[Q] A Worthwhile NC Root Project - Nook Color General

Greetings,
This is my first post here, so forgive me for posting in the general forum and not in the dev forums (I have to accumulate 10 posts to use the dev forums). I have a very important and worthwhile project that I'm hoping will interest a few devs here.
I am attempting to build a proof-of-concept for a very large educational institution that is considering implementation of ebook readers. Obviously, stock ebook readers are not up to what we need, and more robust tablets like the Galaxy Tab are cost prohibitive given the goal of distribution of these devices to tens of thousands of K-12 students. I don't want to be stuck with a single book distribution method, so I am looking for some standard Android flavor rather than a Nook-like interface.
So, here's my challenge to you. I would like to use the Nook Color (the $250 price point is perfect) to build a proof-of-concept low-end, semi-restricted Android tablet. I am looking for:
- Android 2.2
- Flash Support
- Ability to run:
- Dolphin Browser
- Regular Nook Android App
- Kindle App
- Google Book Reader App
- Adobe Reader App
- Some (undefined) Calculator App
- Stock Android Calendar App
- Stock Android Mail App
- Google Maps App
- Google Earth App
- Stock Android Gallery App or Equivalent
- Some (undefined) File Manager App
- Some (undefined) Note Taking App
I would also like the ability to load APK files (that we write) without the use of the Android Market. And . . . I need the final installation to *NOT* have root capability.
Anyone have a ROM to start this?
Also, while I'm somewhat familiar with rooting other Android devices, I'm not a developer and not a linux expert. I employ developers that have written a few Android apps, so they can handle the installation if necessary.
Any takers?
You can contact me off-list if you like at Dwayne at leeschools.net.
Thanks,
Dwayne

Wouldn't a $200 netbook be a far more usable tool to a student?

good thing you didn't post this in development.
once nook is updated to 2.2 this will basically all be possible with just root.
supposed to be released soon....
if you want a custom rom those will be around soon as well.
--edit--
i see you want this all without root. i don't believe that is possible. good luck though

There are specific reasons we are not considering netbooks for this project, beyond the scope of this discussion. For the purpose of this POC, we are only looking at touch-based slates.

I can't think of a way to fully disable root without someone being able to add it back. With that said would you be able to just delete the marketplace to make it "locked down" after installing everything? Possible disable super-level access as well?

I've not seen any confirmation that they are going to update to 2.2. I've only seen rumors to that effect. Do you have evidence to the contrary, because that would be great.
Additionally, the reason I'd like to involve the devs is because it is highly unlikely that B&N will release it with anything close to a stock 2.2 install. It will likely still require quite a bit of work to function normally. Hopefully I'm wrong on that account, but based on B&N's business model, I anticipate that they will do their best to prevent it from being used as a full tablet. They want to sell books. I don't think they want to sell devices without books. Not enough margin in the devices.
Perhaps I'm wrong related to their business model. I have approached B&N and requested an NDA to work with the Nook product team to see if they are interested in working together with us on a customized version. My feeling is that if they make very little on the device (with the goal of making the majority of their profit from content), they'll decline this offer.

MattJ951 said:
I can't think of a way to fully disable root without someone being able to add it back. With that said would you be able to just delete the marketplace to make it "locked down" after installing everything? Possible disable super-level access as well?
Click to expand...
Click to collapse
We could remove super user, but I'd also like to prevent users from killing services. I anticipate that we'll need some additional security apps that need to run full-time. One of our big challenges is that, by law, whenever we provide an Internet-capable device for students to take home, we are required to filter Internet. That's a huge task. On a PC, we an lock it down and force traffic through our filters from outside. From an Android device, we don't know how to handle that yet. We have a few approaches. I'm in discussion with M86 regarding an Android equivalent to their mobile client.
But . . . we have a lot more experience locking down a Windows or Mac PC than a phone OS. Most phone OSes are built from the perspective of a consumer, where the user is free to add/remove apps. We need a way to deal with that. Haven't gotten that far yet. The first order of business was to see if we can build our base functionality in a $250 device.

DwayneA said:
I've not seen any confirmation that they are going to update to 2.2. I've only seen rumors to that effect. Do you have evidence to the contrary, because that would be great.
Additionally, the reason I'd like to involve the devs is because it is highly unlikely that B&N will release it with anything close to a stock 2.2 install. It will likely still require quite a bit of work to function normally. Hopefully I'm wrong on that account, but based on B&N's business model, I anticipate that they will do their best to prevent it from being used as a full tablet. They want to sell books. I don't think they want to sell devices without books. Not enough margin in the devices.
Perhaps I'm wrong related to their business model. I have approached B&N and requested an NDA to work with the Nook product team to see if they are interested in working together with us on a customized version. My feeling is that if they make very little on the device (with the goal of making the majority of their profit from content), they'll decline this offer.
Click to expand...
Click to collapse
Dude, all of those hings are capable. Have you done any reading in this forum. Just get a nookie froyo 2.2 card set one up the way you want. uninstall super user and market. make lotsa copies of card and stick it in nook. If you really want you can also trash the firmware on the internal memory so it will not even book the stock nook firmware.
enjoy!

Consideration should be taken that rooting technically voids the manufacturer's warranty. Other than that, using the NookColor as a tablet is still a gamble in terms of getting a rock-solid and reliable device. Supporting the devices may be problematic.
Fortunately, the devs here are doing great work and I fully expect (hope) that it will be a rock-solid reliable device very soon.
You will probably also want to avoid booting from the microsd because they are easy to remove.
Filtering could be done with a VPN.

to avoid removal of micro sd, just put a little sugra on the break where the nook opens for the micro sd, sort of lieka warrenty sticker

If you need help. Let me know.
The Nook Color already has a Froyo image that can be installed. DSP currently doesn't work. That is responsible for video decoding not only for local files, but for Flash video as well.
Other than that, Flash will still run, but not on all occasions, and the rest of your requirements have already been accomplished (ie. apks can be installed and already exist on the Market or from the Internet).
You can install the Froyo image (it consists of a boot image and a system image) to your Nook easily, and afterward install all of the "G" apps with a quick copying of a folder.
Check here: http://forum.xda-developers.com/forumdisplay.php?f=864
- Do a little reading
- Possibly try installing Froyo on your memory card first.
- PM me if you need any guidance. I'm feeling pretty PRO at this after using adb all weekend to work with my Nook.
FYI: You can completely hose your internal installation and still be good (As long as you don't actually corrupt your memory physically). The Nook can always be booted off of a microSD card and restored to a fresh installation.
Edit: I just read some of your other posts. Just a thought: You could uninstall or disable the browser by default, thus not having to worry about Internet filtering. Later, users could still install apks from the sdcard (All that you have to do is tick a box in "Settings"). You can also do all of this without touching the stock rom. Of course you'd want to disable that from booting ever, so... after you were booted into your microSD card OS you could use adb to delete the content of the mmcblk0p1 (boot) partition. But I think that still might go against BN's warranty rules.

I understand the reasoning of wanting to lock it back down but if your students are capable of finding XDA (I'd imagine 1 or 2 of them is, at least) then that person would probably root the systems for anyone who was so inclined. I mean, B&N wasn't able to stop it, it's not likely that you would (without some sort of remote supervision app that could monitor and detect rooting).

gallahad2000 said:
I understand the reasoning of wanting to lock it back down but if your students are capable of finding XDA (I'd imagine 1 or 2 of them is, at least) then that person would probably root the systems for anyone who was so inclined. I mean, B&N wasn't able to stop it, it's not likely that you would (without some sort of remote supervision app that could monitor and detect rooting).
Click to expand...
Click to collapse
that was going to be my 2cts. A student would just have to pop in an sd card. And it would be a little unfair not giving student that right? And even then, they could always push something over via adb.

Have you looked at other options like the Archos line of Android tablets?
Otherwise, the SD Card install of Froyo works well - just superglue the opening

Why would any school district buy tablets with no warranty? Doesn't seem that feasible to me.

blackderbyhat said:
Why would any school district buy tablets with no warranty? Doesn't seem that feasible to me.
Click to expand...
Click to collapse
He's only looking for a proof of concept right now, and is trying to work with Barnes and Noble directly.

I forsee many broken nooks in our future.

