as you think it would be. The vast majority of calculator emulators on the Google Play store require Android version 2.2 and up. Yes, [Josh] can still run a TI-83 emulator on his calculator, but finding an app that’s compatible with his version of Android is a challenge.

Still, even with a 150MHz processor and 64MB of RAM – far less than what was found in phones that shipped with Donut – [Josh] is still getting surprisingly good performance out of his calculator. He can play some 2D games on it, and the ability to browse the web with a calculator is interesting, to say the least. It is, however, the perfect example that you don’t need the latest and greatest phone to run Android. Sometimes you don’t even need a phone.

Filed under: Android Hacks

Nexus 7 mated with mouse, used in-vehicle

Posted by wicked June - 19 - 2015 - Friday Comments Off

nexus_7_in_car_with_mouse

We have seen a few examples of users incorporating tablet devices into their vehicles to serve in place of auto manufacturer or third-party solutions for in-car infotainment systems. Users typically resort to this due to the dearth of autos that come with Android systems installed and third-party units are typically very expensive. In the latest example of this move to use a tablet device, Kevin Foreman connected a mouse to a Nexus 7 to provide a new input option as he was tired of using the touchscreen.

In a video demonstrating how his Nexus 7 works in his Toyota Prius, Foreman shows the Logitech G700S mouse that he connected to the tablet to serve as an input device. After working to map a variety of buttons and mouse clicks, Foreman is able to do things like launch Spotify or Google Maps with a touch of the mouse instead of trying to do it via the tablet’s touchscreen.

Foreman indicates he pursued this because he was tired of trying to “aim” his finger on the touchscreen while driving. Google has noted this challenge as well, which is why the Android Auto system uses a custom interface designed for use in a vehicle where precise touches may not be preferable.

You can check out his video below.

Click here to view the embedded video.

Come comment on this article: Nexus 7 mated with mouse, used in-vehicle

WiFi from LG Watch Urbane hacked onto LG G Watch R

Posted by wicked May - 31 - 2015 - Sunday Comments Off

LG_Watch_Urbane_Main_Gold_And_Silver_TA

Owners of the LG G Watch R who are willing to do some hacking work on the device now have an option available to enable the WiFi chip on the device. User Tasssadar on the XDA site figured out how to get the needed drivers off an LG Watch Urbane, with the help of intersectRaven, in order to make this possible.

The files needed to make everything work have been put together as a flashable ZIP for G Watch R owners who are willing to give it a go. Currently the solution has only been tested on devices running the 5.1.1 Android update. Users will also need TWRP installed as a custom recovery and an unlocked bootloader.

Tasssadar does note that this solution breaks over-the-air updates, so owners will have to be prepared to restore to a stock image when the next Android update rolls out if they want to get it OTA. In addition, although most people think LG did not enable WiFi on the G Watch R as a way to push buyers to the Watch Urbane, there is a possibility that some actual hardware issue exists and this could cause permanent hardware damage.

If you have a G Watch R and want to give this a try, just hit the source link below for links to the ZIP file and some kernels that will be needed.

source: XDA

Come comment on this article: WiFi from LG Watch Urbane hacked onto LG G Watch R

The Ease of Adding Trojans to Major Financial Android Apps

Posted by wicked May - 24 - 2015 - Sunday Comments Off

This was both an amusing and frightening talk. [Sam Bowne] presented How to Trojan Financial Android Apps on Saturday afternoon at the LayerOne Conference. [Sam] calculates that 80-90% of the apps provided by major financial institutions like banks and investment companies are vulnerable and the ease with which trojans can be rolled into them is incredible.

Some Background

[Sam] did a great job of concisely describing the circumstances that make Android particularly vulnerable to the attacks which are the subject of the talk. Android programs are packaged as APK files which are easy to unpack. The “compiled” code itself is called smali and is readable in a similar way as Java. It’s super easy to unpack and search this byte code using grep. Once the interesting parts are located, the smali code can be altered and the entire thing can be repackaged. The app will need to be resigned but Google doesn’t control the signing keys so an attacker can simply generate a new key and use that to sign the app. The user still needs to install the file, but Android allows app installation from webpages, email, etc. so this isn’t a problem for the bad guys either.

