Mayur's Posterous http://agentm.posterous.com Most recent posts at Mayur's Posterous posterous.com Sun, 04 Dec 2011 08:05:00 -0800 Unboxing the Galaxy Nexus http://agentm.posterous.com/unboxing-the-galaxy-nexus http://agentm.posterous.com/unboxing-the-galaxy-nexus
To get a better/bigger view, click on the first picture and navigate left or right using the arrow keys on your keyboard.

I won't be doing a full review of this phone because I don't have the time and instead of doing a half-a$$ed writeup, just google "Galaxy Nexus review" and you should get about 167 million hits.

A few notable reviews:

AnandTech - Review for the nerds (added 19 Jan 2012)

The Verge. (Or you could skip the text and just watch the excellent video review here)

Engadget

Slashgear

CNET.co.uk

Google's latest and greatest is here and it comes pre-loaded with Android 4.0 a.k.a. Ice Cream Sandwich. The first few words that came to my mind after I started using the phone were "Holy Mother of God that is fast". Android's latest UI has been overhauled to make it extremely user friendly (or n00b friendly, if you must) and it's blazing fast. I love the sexy, subtle, snappy animations that respond everytime I touch that beautiful 720p screen. I can't possibly list all the awesome new features that are available on this phone ... Roboto font, face unlock, barometer, head tracking, 3rd party controller setup ... the reviews cover everything in detail. Engadget calls it the best Android phone and "possibly even the best phone available today, period". 

I also received this welcome message from Team Android after I activated my device :) 

 

Media_httpiimgurcompf_diaad

 

To be honest, I don't really need a new phone. My current phone is a Nexus One that's rooted and running CyanogenMod 7.1 with a kernel that was cherry picked to work best for my day-to-day needs. I've been using Android since Eclair (2.1) came out and ICS is a big jump for all of us who currently use Gingerbread. My Nexus One has aged gracefully and can still give any current generation iPhone/Blackberry/Windows phone a run for their money but the hardware is the only thing that's holding it back. I still don't know how I feel about not having a micro-sd card on the Galaxy Nexus, time will tell. I feel sorry for my friends in the States, they're going through hell not knowing the actual release date for this phone. Hang in there guys, even Hitler is pissed!

I've also put up a few comparison pictures at the end of the image gallery. You'll see the Galaxy Nexus, Samsung Galaxy S II, iPhone 4 and my Nexus One in that particular order. 

If anyone's got a question or wants a feature comparison, feel free to drop me a question via email, Facebook or Google+. You can also leave a comment below :)

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Thu, 01 Sep 2011 10:39:00 -0700 Fraudulent Google credential found in the wild http://agentm.posterous.com/fraudulent-google-credential-found-in-the-wil http://agentm.posterous.com/fraudulent-google-credential-found-in-the-wil

Security researchers have discovered a counterfeit web certificate for Google.com circulating on the internet that gives attackers the encryption keys needed to impersonate Gmail and virtually every other digitally signed Google property.

The forged certificate was issued on July 10 to digitally sign Google pages protected by SSL, or secure sockets layer. It was issued by DigiNotar, a certificate authority located in the Netherlands. The forged certificate is valid for *.google.com, giving its unknown holders the means to mount transparent attacks on a wide range of Google users who access pages on networks controlled by the counterfeiters.

It's at least the second time in five months that unauthorized parties have gotten hold of valid SSL certificates used to cryptographically prove that a sensitive website is authentic rather than a forgery. In March, hackers broke into the servers of a web-authentication authority and minted valid certificates for Google Mail and six other domains. It took eight days for the counterfeit credentials to be fully blocked from all major browsers, and much longer to be blacklisted from email programs.

The episode exposed serious vulnerabilities in the net's foundation of trust, because in the intervening time it was possible for attackers to create convincing forgeries of trusted services that were almost impossible for people on attacker-controlled networks to detect. The hack was carried out on a reseller of certificate authority Comodo, and came from servers that used an Iranian IP address. Monday's attack appeared to be more of the same.

“This isn't a huge surprise,” Moxie Marlinspike, a researcher and frequent critic of the SSL system said on Monday about the discovery of the latest Google certificate forgery. “This is the kind of thing we should expect is happening all the time. The only thing noteworthy is that anyone noticed.”

Google and Mozilla have responded to the forgery by preparing updates to Chrome, Firefox and other software programs that take the highly unusual step of blocking all certificates issued by DigiNotar while the forgery is being investigated.

According to a post published on Sunday by a user calling himself alibo, the counterfeit certificate surfaced when he tried to log into his Gmail account using the Google Chrome browser.

“I think my ISP or my government did this attack (because I live in Iran and you may hear something about the story of Comodo hacker!)” he wrote.

