mercredi 31 août 2016

Samsung misses their S7 Vulkan Deadline, but Finally adds Support

Back in February, Samsung made a big deal about the gaming performance of their new Galaxy S7 smartphone. One of the key features of the S7 that they were showcasing was that it would be the first smartphone to support the Vulkan API.

Samsung representatives talked extensively at the time about how Vulkan support would allow the S7 to outperform other devices with similar chipsets like the HTC 10 and the LG G5. They quoted numbers like “67% Higher GPU Performance” and “80% More Efficient CPU”. Samsung felt that being the first to support Vulkan would help them get more games into their store, providing value added for the S7 compared to other phones, specifically mentioning upcoming mobile specific games from Nintendo and Konami and integration with Gear VR and Oculus. It was almost surprising how heavily Samsung was pushing Vulkan as a killer feature.

It appears that Samsung ran into some difficulties getting it ready in time for launch, and had to delay support of Vulkan. Despite the delays, they continued with their media campaign promoting Vulkan. The S7 shipped with everything required for Vulkan other than the  VK_KHR_swapchain extension. Vulkan support is now finally rolling out to the S7 alongside the August security patch.

Unfortunately, that means that their claim that the “Galaxy S7 and S7 edge are the first smartphones to support the Vulkan API” just isn’t true.

Samsung S7 Vulkan

Developers and users alike were left disappointed by Samsung failing to follow through on their promise. Developers were forced to look elsewhere for their Vulkan testbeds, and users were left without the gaming performance improvements and “console quality gaming” that they were sold on.

The Nvidia Shield TV was the first available production option, adding support for Vulkan back in February, the day after the S7 announced, and the Shield Tablet K1 and the Shield Tablet received updates to support Vulkan on 13 April 2016 and 12 May 2016 respectively. But that’s OK, Samsung’s claim didn’t really include Android TV boxes and tablets.

The Samsung Note 7 was up next, launching on 19 August 2016 with Vulkan support (with the same processor as the Galaxy S7). Samsung followed through on their claims of having the first phone with stock software supporting Vulkan, it just wasn’t on the S7. Then Nougat came out. Vulkan support was added to the Nexus 6P, the Nexus 5X, and the Pixel C with the second Developer Preview on 13 April 2016, and then launched officially on 22 August 2016.

Now, that’s not very long between when the Note 7 launched and when the S7 received the update, but it is 6 months of Samsung claiming that the S7 supports Vulkan, without actually implementing it. It’s 6 months of devs waiting for their phone to receive a feature that was advertised as being ready on day one. We’ve had over four months of other phones having support (and even longer for tablets), allowing devs that purchased Nexus devices to get a head start on preparing their games for Vulkan.

Even worse, the Vulkan driver was registered and ready for them to roll out earlier this month (it had to be for the Note 7 launch). If they had pushed their August security patch out just a couple days earlier (let alone near the beginning of the month like they ideally should be), they would have beaten the Nexus devices and the Note 7 to an official stable release with Vulkan support. They could have kept (part of) their advertising accurate to the letter by releasing just a couple days earlier than they did.

But that’s beside the point. Having truth in advertising to the letter is important, but being accurate in spirit is critical. Any developer that bought the S7 intending to spend the last half a year preparing for Vulkan games on mobile was mislead. Users that bought an S7 because they thought that they would have immediate access to Vulkan games instead of buying a different phone could have justifiable buyer’s remorse.

For those that reached out to Samsung about the lack of Vulkan in the S7, how did they respond? How do you think they should have responded to people who bought the phone? How should Samsung have adjusted product advertising when Vulkan was delayed? Could Samsung have released a public beta version with Vulkan support to the developer community? Sound off below!

from xda-developers

Lenovo IFA 2016 Announcements: Moto Z Play, Hasselblad True Zoom MotoMod and US Pricing for the Moto Z

IFA 2016 has been the bearer of some exciting products so far. Lenovo is adding on to that list by announcing the Moto Z Play, the third member in the Moto Z family along with dropping some other tidbits related to their other products.

Moto Z Play

Unlike the Moto Z and the Moto Z Force, the Moto Z Play is a mid end offering and not a flagship. But that does not stop the device from picking on what the Z lineup does: modularity.

For the design, the Moto Z Play largely picks up on the Moto Z Force in terms of design and dimensions. So you get a similar looking device, but with a glass back instead of metal. Unlike the Moto Z Force, this is not shatterproof though, so you would need to be careful of how you handle this device. The Moto Z Play’s front is dominated by the 5.5″ FHD Super AMOLED display along with the fingerprint sensor, the front camera and its accompanying flash. The back of the device is again sporting the Moto camera hump and the 16-pin connector for MotoMods.

Image 021 Image 022

On the inside though, the Moto Z Play showcases its mid range specs, but not in an entirely bad way. The performance of the device is handled by the Qualcomm Snapdragon 625 SoC. The device sports 3GB of RAM and 32GB of expandable storage. The battery is of a pretty decent 3,510 mAh capacity. Combined with the lower requirements of the screen and the Cortex-A53 cores in the SoC, the battery life of the device should be quite good. Lenovo promises “50 hours” of use (single charge length, not screen on time), but as good as it may sound, we’d take the optimistic number with a pinch of salt.

For the camera, the Moto Z Play comes with a 16MP rear camera with laser autofocus. The front is a 5MP wide angle snapper, which comes with its own LED flash as we mentioned earlier.

The Lenovo Moto Z Play runs Android 6.0.1 Marshmallow, and the phone is compatible with the existing MotoMod hardware. The phone will be rolled out globally in September for €499. In the US, Verizon has an initial exclusivity period yet again, and the Moto Z Play will sell under the Droid banner initially for $408 from September 8th. In October, the device will be available from Motorola for $449.

Hasselblad True Zoom Mod

In addition to the Moto Z Play, Lenovo also added on to the MotoMod family with the Hasselblad True Zoom Mod. Essentially, this is a snap-on mod for Moto Z lineup, which promises to enhance the camera capabilities of the devices. You get a 12Mp sensor with a f/3.5-6.5 aperture, along with 10x Optical Zoom and OIS. The mod can also record videos in 1080p at 30fps with EIS. There’s a Xenon flash to help you light up your subject if needs be, and there’s a two-stage shutter button with zoom controls. But, the Mod does skimp out on battery, so the mod will use up the battery of your device to power itself.


The Hasselblad True Zoom Mod will be available for purchase for $299, and $249 through Verizon. Considering that this is an additional accessory that does not work standalone, the price is steep since you would also need to purchase a compatible phone for this mod to be of any use.

Moto Z — US Pricing

The Moto Z is on its end of its exclusivity with Verizon. September 15th onwards, the unlocked version of the Moto Z that works on GSM networks like AT&T and T-Mobile will be available for purchase “just” $699.99. Shipping begins in October though, so you still need to wait a bit more. No news has originated for the Moto Z Force and the end of its exclusivity with Verizon, so more waiting is to be expected.

