Forwarded from Mishaal's Android News Feed
Microsoft is starting to warn users about changes in Android 15 that affect certain notifications when mirrored to Phone Link.
As I previously reported, Android 15 automatically redacts certain sensitive notifications (like those with OTP codes in them) from being sent to "untrusted" notification listeners. These notifications will instead say "sensitive content hidden."
Microsoft should be able to overcome this on devices where Phone Link is preinstalled and where the Companion Device Role for Computer is requested, as apps holding the Computer Role are granted the RECEIVE_SENSITIVE_NOTIFICATIONS permission that bypasses this redaction. So far, I think the Phone Link service only requests this role on Samsung devices running One UI 6.1.1 and later.
As I previously reported, Android 15 automatically redacts certain sensitive notifications (like those with OTP codes in them) from being sent to "untrusted" notification listeners. These notifications will instead say "sensitive content hidden."
Microsoft should be able to overcome this on devices where Phone Link is preinstalled and where the Companion Device Role for Computer is requested, as apps holding the Computer Role are granted the RECEIVE_SENSITIVE_NOTIFICATIONS permission that bypasses this redaction. So far, I think the Phone Link service only requests this role on Samsung devices running One UI 6.1.1 and later.
Forwarded from Tech & Leaks Zone
BREAKING: Xiaomi Flagships have Stage 5 Terminal Cancer and can die anytime
It looks good on paper as Xiaomi fanbois will fap to anything Xiaomi advertised, but let's have a look at BTS.
1. Volatile Data Loss Risk: The reserved space in UFS (Turbo Write region) isn’t meant for permanent storage. If repurposed for user data, it’s significantly more volatile, increasing the risk of random data loss during power failures or crashes.
2. Long-term Durability: Repurposing this space for user data could lead to increased write amplification and faster wear on the storage, making your device die randomly even just after warranty expires, eventually making customers buy a new Xiaomi device & Xiaomi thereby making money.
3. Performance Trade-offs: UFS 4.0 relies on this reserved space for write acceleration. Reducing it could lead to slower write speeds, especially for large or sustained workloads when you game or use AI models.
The GPT Backup exists in Over-Provisioning Space.
The GPT (GUID Partition Table) has two backups: one at the beginning of the block device and another at the end. "If" Xiaomi's approach to reducing the reserved over-provisioning space affects the area where the GPT backup resides, it could lead to the loss of Partition Information as if the GPT backup stored in the over-provisioning space is compromised or overwritten, critical partition mapping can be lost, rendering the storage unreadable or corrupt, thus making the device instable and even loss of data in worst-case scenarios.
Wait, it's not over yet.
Xiaomi’s implementation of ZRAM means both your apps and the system are writing into the same limited SLC cache. Here’s why this is a catastrophic design flaw:
1. Overloading the SLC Cache: Turbo Write relies on this SLC cache for fast writes. With ZRAM and user data writing into it, the cache could be perpetually full, leading to severe write amplification and performance degradation.
2. System Instability: ZRAM adds constant write pressure on the already reduced cache. When combined with high disk activity from apps or downloads, it could lead to slowdowns, freezes, or even storage failures.
Special Thanks to developers @xLOCKnLOADx @Lunarixus, Dyneteve and @theVakhovskeIsTaken for revealing the side-effects of this "discovery" by Xiaomi.
Follow @TechLeaksZone
In the launch video (around 2:04:00) I would summarise what Lei Jun said:
During writing HyperOS their engineers made a "discovery" that the UFS storage chips have 10GB+ storage reserved for "性能的优化" (Performance optimizations, so likely refers to UFS cache?)
They apparently optimised this to use much less space and so freeing up 8/16GB on their 256/512GB storage models, giving them "264/528GB" of actual usable storage.
It looks good on paper as Xiaomi fanbois will fap to anything Xiaomi advertised, but let's have a look at BTS.
1. Volatile Data Loss Risk: The reserved space in UFS (Turbo Write region) isn’t meant for permanent storage. If repurposed for user data, it’s significantly more volatile, increasing the risk of random data loss during power failures or crashes.
2. Long-term Durability: Repurposing this space for user data could lead to increased write amplification and faster wear on the storage, making your device die randomly even just after warranty expires, eventually making customers buy a new Xiaomi device & Xiaomi thereby making money.
3. Performance Trade-offs: UFS 4.0 relies on this reserved space for write acceleration. Reducing it could lead to slower write speeds, especially for large or sustained workloads when you game or use AI models.
The GPT Backup exists in Over-Provisioning Space.
The GPT (GUID Partition Table) has two backups: one at the beginning of the block device and another at the end. "If" Xiaomi's approach to reducing the reserved over-provisioning space affects the area where the GPT backup resides, it could lead to the loss of Partition Information as if the GPT backup stored in the over-provisioning space is compromised or overwritten, critical partition mapping can be lost, rendering the storage unreadable or corrupt, thus making the device instable and even loss of data in worst-case scenarios.
Wait, it's not over yet.
Xiaomi’s implementation of ZRAM means both your apps and the system are writing into the same limited SLC cache. Here’s why this is a catastrophic design flaw:
1. Overloading the SLC Cache: Turbo Write relies on this SLC cache for fast writes. With ZRAM and user data writing into it, the cache could be perpetually full, leading to severe write amplification and performance degradation.
2. System Instability: ZRAM adds constant write pressure on the already reduced cache. When combined with high disk activity from apps or downloads, it could lead to slowdowns, freezes, or even storage failures.
