Thursday, June 3, 2010

My New Phone: The HTC Desire with Android 2.1 and Sense UI

As you may have read in the past, I've been a long time HTC Magic user - the HTC Magic is the second HTC device powered by Android, codenamed "Sapphire".
The HTC Magic is also known by many other names, including T-Mobile MyTouch3G, Google ION, Vodafone Magic, and HTC Sapphire.

It's been about a year since it's original release, and I've been able to test 4 versions of Android on my HTC Magic, which included:
  • Android 1.5 - Cupcake
  • Android 1.6 - Donut
  • Android 2.0 - 2.1 - Eclair
  • Android 2.2 - Froyo (Frozen Yoghurt)
Android 2.2 was the version that impressed me the most, because it was FAST! No, Seriously.

I've come to expect that when you upgrade the OS, you downgrade in speed. It seems that operating system vendors generally expect you to upgrade your hardware whenever you upgrade your software.
I've recently noticed that Google have been pushing to increase the speed in their software - as can be seen in Google Chrome (both the browser & operating system) and now, Android.

The Google Nexus One:
This was a big move by Google, they were releasing their second phone (the first being the Google ION) but there was a rather big difference - They were selling it directly to consumers (the Google ION was a re-branded HTC Magic that was gifted to attendees of Google I/O 2009, and is also sold to Android application developers).
It wasn't really a game changer, but it was the first device that I considered replacing my HTC Magic with. The main reason I didn't upgrade to the Google Nexus One is that it was not directly available to consumers in Australia, and took quite a bit of hassle (and trust) to get it imported.
The Google Nexus one is made by HTC and is codenamed "Passion".

HTC Desire:
This is the device that I had to have! The hardware appeared slightly better than the Google Nexus One, and it was available in Australia (from Telstra), The biggest downside is that 3G would only run on the 850/2100MHz frequencies, and my provider runs on the 900/2100MHz frequencies (thankfully it's 2100MHz locally).

After buying the HTC Desire, I quickly found myself "rooting" the device (enabling super-user access), and removing all of the Telstra branding from the software, I now have a nice and clean user interface as can be seen in the screenshots below.

HTC Desire running Android 2.1 (Eclair) with HTC Sense UI.

I'm very impressed with the HTC Desire, and look very forward to the official release of Android 2.2 with Sense UI by HTC.

My wife has been keeping her eye out on the HTC Legend, which should be released by Vodafone Australia today. Unfortunately the stores we have contacted have indicated that they would not be stocking the HTC Legend yet, or in the near future. Go figure?

Thursday, May 27, 2010

Dear HTC...

Dear HTC,

I recently decided to upgrade my HTC Magic, and buy a HTC Desire, as I noted the source code for the Kernel was now available.

After receiving my HTC Desire, I quickly found that there was no way to install my custom built kernel, which appears to violate the GPL license.
Previously, on devices such as the HTC Magic, we have been able to gain access to an "engineering SPL", which would allow us to install our own custom kernels. Unfortunately, I have been unable to find a suitable SPL for the bravo platform.

The following is an extract from the GNU General Public License Version 2, which can be found in the file "COPYING" located within the archive file "bravo_54b7033a.tar.gz", which is available for download from your website.

The source code for a work means the preferred form of the work for making modifications to it.  For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable.

Pursuant to the GNU GPL, I am hereby requesting that you make available the scripts to install a custom kernel to the HTC Desire.

I understand that HTC has recently come under attack for GPL violations related to the Desire's kernel source code, and I appreciate that you (HTC) are working with the community, in an attempt to uphold the law.

I look forward to hearing from you.

Regards,
Joshua Davison

IANAL, But i'm quite sure that the GPL exists to allow the freedom of creating and using derived works.

Thursday, May 13, 2010

Warning: Don't lend your car in NSW, Australia - The SDRO will get YOU! (not the driver)


On the 25th of January 2010, a close friend of mine was driving one of my cars through Parramatta (Sydney) and managed to get a speeding fine for "Exceed Speed Limit 10km/h and Under - Camera Detected", which is the lowest speeding offence where I live, in New South Wales, Australia.