Alibo's claims that Iranian ISPs including ParsOnline were using the certificate to validate Gmail couldn't be independently confirmed. But the document he published has been verified by researchers as a valid certificate issued on July 10 by DigiNotar that digitally signs all URLs that end in Google.com.

“This CA should receive an internet death sentence as their carelessness may have resulted in deaths in Iran,” an unknown researcher who verified the certificate wrote. “This cert was issued in JULY of 2011 and it is now just a few days before SEPTEMBER. It is being used in the wild against real people in Iran *right* now.”

Indeed, statements issued by Google and Mozilla shortly after this article was first published indicate a growing mistrust of DigiNotar, which in January was acquired by VASCO Data Security, a maker of two-factor tokens and other authentication products.

“While we investigate, we plan to block any sites whose certificates were signed by DigiNotar,” a statement issued by Google announced.

Google credited a security feature recently added to its Chromium browser engine with protecting alibo and bringing the bogus credential to public attention.

Mozilla, meanwhile, said it planned to issue updates for Firefox, Thunderbird and SeaMonkey shortly “that will revoke trust in the DigiNotar root and protect users from this attack.” It invited users who don't want to wait to manually purge the DigiNotar root from their browsers following these instructions.

Representatives from DigiNotar didn't respond to repeated requests for comment.

Marlinspike has recently proposed a new system he calls Convergence for authenticating websites. It allows end users to query parties they trust when validating the SSL certificates provided by websites they encounter. The system, which is enabled through an add-on for Firefox, is designed to eliminate reliance on certificate authorities, which aren't legally or financially accountable to end users and have suffered a variety of security breaches over the years.

Someone relying on Convergence wouldn't have been tricked by the rogue certificate discovered Monday.

“Whoever got this cert seems to have had it since July 10th, almost 40 days!” Melih Abdulhayoglu, CEO of Comodo wrote in an email. “Maybe they already had a good use out of it would be one guess I have. I find it difficult to believe that this is for notoriety, as if it was, then they would publish it immediately after obtaining it.”

Abdulhayoglu said the certificate was revoked on Monday, but that status may not do much to stop any attacks in progress. As Marlinspike demonstrated in 2009, it's trivial for attackers to suppress the error messages returned by revoked certificates, allowing rogue certificates to live on for weeks or months after they are discovered. The only foolproof way to revoke a certificate is to update each browser, email client, and other piece of software accepting SSL certificates to blacklist the counterfeit credential.

That means the certificate could be a threat until patches are issued by all software makers that work with SSL certificates. It's unclear how long that will take.

If it's true that this credential is being used to snoop on Gmail users, there's no telling how long it will take to stop the attack. ®

This post was updated to include comment from Google and Mozilla.

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Sun, 14 Aug 2011 09:54:00 -0700 New MIUI Lockscreen http://agentm.posterous.com/new-miui-lockscreen http://agentm.posterous.com/new-miui-lockscreen

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Sun, 14 Aug 2011 09:48:00 -0700 Patrick Bolvin Releasing a “Kick-Ass Stop-Motion Animation” Video in October Featuring Optimus “Prime” http://agentm.posterous.com/patrick-bolvin-releasing-a-kick-ass-stop-moti http://agentm.posterous.com/patrick-bolvin-releasing-a-kick-ass-stop-moti

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Fri, 12 Aug 2011 03:39:00 -0700 Official Google Blog: Games in Google+: fun that fits your schedule http://agentm.posterous.com/official-google-blog-games-in-google-fun-that http://agentm.posterous.com/official-google-blog-games-in-google-fun-that
Media_http1bpblogspot_wijbm

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Mon, 08 Aug 2011 11:56:00 -0700 Android App Turns Smartphones Into Mobile Hacking Machines - Andy Greenberg - The Firewall - Forbes http://agentm.posterous.com/android-app-turns-smartphones-into-mobile-hac http://agentm.posterous.com/android-app-turns-smartphones-into-mobile-hac
Dangerous hacks come in small packages.

Or they will, perhaps, when an app called Anti, or Android Network Toolkit, hits the Android market next week. The program, which Israeli security firm Zimperium revealed at the Defcon hacker conference in Las Vegas Friday and plans to make available to Android users in coming days, is designed for penetration testing–in theory, searching out and demonstrating vulnerabilities in computer systems so that they can be patched. Anti aims to bring all the hacking tools available to penetration testers on PCs to smartphones, with an automated interface intended to make sniffing local networks and owning remote servers as simple as pushing a few buttons.