Related

Nook Color 1.1 Confirmed for January

Looks like 1.1 is confirmed for January and will allow you to sideload apps on the NC in development mode. Not certain when Froyo 2.2 will be available, probably when they launch the store front in Q1, maybe it's in 1.1?
connect.nookdeveloper.com/t5/General-Discussion/Nook-Color-Rooting/td-p/901
Also mention of sideloading apps.
connect.nookdeveloper.com/t5/General-Discussion/Can-you-test-your-apps-on-a-real-hardware-now/m-p/47#M18
Good news!
Josh
I guess I'm the grinch who steals the joy from this news...we can already sideload (heck we have a working Market), and based on the original post I seriously doubt Froyo is coming for the ride with the 1.1 update. I think Froyo is much bigger news, and will get it's own announcement.
Not sure what development mode adds, since rooted users already have the goodies. Tell me I missed something...
-Matt
If that is all they added in the update ill be disappointed. Sounds like all they are gonna do is enable adb. Which is easy enough to enable anyways.
Send from my NookColor
Of course it's not big news here!!! You have to consider that it is for those who haven't rooted their unit. You knew it was coming, so why all the negativity?
Cheers,
kev
No negativity here. I probably should have added a few smiles and winks to make it clear that I was (mostly) teasing (i.e,. the grinch comment). I'm a pretty happy owner, and will gobble up whatever news I can find. I think recent developments with Bluetooth and Nookie Froyo are definitely things to celebrate. Maybe 1.1 has something special that we don't see yet.
-Matt
Yeah, apart from froyo, most of the news from B&N will likely not be as exciting as anything from the developers here.
I am curious what this 1.1 update means for the integrity of my currently nootered NC. Should I be concerned when B&N pushes this update my way?
Kev
It's good news to see sideloading for those that do not wish to root..
-CC
Question regarding upcoming Froyo update (packed with v1.1, or otherwise):
If B&N officially updates to 2.2, they open up development mode for app sideloading, and they also allow for the unrestricted use of normal Froyo home screens (and launchers?), will there be any reason remaining to actually "root" the device at that point?
Or, is B&N talking about a severely restricted "development mode" when they say they're going to open it up?
I'm confused...
(I'm new to Android rooting, so please forgive me if this is a dumb question...)
I haven't rooted... yet. Holding out to see what happens w/ 1.1. I'd prefer not to root and just get some basic apps on the device and not lose access to the B&N store. If I can side load a few key apps w/ 1.1, that will hold me off until the B&N Market place is launched Q1. Otherwise I will most likely root.
Am I missing something? I didn't see them say January anywhere in those threads. All I saw was them saying Q1 of 2011.
And this quote makes it sound like the update won't be useful to the average user.
"Within NOOKcolor 1.1 update, we have added "Developer Mode". This enabled approved 3rd party developers to use the Android SDK to test and develop applications on their NOOKcolor devices."
Approved 3rd Party Develepors. Sounds like the only people side loading apps may be those that are approved by B&N.
supersoulfly said:
"Within NOOKcolor 1.1 update, we have added "Developer Mode". This enabled approved 3rd party developers to use the Android SDK to test and develop applications on their NOOKcolor devices."
Approved 3rd Party Develepors. Sounds like the only people side loading apps may be those that are approved by B&N.
Click to expand...
Click to collapse
And us.
12345678
I must have missed it but where in that thread is there any mention or confirmation that 1.1 is this month?
I see nothing of the sort.
In regards to January, it looks like Ted_Patrick went back and edited his original response.
Re: Nook Color Rooting[ Edited ] 01-05-2011 10:24 AM - last edited on 01-05-2011 07:12 PM
It originally read:
"Within NOOKcolor 1.1. update(January), we have added...."
Now other responses on the subject of 1.1 by him have an "official" response of
"We cannot comment on OS update features or framework support at this time. When we have information to share, we will be very clear and set expectations clearly."
Looks like he may of spilled the beans a bit or been more forth coming w/ info than B&N liked.
jwigginton said:
I haven't rooted... yet. Holding out to see what happens w/ 1.1. I'd prefer not to root and just get some basic apps on the device and not lose access to the B&N store. If I can side load a few key apps w/ 1.1, that will hold me off until the B&N Market place is launched Q1. Otherwise I will most likely root.
Click to expand...
Click to collapse
I don't know who's been scaring you with witchcraft and vodoo, but here are a few facts:
(1) Rooting is very easy. If you're the kind of person who is OK with opening a command prompt and doing things like "listing directories" and "renaming/moving files" it's quick and painless. It also takes less than 5 minutes (probably about 2) to take your device back to stock.
(2) Rooting does very little to the device. The key is that it allows the user to change system files, something that B&N would prefer we didn't do. Several users root their NookColor (NC) and then scratch their heads because they see no obvious change.
(3) Package mods like autonooter only make a few system changes (aside from the several nice system apps they add), in particular, they allow you to sideload apps. Once you do that, you can reorganize the way your NC looks and performs, so that it handles like a vanilla Android device.
(4) Most importantly, ROOTING DOES VIRTUALLY NOTHING TO CHANGE THE B&N INTERFACE. All--I repeat--ALL the things your NC does out of the box, it still does after rooting. Same eReader. Same storefront. Same file browser. Same everything. And I'm all but certain the NC doesn't phone home and complain that it's been rooted. And if it did--since the bootloader isn't locked--I seriously doubt B&N would try to deny you a service. (The more likely scenario is that an OTA update would try to remove root.)
EDIT: several rooted users have lost access to 1-hour free reading in-store (http://forum.xda-developers.com/showthread.php?t=860830). So it's not true that nothing is lost. Sorry for overgeneralizing.
I can all but guarantee you that you'll be disappointed by the B&N store. I predict it will have very few developers, and very few "good" free apps. A better way of saying it is this: within 1 or 2 weeks of the B&N app store launching, most users will look at the Android Market, and say "Forget it, I want apps from the Market, not B&N."
-Matt
gadgetrants said:
I don't know who's been scaring you with witchcraft and vodoo, but here are a few facts:
(1) Rooting is very easy. If you're the kind of person who is OK with opening a command prompt and doing things like "listing directories" and "renaming/moving files" it's quick and painless. It also takes less than 5 minutes (probably about 2) to take your device back to stock.
(2) Rooting does very little to the device. The key is that it allows the user to change system files, something that B&N would prefer we didn't do. Several users root their NookColor (NC) and then scratch their heads because they see no obvious change.
(3) Package mods like autonooter only make a few system changes (aside from the several nice system apps they add), in particular, they allow you to sideload apps. Once you do that, you can reorganize the way your NC looks and performs, so that it handles like a vanilla Android device.
(4) Most importantly, ROOTING DOES VIRTUALLY NOTHING TO CHANGE THE B&N INTERFACE. All--I repeat--ALL the things your NC does out of the box, it still does after rooting. Same eReader. Same storefront. Same file browser. Same everything. And I'm all but certain the NC doesn't phone home and complain that it's been rooted. And if it did--since the bootloader isn't locked--I seriously doubt B&N would try to deny you a service. (The more likely scenario
is that an OTA update would try to remove root.)
I can all but guarantee you that you'll be disappointed by the B&N store. I predict it will have very few developers, and very few "good" free apps. A better way of saying it is this: within 1 or 2 weeks of the B&N app store launching, most users will look at the Android Market, and say "Forget it, I want apps from the Market, not B&N."
-Matt
Click to expand...
Click to collapse
Still, if you aren't comfortable then don't root. Things can still go wrong. Things can be fixed but you have to have the patience and not freak out when your device goes into a bootloop or just freezes, which I'm not saying it will but there is always that chance.
lopezpm said:
Still, if you aren't comfortable then don't root. Things can still go wrong. Things can be fixed but you have to have the patience and not freak out when your device goes into a bootloop or just freezes.
Click to expand...
Click to collapse
You know, I'm sorry for taking a bull-in-the-china-shop approach. Clearly I would never make it at a technical help desk. You're absolutely right and I should have noted that there's a minimum comfort level...the subtle comment about "OK with command-line editing" probably didn't get the point across.
-Matt
Not everything it does out of the box works after rooting...
gadgetrants said:
I don't know who's been scaring you with witchcraft and vodoo, but here are a few facts:
(1) Rooting is very easy. If you're the kind of person who is OK with opening a command prompt and doing things like "listing directories" and "renaming/moving files" it's quick and painless. It also takes less than 5 minutes (probably about 2) to take your device back to stock.
(2) Rooting does very little to the device. The key is that it allows the user to change system files, something that B&N would prefer we didn't do. Several users root their NookColor (NC) and then scratch their heads because they see no obvious change.
(3) Package mods like autonooter only make a few system changes (aside from the several nice system apps they add), in particular, they allow you to sideload apps. Once you do that, you can reorganize the way your NC looks and performs, so that it handles like a vanilla Android device.
(4) Most importantly, ROOTING DOES VIRTUALLY NOTHING TO CHANGE THE B&N INTERFACE. All--I repeat--ALL the things your NC does out of the box, it still does after rooting. Same eReader. Same storefront. Same file browser. Same everything. And I'm all but certain the NC doesn't phone home and complain that it's been rooted. And if it did--since the bootloader isn't locked--I seriously doubt B&N would try to deny you a service. (The more likely scenario
is that an OTA update would try to remove root.)
I can all but guarantee you that you'll be disappointed by the B&N store. I predict it will have very few developers, and very few "good" free apps. A better way of saying it is this: within 1 or 2 weeks of the B&N app store launching, most users will look at the Android Market, and say "Forget it, I want apps from the Market, not B&N."
-Matt
Click to expand...
Click to collapse
The entire reason I have waited to root at this point is the loss of the 1 hour free reading in store, and the instore promotions. None of these are available after you root.
It also seems as if only a couple of people are actively trying to address this, so I continue to wait to root.
rlkelley said:
The entire reason I have waited to root at this point is the loss of the 1 hour free reading in store, and the instore promotions. None of these are available after you root.
It also seems as if only a couple of people are actively trying to address this, so I continue to wait to root.
Click to expand...
Click to collapse
Thanks for the pointer. Didn't know that (will revise my post). My wife may kill me.
I read the first 4 pages of the thread (http://forum.xda-developers.com/showthread.php?t=860830), then skipped to the last. My naive impression is it affecting about 6 out of 10 owners. There are definitely several who are rooted, and not having a problem. I can totally understand not wanting to take the risk.
-Matt
notinterested said:
I must have missed it but where in that thread is there any mention or confirmation that 1.1 is this month?
I see nothing of the sort.
Click to expand...
Click to collapse
He tweeted about January as well (@__ted__):
"A serious bug in WiFi, a memory leak in browser, and overall tune-ups. 1.1 is coming up later in Jan! "
It was my understanding that you could not buy from the B&N store via your B&N account post-rooting. I'm not sure if I would be authorized to read the books I've purchased due to DRM on them. I've purchased some expensive reference books and don't want to lose access to them, or access to buy more.
I'm also uncertain these things work post-root:
Sharing, Quotes, etc
Lending books.
I'm may root at some point, very comfortable technically. No fear of rooting, just my preference at this point. If I had a microsd and reader, I'd probably done it by now just to experiment.
From reading through the threads, in regards to loading all the "extra stuff" it seems like a lot of... this works, but you need to go an change this or that, change the pixel density to display properly, youtube working, not working, gmail contacts syncing not syncing, this works, but.... you need to use this and then edit this, etc... maybe not everyone's user experience, but defintely some.
So to me, the device is working fine and not having to fiddle with anything to get it working properly. I know myself and if I root, I'll be loading launchers, applications, troubleshooting why this or that doesn't work properly and sounds a bit time consuming and hacking around a bit. I'm not looking for a new "hobby" of figuring out how to get things to run properly and smoothly as I expect from a finished product. I'm using a e-reader and would like some extra social, productivity, and games to pass the time.
Rooting, not rooting... not wrong, just different.