With the Moto Z lineup and the MotoMods, Motorola and Lenovo took a risk in not only design and research and development of pseudo-modularity, but also in pricing. Considering the fledgling nature of the modular scene right now, the company might find it difficult to find as many takers, considering the gameplan of other OEMs.

What are your thoughts on the Moto Z announcements? Let us know your thoughts on all of them in the comments below!

from xda-developers

Samsung Unveils the Gear S3 Smartwatch at IFA 2016

It’s raining smartwatches at IFA 2016. First, ASUS took the wraps off the ZenWatch 3, and now its Samsung’s turn to do the same for its smartwatch.

Meet the new Samsung Gear S3.

With the Gear S3, Samsung took the best parts of the Gear S2 and thankfully, left them largely untouched. So you still have a smartwatch with a circular display, and the bezel still rotates, and you still use this method to navigate around on the smartwatch. What has changed though, is the size of the smartwatch. The Gear S3 is a tad bit bigger than its predecessor, 46mm casing compared to the 44mm, though you can peruse standard 22mm bands on the watch. The bigger watch body gives us a bigger screen, with the display receiving a small bump up to 1.3″ AMOLED 360×360 resolution display with 278ppi. The display will be always on, and will be protected by Gorilla Glass SR+.

Classic Frontier

There are actually two variants of the watch: the Gear S3 Classic and the Gear S3 Frontier. As the name would imply, the Classic has a more muted, polished silver look. The Frontier has a matte black finish, along with markings for the minutes and hours. The internals of the variants are the same, except for the presence of LTE on the Frontier.

On the inside, the Samsung Gear S3 sports a dual core Exynos SoC, with 786MB of RAM and 4GB of internal storage. The Gear S3 also sports standalone GPS radios, NFC and MST and built-in speakers. The battery is of 380mAh capacity, which Samsung claims can last between three to four days, but we find hard to process such a life considering the slew of sensors. The watch is also IP68 water resistant.

The rotating bezel on the watch has been given a functionality boost. Users can now use it to accept and reject calls, and to snooze alarms.


The Samsung Gear S3, which runs on Tizen and not on Android Wear, also integrates BMW’s mobility companion app. The focus is on a connected automobile experience, and you can use the Gear S3 to interact with your car like unlocking the car and checking its fuel level. Further on the Tizen agenda, Samsung will make the Knox Tizen Wearable SDK available to third-parties, which will allow development of apps for Samsung’s wearable ecosystem. The Knox Security Platform will also help the Gear S3 to “enable broader enterprise business opportunities”.

There has been no word regarding the availability and pricing of the Gear S3, but the smartwatch is expected to be available towards the year end, right around the holiday season. Samsung does have a unique product at hand with the Gear S3, and this might just put it ahead of the pack in the smartwatch race.

What are your thoughts on the Samsung Gear S3? Let us know in the comments below!

from xda-developers

Samsung’s Galaxy Note 7 Shipments Delayed due to Quality Testing

Samsung’s latest flagship and its supply was known to be in behind the incredible demand, but the Note 7 seems to be having additional trouble. Shipments of the Galaxy Note 7 are now being delayed due to additional tests being conducted for “product quality”. Samsung did not expand on the nature of these tests, but Reuters reports that battery explosion issues may have been a trigger.

from xda-developers

Nest is Reportedly Going Through Another Restructuring

It’s no secret that Google hasn’t been happy with Nest’s performance, and now reports indicate that Google is taking advantage of those resources. A new report claims Nest’s entire platform team is now working for Google’s new “living room” products, and will be reporting directly to Android chief Hiroshi Lockheimer (who is leading the company’s unified Internet of things platform).

from xda-developers

CyanogenOS 13.1 is Rolling Out to the Wileyfox Storm

Wileyfox Storm users can look forward to a big OTA update being pushed to their device very soon. Cyanogen Inc. has just announced they are pushing Cyanogen OS 13.1 to the device starting today. As with most OTA updates, this is being done in phases and could take time to complete. Cyanogen Inc. also says this makes the phone “MOD Ready”, for those looking forward to the new platform.

from xda-developers

Google has Discontinued the Chromebook Pixel 2

Google had already discontinued the $1,000 Chromebook Pixel 2 back in April of this year, leaving only the $1,300 version left in stock. Now, this premium model is no longer available in the Google Store or Best Buy. A Google spokesperson has been in touch with VentureBeat regarding the issue, and says they have “no plans to restock the Pixel 2.”

from xda-developers

Xiaomi Launches the Amazfit Watch in China

Just like Honor is Huawei’s sub-brand, Xiaomi has a sub-brand called Huami. The company has just launched their first smartwatch dubbed the Amazfit Watch. The wearable is IP67 certified, has a 28nm GPS sensor, a 200mAh battery (which is said to give up to 5 days of battery life), and will be priced at 799 Yuan (about $120 / Rs. 8,000).

from xda-developers

Samsung Begins Mass Production of the Exynos 7570

Samsung has just announced they are beginning mass production of their new SoC for “affordable devices.” The company says this is the first SoC in its class that also integrates a Cat.4 LTE 2CA modem, WiFi, Bluetooth, FM radio, and GNSS in one chip. It’s also using the company’s 14nm FinFET process to take advantage of the performance and power advancements.

from xda-developers

From Store to Shelf: An In-Depth Capitulation of Why MSM8974 Devices Are Excluded from Nougat

ASUS Announces the ZenWatch 3 at IFA 2016

At IFA 2016 held in Berlin, Germany, ASUS has launched the next iteration of the ZenWatch, called the ZenWatch 3. As expected, the device runs on Android Wear and is compatible with Android and iOS devices.

The biggest departure on the ZenWatch 3 compared to its square predecessors is its circular watchface and design. Along with the circular design, all three color variants sport a pink rose gold-colored bezel around the display. Speaking of the display, the ZenWatch 3 sports a 1.39″ AMOLED display with a 400×400 resolution and 287 ppi, and is covered with Gorilla Glass 3 for protection against scratches. There are a total of three buttons on the watch, all of which are claimed to be functional rather than just being purely aesthetic. While the watch itself is made of stainless steel, the strap choices come in rubber and leather, available in dark brown or beige.

Gunmetal Silver Rose Gold

On the inside, the ZenWatch 3 sports the Qualcomm Snapdragon Wear 2100 SoC APQ 8009w, an SoC made specifically for wearables that claims to be better on battery than the prior Snapdragon 400 that was commonly found on wearables. There is 512MB of LDDR3 RAM and 4GB of storage inside the watch. The battery department brings 340mAh of capacity for 1-2 days of battery life. Also, the ZenWatch 3 promises a quick charge rate of 15 mins for 60% of battery.

The watch is also marketed as a fully featured fitness tracker with step and activity tracking. The watch is also IP67 certified.

The ASUS ZenWatch 3 comes in three colors: Silver, Gunmetal and Rose Gold. The smartwatch will be available in October, with the European pricing being quoted at €229, which comes out to be around $255.

While ASUS has announced its next iteration in the smartwatch game, other manufacturers are bound to follow. The next few months could be exciting for Android Wear hardware.

