http://telecoms.com/474649/nearly-1-billion-android-devices-infected-with-qualcomm-vulnerability-exploit/
Four new vulnerability exploits have been found on over 900 million Android smartphones, with Qualcomm chipsets found to be the root cause, according to research by Check Point.
Researchers from security experts Check Point detected the vulnerabilities affecting all Android devices running a specificQualcomm
chipset. Since the vulnerabilities are found in the software drivers Qualcomm ships with its chipsets, and since said drivers are pre-installed on devices straight out of the factory, they can only be fixed by installing a patch from the distributor or operator. First, Qualcomm will need to provide the fixed driver pack to the operator before it can then distribute it to customers affected.
According to Check Point, the vulnerabilities, known as QuadRooter, can give attackers complete control of devices and unrestricted access to sensitive personal and enterprise data which may be stored on the device. Check Point presented the results of its research at hacking and information security conference Defcon.
“Following recent security issues discovered in Android, Google made a number of changes to tighten security across its fragmented landscape,” said Adam Donenfeld, Senior Security Researcher, Check Point “However, Google is not alone in the struggle to keep Android safe. Qualcomm, a supplier of 80% of the chipsets in the Android ecosystem, has almost as much effect on Android’s security as Google. With this in mind, we decided to examine Qualcomm’s code in Android devices. During our research, we found multiple privilege escalation vulnerabilities in multiple subsystems introduced byQualcomm
to all its Android devices in multiple different subsystems. In this presentation we will review not only the privilege escalation vulnerabilities we found, but also demonstrate and present a detailed exploitation, overcoming all the existing mitigations in Android’s Linux kernel to run kernel-code, elevating privileges and thus gaining root privileges and completely bypassing SELinux.”
Cloud security firm CensorNet said the exploit presents a clear and present danger for organisations using affected devices as part of a BYOD strategy.
“Give that BYOD is now commonplace, a vulnerability in mobile hardware on this scale could be a huge risk to enterprises,” said Ed Macnair, CEO of CensorNet. “By having root access to the primary device that many people use on a daily basis for business operations, a hacker basically becomes a superuser. Having unfettered access to company systems is a few relatively simple steps away.”
Check Point also revealed which devices are most affected by, or exposed to, the vulnerabilities. Some of the latest and most popular Android devices on the market use the affected Qualcomm chipsets, and they include:
• BlackBerry Priv
• Blackphone 1 and Blackphone 2
• Google Nexus 5X, Nexus 6 and Nexus 6P
• HTC One, HTC M9 and HTC 10
• LG G4, LG G5, and LG V10
• New Moto X by Motorola
• OnePlus One, OnePlus 2 and OnePlus 3
• Samsung Galaxy S7 and Samsung S7 Edge
• Sony Xperia Z Ultra
Users who fears they may be affected can scan for exploits using the application found here: https://play.google.com/store/apps/details?id=com.checkpoint.quadrooter. Telecoms.com reached out to Qualcomm for comment but is yet to hear a response at the time of writing.
UPDATE: 08/08/2016 17:22 BST – Qualcomm responded to Telecoms.com’s request for comment with the following:
“Providing technologies that support robust security and privacy is a priority for Qualcomm Technologies, Inc. (QTI). We were notified by the researcher about these vulnerabilities between February and April of this year, and made patches available for all four vulnerabilities to customers, partners, and the open source community between April and July. The patches were also posted on CodeAurora. QTI continues to work proactively both internally as well as with security researchers to identify and address potential security vulnerabilities.”
Just checked my Nexus 6P (bought 2 weeks ago) and it indeed has the vulnerability, as found by
the Checkpoint (zonealarm company) scanner,
CVE-2016-5340
https://play.google.com/store/apps/details?id=com.checkpoint.quadrooter
charlestek said:
Just checked my Nexus 6P (bought 2 weeks ago) and it indeed has the vulnerability, as found by
the Checkpoint (zonealarm company) scanner,
CVE-2016-5340
https://play.google.com/store/apps/details?id=com.checkpoint.quadrooter
Click to expand...
Click to collapse
I just received the August security update (MTC20F) and can confirm that it's still vulnerable.
Sent from my Nexus 6P using Tapatalk
daewond3r said:
I just received the August security update (MTC20F) and can confirm that it's still vulnerable.
Sent from my Nexus 6P using Tapatalk
Click to expand...
Click to collapse
How do you interrogate a listing of the phone OTA updates???
daewond3r said:
I just received the August security update (MTC20F) and can confirm that it's still vulnerable.
Click to expand...
Click to collapse
Yeah i just came here to ***** after flashing mine and running a check.