This isn't a major issue, and after showing her the $84.00 fine that I received in late February or early March from the State Debt Recovery Office (The fines division of the Office of State Revenue), she was more than happy to pay for it and accept responsibility, which included 2 demerit points.

I contacted the State Debt Recovery Office to ask for a statuary declaration form, which is required when providing information on the driver (if the driver is not the registered owner of the car), and they informed me that I would receive a reminder notice soon, with a Statuary Declaration attached.

May 11th, I receive a letter from the NSW Roads & Traffic Authority stating that they will be suspending my license for 3 months, as of the 11th June 2010, signed by the licence review unit manager as the offense is now for 8 demerit points.

I called the SDRO on May 11th several times, and the phone system indicated that they were having temporary issues and were unable to answer calls.
I again called the SDRO on May 12th and explained what had happened, to which I was told that as I had not handed in a Statuary Declaration, the fine had been processed and my only option of appeal was to send in further forms for an annulment, which would cost me a processing fee of $50 - almost the price of the original fine, and that it was not guaranteed to be annulled. The customer service representative tried to tell me that since I had moved, the mail was probably lost. I tried to explain that I've got mail redirection and I check the mailbox at my previous address regularly. She informed me that she will be sending me the annulment form, and another form to request the removal of the processing fee.

Today, May 13th, I receive a letter from the SDRO, but it's not the application form I was expecting, It's an enforcement order. Basically it's a fine, and an extra $50 for the privilege of having my licence cancelled.


Now, for them not sending me the statuary declaration form, I get to pay a fine of $134, a $50 processing fee that might not do anything, I lose 8 points on my licence which means that I will lose my license for three months (my class of license allows 7 demerit points as a maximum), and a mark against my perfect driving record - all for something I didn't do.

That's the end of my rant, but I'm somewhat annoyed,
JD

Tuesday, March 9, 2010

PHP Class for Windows Live Admin Center

I've been using Windows Live Admin Center for quite some time, so I though it would be a good idea to directly interact with the provided API's, rather than manually manipulating each user.
The SOAP API's provided are used by the Windows Live Admin Center SDK, which can be downloaded from Microsoft's website.

I quickly decided to write a PHP class that extends the Admin Center functions exposed by the API to be natively available to PHP.
Hopefully, someone else will find it useful in the not too distant future.

/////////////////////////////////////////
// Windows Live Admin Center PHP Class //
// Author: Joshua "JD" Davison         //
// Email:  jd [at] ozchat [dot] org    //
/////////////////////////////////////////


class AdminCenter {
  public function __construct() {
    $this->client=new SoapClient('https://domains.live.com/service/managedomain2.asmx?WSDL');
  }


  private function doPost($url, $data) {
    $ctx=stream_context_create(array('http'=>array('method'=>'POST','content'=>$data)));
    $fp=@fopen($url,'rb',false,$ctx);
    if (!$fp) { return; }
    return @stream_get_contents($fp);
  }


  public function LiveLogin($memberName,$password) {
    $this->LoginURL=$this->GetLoginURL($memberName);
    $this->LoginDataTemplate=$this->GetLoginDataTemplate();
    $LoginData=str_replace(array("%NAME%","%PASSWORD%"),array($memberName,$password),$this->LoginDataTemplate);
    $namespace='http://domains.live.com/Service/ManageDomain/V1.0';
    $name='ManageDomain2Authorization';
    $this->authData=$this->doPost($this->LoginURL,$LoginData);
    $headers=new SoapHeader($namespace,$name,array('authorizationType'=>'PassportTicket','authorizationData'=>$this->authData));
    $this->client->__setSoapHeaders($headers);
  }


  public function GetLoginUrl($memberName) {
    $req->memberNameIn=$memberName;
    return $this->client->GetLoginUrl($req)->GetLoginUrlResult;
  }


  public function GetLoginDataTemplate() {
    return $this->client->GetLoginDataTemplate()->GetLoginDataTemplateResult;
  }


