Sensors are one of the most underrated parts of a great smart home. You can use them to measure temperature, humidity, presence, and so much more. But what if you didnβt have to buy anything? I used an old Samsung Galaxy phone as a sensor, and itβs surprisingly easy.
Retro gaming is pretty popular these days, with fans everywhere buying handheld consoles or gaming phones. But what if someone combined the two? After months of teasers, the popular gaming handheld manufacturer AYANEO just unveiled the all-new Pocket Play. A sliding Android phone with physical controls reminiscent of the Sony Xperia Play.
The zLabs research team has identified a sophisticated new threat campaign targeting Spanish Android users through a malware strain called DroidLock. Unlike traditional ransomware that encrypts files, this Android-focused threat employs a more direct approach locking devices with ransomware-style overlays and demanding payment while maintaining complete control over compromised handsets. DroidLock primarily spreads through phishing [β¦]
The post New DroidLock Malware Locks Android Devices and Demands Ransom Payment appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Google has released one major version of Android each year since 2012, but the release of Android 16 introduced a change with two updates. Google released Android 16 in June, and Samsung followed with One UI 8 (based on Android 16) in September. And now that Google's delivering more features, Samsung's preparing something similar with One UI 8.5, and here's what you need to know.
Google Photos is adding templates, soundtracks, text tools, and a redesigned editor to make creating highlight reels faster, easier, and more creative for users.
The post Google Photos Adds New Video Tools to Make Editing Easier appeared first on TechRepublic.
Google Photos is adding templates, soundtracks, text tools, and a redesigned editor to make creating highlight reels faster, easier, and more creative for users.
The post Google Photos Adds New Video Tools to Make Editing Easier appeared first on TechRepublic.
Android already offers a host of features to help you in an emergency. From a nifty gesture that lets you quickly call emergency services to more advanced tools like Car Crash Detection, Emergency Location Service, and Satellite SOS, your Android phone is well-equipped to step in when youβre in a tough spot. Now, Google is [β¦]
The post Androidβs new Emergency Live Video feature helps responders see exactly what youβre facing appeared first on Digital Trends.
There's an overwhelming number of file managers on the Google Play Store, but a good chunk of those are riddled with ads, proprietary, or both. File managers have access to the entire user file system, so you want to be sure you can trust them with all your data. Here are four open-source, privacy-friendly file managers you can try.
Ukrainian assault troops have used an armed unmanned vehicle to intercept and disable a Russian armored vehicle during an attempted nighttime attack, according to a statement released by the 5th Kyiv Assault Brigade on December 10. The unit published thermal camera footage showing the Droid robotic combat system engaging an enemy MT-LB with mounted infantry [β¦] Over the last year, the Google Photos app has seen a series of redesigns. The image editor was one of the first things to be refreshed, and now Google has moved on to videos. If youβve been relying on third-party apps like CapCut for simple video edits, get ready to tap the "Uninstall" button.
Google's first AI smart glasses will debut in 2026. Here are all the details on this.
The post Googleβs First AI Smart Glasses Will Debut In 2026 first appeared on Redmond Pie.
Your Android phone's USB-C port is incredibly versatile. If you've only been using it to charge your phone to the point where you practically call it a charging port, you'll be surprised by just how many cool gadgets you can plug into it.
Last year, Google's Android Red Team partnered with Arm to conduct an in-depth security analysis of the Mali GPU, a component used in billions of Android devices worldwide. This collaboration was a significant step in proactively identifying and fixing vulnerabilities in the GPU software and firmware stack.
While finding and fixing individual bugs is crucial, and progress continues on eliminating them entirely, making them unreachable by restricting attack surface is another effective and often faster way to improve security. This post details our efforts in partnership with Arm to further harden the GPU by reducing the driver's attack surface.
The Graphics Processing Unit (GPU) has become a critical and attractive target for attackers due to its complexity and privileged access to the system. The scale of this threat is significant: since 2021, the majority of Android kernel driver-based exploits have targeted the GPU. These exploits primarily target the interface between the User-Mode Driver (UMD) and the highly privileged Kernel-Mode Driver (KMD), where flaws can be exploited by malicious input to trigger memory corruption.
Our goal is to raise the bar on GPU security, ensuring the Mali GPU driver and firmware remain highly resilient against potential threats. We partnered with Arm to conduct an analysis of the Mali driver, used on approximately 45% of Android devices. This collaboration was crucial for understanding the driverβs attack surface and identifying areas that posed a security risk, but were not necessary for production use.