Honestly how can they release the august update, and fix only one of the two cve's that effect the 6p, when a patch already exists to fix for both (i know there was two previously as i ran the check before flashing), are we to believe that for their flag ship phone they could not have held onto the patch back 1 more day to include the fixed code.
Now we all have a month to go on an unpatched device. Seriously i moved to a nexus device so i wouldn't have to flash third party roms to get security patches.
Its not as if Qualcomm wasnt notified of this before public disclosure and already dished out patches. Its not as if they didnt have time by all account they have been sitting on the code since at least July, why only patch one of the two cve's that effected last months rom.... shakes head, not cool.
---------- Post added at 10:58 PM ---------- Previous post was at 10:57 PM ----------
charlestek said:
How do you interrogate a listing of the phone OTA updates???
Click to expand...
Click to collapse
I download and flash with fastboot
Is it that big of a deal? It looks like 3 of the 4 vulnerabilities were patched already.
I guess if you really want to be safe, just don't install any apps or updates before the September patch.
charlestek said:
How do you interrogate a listing of the phone OTA updates???
Click to expand...
Click to collapse
Not sure what you mean by interrogate. If you mean how do I know if it's still vulnerable, I used the app in the first post to check after I installed the security update.
Sent from my Nexus 6P using Tapatalk
daewond3r said:
Not sure what you mean by interrogate. If you mean how do I know if it's still vulnerable, I used the app in the first post to check after I installed the security update.
Sent from my Nexus 6P using Tapatalk
Click to expand...
Click to collapse
No, I meant, how do you query the device to tell what patches have been applied? I did look up that you can see the last patch number as well as the version number of the OS in settings.
I didn't know that you could see the last patch number before looking at it today.
plazma247 said:
Yeah i just came here to ***** after flashing mine and running a check.
Honestly how can they release the august update, and fix only one of the two cve's that effect the 6p, when a patch already exists to fix for both (i know there was two previously as i ran the check before flashing), are we to believe that for their flag ship phone they could not have held onto the patch back 1 more day to include the fixed code.
Now we all have a month to go on an unpatched device. Seriously i moved to a nexus device so i wouldn't have to flash third party roms to get security patches.
Its not as if Qualcomm wasnt notified of this before public disclosure and already dished out patches. Its not as if they didnt have time by all account they have been sitting on the code since at least July, why only patch one of the two cve's that effected last months rom.... shakes head, not cool.
---------- Post added at 10:58 PM ---------- Previous post was at 10:57 PM ----------
I download and flash with fastboot
Click to expand...
Click to collapse
Well, I am also on the Aug security patch and my phone reports two vulnerabilities 2504 and 5340.
logic88 said:
Is it that big of a deal? It looks like 3 of the 4 vulnerabilities were patched already.
I guess if you really want to be safe, just don't install any apps or updates before the September patch.
Click to expand...
Click to collapse
I don't have any nexus phone experience before two weeks ago, but can't Google release a patch or update out of band instead of on the normal monthly date???
For every vírus, exists the creator ... Who tell me if check point is not the big interested on this?? I Will not install they app to verify
Enviado do meu Nexus 6P através de Tapatalk
r3ix said:
For every vírus, exists the creator ... Who tell me if check point is not the big interested on this?? I Will not install they app to verify
Enviado do meu Nexus 6P através de Tapatalk
Click to expand...
Click to collapse
Supposedly the checkpoint security app (not the app that checks for vulnerabilities) does not work well.
However, please get a clue about security vulnerabilities, see here: https://source.android.com/security/bulletin/2016-08-01.html
and the CVE listings on Mitre:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5340
CVE-2016-5340
Description
The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
CONFIRM:https://source.codeaurora.org/quic/.../?id=06e51489061e5473b4e2035c79dcf7c27a6f75a6
CONFIRM:https://www.codeaurora.org/invalid-path-check-ashmem-memory-file-cve-2016-5340
Date Entry Created
20160609 Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
My 6P does have the CVE-2016-5340 vulnérability... How are they going to patch it ? What can i do ? What can't i do ?
Can i continu using my phone normally ?
Are the patch installing by themself or are they OTA update ?
Envoyé de mon Nexus 6P en utilisant Tapatalk
This article states that Google verify apps should block it's install
http://goo.gl/2Vs1wo
Google has confirmed that its Verify Apps security feature, which is enabled by default, will block the new Quadrooter Android exploit.
charlestek said:
I don't have any nexus phone experience before two weeks ago, but can't Google release a patch or update out of band instead of on the normal monthly date???
Click to expand...
Click to collapse
They could do that but they won't. Unless 7.0 is released this month, I don't see an update until the September security update is released.
Sent from my Nexus 5X using Tapatalk
SlimSnoopOS said:
They could do that but they won't. Unless 7.0 is released this month, I don't see an update until the September security update is released.
