Related
http://androidspin.com/2010/08/13/oracle-hits-google-with-patent-and-copyright-infringement-lawsuit/
Could this put halt the development of android? Could this permanently damage android? What will android be without java running it?
Ace42;7667881
Could this put halt the development of android? Could this permanently damage android? What will android be without java running it?[/QUOTE said:
That is just legal speak for, "WE WANT MONEY! GIVE US MONEY!"
Click to expand...
Click to collapse
So what?! Sun has been milking Microsoft to the tune of $1 million *a day* about 10 years ago for some java violation.
I think the platform is important enough for Google to settle/pay up. After all, they need more mobile devices with the internet access to generate more ad revenue.
stangri said:
So what?! Sun has been milking Microsoft to the tune of $1 million *a day* about 10 years ago for some java violation.
I think the platform is important enough for Google to settle/pay up. After all, they need more mobile devices with the internet access to generate more ad revenue.
Click to expand...
Click to collapse
Yes but Microsoft as part of their settlement stopped development of their JVM completely. That's why you need to install java on new PC's before running java programs. If this goes the same way as the Microsoft settlement; then I would assume it would put an end to JVM core that makes android work.
That said, I belive Google will find a way through this.
-KAF
Sent from my Rooted T-Mobile myTouch 3G Slide using XDA App running CR_Mod_1.35.531_OTA
GeekBrat said:
Yes but Microsoft as part of their settlement stopped development of their JVM completely. That's why you need to install java on new PC's before running java programs. If this goes the same way as the Microsoft settlement; then I would assume it would put an end to JVM core that makes android work.
That said, I belive Google will find a way through this.
-KAF
Sent from my Rooted T-Mobile myTouch 3G Slide using XDA App running CR_Mod_1.35.531_OTA
Click to expand...
Click to collapse
Java is a vital part to android, if google has to remove it then it will threaten the OS pretty badly. I'm wondering if they waited this long since android is more popular now.
they obviously wanted to see how android did before they did anything about it, and when oracle acquired Sun they decided to say something to google before it got out of hand. android has just surpassed iphone in market share so i would think google would just pay up and maybe even buy some large chunk of sun/java/oracle, if they decide not to pay up then yes we are gonna be hurting real soon for android devices and frankly i don't think i can go back to a winmo device and i will NEVER put in iphone in my pocket as my daily phone. (and then there's symbian but that's a joke anyways)
tubaking182 said:
... i don't think i can go back to a winmo device and i will NEVER put in iphone in my pocket as my daily phone. (and then there's symbian but that's a joke anyways)
Click to expand...
Click to collapse
What about meego? (just curious).
Sent from my Rooted T-Mobile myTouch 3G Slide using XDA App running CR_Mod_1.35.531_OTA
Lets get is strait. Oracle(Sun at that time) open sourced Java runtime environment under GPL 2.0. But with one condition - they promised to sue anyone who will release incompatible version of Java runtime over patent infringements - while promised not to go after those who comply with Suns rules. Sun also reserved and kept full copyright over the code. So anyone (good example is Blackberry/RIM) who want to extend JRE and/or do not wish to release their code/modifications under GPL have to pay royalties to Sun (now Oracle).
Basic definition of open source - it is a freedom to modify source code and distribute modified software free of royalties or any other type of payments. Sun effectively forbidden any modifications of Java using patent threats. Even before this story started, GPL v.3 already addressed an issue (if someone release software under GPL 3 they are giving up patents rights). But the problem that Java is under GPL 2.
Here comes the Google. Google wanted to move into mobile market, but they did not like to pay any royalties. So they come with Dalvik, a Java VM that was written from scratch. Google also took Java libraries from Apache Harmony project. And they come up with their own java bytecode/compiled file format. So they haven't used a single line of code that was written by Sun, but their VM fully support Java syntax (but not .jar files!) plus many standard Java classes. And they don't owe anything to Oracle. Plus from developer point of view porting over most of Java projects relatively simple task. Worst of all for Oracle, Google released Dalvik under non copyleft license, so basically anyone could use it for any purpose - including handset manufacturers who do not wish to open source their code.
Now lets take a look at a bigger picture. There are more then a billion mobile phones were sold last year. Most of them of them do run Java plus most of them were sold on so called emerging markets. So many are relatively cheap handsets and price is an issue. And we are talking about billions $, dozens of billions $ over years to come revenue stream toward Oracle. Plus there are set top boxes etc. And here come absolutely free Dalvik and Apache Harmony. Harmony, another Java VM similar to Dalvik have it own issues: it do use standard .jar file container, some parts of it covered by Oracle's patents. Apache also participating in Java Community Process, and restricted by compatibility requirements set by Oracle. Process itself is under control of an Oracle, for example Oracle have exclusive veto right. And here come Davlik. Dalvik is absolutely free, don't use any patented parts(.jar and/or java bytecode) etc and so on. And legally clean. Sure Oracle don't like it. But what can they do?
