I Want to Write Android Apps. Where Do I Start?

Dear Lifehacker, I have some background in coding, but I’ve never touched Android development before. I’d like to get started, but I’m not entirely sure what I need. I don’t need to “learn to code” per se, but I could use some guidance on where to start with Android. Can you help?

Source: I Want to Write Android Apps. Where Do I Start?

Cyanogen Inc shutting down CyanogenMod nightly builds and other services, CM will live on as Lineage

The CyanogenMod team has posted an update of their own, confirming the shutdown of the CM infrastructure and outlining a plan to continue the open-source initiative as Lineage, which we suspected was going to be the case last week.

Source: Cyanogen Inc shutting down CyanogenMod nightly builds and other services, CM will live on as Lineage [Updated]

Hacking Team’s RCS Android: The most sophisticated Android malware ever exposed

The spyware is delivered either via the aforementioned app, or via an SMS or email that contain a specially crafted URL that will trigger exploits for several vulnerabilities in the default browsers of Android versions 4.0 Ice Cream Sandwich to 4.3 Jelly Bean.

This will allow the attacker to gain root privilege, and allow the installation of a shell backdoor and RCS Android.

Source: Hacking Team’s RCS Android: The most sophisticated Android malware ever exposed

Cyanogen Inc. Turns Down Acquisition Attempt by Google, Seeks $1 Billion Valuation

As many of you may know, Cyanogen is built from Android source code, with layers upon layers of custom code placed on top. These changes allow for users to highly customize the look and feel of the OS. For example, users running Cyanogen can place custom skins on the OS and also increase a device’s security thanks to additional settings. There are countless developers that contribute their code to make Cyanogen a better alternative to vanilla Android, which is provided straight from Google as open source.

Cyanogen has told potential investors that it has a deal in place to bring its custom version of the Android OS to India through a manufacturer called Micromax. Alongside Samsung, Micromax currently holds almost as much share of the smartphone market in India, making this deal a very large step to get Cyanogen into the hands of millions of more people.

via Report: Cyanogen Inc. Turns Down Acquisition Attempt by Google, Seeks $1 Billion Valuation | Droid Life.

Robot OS to support Linux and Android on Snapdragon

Developed in large part by now defunct Willow Garage, ROS was designed for collaborative, open source robotics development. ROS is a collection of tools and libraries that simplify the task of creating and programming robotic platforms and applications. ROS is not a real-time OS, but it can be integrated with RTOSes, as well as Linux. As of earlier this year, Android support was added.

The default install for ROS is Ubuntu Linux. Core ROS components include message passing, message recording and playback, remote procedure calls, and a distributed parameter system. In addition to these core middleware components, ROS offers more robotics-specific features like a Unified Robot Description Format (URDF), a remote geometry library, preemptable remote procedure calls, and diagnostics. It also offers ready-built packages for common robotics problems like mobile navigation, pose estimation, and building a map and having the robot self-localize on it.

via Robot OS to support Linux and Android on Snapdragon ·  LinuxGizmos.com.

Windows tablet shipments to grow, but won’t challenge Android, iOS

IDC is projecting Windows tablets to occupy 10.2 percent of the market by 2017, growing from a projected market share of 3 percent this year. By comparison, tablets based on Android and iOS will register slight dips in market share.

via Windows tablet shipments to grow, but won’t challenge Android, iOS | PCWorld.

New crimeware tool Dendroid makes it easier to create Android malware, researchers warn

Dendroid’s features include deleting call logs and files; calling phone numbers; opening Web pages; recording calls and audio from the microphone; intercepting text messages; taking and uploading photos and videos; opening applications and launching HTTP flood (denial-of-service) attacks for a period of time specified by the attacker.

Dendroid is not the first Android RAT, but is one of the most sophisticated one seen to date.

via New crimeware tool Dendroid makes it easier to create Android malware, researchers warn | ITworld.

How to Turn An Old Android Phone into a Networked Security Camera

If the idea of a networked security camera that you can remotely view and receive alerts from appeals to you but the $$$ of a commercial model does not, read on as we show you how to turn older generation Android phones into sophisticated security cameras.

via How to Turn An Old Android Phone into a Networked Security Camera.

VPN Related Vulnerability Discovered on an Android device

In this video we demonstrate the vulnerability via the following steps:

  1. We present a regular Android device (in this case it is the popular Samsung S4 device). Behind it we display a screen with packet capturing tool, showing the traffic that flows through that computer.
  2. Now the user runs the malicious app and clicks on the Exploit button which takes advantage of the vulnerability in the phone’s system.

via VPN Related Vulnerability Discovered on an Android device – Disclosure Report | Cyber Security Labs @ Ben Gurion University.

The exploit vector requires a user to do something.

Reverse engineering my bank’s security token

The toolset


Reverse engineering Android apps requires a few software tools. Here’s what I used for this project:

  • Android SDKProvides the adb command-line tool, which can pull APKs, data files and settings from the phone.
  • dex2jarConverts Android’s Dalvik executables into JARs, which are easier to reverse engineer.
  • JD, JD-GUIAn excellent Java bytecode decompiler.
  • EclipseA Java IDE to validate discoveries during the reverse engineering process.

via Reverse engineering my bank’s security token | Thiago Valverde.