[Q] New to Android.....

I'm new to all this Android stuff. Had Blackberrys forever. What exactly ist it to root the phone, how "dangerous" is it, and what exactly are the benefits to doing it?
I now have two Android devices, the LG Revolution, and a Dell Streak 7.
Thanks for your patience.
twillet50 said:
I'm new to all this Android stuff. Had Blackberrys forever. What exactly ist it to root the phone, how "dangerous" is it, and what exactly are the benefits to doing it?
I now have two Android devices, the LG Revolution, and a Dell Streak 7.
Thanks for your patience.
Click to expand...
Click to collapse
Rooting the phone gives you access to the protected areas of the phone. As far as how dangerous it is, that depends on the ability of the end user to carefully follow directions
The advantage is that you can customize your phone as you see fit. The manufacturers place certain software on your phone that may actually hinder you from using your phone to its full potential (i.e. Microsoft Bing, and Verizon Navigation).
Once you remove these additions, you can add the Google counterparts (for free) that make your phone far more functional, and eliminates the need to pay third parties (like Verizon for Navigation).
You can also install new images on to your system that does most of this work for you (meaning you don't have to be a developer to get rid of those services as someone else has done it for you). With some ROMs, it increases speed (overclocking), gives you functionality you didn't previously have (wireless tether - the free kind), and allows you to skin the parts of the interface that can't be skinned with a home app replacement.
Typically speaking, if you are using a stock home-screen, and the original firmware, you are getting the worst experience from your phone. Counting on developers, however, can have it's down side. Since they are working for you to get the perfect phone, but aren't perfect by nature, there can be bugs and flaws as they are in the development process. Most developers want to release a quality product, so they continue working on their product until it is as close to perfect as conceivably possible.
The trickiest part is getting your phone rooted and putting CWM recovery on it. If you can follow the directions to a 't' without skipping or ignoring portions of the instructions, you will usually be home-free to do whatever you want with your phone.
twillet50 said:
I'm new to all this Android stuff. Had Blackberrys forever. What exactly ist it to root the phone, how "dangerous" is it, and what exactly are the benefits to doing it?
I now have two Android devices, the LG Revolution, and a Dell Streak 7.
Thanks for your patience.
Click to expand...
Click to collapse
DUDE!!! you are in the exact same boat as me, and with the same devices! though i came from iphones.
I agree with majorpay. love the revolution and the streak7. i can never go back to ios now.
Ad Free! And console controllers!
Major, great explanation. I guess the thing I would add is the use of apps that remove ads. And something that kind of big right now is using a console Bluetooth controller, like the sixaxis (PS3) and wiimote apps. My wiimote syncs up perfectly with my rooted Droid 1. Gotta try the PS3 app. Neither worked on my stock LG Revolution.
As to what root exactly does...
"root" is the "Administrator" so to say in Linux and UNIX. You can do anything as root, and it technically (from a secure point) should never be used.
If you own root, you own everything. When you root your phone, you gain the ability to access the root user, which most providers do NOT want you do.
As majorpay said before, you have the ability to remove bloatware, and apps like Bing and Verizon apps which come pre-installed on the phone. This takes up space, uses memory, and you can't uninstall them. With root you have the ability to override Verizon's apps (per say) and delete them, then reinstall them with Google's non 3rd party apps which are free.
If anyone is familiar with "jailbreaking" it is the exact same thing, gaining access to the root user for the iPhone / iPod touch.
I have never used BB before, so I don't know if there is something similar to rooting...
TL;DR - It lets you do anything you want

[Q] Is there a way to pull a XAP file off WP8?