Sent from my Nexus 5X using Tapatalk
Click to expand...
Click to collapse
So you're telling me if there was some massive new threat that could compromise most android phones, they would sit and wait a month just to be on the monthly schedule?
The Qualcomm Snapdragon is my favorite mobile SoC.:laugh:
Franco kernel
charlestek said:
So you're telling me if there was some massive new threat that could compromise most android phones, they would sit and wait a month just to be on the monthly schedule?
Click to expand...
Click to collapse
They already have waited since they were made aware of the issue in the Spring. From what I understand, one needs to install an app from outside of the Play Store to be exposed and they also need to enable Unknown Sources" and also disable Google's security setting for "Verify Apps."
Sent from my Nexus 5X using Tapatalk
Xewyph said:
My 6P does have the CVE-2016-5340 vulnérability... How are they going to patch it ? What can i do ? What can't i do ?
Can i continu using my phone normally ?
Are the patch installing by themself or are they OTA update ?
Envoyé de mon Nexus 6P en utilisant Tapatalk
Click to expand...
Click to collapse
Stop drinking too much espresso!!!
Related
Update 19 December 2017:
I've just updated through LG Bridge. I have come to following conclusions:
- My data, media and apps still exist. Nothing deleted
- Bridge will download massive 3GB of firmware
- Bridge didn't like my wifi so I used my neighbor wifi that downloaded the firmware successfully. However I don't know why I got server error at my own wifi
- I can't see any changes. Just a november patch which is still better than July
So I got this response from LG:
This is a staff of LG Product Security Response Team(LG PSRT).
First of all, we apologize for late security patch.
As I know, the latest version (for European) is also July.
According to our dedicated team, there will be a security patch for your LG G6 H870 within the end of December.
Thanks for your patience.
Regards,
LG PSRT
What does that even mean? Which security patch will we receive? Any mention of Android 8?
Security patch: August
What a ****ing excuse!I really miss my Nexus 6P...camera..software...updates...
I think i'm going to sell my G6 after Christmas.. Will buy a Xiaomi Mi A1!
vesoisthebest said:
what a ****ing excuse!i really miss my nexus 6p...camera..software...updates...
Click to expand...
Click to collapse
yesssssssss
I had better update experience using my previous old Galaxy S6.
H870 - European Update=scifi...
don't panic, guys
i think the next update wil be oreo
Syrop said:
don't panic, guys
i think the next update wil be oreo
Click to expand...
Click to collapse
Ohh good that "you think" it will be oreo. That's a relief
Yeah, the LG updates is kinda a joke. The hardware is good and all, but we're still running the same 7.0 that it was launched with some 9 months ago. I'm just waiting for stable LOS.
As I said, very nice! I'd actually been missing those icons.
Would you consider making a version with the Nexus grey background instead of all black as well? While keeping the icons and the accent color.
Oh, and if you do, I wouldn't mind seeing a slight background change for the separator row in the settings. Just like the default white theme handles it, but in a dark grey of course.
Obscure Reference said:
As I said, very nice! I'd actually been missing those icons.
Would you consider making a version with the Nexus grey background instead of all black as well? While keeping the icons and the accent color.
Oh, and if you do, I wouldn't mind seeing a slight background change for the separator row in the settings. Just like the default white theme handles it, but in a dark grey of course.
Click to expand...
Click to collapse
ummmm...
Syrop said:
don't panic, guys
i think the next update wil be oreo
Click to expand...
Click to collapse
dont panic???? Just check blueborn and krank on your phone kid...
I frakk oreo i want monthly security patch.Most important.I want use bank app and nfc ,etc...NOW NOT SAFE!
adaimespechip said:
ummmm...
Click to expand...
Click to collapse
Haha I know, wrong thread. Mobile messup. ?
Oreo on LG in 2017 ? impossible
but August security patch ! probably
I'm wondering if anyone from LG read this thread
So many happy people here who wait for August security update in December.
In think we should be happy in the end of the day. Oreo? C'mon if you want it, go to some grocery store and get it [emoji3]
Nordic LG G6 updates
Well I just asked LG Finnish customer service why the security updates are still at july 1st on my LG G6 that I bought a week ago. My 2+ years old phone I switched from had newer security updates.
First response was basically "unfortunately we dont know this as Google is responsible for the updates... Please inquire Google about this."
When I complained about this and pointed them to LG's own website at (cannot post links yet)
https lgsecurity.lge.com/security_updates.html
I got a snarky reply saying that as I can probably read from the page the updates are irregular at some regions etc.
And that getting updates in Finland means all the Nordic countries and their operators have to test the update first before its released here.