 

Media_httpblogsimages_atlwh

“We wanted to create a penetration testing tool for the masses, says Itzhak “Zuk” Avraham, founder of Tel-Aviv-based Zimperium. “It’s about being able to do what advanced hackers do with a really good implementation. In your pocket.”

 

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Fri, 29 Jul 2011 12:00:58 -0700 Microsoft's internal Gmail parody video. http://agentm.posterous.com/microsofts-internal-gmail-parody-video http://agentm.posterous.com/microsofts-internal-gmail-parody-video

All Gmail has to do is point at Hotmail and have a laugh. Seriously.

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Fri, 29 Jul 2011 00:07:24 -0700 TouchPal Keyboard - the future of input http://agentm.posterous.com/touchpal-keyboard-the-future-of-input http://agentm.posterous.com/touchpal-keyboard-the-future-of-input

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Tue, 14 Jun 2011 14:28:04 -0700 Google Search with Instant Pages http://agentm.posterous.com/google-search-with-instant-pages http://agentm.posterous.com/google-search-with-instant-pages

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Fri, 03 Jun 2011 10:43:00 -0700 Barnes & Noble NOOK Color hacked to run MeeGo Linux http://agentm.posterous.com/barnes-noble-nook-color-hacked-to-run-meego-l http://agentm.posterous.com/barnes-noble-nook-color-hacked-to-run-meego-l
Media_httpliliputingw_gqqkk

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Fri, 27 May 2011 00:43:00 -0700 Introducing the people widget - Official Gmail Blog http://agentm.posterous.com/introducing-the-people-widget-official-gmail http://agentm.posterous.com/introducing-the-people-widget-official-gmail
Media_http3bpblogspot_hdhws

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Tue, 24 May 2011 10:18:00 -0700 NVIDIA CEO hints at Tegra 3-powered Nexus 3 http://agentm.posterous.com/nvidia-ceo-hints-at-tegra-3-powered-nexus-3 http://agentm.posterous.com/nvidia-ceo-hints-at-tegra-3-powered-nexus-3
Media_httpandroidandm_dpfed

This is what the Tegra 3 Kal-El processor is capable of http://en.wikipedia.org/wiki/Nvidia_Tegra#Tegra_.28Kal-El.29_series

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Wed, 11 May 2011 03:52:00 -0700 Android@Home Lets You Control Your Lights & Appliances Wirelessly http://agentm.posterous.com/androidhome-lets-you-control-your-lights-appl http://agentm.posterous.com/androidhome-lets-you-control-your-lights-appl

 

Google has just unveiled the Android@Home framework, a set of protocols for controlling light switches, alarm clocks and other home appliances through any Android device.

The search giant’s ambitious plan intends to turn the home into one connected device. During a demo Tuesday at Google I/O in San Francisco, the company showed off the capability to control lights via an Android tablet. Android@Home essentially makes it possible to control wireless or connected devices.

Google also showed off a new type of Android device: a home theater system called “Project Tungsten.” Google rigged several speakers to the Android OS and, using an Android tablet, controls the speaker system. Google also demonstrated how the system can start playing music just by swiping a near-field communication-enabled CD case in front of the “Project Tungsten” setup.

Don’t expect to be controlling your home light switches with Android@Home next week, though. Google has partnered with companies such as LightingScience to bring compatible appliances and devices to the market, but they won’t debut until the end of the year.

Google unveiled the framework now so that developers can get a head start on building apps on top of the new protocols.

via mashable.com

 

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Tue, 10 May 2011 19:43:00 -0700 Google I/O 2011: Keynote Day One http://agentm.posterous.com/google-io-2011-keynote-day-one http://agentm.posterous.com/google-io-2011-keynote-day-one

Android 2.4 "Ice Cream Sandwich" confirmed!

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Mon, 09 May 2011 15:20:00 -0700 Google Chrome Pwned by VUPEN aka Sandbox/ASLR/DEP Bypass http://agentm.posterous.com/google-chrome-pwned-by-vupen-aka-sandboxaslrd http://agentm.posterous.com/google-chrome-pwned-by-vupen-aka-sandboxaslrd

Hi everyone,

We are (un)happy to announce that we have officially Pwnd Google Chrome and its sandbox.

The exploit shown in this video is one of the most sophisticated codes we have seen and created so far as it bypasses all security features including ASLR/DEP/Sandbox, it is silent (no crash after executing the payload), it relies on undisclosed (0day) vulnerabilities discovered by VUPEN and it works on all Windows systems (32-bit and x64).

The video shows the exploit in action with Google Chrome v11.0.696.65 on Microsoft Windows 7 SP1 (x64). The user is tricked into visiting a specially crafted web page hosting the exploit which will execute various payloads to ultimately download the Calculator from a remote location and launch it outside the sandbox at Medium integrity level.