Hello - I am doing a pen test for a customer. They are not giving me the xap files like they did last time. Is there a way to pull the xap file off the phone and on to your PC? I have a dev unlocked phone which I can sideload apps using power tools. I have done some research and it doesn't sound like this option is available, but I wanted to ask.
Thanks in advance.
First of all, the phone doesn't store the XAP files (PLEASE search before posting! This question gets asked a lot). I assume all you really care about is the app binaries and manifest file, though. (You can rebuild an installable XAP from these if needed.)
There's a complicated series of hacks for doing it on 8.1 via the ability to install apps to the SD card. If you don't have 8.1, don't have an SD card, can't install the relevant versions of specific apps, or if the app is marked to not allow installation to SD, then that method won't work for you.
The other approach, which in my experience is standard in the pentesting world (which is my field as well), is to use a hacked/jailbroken/unlocked phone. Samsung (unless it has the very newest firmware versions) and Huawei phones can be unlocked by flashing modified ROMs. The unlock lets you sideload apps with vastly more privileges, such as the ability to read and write the install directory of any app. Using that, it's pretty easy to get the files you want. Such unlocks are also possible with some Nokia phones via JTAG, and possibly some other models too, but the Samsung unlock (which I and -W_O_L_F- found) and the ability to flash customized ROMs for Huawei are the easiest approaches.
On the offhand chance you're part of NCC group, PM me and I'll send you my work email address. If you're with one of our competitors... well, I actually don't mind helping a competitor that much either; some Deja Vu folks gave me a good tip lately though, and I've got friends at SI as well.
GoodDayToDie said:
First of all, the phone doesn't store the XAP files (PLEASE search before posting! This question gets asked a lot). I assume all you really care about is the app binaries and manifest file, though. (You can rebuild an installable XAP from these if needed.)
There's a complicated series of hacks for doing it on 8.1 via the ability to install apps to the SD card. If you don't have 8.1, don't have an SD card, can't install the relevant versions of specific apps, or if the app is marked to not allow installation to SD, then that method won't work for you.
The other approach, which in my experience is standard in the pentesting world (which is my field as well), is to use a hacked/jailbroken/unlocked phone. Samsung (unless it has the very newest firmware versions) and Huawei phones can be unlocked by flashing modified ROMs. The unlock lets you sideload apps with vastly more privileges, such as the ability to read and write the install directory of any app. Using that, it's pretty easy to get the files you want. Such unlocks are also possible with some Nokia phones via JTAG, and possibly some other models too, but the Samsung unlock (which I and -W_O_L_F- found) and the ability to flash customized ROMs for Huawei are the easiest approaches.
On the offhand chance you're part of NCC group, PM me and I'll send you my work email address. If you're with one of our competitors... well, I actually don't mind helping a competitor that much either; some Deja Vu folks gave me a good tip lately though, and I've got friends at SI as well.
Click to expand...
Click to collapse
Thanks again for all your help. So my situation is this: I am doing pen testing for a client (and I'm sure we are competitors some what). The have provided me a Nokia Lumia phone running 8.0 and another Lumia running 8.1. The app is installed by their dev team (app is not avail from the store). They are reluctant to provide my the XAP file as they consider it proprietary info. I have done a dev unlock on the phone, but my primary goal is to view the isolated storage/dlls for the app to make sure they are not storing sensitive data. I am using the standard tools for viewing the isolated storage, but for these to work (best of my knowledge) they require you to sideload the application which I cannot due (not XAP file). I am proxying the traffic, but without looking at the file system there is not much I can do. As an aside, they are using MDM with jailbreak detection.
Whoa, somebody actually got around to writing jailbreak detection for WP8? Crazy. I wish I could see that; I'm sure it's trivial to bypass (at least for interop-unlock, the difference between locked and unlocked is changing a registry value and it would be easily possible to re-lock it, launch the app while keeping the editor app open in the background, switch back to the editor, and unlock/jailbreak again) but I'm amused that anybody even bothered trying. Also, the APIs you would need to do the detection aren't even available on 8.0, officially; you're in violation of the store rules if you use them. Then again, maybe this is an internal, "Enterprise" app; those have permissions to do stuff that typical third-party apps do not. Are you sure they don't just mean they have jailbreak detection for iOS? I see something about Office365 MDM offering JB detection, but while I suppose they could have written something for WP8.x as well I feel like I probably would have heard of it?
If the app was sideloaded by the dev team, then you can see its isostore using the official tools or using Windows Phone Power Tools. If it's an enterprise app and the app was installed that way, then things get more difficult (especially if the phone they gave you doesn't have an SD slot). Not giving a pentester access to the binary they're testing is silly on a number of levels; if you succeed in breaking in then you'll get it anyhow, and an attacker will have a lot more than a week or two to poke at it so they're wasting your presumably-paid-by-the-hour time if they want you to see how good their security is without actually examining the app. I bet they used obfuscation, too... Some people just don't get it. "Security" by obscurity... isn't. Sorry, end of mini-rant. Anyhow, there's a guy on the forum who claims to have a non-JTAG unlock for Lumias, but no idea when or if it'll see the light of day.

About Android-What is What? Work in Progress.....