The Attack

So what can be done? This is about information harvesting. [Sam’s] proof of concept uses a python script to insert logging for every local variable. The script looks at the start of every module in the smali code, grabs the number of local variables, increments it by one and uses this extra variable to write out the values through logcat.

bank-of-america-logcat
ADB Log shows the Credit Card Number

He demonstrated live on the Bank of America app. From the user side of things it looks exactly like the official app, because it is the official app. However, when you register your account the log reports the card number as you can see here. Obviously this information could easily be phoned-home using a number of techniques.

As mentioned, the vast majority of banking and financial apps are vulnerable to this, but some have made an attempt to make it more difficult. He found the Bancorp app never exposes this information in local variables so it can’t just be logged out. However, the same trojan technique works as a keylogger since he found the same function kept getting called every time a key is pressed. The same was true of the Capital One app, but it echos out Google’s Android keymap values rather than ascii; easy enough to translate back into readable data though.

The Inability to Report Vulnerabilities

bowne-schwab-twitter-security-reportWhat is the most troubling is that none of these companies have a means of reporting security vulnerabilities. It was amusing to hear [Sam] recount his struggle to report these issues to Charles Schwab. Online contact forms were broken and wouldn’t post data and several publicly posted email addresses bounced email. When he finally got one to accept the email he later discovered another user reporting on a forum that nobody ever answers back on any of the Schwab accounts. He resorted to a trick he has used many times in the past… Tweeting to the CEO of Charles Schwab to start up a direct-message conversation. This itself is a security problem as @SwiftOnSecurity proves by pointing out that whenever @SamBowne Tweets a CEO it’s because he found a vulnerability in that company’s platform and can’t find a reasonable way to contact the company.

There is Hope

Although very rare, sometimes these apps do get patched. The Trade King app was updated after his report and when [Sam] tried the exploit again it crashes at start-up. The log reports a verification failure. This indicates that the injected code is being noticed, but [Sam] wonders if the verification is included in the app itself. If it is, then it will be possible to track it down and disable it.

This may sound like all of us Android users should despair but that’s not the case. Adding verification, even if it’s possible to defeat it, does make the apps safer; attackers may not want to invest the extra time to try to defeat it. Also, there are obsfucators available for a few thousand dollars that will make these attacks much more difficult by making variable names unreadable. The free obsfucator available now with the Android development suites doesn’t change names of everything… local variables are left unaltered and programmers have a habit of using descriptive names for variables. For instance, BofA used “CARDNUM” in the example above.

The Slides

[Sam Bowne’s] slides and testing results for the entire talk are available under the “Upcoming Events” part of his website.

Filed under: Android Hacks, security hacks

Can’t Wait for the OTA to 5.1.1 with the LG G Watch? Get the Flashable File Here

Posted by wicked May - 20 - 2015 - Wednesday Comments Off

LG-G-Watch-R_is_Sexy

Just today our own Brad Ward wrote about the Android 5.1.1 OTA update rolling out to the LG G Watch and G Watch R. Well it didn’t take long for Googlites to provide us with the flashable update in the event you are too impatient to wait your turn in line. And impatient you should be. Don’t they know how important you are?

Now bear in mind that installing this little bit of flashed imagery requires root, so if you aren’t rooted, you’ll need to take care of that first. Our simple tutorial will get you set up in a jiffy. Remember, however, that this can still be a complicated process and if you are completely technically inept, it’s probably best to skip it. Also, we’re not responsible for anything goofy that happens to your device if you root it and break stuff. It’s on you.

With that legalese out of the way, hit up the link at the bottom and become best friends with that .zip. You’ll be on your way to an updated smartwatch experience in no time, except the time it indicates on said smartwatch.

Source: Brian Buquoi

Come comment on this article: Can’t Wait for the OTA to 5.1.1 with the LG G Watch? Get the Flashable File Here

Reading Resistors With OpenCV

Posted by wicked May - 14 - 2015 - Thursday Comments Off

Here’s a tip from a wizened engineer I’ve heard several times. If you’re poking around a circuit that has failed, look at the resistor color codes. Sometimes, if a resistor overheats, the color code bands will change color – orange to brown, blue to black, and so forth. If you know your preferred numbers for resistors, you might find a resistor with a value that isn’t made. This is where the circuit was overheating, and you’re probably very close to discovering the problem.

The problem with this technique is that you have to look at and decode all the resistors. If automation and computer vision is more your thing, [Parth] made an Android app that will automatically tell you the value of a resistor by pointing a camera at it.