  public function VerifyAuthData($authData) {
    $req->authData=$authData;
    return $this->client->VerifyAuthData($req)->VerifyAuthDataResult;
  }


  public function CreateMember($memberName, $password, $resetPassword=false, $firstName="", $lastName="", $lcid="") {
    $req->memberNameIn=$memberName;
    $req->password=$password;
    $req->resetPassword=$resetPassword;
    $req->firstName=$firstName;
    $req->lastName=$lastName;
    $req->lcid=$lcid;
    return $this->client->CreateMember($req)->CreateMemberResult;
  }


  public function DeleteMember($memberName) {
    //Be careful when using this function. Deleted accounts will lose all e-mail. This Passport account will be placed in a forced rename state; so the next time this member logs in, the member will be asked to change that Passport account name, but the member won’t be able to change it to a name within this domain because now this domain name is reserved by Admin Center.
    $req->memberNameIn=$memberName;
    return $this->client->DeleteMember($req)->DeleteMemberResult;
  }


  public function EnumMembers($domainName,$start="",$num=5000) {
    $req->domainName=$domainName;
    $req->start=$start;
    $req->num=$num;
    return $this->client->EnumMembers($req)->EnumMembersResult;
  }


  public function EvictUnmanagedMember($memberName) {
    $req->memberNameIn=$memberName;
    return $this->client->EvictUnmanagedMember($req)->EvictUnmanagedMemberResult;
  }


  public function GetMemberCount($domainName) {
    $req->domainName=$domainName;
    return $this->client->GetMemberCount($req)->GetMemberCountResult;
  }


  public function GetMemberInfo($memberName) {
    $req->memberNameIn=$memberName;
    return $this->client->GetMemberInfo($req)->GetMemberInfoResult;
  }


  public function GetMemberNameState($memberName) {
    $req->memberNameIn=$memberName;
    return $this->client->GetMemberNameState($req)->GetMemberNameStateResult;
  }


  public function ImportUnmanagedMember($memberName) {
    $req->memberNameIn=$memberName;
    return $this->client->ImportUnmanagedMember($req)->ImportUnmanagedMemberResult;
  }


  public function MemberNameToNetId($memberName) {
    $req->memberNameIn=$memberName;
    return $this->client->MemberNameToNetId($req)->MemberNameToNetIdResult;
  }


  public function NetIdToMemberName($netid) {
    $req->netIdIn=$netid;
    return $this->client->NetIdToMemberName($req)->NetIdToMemberNameResult;
  }


  public function RenameMember($memberNameOld,$memberNameNew) {
    $req->memberNameOldIn=$memberNameOld;
    $req->memberNameNewIn=$memberNameNew;
    return $this->client->RenameMember($req)->RenameMemberResult;
  }


  public function SetMemberEmailAccess($memberName,$emailAccess) {
    $req->memberNameIn=$memberName;
    $req->value=$emailAccess;
    return $this->client->SetMemberEmailAccess($req)->SetMemberEmailAccessResult;
  }


  public function EnumDomains() {
    return $this->client->EnumDomains()->EnumDomainsResult;
  }


  public function GetDomainInfo($domainName) {
    $req->domainName=$domainName;
    return $this->client->GetDomainInfo($req)->GetDomainInfoResult;
  }


  public function TestConnection($testString) {
    $req->name=$testString;
    return $this->client->TestConnection($req)->TestConnectionResult;
  }
}

Sunday, January 10, 2010

Boy Genius shot down (RE: Google Android Personal Thoughts)

For a while now, I've been wanting to write a blog entry about how the I.T. 'security experts' seem to get so much information incorrect, and seem to empower themselves by spreading F.U.D. (Fear, Uncertainty, and Doubt).

Much of this I only began to notice during the "ikee" (the iPhone virus) days, but I'm noticing the same thing day in and day out now, as it is seeming to to become commonplace.
It's rather annoying, to see these 'experts' post information that is unverified, and clearly in error.

I understand that generalised media gets the information wrong quite often, but I would expect I.T. security websites to have a little more knowledge in I.T. Security.