Maybe some things are a lil bit old but everytime gold,lol.
Work in progress.......
------
What is a kernel?
If you spend any time reading Android forums, blogs, how-to posts or online discussion you'll soon hear people talking about the kernel. A kernel isn't something unique to Android -- iOS and MacOS have one, Windows has one, BlackBerry's QNX has one, in fact all high level operating systems have one. The one we're interested in is Linux, as it's the one Android uses. Let's try to break down what it is and what it does.
Android devices use the Linux kernel, but it's not the exact same kernel other Linux-based operating systems use. There's a lot of Android specific code built in, and Google's Android kernel maintainers have their work cut out for them. OEMs have to contribute as well, because they need to develop hardware drivers for the parts they're using for the kernel version they're using. This is why it takes a while for independent Android developers and hackers to port new versions to older devices and get everything working. Drivers written to work with the Gingerbread kernel on a phone won't necessarily work with the Ice Cream Sandwich kernel. And that's important, because one of the kernel's main functions is to control the hardware. It's a whole lot of source code, with more options while building it than you can imagine, but in the end it's just the intermediary between the hardware and the software.
When software needs the hardware to do anything, it sends a request to the kernel. And when we say anything, we mean anything. From the brightness of the screen, to the volume level, to initiating a call through the radio, even what's drawn on the display is ultimately controlled by the kernel. For example -- when you tap the search button on your phone, you tell the software to open the search application. What happens is that you touched a certain point on the digitizer, which tells the software that you've touched the screen at those coordinates. The software knows that when that particular spot is touched, the search dialog is supposed to open. The kernel is what tells the digitizer to look (or listen, events are "listened" for) for touches, helps figure out where you touched, and tells the system you touched it. In turn, when the system receives a touch event at a specific point from the kernel (through the driver) it knows what to draw on your screen. Both the hardware and the software communicate both ways with the kernel, and that's how your phone knows when to do something. Input from one side is sent as output to the other, whether it's you playing Angry Birds, or connecting to your car's Bluetooth.
It sounds complicated, and it is. But it's also pretty standard computer logic -- there's an action of some sort generated for every event. Without the kernel to accept and send information, developers would have to write code for every single event for every single piece of hardware in your device. With the kernel, all they have to do is communicate with it through the Android system API's, and hardware developers only have to make the device hardware communicate with the kernel. The good thing is that you don't need to know exactly how or why the kernel does what it does, just understanding that it's the go-between from software to hardware gives you a pretty good grasp of what's happening under the glass. Sort of gives a whole new outlook towards those fellows who stay up all night to work on kernels for your phone, doesn't it?
-----
What is a Nandroid backup?
If you've read about hacking or rooting your Android phone (or tablet, or media player) you've seen the word Nandroid used. When tinkering with your device, there's always a very good chance you'll be left with firmware that won't boot, leaving you in a bit of a lurch. A Nandroid backup can mean the all the difference here.
What it is, is a full backup of partitions on your device's NAND flash (NAND stands for NOT AND, a type of electronic logic gate -- it's like the hard drive of your Android device) storage. Think of it as a snapshot of the current running system, and it can be used to restore that that point at any time. Both user data and system files are backed up, and it's a far cry from what we think of when talking about a traditional backup from other software. In fact, it's something that many folks wish was part of the stock Android recovery. Yes, to preform a Nandroid backup you'll need a custom recovery on your device so that the executable files and scripts are there. These have been left out of the stock recovery, likely over issues that would arise if users can backup proprietary files.
Getting the custom recovery on your device is the hardest part, thankfully. Once installed backing up and restoring with Nandroid is simple, involving nothing more than choosing the option and verifying -- no wires needed. Even if you never plan to hack your phone, flashing a custom recovery and running a Nandroid backup is always a good idea. You can find more information about custom recoveries, as well as methods to install and use them, in the device-specific section for your device in the Android Central forums. Give it a look, and decide if it's something you're interested in doing.
-------
What is an IMEI?
The IMEI (International Mobile Equipment Identity) number is a unique set of 15 digits used on GSM phones to identify them. Because the SIM card is associated with the user and can be swapped from phone to phone, a method is needed to keep track of the hardware itself, and that's why the IMEI was developed. Math nerds will enjoy the way they are calculated -- the first 14 digits are decided by the GSM association, and the final check digit is computed using what's called the Luhn Formula -- crazy base-8 math that mere mortals like most of us don't understand, nor want to understand. You can see the IMEI of your Android phone by looking in settings > About phone if you're curious. (Or on the box if you still have it. Or under the battery or on the phone itself.
What is this number used for? That's the real question, isn't it. Like the MEID number on CDMA phones (think Sprint and Verizon), the IMEI is used for network control. It's not very common, but your mobile operator can block a phone based on it's IMEI in cases where it's been reported stolen or someone didn't pay the bill. Because it's not easy to change the IMEI of your phone (and maybe even illegal -- check your local laws) it's also used to keep track of phones that were involved in criminal activity, and the UK in particular has a handy database of phones used for these purposes. The IMEI number is also used to specify a phone for wiretapping by federal governments worldwide.
On a lighter note, Android apps can also use your IMEI number. The app will declare that it has access to your personal information, and the IMEI can be used to keep track of the device in a remote database. This sounds pretty scary, but it's an easy way (though not necessarily the best way) for app developers to keep a settings database online for your phone, in their app. Let's say you mark a bunch of favorites in a wallpaper app. Those favorites are kept in a small database file online, and when you reconnect to the app it reads your IMEI number to find your preferences. Not an ideal method, but it's easy.
One last thing -- now that we know a little more about IMEI numbers, they will soon be changing to IMEISV numbers. The use-case scenarios are the same, but the data structure and method of calculation is different. An IMEISV gets rid of the check digit (and its complicated Luhn formulated calculation) in favor of two digits used for software version numbering. Like everything else in the mobile space, network identification changes rapidly.
-------
What is a bootloader?
What is a bootloader? At its most basic level, your Android smartphone is like a hard drive, made of up several partitions. One of those partitions holds the Android system files, another holds all the app data you accumulate (which is how you're usually able to update without losing all your stuff), and others to do more behind-the scenes stuff.
Think of the bootloader as a security checkpoint for all those partitions. Because if you're able to swap out what's on those partitions, you're able to break things if you don't know what you're doing. Or, with a little hackery, you're able to run custom ROMs.
There's a lot of squawking about bootloaders being "locked." Actually, most phones shipped with a "locked" bootloader, including the developer-friendly Nexus devices. (Nexus devices and a couple tablets are easily unlocked with a single command.) No, more accurately, most bootloaders are locked and encrypted, meaning the traditional "fastboot oem unlock" command won't do a thing.
And that's a bone of contention for those who love a manufacturer's hardware and want to tinker with their devices. HTC and Samsung and Motorola -- just about everyone, really -- ships devices with locked and/or encrypted bootloaders. Tinkerers (we really don't like calling 'em "hackers") have to find a way around the encryption, usually with some sort of an engineering bootloader that wasn't supposed to be available to the general public. But in recent months, we've seen HTC provide a free tool that will unlock the bootloaders on a number of its devices, and ASUS just got on board, too. Sony Ericsson recently has provided unlocking tools. Motorola's promised to do so as well, but there's been little movement. LG and Samsung ship with unencrypted bootloaders.
Why keep a bootloader out of reach? Probably the biggest reasons are that the carriers and manufacturers don't want to have to support hacked phones. The other is that a lot of time and money is spent developing these things. HTC Sense ain't cheap. Neither is TouchWiz. But Samsung and HTC both have managed to find a middle ground with the modding community, and pressure is on other companies to do so as well.
-------
What is Dalvik?
What is Dalvik? We hear that word getting thrown around a lot on the Internet when talking about Android and its inner workings. While there's no easy explanation we can give in just a few paragraphs, we can cover the basics and point you in the right direction if you need to feed your nerdly side. In its simplest terms, Dalvik is a virtual machine that runs applications and code written in Java. A standard Java compiler turns source code (written as text files) into Bytecode, then compiled into a .dex file that the Dalvik VM can read and use. In essence, class files are converted into .dex files (much like a jar file if one were using the standard Java VM) and then read and executed by the Dalvik Virtual Machine. Duplicate data used in class files is included only once in the .dex output, which saves space and uses less overhead. The executable files can be modified again when you install an application to make things even more optimized for mobile. Things like byte order swapping and linking data structure and function libraries inline make the files smaller and run better on our devices. The Dalvik VM was written from square one with Android in mind.
Confused yet? Don't feel bad, geeky programming talk usually has that effect. Think of it this way -- when you build a Java application for your computer, a Java Virtual Machine runs the compiled output of the source code. This is why Java runs on just about any operating system. Dalvik is a mobile-optimized version of a Java Virtual Machine, built with code from the Apache Harmony project, which is open-source and runs better than a standard Java VM would on our limited hardware, designed so that you can run more than one instance of the VM at a time -- ie multitasking. Because Dalvik is open-source, it's also been ported to other operating systems, like the one on the BlackBerry PlayBook. It's pretty damn complicated, pretty damn cool, and Oracle (the company that bought Java from Sun) hates it.
Android uses Dalvik because while the license for the standard Java Virtual Machine is GPL2 (free and open-source), when placed in a mobile device and using the Java Micro Edition, it is not. The big dispute between Google and Oracle is all based around Dalvik. Google claims it was written in a "clean-room" environment without using any of Oracle's code, and Oracle disagrees. We claim to have no idea, we're just glad it works as well as it does.
For more on Dalvik, see the Google I/O website.
--------
LG's L-series
They made a big splash earlier this year at Mobile World Congress, and a few carriers in Canada jumped at the chance to sell them, but then they seem to have fallen off the map. I'll admit, even I have to look and see what we're talking about when we have potential news about the L3, L5, or L7. Let's have a refresh.