What are your thoughts on the ASUS ZenWatch 3? Will you purchase it? Let us know in the comments below!

from xda-developers

Corning Unveils the Gorilla Glass SR+ for Wearables

Corning has unveiled a new type of glass composite that is designed keeping in mind the needs of wearables. The Gorilla Glass SR+ merges drop protection with scratch resistance from sapphire. The SR+ is promised to be more scratch resistant than Gorilla Glass 4 and 5 and is as thin. Gorilla Glass SR+ is commercially available and will be seen on wearables later this year.

from xda-developers

ASUS ZenFone 2 ZE551ML Finally Receives Android 6.0 Marshmallow Update

Better late than never, ASUS has finally released the Android 6.0 Marshmallow update for the ASUS ZenFone 2 ZE551ML. In addition to bringing a new OS and a few pre-installed apps, the update removes a whole host of bloatware apps but also removes support for multi-user and snapview.

from xda-developers

mardi 30 août 2016

What Android Security Patch Are You On Right Now, and Does it Really Affect/Bother You?

Android Security Patches are a big thing. They attempt to fix glaring vulnerabilities and security holes in our beloved system, without needing to wait a whole new system/OS update. Google has committed to a monthly update pattern, and several other OEMs had promised the same in the interest of consumer safety.

But, the picture is not as rosy as one would want it to be. While Google has been 0n point for the most part, OEMs have lagged behind the monthly schedule. Quick updates for security patches are not forthcoming, defeating the purpose of their monthly nature. So we’d like to ask you, as power users:

What Android Security Patch are you on? Are you up to date with the latest patch released by Google, or are you lagging behind by several months? Do you actually care about being on the latest security patch?

Let us know in the comments below!

from xda-developers

Lenovo’s Motorola Moto M XT1662 Spotted at TENAA

Motorola has unveiled the Moto Z, the Moto G4 and the Moto E3 so far this year, with the entire range undergoing a refresh and compounding to cover almost every section of the pricing spectrum. But it seems that they’re not done quite yet. Numerous leaks point towards a new lineup which will reportedly sit between the Moto X and Moto G, called the Moto M. And the first device in that lineup, the XT1662 has just shown up on the TENAA certification website.

The same device was also spotted at GFXBench earlier this year, with leaks at the time detailing a 4.6″ 1080p display, 3GB of RAM and 16MP and 8MP shooters on the back and front respectively. However, the TENAA listing varies on the display size, specifying a 5.5″ display, and adding a 3000 mAh to the list of features. While the TENAA listing appears blank to us, one website seems to have got their hands on a bunch of shots of the device, and the images show off a metal unibody, a fingerprint sensor on the rear panel, as well a textual Moto logo on the front.

3 1 2 4

The rear of the device bears the signature Moto batwing logo, but towards the bottom for some reason. It could have been possible to incorporate the logo with the fingerprint sensor, but the technical challenges may have been too high to undertake for a non-flagship device.

With no word on a Moto X successor this year, the Moto M might fill the void created between the Moto G and Moto Z. The device looks good on paper, and with a purported launch date of later this year, we’re a short time away from finding that out.

Are you anticipating the launch of Moto M? Will you be getting your hands on it when it launches? What are your thoughts on Motorola launching yet another lineup? Sounds off in the comments below!

from xda-developers

$20 Bluetooth LED Strip – Is it Crap?

Color changing LED lights are very popular right now. Bluetooth enabled lights range from $20 to $200 depending on what brand you get. In this video, we will be looking at the most entry level kit you can buy. This is a review of the Wiipro Android powered LED strips.

This particular set that I picked up is equipped with four LED strips that can be plugged into the cigarette lighter in your car.


The length of the cords are more than enough to reach the back seats of any car or SUV. While they are meant to be used in the car, I wanted to try them out on the back of my monitor. Luckily the cord can be swapped out with a standard cord that will work with a wall outlet.


The best app that I found to control these lights is called Happy Lighting. This will let you change the hue, set patterns, sync your lights to music or schedule on/off times.


For the price, these lights perform very well. They are plenty bright and connect easily with your Android device. Check out the full video review to see them in action.

Use our affiliate link to grab a set for yourself.


Download the Happy Lighting app from the Play store.

from xda-developers

Contacts 1.5 Update Brings Labels to Android and more.

A significant update to the Contacts app has been launched, which bumps it up to v1.5 and includes a number of changes. The tabbed layout to switch between Favorites and All is gone, replaced with a navigation drawer with more options such as Labels, Duplicates and account filters. Labels have been a part of Google Contacts since a while with this update finally bringing them to Android as well, and the Duplicates section allows you to quickly view and manage duplicate contact entries.

from xda-developers

30 Finalists Announced for Google’s 1st Indie Games Festival

On September 24th in San Francisco, Google is holding their first annual Google Play Indie Games Festival. All 30 finalists of the event have been announced and 20 of them aren’t even available in the Play Store (yet). Next month, we’ll see 10 judges select the top 3 best games that made it to the finals.

from xda-developers

BLU Announces the Pure XR with its 3D Touch Display

BLU has just announced the $300 Pure XR, which is rather surprising when the company generally targets a more affordable price range. The Pure XR features a 5.5″ 1080p AMOLED display with 3D Touch capabilities, MediaTek helio P10 SoC, 16MP F/1.8 aperture rear camera, 8MP wide-angle front camera, 4GB of RAM, 64GB of storage, DTS audio, 3,000mAh 9V/2A quick charge battery and Android 6.0 Marshmallow.

from xda-developers

Moto G4 Play is Coming to India “Soon”

Last month, we saw Motorola announce the Moto G4 Play for the UK market, and now the company tells us it’s coming to India as well. Motorola tells us the launch is “coming soon,” and that it will be an Amazon exclusive within the country. Some reports say the device will be available in India next week, on September 6th.

from xda-developers

NVIDIA Shield TV Game Console Appears in New FCC Entry

Thanks to a confidentiality agreement, not much is known about this new NVIDIA Shield TV entry by the FCC. We do know that NVIDIA recently had the FCC approve a new remote & a game controller though, so this could all tie into a new release sometime soon. Then again, NVIDIA also had a new tablet approved by the FCC this year but never released it.

from xda-developers

Google Talks About its Recent Tango Developer Workshop

The 3-day Tango Developer Workstation event had independent filmmakers, developers, producers, and creatives at major media companies participating to see what was capable. The New York Times used 3D models to tell news stories, The Wall Street Journal prototyped an AR app for location-based stories, Line brought 3D characters to life and Google’s Mobile Vision Team helped to visualize the vibrations of music.

from xda-developers

Google Builds Casting Capabilities into Chrome

Until now, Chrome users on the Desktop have had to install an extension if they wanted to cast anything using Google Cast. This extension is no longer needed as Google has finally built this feature into Chrome by default. You can either click a Cast icon on supported websites, or you can cast a whole tab by selecting the Cast option within the Chrome menu.

from xda-developers

Win an Honor 8: Dual-Camera, Premium Build, and Fast-Charging

We just dropped our extensive review of the new Honor 8, and the tldr is that we’re pretty impressed with what Honor has done. So, we’re giving one away! Below you can enter the contest in a bunch of different ways. The contest will run for about a week, when we’ll pick a winner by random. Each point you earn is considered an entry, so the more points you earn, the higher your chance of being picked. And yes, the contest is open to all countries! See below on how to enter.