They said an update is coming, but did not specify "which" update. Blah. Not very good customer service either.
Like Sony Phones I swear I will add LG to the not buy list in the future Permanently. I'm responsible for the Hardware buying here at our company and we have removed LG also for now. Next year we will be upgrading to Motorola as they seems to fulfill our budget and security updates
Oniska said:
Like Sony Phones I swear I will add LG to the not buy list in the future Permanently. I'm responsible for the Hardware buying here at our company and we have removed LG also for now. Next year we will be upgrading to Motorola as they seems to fulfill our budget and security updates
Click to expand...
Click to collapse
Bad choice they are just as bad if not worse than LG.
Hello, since Firmware Finder cannot enforce updates anymore, is there any alternative that does not require root? Honor really sucks at delivering updates, in FF I can see version 8.1.0.143 while I'm still on 131, this was always a pain in the ass for Honor devices but previously I always thought "who cares, I can force it via FF", well now I do care and this will be my last Honor device if I can't get the updates to work.
Thanks for any advice.
I just hate people like you who keep trowing dirt at companies for this sh*t about updates.
143 was just released, not long ago, cant you have patience a bit?you have the previous version, so at what do they suck?you have june or july sec update i bet.
Garkan said:
I just hate people like you who keep trowing dirt at companies for this sh*t about updates.
143 was just released, not long ago, cant you have patience a bit?you have the previous version, so at what do they suck?you have june or july sec update i bet.
Click to expand...
Click to collapse
I'm sorry but if someone like Apple were to announce an iOS update for a specific day, you would expect it to be available on that day and it most likely would be. Honor told us that the update would be on August 3rd for the EU, yet here I am 3 days later in the UK unable to see 143/145. This would be relatively fine, if they hadn't made several posts on their Twitter accounts saying things like "update now!" and "have you updated yet?", and also made a competition on this very forum with a 10 day deadline, meaning if someone like me wanted to enter they would be 3 days behind anyone else already.
Rikudou_Sennin said:
Hello, since Firmware Finder cannot enforce updates anymore, is there any alternative that does not require root? Honor really sucks at delivering updates, in FF I can see version 8.1.0.143 while I'm still on 131, this was always a pain in the ass for Honor devices but previously I always thought "who cares, I can force it via FF", well now I do care and this will be my last Honor device if I can't get the updates to work.
Thanks for any advice.
Click to expand...
Click to collapse
.... Mate you have no clue how firnware finder works. There was is no way to enforce firmware update when the firmware it self is nit certified by google yet. Only by usinv nocheck recovery
Stupid people
---------- Post added at 10:22 AM ---------- Previous post was at 10:20 AM ----------
banjoboy420 said:
I'm sorry but if someone like Apple were to announce an iOS update for a specific day, you would expect it to be available on that day and it most likely would be. Honor told us that the update would be on August 3rd for the EU, yet here I am 3 days later in the UK unable to see 143/145. This would be relatively fine, if they hadn't made several posts on their Twitter accounts saying things like "update now!" and "have you updated yet?", and also made a competition on this very forum with a 10 day deadline, meaning if someone like me wanted to enter they would be 3 days behind anyone else already.
Click to expand...
Click to collapse
Well its not huawei the problem. They released the update but google has to certify it then it will be sent in batches.
vampirian said:
.... Mate you have bo clue how firnware finder works. There was us no way to enforce firmware update when the firmware it self is nit certified by google yet.
Stupid people
---------- Post added at 10:22 AM ---------- Previous post was at 10:20 AM ----------
Well its not huawei tge problem. They released tge update but google has yo certify it otherwise you will not receive it. Blame google in this case. Not huawei
Click to expand...
Click to collapse
Sorry what? "certified by Google"? If the update has already come out in other regions/countries then surely it's already good to go, and the blame rests on Huawei/Honor for not pushing it to all the relevant regions/devices (which I'm sure they're able to do without doing it in waves, otherwise they wouldn't be telling everyone it's available now...)
banjoboy420 said:
Sorry what? "certified by Google"? If the update has already come out in other regions/countries then surely it's already good to go, and the blame rests on Huawei/Honor for not pushing it to all the relevant regions/devices (which I'm sure they're able to do without doing it in waves, otherwise they wouldn't be telling everyone it's available now...)
Click to expand...
Click to collapse
Certification goes by country my friend. Thats the main reason why it goes in waves. If you are so much in rush you can use no check recovery and then you will see its not certified by Google . So yes its Google to blame because huawei have the update ready.
Garkan said:
I just hate people like you who keep trowing dirt at companies for this sh*t about updates.
143 was just released, not long ago, cant you have patience a bit?you have the previous version, so at what do they suck?you have june or july sec update i bet.
Click to expand...