Back to the title - Boy Genius shot down - I just typed 'Android' into Google, to find a blog post by Boy Genius in the news section, titled "Google Android Personal Thoughts".
After clicking through, I read an article that was written by "Boy Genius", which was probably the biggest pile of crap I've ever read.

Don't get me wrong, I'm a self confessed Android "fan-boi", and I've read many biased articles about Android, iPhone, and even Palm's webOS, but I've never heard an "Android" article that was so pro-iPhone since the very existance of Android.

But what I find very rather amusing, is the amount of frequent Boy Genius Report readers that have quickly shot him down for his blog post, with quite a few of them informing him in the public comments section that they will no longer be visiting Boy Genius Report because of this article.

Reading further into a previous article he's written about Android, I've concluded he's unable to tell the difference between an operating system, and third-party software. Somehow, he has concluded that applications such as Facebook are a part of Android ("Built in").

It's just very disappointing to see so many respected companies and blogs, that are posting information that will lead them to become disreputable.

Update:
A quick Google tells me that I'm not the only person Boy Genius has annoyed, a forum post titled another web loon bashes google android [androidforums.com] is a coincidentally about the same Boy Genius article mentioned above.

Now you'd hope this was a once off, but a previous Boy Genius article about the Palm Pre launch has sparked another blog post titled Boy Genius not so smart [insidesprintnow.wordpress.com]

Sunday, November 15, 2009

Android 2.0 becomes Open Source!

In a surprisingly quick move, The source code for the Eclair branch of Android (Android 2.0) has become available in the GIT repository today.
It comes considerably soon after Android 2.0 arrived on the Motorola Droid when it was recently released to market.


There are several pitfalls, including the fact that the only build configuration added so far, is optimised for the Android 2.0 SDK, rather than existing phones.
And as with the Android 1.6 source code, it expects a version of Java that is equal to 1.5 (not greater than), which leaves many developers with the requirement of modifying the file build/core/main.mk to remove the Java checks before being able to build the Android 2.0 binaries.
We're just hoping that it manages to be much faster than the build that was released with the Android 2.0 Service Development Kit

Within hours of the release, We've already seen the code ported to the oldest Android handset of them all - The T-mobile G1

Monday, November 9, 2009

The ikee virus - Preventing future attacks

My blog has recently had a lot of attention, due to my chats with "ikee", the Author of a major iPhone worm, that replicates itself on many phones, presumably until either all phones are secure, or, all phones contain the ikee virus.
If you're new here, Please see my previous blog posts: The truth about the ikee iPhone "virus" and Interview with ikee - iPhone Virus Creator - Virus removal details enclosed.
There is obviously one major flaw with the ikee virus: It is unable to gain access to iPhones that are behind a NAT.

I was originally going to post this, but i'd completely forgotten about it, due to the overwhelm of visitors and all the hype surrounding the iPhone virus.

I'm asking all of the people who are use jailbreak software, to contact the developers of the software they use, and request that the developers prompt users for a new password. This is important and is possibly the only way that this will stop hackers like ikee (and even that Dutch kid asking for $5 in return for unlocking) from doing what they are doing.
Adding a password prompt is too easy for developers, and as for why they havn't already - I have absolutely no idea.

Why the password prompt? Well the following two points may be where the problem was laying, and the reason the developers have not included some sort of automatic password changing tool as yet.
  1. If a developer changes the password for all users of the software to the same password, then it still leaves all the users of that particular software vulnerable to an attack
  2. If a developer changes the password to a random string, and displays it to the user to write down, the user will probably forget it
It's quite clear that a prompt for a password during the initial jailbreak is the only real solution to this problem, although I would also recommend that the developers stop distributing the SSH Daemon, and allow users to download it [the SSH Daemon] if and when required.

I'd encourage iPhone jailbreak application developers to send me an email (jd do.jeltel a@t gmail do.t com) and let me know what they've done to secure their users iPhones, the sooner we gain control over the situation, the better.

I'm getting many emails reporting variations to the ikee virus, this is explained in my interview with ikee, and is not a new version of the ikee virus.