Forwarded from Mishaal's Android News Feed
Folks, this is bad news. Very, very bad. Hackers and/or malicious insiders have leaked the platform certificates of several vendors. These are used to sign system apps on Android builds, including the "android" app itself. These certs are being used to sign malicious Android apps!
Why is that a problem? Well, it lets malicious apps opt into Android's shared user ID mechanism and run with the same highly privileged user ID as "android" - android.uid.system. Basically, they have the same authority/level of access as the Android OS process!
(Here's a short summary of shared UID, from my Android 13 deep dive.)
The post on the Android Partner Vulnerability Initiative issue tracker shared SHA256 hashes of the platform signing certificates and correctly signed malware using those certificates. Thanks to sites like
VirusTotal and APKMirror, it's trivial to see who is affected...
So, for example, this malware sample. Scroll down to the certificate subject/issuer, and whose name do you see? The biggest Android OEM on the planet? Yeah, yikes.
Go to APKMirror and just search for the SHA256 hash of the corresponding platform signing certificate... Yeah, this certificate is still being used to sign apps.
That's just one example. There are others at risk, too.
In any case, Google recommends that affected parties should rotate the platform certificate, conduct an investigation into how this leak happened, and minimize the number of apps signed with the platform certificate, so that future leaks won't be as devastating.
Why is that a problem? Well, it lets malicious apps opt into Android's shared user ID mechanism and run with the same highly privileged user ID as "android" - android.uid.system. Basically, they have the same authority/level of access as the Android OS process!
(Here's a short summary of shared UID, from my Android 13 deep dive.)
The post on the Android Partner Vulnerability Initiative issue tracker shared SHA256 hashes of the platform signing certificates and correctly signed malware using those certificates. Thanks to sites like
VirusTotal and APKMirror, it's trivial to see who is affected...
So, for example, this malware sample. Scroll down to the certificate subject/issuer, and whose name do you see? The biggest Android OEM on the planet? Yeah, yikes.
Go to APKMirror and just search for the SHA256 hash of the corresponding platform signing certificate... Yeah, this certificate is still being used to sign apps.
That's just one example. There are others at risk, too.
In any case, Google recommends that affected parties should rotate the platform certificate, conduct an investigation into how this leak happened, and minimize the number of apps signed with the platform certificate, so that future leaks won't be as devastating.
π₯10π1π1π€‘1
When hoewei & crapple fighting who's more cancerous:
https://www.cnbc.com/2022/11/30/apple-limited-a-crucial-airdrop-function-in-china-just-weeks-before-protests.html
https://www.cnbc.com/2022/11/30/apple-limited-a-crucial-airdrop-function-in-china-just-weeks-before-protests.html
π€‘6
Whoa, very good & representative videos made by sony on some of the pioneering in imaging sensors tech they've done over the years
π5π€―2
Forwarded from β ββ β β β β β²β²β²β²©
Looking at mi13 pro the little ledge of the camera intrigued me, so I did some research and found that, the focal length of the main sensor is not 23mm as stated by xiaomi but 21mm. Basically after the shot the phone makes a crop of the sensor, comparing the shot (photo 1) to 50mp vs 12.5 (the red clipping inside the first photo) you see xiaomi croppi the sensor, this is also noticeable from photo 2, where you compare the crop 2x of the photo from 50mp vs 12.5, it turns out to be 42mm vs 46.
So the 1.05β sensor is partly used using only 1/1.07β
This also happens with the telephoto lens, xiaomi declares 75mm, but by shooting in manual the photo turns out to be 66mm.
Basically xiaomi dopa its own features to make it look like something it doesnβt, we all know that this incorrect policy of feature doping should not be applied.
So the 1.05β sensor is partly used using only 1/1.07β
This also happens with the telephoto lens, xiaomi declares 75mm, but by shooting in manual the photo turns out to be 66mm.
Basically xiaomi dopa its own features to make it look like something it doesnβt, we all know that this incorrect policy of feature doping should not be applied.
π1
[TK] Tech Kush
Looking at mi13 pro the little ledge of the camera intrigued me, so I did some research and found that, the focal length of the main sensor is not 23mm as stated by xiaomi but 21mm. Basically after the shot the phone makes a crop of the sensor, comparing theβ¦
Here you are - hint straight from mi13 firmware
Forwarded from Tadi Channel
As media directly copied the imprecise claims of my friend on what staggered HDR actually is, let me correct it:
Typical sensor capture process works in a way that as long as your exposures are short, the integration (exposure start) of next frame won't happen any sooner than than the cycle of next frame, which basically starts when each of the sensor lines start integration, top to bottom. So for a sensor in 30 fps mode, it won't matter if your exposure time is 1/800s or 1/40s, you won't be able to capture more frames just because their exposure time is short.
Staggered HDR changes that. A sensor in such mode is able to have more than one ongoing integration start at a time, as long as a given line already stopped integration for the previous frame. This is better than bracketing typically is, as it lets the frames represent a narrower range of time. But it's really not a perfect timing match, the frames won't represent the same exact moment in time. To achieve that, you still need to rely on either dual...
Typical sensor capture process works in a way that as long as your exposures are short, the integration (exposure start) of next frame won't happen any sooner than than the cycle of next frame, which basically starts when each of the sensor lines start integration, top to bottom. So for a sensor in 30 fps mode, it won't matter if your exposure time is 1/800s or 1/40s, you won't be able to capture more frames just because their exposure time is short.
Staggered HDR changes that. A sensor in such mode is able to have more than one ongoing integration start at a time, as long as a given line already stopped integration for the previous frame. This is better than bracketing typically is, as it lets the frames represent a narrower range of time. But it's really not a perfect timing match, the frames won't represent the same exact moment in time. To achieve that, you still need to rely on either dual...
Tadi Channel
As media directly copied the imprecise claims of my friend on what staggered HDR actually is, let me correct it: Typical sensor capture process works in a way that as long as your exposures are short, the integration (exposure start) of next frame won't happenβ¦
YouTube
Staggered-HDR/ DOL-HDR