Click to collapse
You know, before I started using Firmware Finder on one of my previous phones, I was a year without an update. So that's what they suck at.
vampirian said:
Certification goes by country my friend. Thats the main reason why it goes in waves. If you are so much in rush you can use no check recovery and then you will see its not certified by Google . So yes its Google to blame because huawei have the update ready.
Click to expand...
Click to collapse
Really? It was my understanding that not being "certified by Google" was something that stopped your specific device from being updated, and that each manufacturer organised their own OTA updates (to me it doesn't make much sense for Google to be certifying Huawei, Samsung, etc. updates, as surely those companies have their own teams to test this stuff?).
Even so, I spoke with Honor customer service earlier today and all "Shane" could tell me was to "hold on". He even said he agreed that it's a bit silly for Honor to tell everyone it's available when really it isn't, but that there's nothing else they can do
banjoboy420 said:
Really? It was my understanding that not being "certified by Google" was something that stopped your specific device from being updated, and that each manufacturer organised their own OTA updates (to me it doesn't make much sense for Google to be certifying Huawei, Samsung, etc. updates, as surely those companies have their own teams to test this stuff?).
Even so, I spoke with Honor customer service earlier today and all "Shane" could tell me was to "hold on". He even said he agreed that it's a bit silly for Honor to tell everyone it's available when really it isn't, but that there's nothing else they can do
Click to expand...
Click to collapse
Its not about huawei. Its about google security. Having or not their own team to test things doesnt mean they have access to google suite. Certification grants you access to google play, google pay and certain banking apps. If google did not check the updates for certain bugs, hacks etc then the update will stay on hold and as i said from country to country banking systems, telecommunication security systems are different.
Little miss leading social media , yes gpu boost is rolling out in certain regions this is normal practice for honor again it's region based batches at a time , the UK is always the last to get it , honor phones are not like say a OnePlus global device were as soon as a update rolls say in Canada first, you can set a VPN to Canada and download it even though your region hasn't got update yet , that would be nice but honor phones have tons of different region build numbers so unfortunately it's a waiting game for us in UK , I applied for the gpu boost beta and that wasn't being announced till 13th and haven't heard a thing since [emoji848]
Sent from my COL-L29 using Tapatalk
Is there actually an alternative to FF? I just want to download the .zip and cannot update it via the phone.
FF doesnt have the current Firmware "C432E2R1P5" für my Honor 9
€: Nvm. I found it, its the B162. But anyway are there other website who gather Honor/Huawei Firmwares?
tesacrap said:
Is there actually an alternative to FF? I just want to download the .zip and cannot update it via the phone.
FF doesnt have the current Firmware "C432E2R1P5" für my Honor 9
€: Nvm. I found it, its the B162. But anyway are there other website who gather Honor/Huawei Firmwares?
Click to expand...
Click to collapse
Idk, i hope
Hey Mate 20 Pro owners - just trying to understand what the Mate 20 Pro owners are planning on at the moment in the wake of Google/android services ban etc.,
I am also a proud owner of Mate 20 Pro for the last six months and I absolutely love this device.
Are you guys trying to selling it off before the value drops too low?
Or, hoping the situation will reverse and fix itself?
I am hoping it will all be okay in the next two months? What do you guys advise?
I'm sticking with it as this Google business isn't a major problem for me
Same here, i'll stay with my mate 20 pro.
i really think it's a great phone, so i see no reason to sell it.
About the problems with Google, we still have 3 months before the ban really starts, so i think it's just a pressure method from Trump to get the trade deal with China.
And even if it's not and they still ban it i will stay with Huawei, i have to say i'm really curious about Hongmeng OS that they'll launch in fall.
I only consider price and value before and at the time of buying. Once I make a decision, the price is no longer a factor for me. I only bought the phone recently because my previous phone was no longer usable. As long as my current gapps remain usable on this phone, I don't necessarily care about future updates that much. I buy a phone based on it's performance at the time of purchase. When I was buying this phone, I wanted a flagship phone for a non-flagship price, I refuse to spend a $1000 for a phone. After considering many, it came down to this phone because it was a flagship phone that had a non-flagship price.
It's bad when a phone loses it's upgrade path, it's always better to have a phone from a brand that's not in the news for all the wrong reasons. However, all the good reasons I bought this phone for to begin with still stand. I'm in the USA, I buy my phones outright and just put them on my basic plan without subsidy because it saves me money in the long run. I wanted a good phone, I got a good phone. I take care of it, I got a case that protects it's front and back, it should last long enough to justify it's investment. With each transaction, be it a car, a house or a phone, you lose money (especially with sales tax) so the solution is to buy smart and minimize the number of transactions as much as possible. I would love to unlock the bootloader and root it, I would love it if Huawei bans are reversed but even if not, what I have is still a great phone to keep for the foreseeable future.