Win an Honor 8!

  Honor Hub on XDA   Honor 8 Forums   Win Stuff from Honor


from xda-developers

lundi 29 août 2016

Best Android Camera Apps for 2016

Jared is back again with XDA TV to talk about some of the best camera apps for 2016. We will be looking at the all-around best camera apps that still remain user-friendly. Let’s get into it.


This app comes from XDA user stratosk, so props to him! Footej isn’t going to replace the stock camera app on some on the biggest flagship phones, but for those phones that have kind of crappy stock camera apps, this will be perfect for you.

– Simple and bloat-free user interface
– Amazing Photo and Video quality
– Utilizes Android’s camera 2 API (on devices that supports the API)
– Focus and exposure from different areas (if supported by device)
– Integrated Gallery and Slider
– Burst mode
– Animated GIFs
– Video slow motion recording
– Manual ISO, Shutter Speed control (if supported by device)
– RAW format (if supported by device)
– Snapshot during video recording


XDA Thread:
Play store:

Snap Camera HDR

This is a really cool camera app but be warned: the trial version comes with plenty of popup ads telling you to buy the full version. However, because this app is packed with so many great features, we have to add it to this list.


– Touch to focus
– Pinch to zoom
– Swipe to review
– Long press to adjust photo settings with the photo controller.

The photo controller includes settings for:

– Colour and Contrast (if supported by the hardware).
– Silent Shutter
– Burst Mode
– Self Timer
– Stable Shot
– Panorama mode
– Flash mode
– Whitebalance
– Exposure
– Grid lines
– Fast picture mode
– Additional Settings


Platy store:


Cameringo is one the the coolest and most feature packed camera apps we have ever seen. It comes with over 300 filter effects to use for your photos and videos. You’ll also have all of the manual controls that your heart desires, all wrapped up in an awesome and easy UI.


-300+ Filters

– Manual Controls

– Whitebalance

– Exposure

– Grid lines


-Live Preview

-Gif Mode

-Incognito Mode

-Planet Mode


Play store:

What third party camera app are you using on your Android device?

from xda-developers

HTC to Launch One A9 Successor “One A9s” at IFA

HTC will be reportedly launching the successor to the “iPhone Clone” One A9. Interestingly, the device will be called the HTC One A9s, giving it yet another similarity to the Apple brand. The device images provided show a device that is largely unchanged other than re-positioning of camera sensors.

from xda-developers

In Response to The Verge: Why We “Fretted” About the Note 7’s Performance

Last week, we published an article documenting some of the experiences we’ve had with the Galaxy Note 7, sourced from four different units from different XDA members. Shortly after our article went live, The Verge had a somewhat dismissive say in the matter.

We were surprised by the spread of our article. In retrospect, the fact that we used it as a means to specifically call out the lack of documentation or exposure to these performance issues surely played a significant role in its reach. The article went on to be shared hundreds of times and to receive thousands of comments, as well as provoke reactions from both Samsung supporters and haters. We wrote that article not to throw Samsung or any media outlet under the bus, but to cover an issue that we felt had not gathered enough attention from the media at large This is a pattern that many Note enthusiasts should recognize by now: Year after year, many reviews tout the Note hardware and performance while reality slaps credulous new customers in the face.

After pointing out the performance issues of the Note 7, we noticed an unreasonable amount of contempt directed at the device, but also plenty of apologia and damage control in comment sections. We also saw some publications issue editorials defending the device’s performance and overall value with arguments that we believe missed the point of our article. One such example is an article written by The Verge’s Vlad Savov, titled “Stop fretting about the Note 7’s performance” where the author argues that the Note 7 offers comparable, if not mostly equal performance to other Snapdragon 820 devices. The article also makes an argument in favor of the Note 7’s overall value, which we do not disagree with.

Before tackling some of these arguments, a few things should be made clear. We wrote this article with XDA’s demographics in mind. Vlad called us “the performance obsessives at XDA”, a label that we we welcome and cannot refute — we take performance very seriously, more seriously than more-mainstream publications. Anyone following our change-of-direction over the past year likely noticed that we do in-depth performance-over-time analysis for new devices, and that our reviews’ performance sections alone are longer than some other sites’ full reviews. We do this because we are performance obsessives, and because our readers are savvier than average, often willing to risk bricking their devices to squeeze more performance – or a few more years – out of their smartphones.

We focus on analyzing performance through various means, including but not limited to benchmarks; we also use Qualcomm’s Trepn, Discomark, Gamebench, and GPU Profiling among various other tools to measure real-world performance, of real applications, and to estimate or quantify the impact of background processes, the efficiency of OEM software, and the prowess of the silicon itself. We focus on the real-world aspect of performance as much as we focus on the theoretical side, because we know benchmarks don’t hold all the answers. Even when we do focus on benchmarks, we feature those that emulate real-world workloads like PCMark, and relegate the heavy and discrete simulations to measuring performance-over-time in order to quantify throttling in worst-case scenarios.

SmartSelectGIF_2016-08-22-07-42-41The Verge went on to talk about “benchmarks and measurements” as being ‘only analogous” to real world use — for most benchmarks, we can concede that. However, much of what we listed in that specific article was not “synthetic or simulated tests” — rather, they were measurements of application opening times and most importantly to us, device fluidity. The Verge rightly points out that the difference between the HTC 10 and the Note 7 while opening Chrome, as we listed, is only one of about 200ms. He says that the difference is not noticeable, and it is absolutely plausible that it is not for him. But looking at it proportionally, the HTC 10’s launch speed for that app in that particular sample is around 60% of that of the Note 7. You might not notice the difference in isolated tests side by side, or consciously while using the device, but over long periods of time – say, tens of times a day hundreds of day a year – this difference not only adds up, but becomes ingrained into your expectations, and possibly your perception.

This is why, for example, many Galaxy Note owners have marveled at the sheer speed or smoothness of Nexus devices. We can recall how mind-blowingly fast the Nexus 5 seemed in comparison to the Galaxy Note 3 back in 2013 — these two devices shared the same processor, while the Note 3 was the first device to pack 3GB of RAM. System optimization and the differences in “software heft” clearly played a role there, and they still do today, but while the Galaxy Note 3 felt fast, the Nexus 5 felt undeniably faster. This is analogous to today’s Note 7 situation, because like we noted (and exemplified) in the article, nearly every interaction is measurably slower on the Note 7, and at times it is extremely perceptible at that. Vlad noted that he did not notice “anything close to a substantial difference between the speed of the HTC 10, Note 7, or OnePlus 3” and again, that is a plausible claim for his subjective experience. But whether you notice it or not does not mean there isn’t a relatively large difference in performance, be it slower app launch speeds or more dropped frames.