Imagine LG's Prada phone, but remade for folks who don't buy Prada. The L-series phones are all stylish (and really resemble LG's iconic Prada phones -- check out our look at them in Barcelona) and have an emphasis on good looks. The entry-level L3 competes with phones like HTC's One V and Samsung's entry-level Galaxy phones. It's running Gingerbread on a 3.2-inch display, but it looks nice doing it. Compared to something like the Motorola Defy Mini, you get good looks along with your dirt-cheap pricing. The L5 takes things up a notch to Ice Cream Sandwich and a 4-inch screen, placing it in the middle of the road where most people look first when buying a new smartphone. They'll see the L5, and notice the build materials and design. Finally, the L7 looks to compete with the big dogs of the Android world, with all the bells and whistles you would expect from a high-end smartphone, in a damn fine looking external shell. All three are eye-grabbing, and getting people to notice is the first hurdle. We're really not sure why we don't hear more and see more about them, but we're guessing a saturated market has something to do with it.
Maybe we'll see the L-series phones make their way into the spotlight, maybe we won't. But at least now we all know what we're talking about when we see them mentioned.
-----------
Multitasking
Multitasking is a word you'll hear a lot around here and at other places on the Internet that talk about smartphones or other tech. It doesn't mean what it used to, back when dinosaurs with long beards first dreamed up computers, but it still makes a very big difference for some folks and can be the deciding factor when picking a smartphone operating system. Let's have a look and see what the fuss is all about, and how it relates to Android.
A long time ago, in a laboratory far, far away, some Jedi masters decided that computers should do more than one thing at a time. They really already were doing plenty of things behind the scenes, but to the user it was a case of entering a command, and waiting for it to finish. Using threads and schedulers, and probably a little magic and a lot of luck, engineers were able to work up an operating system that could run more than one user command at a time, and multitasking was born. When you switch to a new VT (virtual terminal) on a Unix box with no GUI, you're multitasking. When you have more than one window open on your Windows or Mac or other computer that does have a GUI, you're multitasking. You're doing more than one thing at a time, and the computer is running more than one user task at a time. You can now read Android Central while your completely legal torrents are downloading in the background.
On a smartphone, multitasking is a bit different. We don't have the luxury of a 20-inch monitor, so showing more than one "thing" running at a time isn't a big deal. Samsung is testing the waters and trying it with the Galaxy S III with the Pop-Up Play feature, but for the most part whatever we're doing takes the whole screen to do it. We also don't have tons of RAM and video memory available and have to watch the power usage. This means smartphone multitasking has to be a bit, well, smarter.
Smartphones have been multitasking for a long time. All the mobile operating systems do it a bit differently -- some suspending all other apps in the background, some saving the state and closing the app itself, and others just letting everything run. The way Android does it is to let threads and processes run depending on their priority. If you're using Google Play Music, the processes that make the sound come out of the speaker have a high enough priority to stay running when you switch away from the app. Not all of it is running in the background, but enough of it is to keep the tunes playing. Other apps can be killed if they aren't being used, and some apps get "frozen" (for lack of a better word) and restore themselves when brought back to the foreground. What's important, and prioritized, is decided when the application is written and compiled so the end user doesn't have to worry about it. It's not perfect, but it follows the very strong multitasking model from Linux and tweaks it for Android. It's all open-source, so manufacturers and ROM builders can (and have) tweaked things to allocate memory the way they want it allocated. Sometimes the tweaks are great, sometimes not so much.
In the end, remember the next time you open an app and start up where you left off that you're seeing multitasking at work.
----------
Haptic feedback
It's one of those little things that can make a big difference, and something we never really think about. Simply put, haptic feedback (commonly referred to as haptics) is the use of touch feedback to the end user. You know how your Android phone vibrates a tiny bit when you tap one of the navigation buttons? That's haptics at work.
Since the screen on your Android phone or tablet is pretty much just a smooth sheet of glass of some sort or another, it's difficult to register any sort of tactile feedback to our fingers. When we type on a computer keyboard, we know when our fingers have pressed a key down. Our mouse (and some trackpads) do the same thing with a healthy click when we press the button. On a smartphone, we just have to trust we've done something, and wait for it to happen. Haptics helps here. The short and light vibration when typing out a message with an on-screen keyboard can make a big difference for many of us, and I can see myself being pretty frustrated if an on-screen button didn't let me know I had pressed it.
Haptics go beyond navigation and the keyboard though. They can be a very important part of mobile gaming. Gunning your way through an enemy horde is much more satisfying when you feel every shot from your rifle, and nothing lets you know you've hit the wall in your favorite racing game like a harsh vibration from your phone or tablet.
Probably the best thing about haptic feedback on Android devices is the way it can be customized. The OS itself is open, meaning OEM and developers can adjust things to get them just the way they like, including leaving the settings wide open to the user like we see in CyanogenMod ROMs. More importantly, application developers have access to the hardware controller to customize haptic feedback for their products. It goes one step further with the addition of things like the Immersion haptic SDK to the mix, where developers have an almost unlimited way to make their applications register with your fingers as well as your eyes and ears. Sometimes, the little things mean a lot.
--------
F is for Factory Reset
A factory reset is the ultimate cleansing of your Android device. It's usually either a last resort to fix a problem, done before you sell it, or because you like to flash ROMs. When you perform a factory reset you're essentially wiping out everything you've ever done to the phone and restoring it back to the basic manufacturer software. As we've mentioned before, it doesn't uninstall any software updates you've received from the folks who made your phone, but it does wipe out any core application updates you've grabbed from the Google Play store. The technical details are as follows:
/system is untouched, because it's normally read-only
/data is erased
/cache is erased
/sdcard is untouched
When your phone or tablet reboots, it's like it was when you opened the box as far as apps and user data goes, except for your data on the SD card partition (either a real, physical microSD card or a partition named sdcard).
Doing a factory reset is easy -- open the settings, do a little digging (different manufacturers put it in different places, but start with privacy or storage), select it and confirm. Your device will reboot into the recovery partition, erase everything, they reboot into the setup again. One thing to note though -- if you've rooted and ROM'd in any way, you should never do a factory reset from settings. Often times it works just fine, but some devices and some ROMs are so different once hacked that you'll end up with a bricked phone. We hate bricked phones around these parts. Follow the instructions from the folks who developed the software you're running instead, and use the reset method they recommend.
-------
End of life
End of life is a term none of us ever want to hear. We envision it means the death of our phone, and we should just throw it away and get a newer model. After all, it's at the end of its life, right? Not really. End of life means something different to carriers and manufacturers than it does to enthusiasts like us. The easy way to look at it is that when the folks in suits get together and decide that a phone isn't going to make enough money so it's worthwhile to keep producing it, it has reached the end of its life. That may mean a refreshed, newer model (like the Droid RAZR MAXX), or a shift to a newer model with new, and arguably better, features like the EVO 3D. We have to remember that the folks who make these phones do it so they can make money, and like any good business they want to maximize their profits.
But what does end of life mean in the real world? First off, it means that once the current stock sitting on the shelves is sold there won't be any more new ones to replace them with. There may be refurbished units floating around, but no more new phones of that model are being made. It doesn't mean that the phone is done getting updates, but don't expect too many new features to come along -- things are in maintenance mode and bug fixes and security patches are the only things that will be addressed. It also doesn't mean your warranty is affected in any way. Even if you were to buy a brand new phone that has already reached the end of life status, you'll still get the full manufacturers warranty.
Most importantly, it doesn't mean that the phone is going to stop doing anything it already does today. The HTC EVO 4G is a great example. It was a huge hit for HTC and Sprint, and actually stayed in production longer than any of us would have thought. Some places are still selling them new (although they're getting harder to find), and those EVO 4G's sold new today are every bit as good, and have the same warranty from HTC, as the ones sold in 2010. Sprint still offers customer service, and it's still one heck of a phone.
Don't be put off by the words end of life. While we wouldn't recommend you search out a new phone that's already been discontinued, they still perform as they should and you'll find lots of folks who still love them.
----------
DLNA
DLNA, or the Digital Living Network Alliance is an organization set up by Sony in 2003 that determines a universal set of rules and guidelines so devices can share digital media. The devices covered include computers, cameras, televisions, network storage devices, and of course cell phones. The guidelines are built from existing standards, but manufacturers have to pay to use them and have their device join the DLNA.
With DLNA devices, you can share video, music and pictures from a Digital Media Server (DMS) to your Android phone or tablet. A DMS could be your computer, a NAS (Network Attached Storage) device, a television or Blu-ray player, or even another Android device. Anything that has a DLNA server, or can have one installed will act as a DMS. Fun factoid: when a DLNA server is installed on a cell phone, tablet, or portable music player it's called a M-DMS -- the M stands for Mobile.
Once a DLNA server is in place, our Android phones usually have two functions -- to act as a Digital Media Player (M-DMP) or a Digital Media Controller (M-DMC). The player is easy enough to figure out, it finds content on a DLNA server and plays it back. A DMC will find content on a DLNA server, and push it to another connected player. For example, my television has a DLNA player, and my laptop has a server. With the right software, I could use my Android phone to find the content on my laptop and play it on my television. DLNA can really be fun if you have all the right equipment.
But chances are Android (and eventually other mobile devices) will be moving away from DLNA. With Ice Cream Sandwich, Wifi Direct is part of the operating system and has the potential to do everything DLNA can do, and more. We already have seen it replace DLNA streaming in the HTC One series with the Media Link HD receiver, which streams content from a Sense 4 device to a monitor with HDMI input. It uses native Wifi Direct, and by all accounts works really nicely. Or Samsung, who is using NFC to kick off a Wifi Direct session for fast data transfer on the Galaxy S III. We'll have to wait and see what manufacturers do with Wifi Direct, because having it built into the OS is a big plus -- even for a company like Samsung who makes millions of DLNA devices each year.
---------
Bloatware
When you think of Android phones, you think of bloatware. We wish it weren't so, and not every phone comes with, but the majority of Android phones out there come from carriers and are chock full of bloatware. We've complained about it, and found ways to remove it, but what exactly is it?
Most folks consider any applications that your carrier (or the folks who built your phone) pre-installed to the system as bloatware. Usually, these applications are a front end to some service or content that you'll have to pay for, and usually it's something you would never download and use on your own. All the carriers, and all the manufacturers, are guilty of including it, and we tend to hate it all equally. When you open the app drawer on your new phone, and see City ID staring back at you, just waiting for you to click it, you can't help but hate it.