From now on, I'll keep it. It doesn't a matter if we can't upgrade to Android Q. But I must keep using Android Suite, because I'm using it for work. And I'm also using Android Auto.
Don't worry, if you need gaps you have various ways to install them. Besides, I can't wait to see what will that new OS will be!
Jovan.Sulic said:
Don't worry, if you need gaps you have various ways to install them. Besides, I can't wait to see what will that new OS will be!
Click to expand...
Click to collapse
can you please elaborate? I'm also curious if there's alternative non offical way to keep the os and apps as is in a functional way.
Existing Huawei devices will keep access to gapps, even after if and when the ban is permanently enforced. If there is no positive solution for Huawei, their future phones will not be able to access gapps. Sideloading gapps to future devices after the ban is official just won't work without changing the device ID, google servers (play store, gmail, gmaps, etc, etc) will deny access to future identified Huawei phones. For example, Mate 30 Pro will likely launch in November, the current 90 day extension expires in August. If the ban is still in place (I doubt it) at the time the Mate 30 Pro launches, then it will be denied access to gaaps, if it's identified as a Huawei device that was launched after the ban became official.
Personally I think it's just politics and leveraging for a position in the trade war negotiations. Huawei's growth is a concern to others, they surpassed others in the 5G infrastructure tech and the USA and it's allies don't want the traffic to go through tech they don't have control over. The reason they are leaving Xiaomi or 1+ alone is they don't make the infrastructure behind 5G. I think it's not about China spying through Huawei, rather about them not being able to spy through Huawei equipment.
I'm definitely keeping mine for another year, the resell value is so minuscule now that it's not worth upgrading after just a year. This is still a great device and on par with all the newest flagships.
I don't care if EMUI 10/Android Q eventually arrives without any Google services, I'll simply use Gmail through the native EMUI email app and download my apps through Aurora store. Aurora allows you to login with your Google account even without Play services and download paid apps you've purchased. For YouTube I'll use Vanced, it has no ads and no need for Google services.
mcjordan92 said:
can you please elaborate? I'm also curious if there's alternative non offical way to keep the os and apps as is in a functional way.
Click to expand...
Click to collapse
Someone has already mentioned that the ban does not apply to existing phones. The xda forum has instructions on how to install gaps. after all, Huawei announced that the existing phones will send security patches
I just googled this thread. But if you ever instaled custom ROM you know what I mean.
https://forum.xda-developers.com/mate-20-pro/help/google-play-store-chinese-variant-t3861639
When the ban hits and I'm focked by Trump I'll buy a bootloader unlock code and install LineageOS. Hopefully by then the camera functions are supported sufficiently to use the camera properly as that's what made me upgrade from the Mate 9, to 10 pro to 20 pro...
blackspp said:
When the ban hits and I'm focked by Trump I'll buy a bootloader unlock code and install LineageOS. Hopefully by then the camera functions are supported sufficiently to use the camera properly as that's what made me upgrade from the Mate 9, to 10 pro to 20 pro...
Click to expand...
Click to collapse
You can do that right now, but I will wait for that new huawei OS and see what will Huawei bring to us
Jovan.Sulic said:
Someone has already mentioned that the ban does not apply to existing phones. The xda forum has instructions on how to install gaps. after all, Huawei announced that the existing phones will send security patches
I just googled this thread. But if you ever instaled custom ROM you know what I mean.
https://forum.xda-developers.com/mate-20-pro/help/google-play-store-chinese-variant-t3861639
Click to expand...
Click to collapse
The ban does apply to existing phones. They will be able to continue using existing software but there will be no more updates.
Installing custom ROMs is impossible on international phones since the bootloader is locked.
darkoroje said:
The ban does apply to existing phones. They will be able to continue using existing software but there will be no more updates.
Click to expand...
Click to collapse
Yes and no. My understanding is that current Huawei phones will get official Google security updates, but no OS updates.
charliebigpot said:
Yes and no. My understanding is that current Huawei phones will get official Google security updates, but no OS updates.
Click to expand...
Click to collapse
No. Existing phones can continue to use Google play protect and the play store but Huawei cannot release any updates including security updates after August.
Huawei will obviously focus their attention on the new os which will replace android so chances on getting much support on our phones is quite low. Which is why the resale value of the phone has collapsed.
https://www.techradar.com/news/huaweis-os-to-be-rolled-out-next-month
Interesting stuff
Lets not forget people have bought the Chinese models which aren't official Android (not supported) and had no issues, the media are just blowing the whole thing up
---------- Post added at 02:47 PM ---------- Previous post was at 02:45 PM ----------
darkoroje said:
Huawei cannot release any updates including security updates after August.