Whether we notice it or not, the frames were dropped and the device stuttered

This is precisely why we used tools like GPU Profiling to measure fluidity — at 60 frames per second, our perception is typically not sharp enough to notice an odd missed frame here or there. But whether we notice it or not, the frame was dropped and the device stuttered. Vlad stated “I can’t say that I’ve yet encountered an Android phone that is [perfect across all performance metrics]”, which is a non-argument that does not invalidate any claims we’ve made. The relative inefficiency of the Note 7 means a higher delta when paired up against the best performers than any other flagship we’ve tested this year. When we use tools like GPU Profiling, we noticed that the percentage of dropped frames under the same workload is significantly higher on the Note 7 than it is on other devices — the Note 7 sometimes even manages to outright lock up for significant fractions of a second, something that other devices seldom suffer. It’s precisely the frequency and volatility of the Note 7’s performance issues that annoyed us the most, given the device randomly begins going on a stutter-spree of a few seconds length on regular usage.


And this is, perhaps, the biggest point we should be making here. We did not base our claims on benchmarks, but real world usage. Truth be told, benchmarks show that the Note 7 is mostly equal to other Snapdragon 820 devices in peak performance. We wrote that article specifically about observable performance because the device felt slow. It was written about real-world usage, not benchmarks — it’s right there in the title. Moreover, we measured the real-world performance with tools that produce results that are easy to grasp, and gave plenty of visual examples to demonstrate the issues we’ve seen across our Snapdragon 820 devices. Said tools merely expand our senses, whether they conform to our or others’ expectations is irrelevant. We noted the extent to which the sub-par performance spreads across the OS. And while we could have gone even deeper (and we will, in our full review), what we found after a few days of regular usage was, in our opinion, enough to demonstrate that the Note 7 is outpaced by competitors with similar (or even sometimes inferior) hardware, despite its premium price and top specifications.

It is paramount to us to speak about these issues because of our demographics, as we mentioned above. Not just because our userbase is somewhat savvier, but also because it is more diverse than other sites’ in that we have users from all over the world, with all kinds of budgets and consequently, all kinds of devices. For example, the largest plurality of phones that browse our site are Nexus 6P owners, yet they account for only ~3% of our total readers. We’ve seen low-end and mid-range devices, as well as affordable flagships sold in emerging markets, reach relatively large percentages too. XDA users are also known for squeezing the most out of their handset, in some cases enough to last them years, and a big aspect of that is performance (we see this in the abnormally large percentage of OnePlus One users that browse our site). We look for good canvases, often in hardware potential, to let our thirst for performance and battery be sated. And we care about the little details, too, especially regarding thesekey  aspects of our devices.

SmartSelectGIF_2016-08-22-08-29-15Finally, it must be stated that we generally think well of The Verge and that we understand both of our sites appeal to different users. But whether their editors notice a difference or not, such a difference exists. We cannot wrap our heads around the fact that the Nexus 6P, HTC 10, OnePlus 3 and Galaxy Note 7 were all given a 9 out of 10 in the performance breakdown of The Verge’s reviews — clearly, and as Vlad himself noted, one of these is not quite like the others. Even if the speed and fluidity delta would be an estimated 20% (being reasonable), giving all devices the same performance score is misleading, particularly when the Galaxy Note 7 is but the latest heir in a legacy of sub-par performance. If all devices receive the same performance score yet some are clearly superior or inferior, there is really no point to giving the phone’s performance a score in a number line.

The Note 7 is a great device nevertheless — we first listed all the aspects that can justify the price difference between the Note 7 and other devices, and after our performance article, we noted just how remarkable of a phone it is for daily life. We agree with The Verge’s conclusion, in this sense — performance is “not a huge problem for a phone that has the Note 7’s design, camera, display, battery and waterproofing”. We wholeheartedly believe this too, and we agree that phones are ultimately more than the sum of their specs. But none of this changes the fact that its performance is sub-par, nobody’s opinion changes objective reality. We’ve heard such ridiculous rebuttals elsewhere, with arguments such as “the phone sells a lot, therefore this isn’t the case” and “well, I don’t notice it, therefore you are lying or your device is faulty”. And to these arguments, we say this: your anecdote, opinion, or the purchasing habits of the masses do not shape objective reality; it doesn’t matter how many units Samsung sells, the device will still lose more frames per second second on average than other devices with the same hardware setup at this particular point in time.

Whether you perceive it or not, whether your particular unit was blessed with a “higher-binned” chipset and whether your particular usage pattern lends itself to sub-par performance scenarios or not — none of it changes the fact that Samsung could do a lot better with performance. Every year we wish they would, and every year so far we’ve been receiving marginal upgrades relative to the huge strides other phones have made in the same period of time. None of this makes the phone unusable, and we still believe it can easily charge the price it asks for — demand already confirms that the device is a success regardless of UI lag. But when compartmentalizing that aspect in particular, we are completely justified in expecting more out of the company that has dropped the ball on this for so many years in a row (whether “by design” or carelessness), at a time where devices asking for half the price are breaking new records.

One last thing: we noticed Vlad mentioned he was using a Note 7 in Europe. Given his location, we hope that he did not write his article based on experience from an Exynos Note 7; basing his reply on his time with an Exynos variant would mean none of his claims would hold any merit in relation to our piece, as our findings were explicitly limited to Snapdragon variants. Both experiences would be incommensurable and the comparison invalid.

from xda-developers

Experimental suhide Mod for SuperSU Hides su Binary from Applications

XDA Senior Recognized Developer Chainfire needs no introduction in the world of third party development, so we’ll spare you some time.
Today, Chainfire brings to us his latest work — suhide. Suhide is an experimental mod for SuperSU, one that leverages the systemless installation to give you a way to hide the su binary from applications on a per-application level. Best part, it does not currently make use of the Xposed framework, so it should appeal to those users who just want root but do not wish to dabble into the Xposed side of things.

Why would you use suhide?

Suhide comes into the picture if you have apps that detect for the presence of root. One of the most popular use cases is Android Pay, but there are several other apps (mainly apps that have to do with banking and corporate security) that will not work if you have root. These apps do have legitimate reasons not to work, but as a power user, you have your own reasons on why you want root. So if you understand the risks associated and want the coexistence of the two worlds, suhide is one of the routes you can go through to achieve just that. Suhide hides root on a per-app basis, so you do not need to globally disable root at all.

Suhide in its current state has a few limitations. One of the major ones is that there is no GUI, so this puts the mod away from the reach of beginners (and rightfully so, in our opinion). Next, while this is Chainfire’s own work, he classifies it as experimental and does not intend to officially support it as a part of SuperSU. Further, the mod has been tested on just a handful of devices, so not all anomalous behaviors have been documented just yet. The mod also is limited to ARM/ARM64 based devices. It also does not hide the SuperSU GUI, so apps that detect the GUI will still detect root. And lastly, Chainfire considers the coexistence of root and security-centric implementations as a losing game. The man does a good job at explaining his stance, so we recommend you go ahead and give it a read to understand the same.