FUD. That is Oracle's only option to postpone Dalvik adoption by cell phone makers. Oracle could not attack fundamentals of Dalvik - Java syntax not patented plus Oracle have absolutely no way to influence what libraries would be implemented by Google. So it sue Google over 7 patents, some attack decoding algorithms of VM (could easily be rewritten, maximum damage new algorithms would be slower then current). Some attack Dalvik compiled code format(.dex files). That is more serious, but maximum damage again won't be mortal for Dalvik or Android - worst case scenario Android 3.0 would not be able to execute .apk that were compiled for Android 1.5-2.2. But I'm sure Google will find a way to update apk that were already uploaded to Market without developers requiring to upload new version themselves. And a last, and very least attack is on Android SDK. That is not even worse discussing.
In my opinion, most likely scenario - Google will win the case. Worst possible outcome - Google would be fined, and will have to rewrite some portions of Dalvik plus make new versions incompatible with currently fielded .dex file structure. But one way or another court would take years, and Oracle would make everything humanly(corporatively) possible to prolong the process. The longer hardware manufacturers are in doubt about fielding Dalvik - the more profit Oracle would make from royalties.
drTestPilot said:
Lets get is strait. Oracle(Sun at that time) open sourced Java runtime environment under GPL 2.0. But with one condition - they promised to sue anyone who will release incompatible version of Java runtime over patent infringements - while promised not to go after those who comply with Suns rules. Sun also reserved and kept full copyright over the code. So anyone (good example is Blackberry/RIM) who want to extend JRE and/or do not wish to release their code/modifications under GPL have to pay royalties to Sun (now Oracle).
Basic definition of open source - it is a freedom to modify source code and distribute modified software free of royalties or any other type of payments. Sun effectively forbidden any modifications of Java using patent threats. Even before this story started, GPL v.3 already addressed an issue (if someone release software under GPL 3 they are giving up patents rights). But the problem that Java is under GPL 2.
Here comes the Google. Google wanted to move into mobile market, but they did not like to pay any royalties. So they come with Dalvik, a Java VM that was written from scratch. Google also took Java libraries from Apache Harmony project. And they come up with their own java bytecode/compiled file format. So they haven't used a single line of code that was written by Sun, but their VM fully support Java syntax (but not .jar files!) plus many standard Java classes. And they don't owe anything to Oracle. Plus from developer point of view porting over most of Java projects relatively simple task. Worst of all for Oracle, Google released Dalvik under non copyleft license, so basically anyone could use it for any purpose - including handset manufacturers who do not wish to open source their code.
Now lets take a look at a bigger picture. There are more then a billion mobile phones were sold last year. Most of them of them do run Java plus most of them were sold on so called emerging markets. So many are relatively cheap handsets and price is an issue. And we are talking about billions $, dozens of billions $ over years to come revenue stream toward Oracle. Plus there are set top boxes etc. And here come absolutely free Dalvik and Apache Harmony. Harmony, another Java VM similar to Dalvik have it own issues: it do use standard .jar file container, some parts of it covered by Oracle's patents. Apache also participating in Java Community Process, and restricted by compatibility requirements set by Oracle. Process itself is under control of an Oracle, for example Oracle have exclusive veto right. And here come Davlik. Dalvik is absolutely free, don't use any patented parts(.jar and/or java bytecode) etc and so on. And legally clean. Sure Oracle don't like it. But what can they do?
FUD. That is Oracle's only option to postpone Dalvik adoption by cell phone makers. Oracle could not attack fundamentals of Dalvik - Java syntax not patented plus Oracle have absolutely no way to influence what libraries would be implemented by Google. So it sue Google over 7 patents, some attack decoding algorithms of VM (could easily be rewritten, maximum damage new algorithms would be slower then current). Some attack Dalvik compiled code format(.dex files). That is more serious, but maximum damage again won't be mortal for Dalvik or Android - worst case scenario Android 3.0 would not be able to execute .apk that were compiled for Android 1.5-2.2. But I'm sure Google will find a way to update apk that were already uploaded to Market without developers requiring to upload new version themselves. And a last, and very least attack is on Android SDK. That is not even worse discussing.
In my opinion, most likely scenario - Google will win the case. Worst possible outcome - Google would be fined, and will have to rewrite some portions of Dalvik plus make new versions incompatible with currently fielded .dex file structure. But one way or another court would take years, and Oracle would make everything humanly(corporatively) possible to prolong the process. The longer hardware manufacturers are in doubt about fielding Dalvik - the more profit Oracle would make from royalties.