Special Thanks to developers @xLOCKnLOADx @Lunarixus, Dyneteve and @theVakhovskeIsTaken for revealing the side-effects of this "discovery" by Xiaomi.
Follow @TechLeaksZone
Forwarded from It's FOSS
We tried SimpleX Chat, a private, decentralized communications app.
https://news.itsfoss.com/simplex-chat/
https://news.itsfoss.com/simplex-chat/
It's FOSS
My Experience With SimpleX Chat: Is It The Ultimate Open Source Private Messaging App?
An impressive decentralized open source messaging app that does not require any user ID.
Forwarded from Gizchina.com
Microsoft Removes TPM 2.0 Requirement for Windows 11 on Older PCs
https://www.gizchina.com/2024/12/12/microsoft-removes-tpm-2-0-requirement-for-windows-11-on-older-pcs/
https://www.gizchina.com/2024/12/12/microsoft-removes-tpm-2-0-requirement-for-windows-11-on-older-pcs/
Forwarded from Gizchina.com
How to Unlock an Android Phone Without a Password
https://www.gizchina.com/2024/12/13/how-to-unlock-android-phone-without-password-2/
https://www.gizchina.com/2024/12/13/how-to-unlock-android-phone-without-password-2/
Forwarded from Gizchina.com
WhatsApp Enhances Group Video Call Features with Exciting Updates
https://www.gizchina.com/2024/12/13/whatsapp-enhances-group-video-call-features-with-exciting-updates/
https://www.gizchina.com/2024/12/13/whatsapp-enhances-group-video-call-features-with-exciting-updates/
Forwarded from Gizchina.com
ChatGPT’s Game-Changing Live Video Feature Arrives
https://www.gizchina.com/2024/12/13/chatgpts-game-changing-live-video-feature-arrives/
https://www.gizchina.com/2024/12/13/chatgpts-game-changing-live-video-feature-arrives/
Forwarded from /e/OS & Murena announcements
⚠ We recommend NOT to update any Google apps on /e/OS for now. Disable auto-updates in App Lounge if you are using Google apps, and update app per app. New updated Google apps have a signature incompatibility that prevent them to work. The team is working to find a solution. We'll keep you updated.
Forwarded from Omni Technovič
Forwarded from The Hacker News
[Free] Cloud Risk Self-Assessment Checklist
Ready to secure your cloud? Easily evaluate and uncover cloud risk with this simple checklist to help strengthen your security posture.
Downlod Checklist: https://thn.news/cloud-risk-checklist
Ready to secure your cloud? Easily evaluate and uncover cloud risk with this simple checklist to help strengthen your security posture.
Downlod Checklist: https://thn.news/cloud-risk-checklist
Forwarded from The Hacker News
🚨 Apple's TCC framework #vulnerability exposed!
A now-patched flaw (CVE-2024-44131) allowed unauthorized apps to access sensitive data like Health info, microphone, and #iCloud backups—without users knowing.
Learn more: https://thehackernews.com/2024/12/researchers-uncover-symlink-exploit.html
A now-patched flaw (CVE-2024-44131) allowed unauthorized apps to access sensitive data like Health info, microphone, and #iCloud backups—without users knowing.
Learn more: https://thehackernews.com/2024/12/researchers-uncover-symlink-exploit.html
Forwarded from The Hacker News
Gamaredon, a Russian-linked hacking group, targets mobile devices with BoneSpy and PlainGnome, #spyware stealing SMS, call logs, location, and photos in former Soviet states.
Find details here: https://thehackernews.com/2024/12/gamaredon-deploys-android-spyware.html
Find details here: https://thehackernews.com/2024/12/gamaredon-deploys-android-spyware.html
Forwarded from The Hacker News
Over 296,000 Prometheus Node Exporter instances and 40,300 servers are publicly accessible, exposing sensitive credentials and API keys.
Read the full article: https://thehackernews.com/2024/12/296000-prometheus-instances-exposed.html
Read the full article: https://thehackernews.com/2024/12/296000-prometheus-instances-exposed.html
Forwarded from The Hacker News
U.S. DoJ dismantles Rydox marketplace, seizes $225K in cryptocurrency, arrests three Kosovo nationals for selling stolen data and cybercrime tools, impacting 18,000 users.
Read the story: https://thehackernews.com/2024/12/fbi-busts-rydox-marketplace-with-7600.html
Read the story: https://thehackernews.com/2024/12/fbi-busts-rydox-marketplace-with-7600.html
Forwarded from The Hacker News
🚨 New Malware Alert: PUMAKIT, a #Linux rootkit, employs advanced stealth tactics to evade detection and escalate privileges.
It’s not just hiding files—it’s altering core system behavior while remaining invisible to system tools.
Learn how PUMAKIT operates 👉 https://thehackernews.com/2024/12/new-linux-rootkit-pumakit-uses-advanced.html
It’s not just hiding files—it’s altering core system behavior while remaining invisible to system tools.
Learn how PUMAKIT operates 👉 https://thehackernews.com/2024/12/new-linux-rootkit-pumakit-uses-advanced.html
Forwarded from The Hacker News
🔥 Iranian-linked IOCONTROL malware exploits IoT and OT devices, targeting SCADA systems and fuel infrastructure with advanced evasion tactics like MQTT and DNS-over-HTTPS.
🔗 Learn how this sophisticated malware operates https://thehackernews.com/2024/12/iran-linked-iocontrol-malware-targets.html
🔗 Learn how this sophisticated malware operates https://thehackernews.com/2024/12/iran-linked-iocontrol-malware-targets.html