But why is it there? It's one down side of Android's open nature. Google gives Android away to anyone and everyone, but realistically only a very few companies can afford to make cell phones. And they don't make them with you and me in mind as their customer. HTC, or Samsung, or LG (you get the picture) makes Android phones for the carriers. They work out deals to decide hardware and software they want to include, and part of those deals are these "value-added applications" we lovingly call bloatware. Verizon and HTC love you, but they still want you to click the app and send in the money. Because Google isn't involved and doesn't make any rules about it, they can include any app they like in your new phone. Nobody likes it, but it is the side effect of being open.
Thankfully, Ice Cream Sandwich brings along the ability to disable (most of) these apps without rooting or tinkering with the system files on your Android device, and that provides the best solution we can think of. Certainly there are some people who found a use for City ID or VZ Navigator, and they should have the opportunity to use those apps if they like. And we can disable and hide them, and forget they exist.
What is the AOSP?
AOSP is a term you'll see used a lot -- here, as well as at other Android-centric sites on the Internet. I'll admit I'm guilty of using it and just expecting everyone to know what I'm talking about, and I shouldn't. To rectify that, at least a little bit, I'll try to explain what the AOSP is now so we're all on the same page.
For some of us -- the nerdly types who build software -- the full name tells us what we need to know. AOSP stands for Android Open Source Project. The AOSP was designed and written by folks who had a vision that the world needed an open-source platform that exists for developers to easily build mobile applications. It wasn't designed to beat any other platform in market share, or to fight for user freedom from tyrannical CEOs -- it exists as a delivery mechanism for mobile apps -- like Google's mobile apps, or any of the 400,000+ in the Google Play store. Luckily, Google realized that using open-source software would ensure that this operating system/mobile application content delivery system is available for all, for free. And by choosing the licensing they did, it's also attractive to device manufacturers who can use it as a base to build their own mobile OS.
The premise plays out rather nicely. Google writes and maintains a tree of all the Android source code -- the AOSP. It's made available for everyone (you, me, manufacturers you've never heard of and not just big players like Samsung or HTC) to download, modify, and take ownership of. This means the folks at CyanogenMod can add cool stuff like audio profiles. It also means folks like HTC can change multitasking in ways that many of us don't like. You can't have one without having the other. The big players then use their modified version of this source to build their own operating system. Some, like Amazon, radically changed everything without a care to use Google's official applications and keep their device in compliance with Android guidelines. Some, like HTC radically changed everything yet followed the Android Compatibility Program (ACP) so they could include Google's core application suite -- including the Google Play store. Some, like the folks at CyanogenMod, enhance the pure AOSP code with additions but don't change the overall look and feel. Again -- that's how this open-source thing works. You can't have it without allowing folks to change it as they see fit, for better or worse.
Any of us can download and build the AOSP. We can even stay compliant with the ACP and contact Google about including their applications. Yes, any of us could build our own device using the AOSP code in our garage or basement with Google's full blessing. That's the beauty of the AOSP, and we wouldn't want it any other way.
--------
What is a widget?
What is a widget? In Android, the word widget is a generic term for a bit of self-contained code that displays a program, or a piece of a program, that is also (usually) a shortcut to a larger application. We see them every day on web pages, on our computer desktop and on our smartphones, but we never give too much thought into how great they are. Widgets first appeared in Android in version 1.5, and really gained traction thanks to HTC's Sense-flavored version of the operating system. Prior to the release of the HTC Hero and our first taste of Sense, widgets were functional, but pretty bland in appearance. Since then, OEMs and independent developers alike have done some marvelous things with widgets, and it's hard to imagine using Android without them.
Android widgets come in all shapes and sizes and range from the utilitarian 1-by-1 shortcut style to full-page widgets that blow us away with the eye-candy. Both types are very useful, and it's pretty common to see a widget or two on the home screen of any Android phone. A full-page widget, like HTC's weather widget for late-model Android phones, tells you everything you need to know about the current conditions, and is also a quick gateway to the weather application where you can see things like forecasts and weather data for other cities. At the other end of the spectrum, the Google Reader 1x1 widget watches a folder in your Google Reader account and tells you how many unread items there are, and opens the full application when pressed. Both are very handy, and add a lot to the Android experience.
Most Android phones come with a handful of built-in widgets. Some manufacturer versions of Android offer more than others, but the basics like a clock, calendar, or bookmarks widget are usually well represented. This is just the tip of the iceberg though. A quick trip into the Android Market will dazzle you with the huge catalog of third-party widgets available, with something that suits almost every taste. With Ice Cream Sandwich supporting things like higher resolution screens and re-sizable widgets, it's going to be an exciting year seeing what developers can come up with.
--------
What is tethering?
What is tethering? Besides the grounds for a giant debate about ethics (the kind that you can only find on the Internet) tethering, in this case, means to share the Internet connection from your phone with other devices. There are several ways to accomplish this -- connecting your phone to your computer via USB, setting up your phone as a wireless hotspot and router, and sharing a data stream over Bluetooth. All these connection types are built into Android, with native Bluetooth tethering new in Ice Cream Sandwich. Of course, different manufacturers can, and have, modified things so that these options are excluded -- at the behest of the carrier, of course. We'll talk more about why in a few minutes.
Tethering itself is pretty easily done. USB tethering involves installing device drivers (Windows only) and plugging in your phone to a high-speed USB port on your computer, then using your computer's built-in connection manager to use the phone or tablet as a USB modem. Bluetooth tethering will need the phone paired with the computer, and the connection type set up correctly in your computer's Bluetooth settings. Wifi is the easiest way -- you just turn it on and connect as you would any other wireless hotspot.
Except that many carriers, especially in the United States, have blocked tethering this way.
You see, your carrier wants to charge you a premium to use your data plan from any device besides your phone. Nobody likes it, but it's in the terms you agreed to when you signed up. They have all sorts of ways to block tethering on their end, and they are pretty diligent about it. Android hackers and developers also have found ways to work around these blocks, and it's a big cat and mouse game. An inside source with one the the biggest cellular carriers in the world has specifically told me that if your usage pattern draws suspicion, there is no current method that can't be detected by you carrier, including the newer VPN methods. If you do it a lot, without paying the extra fees associated with it, you'll get caught.
We're not going to judge anyone, and a few of us here at Android Central think charging extra for tethering is silly -- especially with data caps. Just know what may happen before you start so you don't get caught unaware.
---------
What is sideloading?
What is sideloading? It's a term you see a lot thrown around while talking about Android applications, and it's simple to explain. It means installing applications without using the official Android Market. What's less simple is how it's done and why you would do it. That's where this post comes in. Let's explain it, shall we?
How to do it is easy enough, so let's start there. In the Application settings on your Android phone, you'll find a check box to "Allow installation of non-Market applications." When it's checked, you can sideload. You'll also see a pop-up warning when you check this box letting you know that your phone is now more vulnerable to attacks from applications, and that you accept all the responsibility that comes with doing this. It makes sense -- you can't hold Google responsible for applications you didn't download through their service using their security methods.
Sideloading apps is easy to do as well. You download them to your phone, then use a file manager application to find them and "click" their entry. You'll invoke the app installer program, and it will install your app just as if it had came from the trusted Android Market. It won't be associated with your Android Market account, but it shows in your app drawer just like all the rest. It didn't used to be this easy for everyone. Under the guise of security, AT&T used to block users from sideloading by removing the Unknown sources field in the device settings. Whenever you tried to manually install an app, it would be blocked because it wasn't allowed. This could be circumvented by using adb from the SDK or by using a program like the Sideload Wonder Machine. Luckily, those days are past us and AT&T has re-evaluated their position, and now allows the installation of non-Market apps.
Why would you want to sideload. There are several reasons, one being that Google has allowed carriers to block certain applications based on the model and network your device is running on. We've seen carriers block apps that permit tethering without paying the extra associated fees, and some carriers have exclusives for certain apps and they aren't available for the others. That's a whole other mess that we'll tackle in another post -- just know that it happens. There are other reasons to need to sideload apps, too. Want to use a different appstore like the one from Amazon? You'll need to enable sideloading. The same goes for beta testing apps for developers, or even coding your own apps and testing them on your phone. There are a lot of legitimate reasons for sideloading. Of course, there's always the piracy aspect. If you want to steal from hard working developers you'll need to enable sideloading. You also suck. Sideload, but don't steal from developers.
--------
What is open source?
What is open source? Open-source software is software that makes the source code freely available, for anyone to see and use. There are different open-source licenses that have different use conditions, from the GPL (GNU General Public License) -- which allows "free distribution under the condition that further developments and applications are put under the same license" -- to more liberal licenses like the Apache License, which doesn't require modifications to be open and have the source code available. Android uses both of these licenses, and we'll have a look at them in turn.
The Linux kernel that is used in the OS is covered under the GPL. This means that any changes made to the source code must be made available when a binary (geek-speak for a compiled, executable piece of software) is released to the public. This means manufacturers like HTC, Samsung, Motorola and the rest must release the kernel source-code for any devices they sell at the same time they begin selling them. For the most part, hardware manufacturers are pretty good about doing so, but they often miss the time frame and release the source code a little later than we would like. These are the code releases you see us mention -- the kernel and other open-source "bits" that are covered under the GPL.
The Android OS source code is released mostly under the Apache License. Anybody is allowed to download the source code and change it however they like, but they are not required to make their changes available in source code form to the public. This is why we can't change and recompile things like HTC Sense or MotoBlur -- the changes to the base Android source code aren't available to us. While many folks (myself included) don't like this situation very much, it does make sense from a business standpoint. If manufacturers had to share all of their secrets, there wouldn't be as much monetary incentive to innovate, so the source was offered with a far more liberal license. It certainly worked, as we see devices from many major players in the electronics world.
---------
too,too
aaaaaand too
Good one buddy!
It's good for noobs!
And pro's!!
updated 2+3 post.
Awesome guide bro very informational
Can you emphatize in any way the questions ? Like bold it.
I try to read but i get lost easly x'D
Yeah i know what u mean,i do it with colors.
NERDIFIED TILL DEATH!!!
I like this so far. Please keep up the good work.

