Appstore == Rootkit
(ever thought of it this way?)
Using the Corona Warn App? You might have helped preventing a catastrophe. Just not the one you thought you did.
Android app development: Be forced to use an excessively complex build system that tries to squeeze every byte out of your compiled code like it’s 1980, then adds a compat library that’s 10 times the size of the actual app.
Just because I need to probe devices with DummyDroid. Currently, I gather the needed information d by pushing a tiny DEX file (~50kb) to the device and talk directly to the various system services via IBinder (that’s what shell tools like
pm do, too). But of course, for some strange reason, the AIDL files are not standardized, so this solution is unstable. I really need a Context, a Context can only be build by an ActivityThread and there’s no way to start one directly from ADB - the whole system was designed by lunatics.
Aww shit! Following up on yesterdays post, there are actually quite a number of optional URL parameters that can be specified when making a HTTP request to the FDFE API. So far, I found:
Their values are configured globally in the playstore app. When set, they are appended to the URL in the order above on every HTTP GET or POST request to the DFE API. The later three take a
false as a value. Not sure what they are suppose to do, though.
I should probably add support for adding arbitrary URL parameters in the coon-mothership library.
The (F)DFE API supports an URL parameter called “ipCountryOverride”. It can be enabled in a “secret” developer dialog. I always suspected that this is somehow used by Google engineers when they need to bypass geo blocking, but I could never figure out what to pass as a value. Booleans as well as locales don’t work and obviously, you cannot use an IP address to represent a country. What’s even more curious is that dialog loads data from a CSV file (which, of course, isn’t publicly available)!
You connect to a host called
android.clients.google.com, when talking to the Playstore. That’s actually a DNS CNAME and can resolve to a number of different IP addresses. The Playstore is not a single/central server system! Google likely runs a separate instance of it in a local datacenter in every country in the world.
So, maybe the value for the ipCountryOvveride parameter is the IP address of the (country) instance behind the load balancer then?
OK Google, why is my third grader so bad at reading and writing?
Hello $NAME, children learn from their parents. You have shown your child how to use Google Now. Voice search is a feature that enables you ask a question and get a spoken answer. There’s no more reason to read or write yourself!
(True story, actually - the part about bringing kids up to be lazy)
I’m always stunned when watching a movie/TV show in which a criminal makes a final call, then breaks the phone and throws it away in order to get rid of incriminating evidence. Yeah, sure, burner phones exist to be disposed of, but why break them? Your telco has a record of the phone call and if the police found the wreckage (your telco also knows which radio mast you have been connected to, when making that final call), they could desolder the internal storage from the mainboard - NAND flash chips can be quite resilient. They are also very bad at actually erasing data (when you delete a file, the operating system just marks the storage space as available again. If you truly want to get rid of a file, then you would first have to overwrite it with random garbage. However, writing to NAND flash is slow and wears the chip down - the controller tries to avoid that).
Yeah ok, that’s a problem for criminals, not law abiding citizens. You have nothing to hide - except maybe the credentials for your Google account, online banking…
Something, one should probably keep in mind when selling a used phone: doing a factory reset means all data on the phone is lost — unless the new owner has specialized equipment.
Whenever I see MS Office and Open Office fanboys argue which is the better product, I always picture a scene in a hardware store where two guys argue which hammer to buy in order to drive screws into the wall.
When you want to print your writing, use LaTeX, just saying.
Hrmpf! I started working on bringing app reviews to Raccoon. I’d rather not implement this. The more you dig into the API, the more you realize that this is nothing but a dark pattern to keep users engaged. It helps no one, but harms everyone.
So yes, you won’t make a difference by reviewing an app and you don’t gain any insight from reading reviews either.