While Chrome has one of the most secure sandboxes and has always survived the Pwn2Own contest during the last three years, we have now uncovered a reliable way to execute arbitrary code on any installation of Chrome despite its sandbox, ASLR and DEP.

This code and the technical details of the underlying vulnerabilities will not be publicly disclosed. They are shared exclusively with our Government customers as part of our vulnerability research services.


 

via Vupen Security

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Mon, 25 Apr 2011 08:37:00 -0700 B&N Nook Color update released, brings Froyo, apps, and Flash, we go hands-on (video) http://agentm.posterous.com/50772713 http://agentm.posterous.com/50772713

We've been waiting for this day: our little reader would finally become a big boy tablet -- without having to resort to any sort of hackery. We knew it was coming and, as of now, owners of the Barnes & Noble Nook Color should be receiving notices that their devices are ready to drop those training wheels and run some proper apps. Flash web browsing, downloads, games, e-mail, it's all here. Click on through for our impressions and a video of the update in action.

Obviously the biggest addition here are the apps themselves, and sadly we're not talking full Market access -- nor access to any of the standard Google applications like Gmail or Maps. Barnes & Noble has its own set of libraries that software developers must include and use, providing the unified experience the company wants to bring to its little ecosphere, making the look and feel of apps jive with the rest of the system. As to which apps will be available, we saw a number of games, cooking helpers like Epicurious, and, yes, Angry Birds -- though we weren't able to get the latter to install successfully.

To that end, frequently used apps slot right in next to your most recently read books and magazines, and browsing for them in the store is just like hunting for printed titles, even carrying over the same categories -- or genres, as it were. The stock browser now includes Flash support and things perform reasonably well, but there was some noticeable lag at times when playing videos or scrolling about on pages with animations. Performance is generally good, but there are definitely some responsiveness issues and it's safe to say your Nook won't exactly be making any owners of dual-core Honeycomb tablets jealous when it comes to performance.


The reading experience has also been improved, with proper page turning animations, important for those who need a little visual flair with their reading. Reading can now be done in landscape mode for anyone so inclined, while books can include videos and animations. No, you won't be seeing a dramatic recreation of Jean Valjean stealing bread, but you might just find some how-to videos in cookbooks showing you how to properly activate your yeast.

Some children's books are also being updated, adding "read and play" functionality that mixes simple games and challenges in with the text and pictures. In one Dr. Seuss book we were presented a picture of multiple white dogs and were asked to tap on the one wearing roller skates. We found it.

There are a number of other tweaks coming, too, including beta access into a new social portal. This lets you see what friends are reading, taunt them for their Twilight addiction, and even guiltily request to borrow a copy of Breaking Dawn. This has the potential to make the Nook's lending functionality far more useful than it is now.


Ultimately this latest update turns the $250 Nook Color into a fine entry-level tablet with a comfortable size, nice screen and a rather accessible price. That said, this is still a far cry from the pure Android tablet experience that many enthusiasts want. In other words: this isn't likely to stop those Nook hacks that we've come to know and love over the years.

Update: Barnes & Noble indicates the software will be pushed to WiFi-connected devices over the "coming weeks," but if you just can't wait you can download your update here.

Update 2: We've added some further pictures and a more detailed video.

via engadget.com

 

Android devices: BEST INVESTMENT EVER.

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Fri, 22 Apr 2011 07:12:00 -0700 Life in a Day - Trailer http://agentm.posterous.com/life-in-a-day-trailer http://agentm.posterous.com/life-in-a-day-trailer

I remember posting about this on Crackbook when it was announced. I was in Dubai that day.

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Sat, 02 Apr 2011 20:16:00 -0700 Android in space! http://agentm.posterous.com/android-in-space http://agentm.posterous.com/android-in-space

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Fri, 25 Feb 2011 11:19:00 -0800 Gingerbread OTA now available - xda-developers http://agentm.posterous.com/gingerbread-ota-now-available-xda-developers http://agentm.posterous.com/gingerbread-ota-now-available-xda-developers
Media_httpimg705image_igetc

Keep checking, guys :)

I'll wait for a stable release of CM7 to come out.

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia
Wed, 16 Feb 2011 17:18:00 -0800 Androidify App - Make your own Android avatars! http://agentm.posterous.com/androidify-app-make-your-own-android-avatars http://agentm.posterous.com/androidify-app-make-your-own-android-avatars

I'll be posting mine soon :D

Permalink | Leave a comment  »

]]>
http://files.posterous.com/user_profile_pics/1383466/spaceinvader_-_zoom.jpg http://posterous.com/users/5AfDSub3Dnfb Mayur Bhatia AgentM Mayur Bhatia