For installation and usage instructions and for download links, head on over to the forum thread. Remember to reflash SuperSU after installation and after removal as well.

Having options that help in the coexistence of apps that require security and apps that require root is certainly a good thing. But ultimately, you should be mentally prepared to one day not be able to do so.

Have you tried out suhide? What are your thoughts and experiences? Let us know in the comments below!

from xda-developers

BlackBerry Priv Beta Update Includes September’s Security Patches

AT&T, Canada, and Asia Pacific BlackBerry Priv users who are in their beta program can look forward to a new update hitting your devices soon. BlackBerry has not issued an official changelog for this update as of yet, but we can already see that it includes Android’s security patches for the month of September.

from xda-developers

BlackBerry is Reportedly Looking to Raise $605 Million from Investors

BlackBerry is in need of some funding as the company has reportedly turned to investors for a sudden injection of funds. The company is said to be turning to Fairfax Financial Holdings Ltd, as well as other investors, in an attempt to sell $605 million in convertible debentures that will be due in November 2020.

from xda-developers

Next 3 Android Versions Rumored to be 7.1, 7.1.1 and 7.1.2

When Google released Android 7.0 Nougat, they also announced there would be quarterly Maintenance Releases to keep the software polished as time goes on. evleak’s sources seem to believe that the next three Android versions for these MR updates will be 7.1 (which will include a new API), 7.1.1, and then 7.1.2.

from xda-developers

Anker Recalls Out of Spec USB Type-C Cables

We’ve talked about Nathan K’s USB Type-C tests before, and Anker is now recalling their Anker PowerLine USB-C A8185011 cables because of an issue he found when testing them. Not only is Anker offering a full reward to customers who purchased one, but they’re also giving them a free Anker PowerLine USB-C cable once the issue has been resolved.

from xda-developers

Zopo Color C, Color E, and Color S5.5 All Get Android 6.0 Marshmallow

Zopo has just announced a big push for three of their popular smartphones. If you own the Zopo Color C (with the model number ZP330), Zopo Color E (with the model number ZP350) or the Zopo Color S5.5 (with the model number ZP370), then you can look forward to an Android 6.0 Marshmallow OTA update being pushed to your device soon.

from xda-developers

dimanche 28 août 2016

Which Apps Are Your Top Battery Drainers?

We recently published an article on the battery life and experience of living without Google Apps. The results did not come out entirely unexpected, but we were surprised by the minimal nature of the gains. Which points us to the next obvious battery hogs: our other most frequently apps! Whether it be the constant syncing of the Facebook app, or Snapchat’s need for location permissions. Or even our own compulsive desire to open up Instagram every few minutes just to have something to do — there are certainly other offenders that are not good for your battery life.

So we ask you,

Which apps are your top battery offenders? Which of your apps occupies the top spot for battery consumption? Is the drain on battery justified keeping in mind your frequency of usage? Or is the app, its code or its functionality responsible for that cliff-like drops in battery levels? Have you found any remedy for your battery woes?

Let us know in the comments below!

from xda-developers

Lenovo Launches the Moto E3 Power in Hong Kong

Lenovo has just launched a new variant of their low-end smartphone, the Moto E3. This new variant is called the Moto E3 Power, and will come with a 3,500mAh capacity battery instead of the 2,800mAh one we see in the regular Moto E3. They even published a cryptic tweet that some say implies it will be launching in India “soon.”

from xda-developers

samedi 27 août 2016

Chainfire Discusses SuperSU and Problems With The Note 7

Earlier today Chainfire took to Google+ to discuss progress with the Note 7 and SuperSU, explaining that as the Note 7’s release has been delayed in some countries he has had to work via remote debugging. Thankfully, with the aid of Dr.Ketan and SeraphSephiroth it is now working. However it is not all good news.

“As isn’t uncommon with Samsung, they’ve built-in some new (and arguably ineffective to actual exploits) protections directly to the kernel code, that cannot be turned off by just modifying the boot image ramdisk.

This time, they’ve decided to kernel panic in case a ‘priviliged’ process (uid or gid below or equal to 1000, so this includes root and system processes) creates another process that isn’t stored in /system or rootfs. SuperSU itself does this, but so do a great many root apps. Any time this happens: immediate reboot.” – Chainfire

This in itself is an issue not just for Note 7 root users but also for the closely linked (development wise) S7. Unfortunately the method of bypassing this in his own words is “fairly trivial” meaning that we cannot know now how long this method will continue to work for. Likewise, until Samsung make their move we are also unable to tell how much time, energy and resources will be required to continue support for the device. So far test CF-Auto-Roots have been unsuccessful and until he can get his hands on a unit, he will be dropping development.

To ensure accuracy the following is a direct excerpt from his post:
Aside from the binary/hex patch SuperSU employs (see common/hexpatch inside the ZIP), there are some more ways to get around this protection.

If you’re compiling kernels from source, it seems that settingCONFIG_RKP_NS_PROT=n gets rid of these protections. You may want to disable other RKP and TIMA settings as well, but that is the one directly relating to this issue.

This protection also disables itself in recovery mode, so simply copying a boot image with these protections to the recovery partition and rebooting into recovery (which will then just launch Android) will work beautifully as well.

As mentioned above a lot of future development for the device relies heavily on how Samsung react and adapt in the coming updates, but for now you can find the official SuperSU Beta for the Note 7 thread here, and a TWRP flashable zip here.

Chainfire’s G+ Post

from xda-developers

Experimental Unofficial Android 7.0 Nougat Build Arrives on the OnePlus One

The OnePlus One is a legendary device. Moreso for people who care about third party development – the phone has officially received CyanogenOS, OxygenOS, HydrogenOS, MIUI 7, Sailfish OS and even Ubuntu.

All of these ROMs (OSs) are in addition to the hundreds of other unofficial ports and ROMs that enthusiasts in the forums build and share.

And now, just a few days after Google released Android 7.0 Nougat for supported Nexus devices, you can be sure that the OnePlus One would run it in some form or the other. And run, it does, for XDA Senior Member updateing has posted an experimental, unofficial build of Android 7.0 for the device. The build is to serve more as a first tasting session of the new dessert rather than be a replacement for your daily driver.

opo nougatYou could use it as a daily driver if you alright with using an experimental build since all basic hardware functionality is present. But there are a few bugs present, like issues with video hardware encoding that causes camcorder to fail. The default input method is broken as well, so you will have to adb install your keyboard of choice. The firmware and proprietary blobs are lifted from Marshmallow, so there’s likely to be a fair few more issues that you’ll encounter in your daily use.

To download the ROM, for discussions and for more screenshots, head on over to the forum thread!

For a first release for a phone that is not going to receive official Nougat from its OEM, the build is impressive as it comes within a few days of the source code being dropped. We can expect other AOSP builds for the device to pick up the baton in terms of features and stability. Until then, enjoy your first taste!

What are your thoughts on the OnePlus One receiving Android 7.0 Nougat unofficially? Let us know in the comments below!

from xda-developers

Rawad Rants About the Size of Charging Cables

In this newest installment of Rawad Rants, Rawad freaks out about the short length of the charging cables that ship with your phone.