General Questions about updating Tab S2 ROM

treat me like an idiot if these are obvious..
I want to put Samsung stock nougat on my rooted SM-T810, and I have some general questions. if all this info is gathered somewhere else, please point me there. maybe I used bad search terms?
1) for US, I use the XNZ country code, correct?
if there's an update thread already, consider this an apology for wasting your time. please stop reading now and point me to it. otherwise:
2) Use Odin 3.12, correct?
3) Can I just use twrp to update?
4) will I lose root?
5) if yes to above, could you please point me to a rooting guide (SM T810)
6) other than the ROM itself, what do I need?
yeah - so i'm an idiot. I see the 'no questions' posting now. guess I jumped the gun
Is your current s2 Tab working smoothly? If so, why risking an update?
why not? I like to play around and keep current. Besides, IMHO, Android s**** as an OS, still unable to do things Windows was doing in the early 90s. I keep hoping someday it will grow up... I know Android and Windows have different purposes, but until I can network at the OS rather than app level (built in), and until it is fully 'self-contained' and doesn't require a PC for changing OS versions (w/o 3rd party apps), etc., I'm going to consider it 'not ready for prime time'. Just my opinion.
"Keep it current" what does this mean?
You do realize that the lastest software versions often come with the most current bugs and issues at hand.
If you need to network, install Kali Linux, I'd suggest.
'keep it current' = keep all apps and the os to the most recent version possible
bugs: yeah, but it also comes with the latest features
Linux: on the tablet? there's a version? but that's sort of beside the point - Android lacks a functionality that's been in every other OS on the planet since at least the early 90s. it may be by intent, but it still ain't there, and it would sure make my life easier if I could map a drive from my nas and have it's contents available to all apps: music player, movie player, ebook reader. for work, I've used it to process data in the field using Octave. Getting the data on and off is always a pain - better if I could map a share and go from there.
not trying to argue - you asked, i'm elaborating. too much, maybe.
Keep all apps and the os to the most recent version possible. But what for?
Why trying desperately to fix a working car?
Updates eat storage and in most cases performance. Worse, introduce new bugs and so on.
I do not get this: update mania. Sure, it certainly assures that the Superclass can easily spy on every single user but besides that.. it makes no sense IMO.
Certainly, Android is Linux based after all. So yes, you could root your Tab and install Linux.
Drive access. That's already possible. You can connect an external SSD drive or HD drive via USB. Or NAS,
http://www.techrepublic.com/google-...o-help-you-connect-to-network-storage/?espv=1
I feel you. No arguing here either, just trying to understand your viewpoint.
just want a fully functional 'computer' where I can access files without having to use one app to copy the files over from the nas and another to use them. step one is the OS's responsibility, IMO. want access to network drives and otg drives to be identical to access I get on the internal memory.
and if you really want to get me going, start up on selinux, the "god i'm so afraid to go outside" solution. yeah - let's punish everyone because that guy over there is being bad. and lack of automatic root access? these are children's toys? unfortunately, my favorite ebook reader is only on android. as is the best music player I've found.
fun discussion, but I gotta get some work done
Msamp said:
just want a fully functional 'computer' where I can access files without having to use one app to copy the files over from the nas and another to use them. step one is the OS's responsibility, IMO. want access to network drives and otg drives to be identical to access I get on the internal memory.
and if you really want to get me going, start up on selinux, the "god i'm so afraid to go outside" solution. yeah - let's punish everyone because that guy over there is being bad. and lack of automatic root access? these are children's toys? unfortunately, my favorite ebook reader is only on android. as is the best music player I've found.
fun discussion, but I gotta get some work done
Click to expand...
Click to collapse
I guess you are not really understanding the role smartphones and tablets play in the computing world. They are more communications terminals designed to be usable without mice and keyboards rather than stand alone computers. Your recurring references to what computers could do in 1990 is a little off. All you had (at most) was windows 3.0. That did not include networking out of the box, but relied on device-specific drivers and utilities (i.e. Novell) to access a thin-net ethernet coax cable or IBM token ring network. If you want to get online, be prepared to use a serial terminal and a But I digress...
Android is not Windows. It is a cut down and specialized version Linux. Linux/Android is not a single monolithic OS like Windows. It does not do SMB out of the box, but needs a Samba client to do SMB to your windows-ish NAS. It does not try to be all things to all people, but rather gives you the basics and lets you, Joe User, add on the things to make it do what you want. In short they don't bloat it down with stuff only 10% of users will want to use.
To access your NAS, there are Samba (SMB) and ftp clients that let you do it. In fact I have a couple Android streamer boxes on my TVs around the house. They connect directly to my NAS video libraries and pull movies and other videos directly from there using a variety of protocols. Do I need to do that on my phone? No, but hey, I can install KODI on that phone and do just that. I can also put KODI on my windows box and do the same thing. But if I want to disconnect, I can copy these movies to my Tablet/Phone and play them any time I want off line. This is all things I would challenge you to do using Windows 3.0 in 1990 (don't even think of doing full touch screen support with Windows 3.x).
But well, if you really want your phone or tablet to work like Windows, you should run Windows on it
not '1990' - 'early nineties'. big difference. Win 3.1 (or WFW?) had an add-on, but still OS level tcp/ip stack
paragraph 2: I don't count real networking as an option. I should be able to access my ebooks on my nas usung ebookdroid, not have to move trhem to the tab using ESfilemanager THEN read them. I have a HUGE library of pdfs, movies, music, more than will fit on my 128 gig sd card (or a 256 g card for that matter), and i'd like access to the WHOLE THING from any appropriate app I choose. all the smb apps suck green worms, by the way.
I don't want to have to install a freakin client - it should be part of the os. imho, of course
btw: this discussion has become pointless. I have my preferences, you have yours. that's the way it should be. and as far as their 'role' goes: give them a bigger one - they're capable.
'bye
I totally understand your gripe. And I do wholeheartedly agree there should be a *root* toggle in the **Developer Option**.
But here is the thing, how are greedy conglomerates, and the gov puppets, supposed to spy on each and every single citizen if they just uninstall all spyware?
Moreover, most consumers are just too *untechy* and they would probably lose all their bank account, credit card and online shopping data to third parties and eventually blame the OEM. I smell lawsuits of the retard.
Auto updates are there for a reason. Control.
For instance, Samsung's new high-tech TVs record audio 24/7. Same for all these assistant devices.. Amazon Echo, Google Home etc. Seriously, 1984 isn't that far away anymore.
Msamp said:
treat me like an idiot if these are obvious..
I want to put Samsung stock nougat on my rooted SM-T810, and I have some general questions. if all this info is gathered somewhere else, please point me there. maybe I used bad search terms?
1) for US, I use the XNZ country code, correct?
if there's an update thread already, consider this an apology for wasting your time. please stop reading now and point me to it. otherwise:
2) Use Odin 3.12, correct?
3) Can I just use twrp to update?
4) will I lose root?
5) if yes to above, could you please point me to a rooting guide (SM T810)
6) other than the ROM itself, what do I need?
Click to expand...
Click to collapse
Use Odin AND the rom... i think you will lose root but you can always go back in twrp to install supersu.
I did something similar, i used Samsung Smart Switch to do an emergency reset on mine and it installed the latest firmware (nougat).
That will unroot and remove twrp.
I wouldn't (and didn't) reflash TWRP and root because you lose OTA updates, and right now there's some bugs in Nougat that , for me, were fixed in an OTA update. But once you flash with Smart Switch, you could always re-install TWRP and root again if you want.
Don't mind Niii4, he ranted about the same things in my thread and to others too...

Categories

Resources