Tuesday 30 July 2013

[App review] BOINC - donating cpu power

If like me you're a little (lot) cash strapped but feel guilty about not being able to donate to a good cause then this is a fantastic way of helping in a free(ish) but geeky way. It's an app called BOINC developed by Berkeley university with the help of others such as IBM.

What's the deal?
Instead of donating money, you are donating processing power. The app uses your phone's cpu (central processing unit) to help with various projects Berkeley are running in different areas such as astronomy, physics etc. You can choose which project to donate processing power too and when you want to donate (obviously!) so you can feel just that little bit better everyday.

How does it work?
Nowadays many projects require supreme processing power to complete, these are generally stuff like simulations, studying diseases or looking for a certain thing. A simulation in reality might happen over a few fractions of a second but in the virtual world, depending on the processing power of the device running it, generally take days to complete. While institutions like university may have funds for supercomputers, the power of volunteers all around the world willing to donate processing power is incomparable to these supercomputers. This is why there are quite a lot projects similar such as Folding@Home which as well as being available for desktop PCs, became available on the Playstation 3. This was mainly because that was also seen as a powerhouse and it was very successful, the developers with the help of PS3 users set a world record of one petaFLOP of computation power (a huge amount!). Considering how many Android devices there are compared to PS3s sold, surely it shouldn't be too difficult to top that?

Conclusion
In time this app will no doubt have more functionality in terms of a scheduler and more ease of use setting but for now the developers are ironing out a few kinks it has with some Android devices. It's still a solid, functional app that works very well, especially if you set it to work overnight but make sure that you're not relying on your phone as an alarm clock because the battery will almost definitely be drained, or if you are, connect your phone to a charger.

Mo

Posted by at No comments:
Labels: , , , , ,

Monday 29 July 2013

Android 4.3's permission manager

For those who have never tried Cyanogenmod, you probably won't have come across permission management. For those who have, you will know what I'm talking about and what a powerful tool it is. This is an attempt by Google to bring permission management on an app to app basis to the masses, so you won't have to go through the whole process of flashing custom firmware to be able to decide what an app can and can't do on your phone.

What's this you talk of?
Permission manager is a very nifty tool. You will have noticed when installing an app, that the Play Store presents you with all the permissions this app will be granted. Sometimes you want to install an app but you feel the permissions it needs are too intrusive and unnecessary. Depending on how much you want the app, or how much you want to protect your own privacy, or indeed how paranoid you are (Dad, I'm looking at you!) you'll make a conscious decision whether it's worth installing the app or not. But imaging if you no longer had to do that. Permission manager is the reason why.

How does it work?
It works by allowing you to revoke a permission an app has but targets that specific permission for just that specific app. It will not affect other apps (unless they are somehow linked) and the apps other functions should work fine given that you didn't do something like revoke the permission for a camera app to access the camera! So you can stop an app being able to read your call logs if you think it shouldn't have that capability. Why should a game access your logs or see who you're messaging any longer?

Things to look out for
While this is a fantastic tool, it's worth keeping in mind the permissions you are revoking and the apps you're revoking them for. It might be the case a few days or weeks down the line that an app doesn't function as it should and it may well be the case that it doesn't have all the required permissions to function properly. If you do experience problems like these then it's definitely worth checking out what you've revoked before blaming the developers for bugs they have in their apps. Similar to me getting frustrated that an app can't go online only to find I'm the one that's blocked its internet access using a firewall.

Conclusion
This has been a long time coming for Android users, especially for those who can't or don't want to play around with the firmware of their phones. It might take a bit of getting used to but this function will no doubt increase end user privacy and to some extent ease the worries of a lot of people. My only concern is that developers remain as they are with app permissions and don't start getting lazy with the permissions they include, expecting users to remove them after installing.

Mo

Posted by at No comments:
Labels: , , , ,

Wednesday 17 July 2013

Bluebox uncovers Android's Master Key

If you've kept in the loop at all with news on Android, you will have noticed a security company named Bluebox who discovered a vulnerability in Android that allows a hacker to modify the code of an APK file, i.e. an app, without changing the signature of the app. Essentially they could change the code and we, the end user would be none the wiser when we download this app as Android would not be able to tell that the app has been tampered with. Obviously this is a problem but do we need to panic?

How bad is it?
According to Bluebox, this vulnerability affects 900 million Android devices or 99 per cent of Android devices out in the wild. Any phone with Android 1.6 or above possesses this vulnerability so more or less anyone with an Android smartphone. These at first are pretty scary figures and you are more at risk if you install apps from a third-party source as they are generally less well regulated and more susceptible to being tampered with. If you like to try new apps and venture into apps made by individuals then that probably increases your risk even more, but we could go on and on about what increases your risks. 

Is there a fix?
A fix has been released by Google but it is up to manufacturers to implement it onto their devices and some have been slower to do so than others. Given the seriousness of this, most manufacturers have patched their devices but some have still not. It would be worth finding out if the manufacturer of your phone have taken steps to patch this vulnerability and if not, getting in touch and letting them know your concerns. Most companies nowadays take customer opinions much more seriously than they used to so it is a worthwhile method of making yourself heard.

Anything else to do?
Bluebox have since released an app that scans your device, checks to see if it is patched, and whether or not you have apps that have been tampered with. To download the app, follow this link. If your device is patched then your phone manufacturer has taken steps to prevent this vulnerability and if you do not have any apps that are infected then you're pretty safe. Otherwise, take the advised steps given by the app.

Conclusion
We can't underestimate the importance of vulnerabilities like this. To put it into perspective, your phone data could be available to a hacker if you install an app that has been tampered with. Even if you have nothing to hide, you will no doubt not want all your personal information and perhaps sensitive information being available to a total stranger who is up to no good!

Mo

Posted by at No comments:
Labels: , , , , , ,
Subscribe to: Posts (Atom)