For one reason or another, OEMs insist on packaging the smallest cable possible with your new phone. Over the years it seems they have gradually become shorter. We are now at the point where my phone can barely rest on the edge of the table wile charging, and the outlet is right underneath it! Recently I had to order a portable battery pack just so thet I could still use my phone at my desk, while it is charging. In Rawad’s case, he soldered two of his cables together in order to get the length he wanted.

One of the reasons thrown out there for the small cables is that it helps your phone charge quicker. However the difference in charge time between a 1 meter cable and a 3 meter cable is going to be almost non-existent.

Check out the video to see Rawad’s full rant.


Actual USB cable shipped with Nexus 6P


from xda-developers

Honor 8 Camera Tip and Tricks

Jiayu S3 Plus (MediaTek MT6753) Receives Unofficial AOSP 7.0 ROM

Courtesy of Team MAD, the Jiayu S3 Plus with its MediaTek MT6753 SoC) has beaten several Snapdragon devices to receive an unofficial build of AOSP 7.0! Head on over to the forum thread to check it out!

from xda-developers

Sony Posts Guide on Building AOSP 7.0 Nougat for its Xperia Smartphones

If, for some reason, you were still of the opinion that an OEM could never be developer friendly, Sony has given yet another example of being just that.

On its official website for all developer resources, Sony has posted a build guide for building Android 7.0 Nougat, the AOSP flavor and not its skinned variant, for its Xperia branch of devices. And yes, before you ask, there are mentions of Leo (device codename for Xperia Z3). So Sony is indeed helping the users capable of building Android 7.0 to install and experience the same on their device, even if it did not announce that the Z3 will receive official Android 7.0.

The guide for building AOSP is very straightforward. You’d need a Linux environment to build if you follow the guide, and the guide also lists the tools and environment needed for the build. Once you do have build ready, you’d need a Sony device with an unlocked bootloader to flash the image using fastboot. If all went well, you should have a Sony Xperia device with Android 7.0 Nougat, brought to you courtesy of the efforts at Sony.

So go on ahead, you have something interesting to do for the weekend! Let us know your xperience in the comments below!

from xda-developers

[Winners Announced] Mega-charger Crate Giveaway!

We giving away a whole bunch of these Allmaybe 60W, 6 port charging towers. 10 lucky winners will receive a box full of these awesome chargers. Whether you gift them to your friends or have one in every room in your house, they are yours to do with what you want!


  • Power: 60W
  • Input: 100-240V~1.45A 50-60Hz
  • DC Output: 5V/12A (each port 2.4A max)
  • Size: 99(L) x 80(W) x 29(H) mm / 3.9(L) x 3.1(W) x 1.1(H) in
  • Weight: 198g/7.0 oz

These chargers do charge devices quickly however don’t support any particular OEM charging platform such as Dash Charging or Quick Charge. They come with a great soft-touch coating and don’t get too hot. If you want to find out more about these awesome chargers, you can check out an awesome review of the chargers here complete with in-depth analysis of current, thermograms and tear down, or you can visit the official product page over at Allmaybe.

To enter the giveaway all you have to do is simply leave a comment below answering the question:

“Which was the best phone for its time and why?”

From the HTC HD2 to the Note 7, if you think a phone stood out from the crowd we want to know. So share your thoughts and then confirm it in the RaffleCopter and we’ll pick the winners at random on the 27th of August. Good Luck!
a Rafflecopter giveaway

from xda-developers

Comparing Battery Life with and Without Google Services: A Week of Minimal Idle Drain

It’s no secret that battery life on smartphones these days are not the best. Most will consider it mostly a hardware issue, seeing companies trading battery size for aesthetic design. But that’s not the entire reason, with a large part being attributed to the software used on our phones.

In the XDA Virtual Office, many of us writers will often find the biggest culprit behind our battery woes are attributed to certain processes running rampant. Namely, Google services.

94733251510213316-account_id=1 download_20160825_180053 2645395967520415185-account_id=1 7535921374153189181-account_id=1

There are currently many ways to provide longer battery life cycles, methods such as: battery banks, battery cases, processor clocking, etc. A usual solution is to disable apps not being used, or apps that are taking up a lot of system utilities. What I wanted to do was disable all of Google’s apps and services on my device, to see if it might give my battery a shot at living longer. Instead of just using a debloater tool, or the stock settings disabler, I chose to go the extra mile, and install Android without any Google Apps, or any Google services.


Since my daily driver doesn’t have an unlockable bootloader (thanks Verizon), I decided to look into the old phones drawer, and chose one of my favorite devices to use. The Motorola Moto X 2014 was the device I had selected for this experiment. For a period of four days, I used the Moto X with CyanogenMod 13 installed, sans any Gapps packages. For comparison, I factory reset the device after the four days was up, installed the same CM 13 zip, and this time installed the Stock Gapps package from the Open Gapps repository.

While using each ROM as a daily driver for four days, I depended on them for many of my usual services. Being that I depend on Google Services on a daily basis, going about this experiment proved rather difficult. Below is a list of the Google Apps I used the most, as well as a list of all the alternatives I used.

Google App Cortana App Play Music CM Music App
Keep/Docs Omni Notes Google+/Youtube/Maps Gello Browser
Drive/Photos Dropbox Hangouts No Alternative Found

There are many alternative app stores and repositories on the internet, from the Amazon App Store, F-Droid, XDA Labs, APK Mirror, and plenty of others. To get my apps for this test, I stuck with two store/repositories that I was familiar with using, XDA Labs and APK Mirror.

Going without Google Services on a Google-based platform is no small feat. There was a noticeable lack of functionality across the operating system from day to day. While some services have a browser interface, a couple will only try and direct you to the Play Store… Or the browser site of the Play Store. With Hangouts being one of those without a mobile interface, I was left unable to communicate with a few colleagues and friends.

Speaking of communication errors, Hangouts wasn’t the only service I had trouble with. I may not be a fan of the app, but Snapchat was a complete no go without Gapps. The app requires Play Services to log in, and unfortunately I was left unable to communicate with my friends on two separate services.

Fortunately, my second communication services for my business colleagues was partially functioning. I was able to send and receive messages on Slack, but notifications would not work, as they relied on Google Cloud Messaging. Quite a few other apps had the same issue, meaning I only ever received notifications for calls, texts, and emails.

Trying to substitute google with Cortana was… just not something I subjectively enjoyed. Microsoft’s searching service is welcome competition and is continuing to get better, but it is not enough to compete with the original search engine. The only useful functionality I found with the Cortana app over the mobile page from Google was the option to have a voice search shortcut on my homescreen, which comes in handy more often.

Having to rely on the browser for services I couldn’t access otherwise was a bit frustrating. Being used to having YouTube Red, leaving the YouTube site would stop the audio. This was causing me to become irritated more and more often. As a big music fan, I like to listen to and discover all types of music on my phone. While CM’s baked in music app works, the lack of a streaming service caused me to have to resort to alternative, older methods of discovering music.