The code uses OpenCV to scan a small line of pixels in the middle of the screen. Colors are extracted from this, and the value of the resistor is displayed on the screen. It’s perfect for scanning through a few hundred through hole resistors, if you don’t want to learn the politically correct mnemonic they’re teaching these days.

Video below, and the app is available for free on the Google Play store.

Filed under: Android Hacks

AppleMacintoshIIAndroidWear

Who needs an Apple Watch when you can rock Apple’s Macintosh II OS from 1987? While it may seem like an impossibility, the man behind putting Windows 95 on Android Wear is at it again, this time, with the Apple OS. That’s right Corbin Davenport, put the 1987 OS on a Samsung Gear Live and while it may be quite tiny on the small screen, it’s fully functional.

In the under 2-minute video Davenport runs through the OS on the Wear device and shows just how functional it actually is. The buttons in the OS are still quite difficult to navigate but regardless, it’s fun to see just what we can do with these tiny computers. We have the video for you below. Enjoy!

Click here to view the embedded video.

source: Popular Mechanic

Come comment on this article: Man who put Windows 95 on Android Wear ups ante by doing the same with 1987’s Apple Macintosh II

Your Body is Your PIN with Bodyprint

Posted by wicked April - 30 - 2015 - Thursday Comments Off

[Christian Holz, Senaka Buthpitiya, and Marius Knaust] are researchers at Yahoo that have created a biometric solution for those unlucky folks that always forget their smartphone PIN codes. Bodyprint is an authentication system that allows a variety of body parts to act as the password.  These range from ears to fists.

Bodyprint uses the phone’s touchscreen as an image scanner. In order to do so, the researchers rooted an LG Nexus 5 and modified the touchscreen module. When a user sets up Bodyprint, they hold the desired body part to the touchscreen. A series of images are taken, sorted into various intensity categories. These files are stored in a database that identifies them by body type and associates the user authentication with them. When the user wants to access their phone, they simply hold that body part on the touchscreen, and Bodyprint will do the rest. There is an interesting security option: the two person authentication process. In the example shown in the video below, two users can restrict file access on a phone. Both users must be present to unlock the files on the phone.

How does Bodyprint compare to capacitive fingerprint scanners? These scanners are available on the more expensive phone models, as they require a higher touchscreen resolution and quality sensor. Bodyprint makes do with a much lower resolution of approximately 6dpi while increasing the false rejection rate to help compensate.  In a 12 participant study using the ears to authenticate, accuracy was over 99% with a false rejection rate of 1 out of 13.

Filed under: Android Hacks, Cellphone Hacks

More progress being made on pairing Android Wear with iPhones

Posted by wicked March - 18 - 2015 - Wednesday Comments Off

android_wear_wear_what_you_want_watch_faces_Featured_LargeIf you’re an iPhone user that’s just not happy with the current selection of smartwatches, well, you’re probably on the wrong website, but there’s some good news on the horizon. Developer Mohammad Abu-Garbeyyeh recently released a video showing off how he paired a Moto 360 with an iPhone through some clever workarounds. Most of the functionality was borked, but you could at least check some text messages.

Today, he’s shown off some new progress on pairing the two together. It’s not a ton of improvement, but he’s able to answer a phone call made to the iPhone right from the Moto 360. There’s no jailbreaking, rooting, or anything else done to make this work. Just a simple APK sideloaded onto the Moto 360.

While developers like this are working at making Android Wear compatible with iOS, Google is supposedly working on their own iOS app to enable compatibility. Who do you think will get things working first?

source: Techno Buffalo

Click here to view the embedded video.

Come comment on this article: More progress being made on pairing Android Wear with iPhones

Redditor builds smart mirror that displays Android Wear watch notifications

Posted by wicked March - 12 - 2015 - Thursday Comments Off

auto wear mirrorChalk this up for the craziest DIY project of the week. A Redditor has built a mirror that mirrors notifications from his Android phone and tablet, no pun intended. Using Auto Wear, that mirror now shows Android Wear notifications, too, like when the battery is fully charged and ready to go, as seen above. Yep, instead of actually picking up his watch to see if the battery is charged, he just gets to glance at his mirror.

Anyone want to make a bet on how long it takes for a major tech company to offer him a job?

source: Reddit

Come comment on this article: Redditor builds smart mirror that displays Android Wear watch notifications

ePad 7 Android 4.0 ICS
$162 $100 FREE SHIPPING 

10" Android 4.2 1.2GHz Tablet PC

7