One of the key findings of our investigation was the opportunity to restrict access to certain GPU IOCTLs. IOCTLs act as the GPU kernel driverβs user input and output, as well as the attack surface. This approach builds on earlier kernel hardening efforts, such as those described in the 2016 post Protecting Android with More Linux Security. Mali ioctls can be broadly categorized as:
Our goal is to block access to deprecated and debug IOCTLs in production. Instrumentation IOCTLs are intended for use by profiling tools to monitor system GPU performance and are not intended to be directly used by applications in production. As such, access is restricted to shell or applications marked as debuggable. Production IOCTLs remain accessible to regular applications.
The approach is iterative and is a staged rollout for devices using the Mali GPU. This way, we were able to carefully monitor real-world usage and collect data to validate the policy, minimizing the risk of breaking legitimate applications before moving to broader adoption:
Logingpu_harden, that disallowed instrumentation ioctls. We then selectively applied this attribute to certain system apps to test the impact. We used the allowxperm rule to audit, but not deny, access to the intended resource, and monitored the denial logs to ensure no breakage.gpu_debug domain that would allow access to instrumentation ioctls. All applications were hardened by default, but developers could opt-out by:android:debuggable="true" attribute in their app's manifest.This approach allowed us to roll out the new security policy broadly while minimizing the impact on developers.
To help our partners and the broader ecosystem adopt similar hardening measures, this section provides a practical, step-by-step guide for implementing a robust SELinux policy to filter GPU ioctls. This example is based on the policy we implemented for the Mali GPU on Android devices.
The core principle is to create a flexible, platform-level macro that allows each device to define its own specific lists of GPU ioctl commands to be restricted. This approach separates the general policy logic from the device-specific implementation.
Official documentation detailing the added macro and GPU security policy is available at:
SELinux Hardening Macro: GPU Syscall Filtering
Android Security Change: Android 16 Behavior Changes
The first step is to use a generic macro that we built in the platform's system/sepolicy that can be used by any device. This macro establishes the framework for filtering different categories of ioctls.
In the file/sepolicy/public/te_macros, a new macro is created. This macro allows device-specific policies to supply their own lists of ioctls to be filtered. The macro is designed to:
appdomain) access to a defined list of unprivileged ioctls.shell or runas_app when the application is debuggable.
With the platform macro in place, you can now create a device-specific implementation. This involves defining the exact ioctl commands used by your particular GPU driver.
ioctl_macros file in your device's sepolicy directory (e.g., device/your_company/your_device/sepolicy/ioctl_macros).mali_production_ioctls, mali_instrumentation_ioctls, and mali_debug_ioctls. These lists will contain the hexadecimal ioctl numbers specific to your driver.
For example, you can define your IOCTL lists as follows:
define(`unpriv_gpu_ioctls', `0x0000, 0x0001, 0x0002') define(`restricted_ioctls', `0x1110, 0x1111, 0x1112') define(`instrumentation_gpu_ioctls', `0x2220, 0x2221, 0x2222')
Arm has provided official categorization of their IOCTLs in Documentation/ioctl-categories.rst of their r54p2 release. This list will continue to be maintained in future driver releases.
Now, you apply the policy to the GPU device node using the macro you created.
gpu.te file in your device's sepolicy directory.As with any SELinux policy development, the process should be iterative. This iterative process is consistent with best practices for SELinux policy development outlined in the Android Open Source Project documentation.
Attack surface reduction is an effective approach to security hardening, rendering vulnerabilities unreachable. This technique is particularly effective because it provides users strong protection against existing but also not-yet-discovered vulnerabilities, and vulnerabilities that might be introduced in the future. This effort spans across Android and Android OEMs, and required close collaboration with Arm. The Android security team is committed to collaborating with ecosystem partners to drive broader adoption of this approach to help harden the GPU.
Thank you to Jeffrey Vander Stoep for his valuable suggestions and extensive feedback on this post.
Nobody wants to believe their new phone is the best it will ever be on the day they bought it, but thatβs the reality for many Android owners. However, if you use a Google Pixel, thereβs a solid argument to be made that it gets better with time.
Google has added a new data migration solution in the latest Android Canary release to make data transfers between iPhones and Android devices more seamless.
The post Androidβs latest Canary release lays the groundwork to help you seamlessly switch to iPhone appeared first on Digital Trends.
If you've ever had to charge your phone in a pinch without your usual charger, you know the struggle of hunting for anything with a powered USB port. In those moments, even a trickle of electricity can be the difference between getting home and being stuck with a dead battery.
Androidβs upcoming NameDrop alternative just gained a new animated interface. The contact exchange still is not functional, which suggests the feature remains early in development despite the polished visuals.
The post Androidβs upcoming NameDrop alternative just picked up a new animation appeared first on Digital Trends.