Using the phone for about a week both with and without Gapps concluded with interesting results. As you can see from the screen captures below, the average screen on time and total battery time on the No Gapps runs was no longer than that of the Gapps runs. However, do notice the steeper slopes in the (slightly shorter) asleep times.

No Gapps:

Screenshot_20160801-221137 Screenshot_20160801-221145 Screenshot_20160802-221400 Screenshot_20160802-221406 Screenshot_20160803-213436 Screenshot_20160803-213441 Screenshot_20160804-162125 Screenshot_20160804-162131

With Gapps:

Screenshot_20160805-194842 Screenshot_20160805-194837 Screenshot_20160806-212044 Screenshot_20160806-212039 Screenshot_20160808-222016 Screenshot_20160808-222011 Screenshot_20160809-200208 Screenshot_20160809-200202

These results are not what I expected going into the experiment. Looking at the battery graphs, you can tell that the runs with Gapps yielded more device wake ups, as expected. This is evident by the Gapps runs not only having more active indication on the bars below the graph. The Gapps graphs all have a much more gradual slope associated with them, whereas the No Gapps graphs seemed to level off a lot more often. But screen-on drain was about the same, with the main difference seen in idle drain as expected.

In terms of performance, there was a negligible difference. Apps certainly crashed more often on the Gapps run, with the main culprit being Hangouts (as usual). Running benchmarks on each run seemed redundant, given I was using the same exact processor and CPU and these processes amount to a negligible hit on the processor .

All in all, this experiment was fun. Despite the lack of functionality, it was interesting to challenge myself to work around such large limitations. So that brings us to our main inquiry, is it worth it to live sans Google Apps and Services to save a little on battery? To me, the short answer is no. While the battery life was consistent, it was not particularly longer in any way. It might be useful to live Sans Gapps if you are looking to limit yourself from using your phone on a vacation or something, but not much else. If I had to sum up the lack of functionality, I would say the experience is reminiscent of the feature phone days before the smartphone boom.

Hello my old friend

What do you think of my results? Is there any odd software test you want me to try? Let me know in the comments below.

from xda-developers

Opera’s Security Breach Highlights a Problem with Proprietary Password Managers

Last night, Opera Software reported a security breach affecting all users of their web browser’s built in password manager. 1.7 million users had both their synchronized passwords and their authentication passwords leaked.

Opera, to their credit, appears to be acting relatively swiftly to notify their users, sending out emails to users of its sync service and posting on their security blog about it within a week of detecting the issue, but therein lies the problem. While they may have detected the attack this week, we have no way of knowing when the attack originated, or even the true extent of the attack, and neither do they. LinkedIn was hacked in 2012, and didn’t discover the full extent of it until 2016 when someone posted an extra 117 million emails and unsalted passwords online. You can only positively identify that specific files were accessed; you can’t guarantee that other files weren’t accessed. You can’t prove a negative.

If you want security, you need to act under the assumption that any and all files can be and have been accessed. You need to design your system around the idea of Defense in Depth. At an enterprise level, it’s not good enough to just have system monitoring software to detect when the intrusion happens. You need logs to discover what was accessed. You need encryption (and good encryption at that) and properly hashed and salted passwords to make it harder for the data that has been taken to be read. You need firewalls, and virus scanners, and regular security audits, and you always need more. There’s no such thing as too much security; the only real limits are cost and time.

So how do you decrease the amount of time and money that you spend to implement your security solution? How do you improve your security solution without going over budget?

By using proven solutions that have been extensively tried, tested, and improved. “Given enough eyeballs, all bugs are shallow“, and the place with the most eyeballs is the open source world. It doesn’t matter how smart you think you are; you are not going to create a better encryption or hashing system than the ones that teams of the world’s leading experts on encryption and hashing have worked together to create and improve (and you would have to spend a ridiculous amount of money to even come close). More importantly, even if you somehow do manage to create something almost as good, if you keep it closed source you would soon fall behind, as bugs are found, reported, and fixed for the open source equivalents by both independent developers, and people from the millions of companies that use the software. Some major companies even have entire teams dedicated to looking for (and reporting) bugs in other people’s software to help patch them.

In the Information Security world, there’s a saying: “Security through obscurity is no security at all.” The idea of security though obscurity has been rejected by experts for hundreds of years, and yet many companies still practice it. Even Opera in their attempt to notify their users of the breach is avoiding answering certain questions (some of which they have answered previously) that would help verify the severity of the breach. Opera is claiming that revealing “how authentication passwords on [their] systems are prepared for storage … would only help a potential attacker,” but it couldn’t be further from the truth. Revealing what encryption system is used does not help break it, as long as a secure system is used and it is properly implemented. In fact, one of Opera’s main competitors, Firefox, extensively details their password sync encryption methods specifically for the purpose of helping improve the security of it. Even worse, it appears that more was leaked than Opera was initially letting on, with comments from Opera’s representatives revealing that the browsing histories and bookmarks of users of Opera Sync may have been leaked unencrypted as well.

And therein lies the risk in trusting your passwords to a closed source service. You can’t verify what security measures they are using, you can’t verify that they are being implemented correctly, you can’t verify that they are properly monitoring for intrusions, etc. It creates a situation where you’re hoping that they did everything correctly, and have no recourse if they didn’t (and as with LinkedIn up above, you may not find out that they didn’t until many years down the line). If your password for a site leaks and you use that same password anywhere else, then your accounts on all of those sites are now compromised.

Using a closed source service also runs the risk of a formerly trustworthy company becoming a bad actor. If a company is bought by another company or is in financial distress, you may see substantial changes in their corporate culture. This could potentially lead to the company in question pushing an update to the software which could decrypt the passwords (without the user knowing), and send them in plain text to the company for uses that the user may not be pleased with. In certain circumstances, you may even see a company deploy a modified version of the application to target specific users (as the FBI recently attempted to force Apple to do).

keepassThe only software that a security researcher will typically recommend is software that has been routinely audited by multiple trustworthy third parties, and the only way to realistically achieve that is by being open source. Anyone can look at the code, find bugs, and submit patches for them (whereas with closed source software, people can only find bugs, not fix them). Thankfully, there is a fantastic offline password manager. KeePass has routine security audits, and to this date has yet to see an exploit that didn’t require full administrative access to a computer while you are logged into KeePass (which highlights the importance of Defense in Depth and protecting against things like keyloggers).

KeePass solves many of the problems associated with both closed source password managers and with not using password managers. It avoids issues associated with reusing the same password across multiple sites by allowing you to generate pseudorandom passwords unique to every site you use. It reduces the risk of weak passwords by reducing the number you have to remember down to only a couple (or even just one if you’d like). It is managed locally, removing the risk of an update being pushed without your knowledge. It can be synced across devices using whatever service you’d like (Dropbox, Google Drive, OneDrive, MEGA, etc.). It’s not the ‘be all end all’ of security, but it is an important link in the chain, and helps provide some extra peace of mind.

Do you use a password manager? Have you had bad experiences with website hacks? Let us know!

from xda-developers