.
Click to expand...
Click to collapse
Not what I've been reading or seen on Youtube, security updates will continue and they could release unsupported updates of the OS like in China
---------- Post added at 02:49 PM ---------- Previous post was at 02:47 PM ----------
blackspp said:
When the ban hits and I'm focked by Trump I'll buy a bootloader unlock code and install LineageOS. Hopefully by then the camera functions are supported sufficiently to use the camera properly as that's what made me upgrade from the Mate 9, to 10 pro to 20 pro...
Click to expand...
Click to collapse
I doubt the camera app will take full advantage of it
They cannot release unsupported updates of android because Google play services would stop working which would make it unusable.
darkoroje said:
They cannot release unsupported updates of android because Google play services would stop working which would make it unusable.
Click to expand...
Click to collapse
So how do the Chinese version do it, don't they just install Google Services separately, even if that didn't work nothing stopping them using the Hisuit to do it
Shipoftheline said:
So how do the Chinese version do it, don't they just install Google Services separately, even if that didn't work nothing stopping them using the Hisuit to do it
Click to expand...
Click to collapse
Chinese versions do not have access to Google services as far as I know. Google services are banned by law in China.
What a rubbish company to imprint the AndroidOne logo on a device they refuse to update. This is my first ans last Xiaomi!
mewcatchew said:
What a rubbish company to imprint the AndroidOne logo on a device they refuse to update. This is my first ans last Xiaomi!
Click to expand...
Click to collapse
I think "Android one" is a dead project, at least for Xiaomi and continues to prove it in every way
How many of Android One phones from different manufacturers are on Android 10? Motorola One received it yesterday. More recent Motorola phones haven't received it yet. New phones from Nokia will get them in "between Q1 and Q2 2020".
How many monthly security updates got skipped by Xiaomi? I don't remember even one missing.
Just because you misunderstood Android One programme, it doesn't mean it's rubbish or dead. Xiaomi and other manufacturers are following Android One standards and they are roughly at the same position, none of them being much ahead of others.
_mysiak_ said:
How many of Android One phones from different manufacturers are on Android 10? Motorola One received it yesterday. More recent Motorola phones haven't received it yet. New phones from Nokia will get them in "between Q1 and Q2 2020".
How many monthly security updates got skipped by Xiaomi? I don't remember even one missing.
Just because you misunderstood Android One programme, it doesn't mean it's rubbish or dead. Xiaomi and other manufacturers are following Android One standards and they are roughly at the same position, none of them being much ahead of others.
Click to expand...
Click to collapse
And how many bugs have been introduced by these monthly updates?
And how many fixes have been released to correct the countless programming flaws of their Rom? Nobody.
It seems that you are not aware of the damage caused to the unfortunate users used as unwitting "beta testers" of Android 10, on the Mi A2 lite and Mi A3 devices.
Not to mention their completely absent and / or unprepared after-sales support
IlSaro said:
And how many bugs have been introduced by these monthly updates?
And how many fixes have been released to correct the countless programming flaws of their Rom? Nobody.
It seems that you are not aware of the damage caused to the unfortunate users used as unwitting "beta testers" of Android 10, on the Mi A2 lite and Mi A3 devices.
Not to mention their completely absent and / or unprepared after-sales support
Click to expand...
Click to collapse
There are like how many bugs on Android 9. 1 or 2? No new have been introduced, most got fixed.
Android 10 update was rushed mess, I agree with that. But you can blame mainly people like you, pushing on company to release update immediately, even if it's not ready. They shouldn't have listened, that was their mistake number one.
I keep repeating, they need to improve communication and be honest. It there's a delay, announce it. If there are unforeseen problems, fix them and apologize. This is the main area where they need a huge improvement. But it can be said about many other companies, Xiaomi is not the only one. It's no excuse, but there aren't many good examples out there (especially at this price point).
_mysiak_ said:
There are like how many bugs on Android 9. 1 or 2? No new have been introduced, most got fixed.
Android 10 update was rushed mess, I agree with that. But you can blame mainly people like you, pushing on company to release update immediately, even if it's not ready. They shouldn't have listened, that was their mistake number one.
I keep repeating, they need to improve communication and be honest. It there's a delay, announce it. If there are unforeseen problems, fix them and apologize. This is the main area where they need a huge improvement. But it can be said about many other companies, Xiaomi is not the only one. It's no excuse, but there aren't many good examples out there (especially at this price point).
Click to expand...
Click to collapse
It may be that as you say, the problems of "Android one" are also common to other companies, but here we talk about Xiaomi and if it is true that it releases monthly security updates with a certain regularity, it is equally true that more than once introduced Bugs, without ever releasing an official Fix and without ever having corrected the main defect of the native WiFi on Android Pie in the Mi A2 lite and now it also appears in the Mi A2 with Android 10.
In addition, no one has forced Xiaomi to release a version upgrade, however, provided by the "Android one" program, without first having carried out the most basic checks with their "Beta testers".
As far as I am concerned, he would have done better first to fix all the defects widely documented in their firmware already in use, instead of combining all this useless mess.
The only fully functional Rom was the native one of Android 8.1, at least on the Mi A2 lite device
IlSaro said:
It may be that as you say, the problems of "Android one" are also common to other companies, but here we talk about Xiaomi and if it is true that it releases monthly security updates with a certain regularity, it is equally true that more than once introduced Bugs, without ever releasing an official Fix and without ever having corrected the main defect of the native WiFi on Android Pie in the Mi A2 lite and now it also appears in the Mi A2 with Android 10.
In addition, no one has forced Xiaomi to release a version upgrade, however, provided by the "Android one" program, without first having carried out the most basic checks with their "Beta testers".
As far as I am concerned, he would have done better first to fix all the defects widely documented in their firmware already in use, instead of combining all this useless mess.
The only fully functional Rom was the native one of Android 8.1, at least on the Mi A2 lite device
Click to expand...
Click to collapse
Which bugs got introduced with monthly updates and are still present on A3? I don't know about any, but I might have missed them. Except the bug with "ghost text" I have zero problems with stock Android 9.
_mysiak_ said:
Which bugs got introduced with monthly updates and are still present on A3? I don't know about any, but I might have missed them. Except the bug with "ghost text" I have zero problems with stock Android 9.
Click to expand...
Click to collapse
Fingerprint and proximity sensor.
The brightness of the display changes by itself, even if it is set manually.
But you've probably been lucky ...
IlSaro said:
Fingerprint and proximity sensor.
The brightness of the display changes by itself, even if it is set manually.
But you've probably been lucky ...
Click to expand...
Click to collapse
Can't confirm them. Proximity works fine, FP sensor as well. For brightness control I use OLED saver which works perfectly. Maybe I'm really lucky.. [emoji846]
_mysiak_ said:
Can't confirm them. Proximity works fine, FP sensor as well. For brightness control I use OLED saver which works perfectly. Maybe I'm really lucky.. [emoji846]
Click to expand...
Click to collapse
I am sure...
Android 10 come in april sure.
bojan1974 said:
Android 10 come in april sure.
Click to expand...
Click to collapse
! heard in November
mewcatchew said:
! heard in November
Click to expand...
Click to collapse
Which year?i hope 2025.
---------- Post added at 06:32 PM ---------- Previous post was at 06:22 PM ----------
it's almost inconceivable to say that it's normal for the update to be delayed and for example other companies
But that's not to say that almost all miui devices have been upgraded.
you are not rooting for so many mistakes on androidone but not on miui.
something smells ugly
Big number of different new device and low number of developers. Working on an embedded system is not easy dude. Why you think most of the new device have the A/B part (mender style)?
Fear of the brick.
bojan1974 said:
Android 10 come in april sure.
Click to expand...
Click to collapse
Still not here.
Just got my US April 2022 security update from Samsung for which I'm grateful, and it actually arrived during April
Still waiting for UI 4.1 update though.
Anyone in USA received 4.1 ?
nsmallw71 said:
Just got my US April 2022 security update from Samsung for which I'm grateful, and it actually arrived during April
Still waiting for UI 4.1 update though.
Anyone in USA received 4.1 ?
Click to expand...
Click to collapse
Im just curious, Why does the US get updates last? The A52 in other parts of the world got One UI 4.1 in the start of April.
Geoperson8 said:
Im just curious, Why does the US get updates last? The A52 in other parts of the world got One UI 4.1 in the start of April.
Click to expand...
Click to collapse
There's several reasons that there could be a delay.
It may be that some regulation needs to be complied with and they can't implement One UI until its dealt with. A prime example could be if telemetry data is sent back to Samsung. Is it required that the data is stored on US-based servers? They will need to set up the infrastructure for that.
Another possibility are the US carriers. They might have the One UI update already. Remember that carriers can implement the same tech in different ways which means a generic image from Samsung would always need adjustments first. That could cause continual delays.
The biggest culprit will the difference in SoC. Both use the Arm architecture which helps simplify things but there will still be inherent differences that needs to be coded for. Maybe Samsung just needs longer to create One UI on a Snapdragon processor?
These are just guesses because I have no idea what the delays are. Maybe a combination of all three! Could be something totally different too. Either way, you are going to have to keep waiting until someone is satisfied you can have One UI that won't break anything.