Click to expand...
Click to collapse
Nicely said, i learned something new today.
drTestPilot said:
Legal mumbo jumbo...
Click to expand...
Click to collapse
Great post by a relatively new member. Thanks
Edit: Now tell us how you really feel
Vulnerability Allows Attackers to Modify Android Apps Without Breaking Their Signatures
This might be the reason why the new MF2 and ME6 are not downgradable and why the 4.2.2 update was delayed.
Source->http://www.cio.com/article/735878/V...ndroid_Apps_Without_Breaking_Their_Signatures
IDG News Service — A vulnerability that has existed in Android for the past four years can allow hackers to modify any legitimate and digitally signed application in order to transform it into a Trojan program that can be used to steal data or take control of the OS.
Researchers from San Francisco mobile security startup firm Bluebox Security found the flaw and plan to present it in greater detail at the Black Hat USA security conference in Las Vegas later this month.
The vulnerability stems from discrepancies in how Android apps are cryptographically verified, allowing an attacker to modify application packages (APKs) without breaking their cryptographic signatures.
When an application is installed and a sandbox is created for it, Android records the application's digital signature, said Bluebox Chief Technology Officer Jeff Forristal. All subsequent updates for that application need to match its signature in order to verify that they came from the same author, he said.
This is important for the Android security model because it ensures that sensitive data stored by one application in its sandbox can only be accessed by new versions of that application that are signed with the original author's key.
The vulnerability identified by the Bluebox researchers effectively allows attackers to add malicious code to already signed APKs without breaking their signatures.
The vulnerability has existed since at least Android 1.6, code named Donut, which means that it potentially affects any Android device released during the last four years, the Bluebox researchers said Wednesday in a blog post.
"Depending on the type of application, a hacker can exploit the vulnerability for anything from data theft to creation of a mobile botnet," they said.
The vulnerability can also be exploited to gain full system access if the attacker modifies and distributes an app originally developed by the device manufacturer that's signed with the platform key -- the key that manufacturers use to sign the device firmware.
"You can update system components if the update has the same signature as the platform," Forristal said. The malicious code would then gain access to everything -- all applications, data, accounts, passwords and networks. It would basically control the whole device, he said.
Attackers can use a variety of methods to distribute such Trojan apps, including sending them via email, uploading them to a third-party app store, hosting them on any website, copying them to the targeted devices via USB and more.
Some of these methods, especially the one involving third-party app stores, are already being used to distribute Android malware.
Using Google Play to distribute apps that have been modified to exploit this flaw is not possible because Google updated the app store's application entry process in order to block apps that contain this problem, Forristal said. The information received by Bluebox from Google also suggests that no existing apps from the app store have this problem, he said.
However, if an attacker tricks a user to manually install a malicious update for an app originally installed through Google Play, the app will be replaced and the new version will no longer interact with the app store. That's the case for all applications or new versions of applications, malicious or non-malicious, that are not installed through Google Play, Forristal said.
Google was notified of the vulnerability in February and the company shared the information with their partners, including the members of the Open Handset Alliance, at the beginning of March, Forristal said. It is now up to those partners to decide what their update release plans will be, he said.
Forristal confirmed that one third party device, the Samsung Galaxy S4, already has the fix, which indicates that some device manufacturers have already started releasing patches. Google has not released patches for its Nexus devices yet, but the company is working on them, he said.
Google declined to comment on the matter and the Open Handset Alliance did not respond to a request for comment.
The availability of firmware updates for this issue will differ across device models, manufacturers and mobile carriers.
Whether a combination of device manufacturers and carriers, which play an important role in the distribution of updates, coincide to believe that there is justification for a firmware update is extremely variable and depends on their business needs, Forristal said. "Ideally it would be great if everyone, everywhere, would release an update for a security problem, but the practical reality is that it doesn't quite work that way, he said."
The slow distribution of patches in the Android ecosystem has long been criticized by both security researchers and Android users. Mobile security firm Duo Security estimated last September, based on statistics gathered through its X-Ray Android vulnerability assessment app, that more than half of Android devices are vulnerable to at least one of the known Android security flaws.
Judging by Android's patch distribution history so far, the vulnerability found by the Bluebox researchers will probably linger on many devices for a long time, especially since it likely affects a lot of models that have reached end-of-life and are no longer supported.
Click to expand...
Click to collapse
I really thought more people would be interested in knowing this. I would really like to know what you guys think about this.
Key phrase here is "for apps not installed through the google store". Hence not an issue for a large fraction of users. Total case of FUD. Someone must be wanting to sell some av software.
Sent from my GT-N7100 using Tapatalk 4 Beta
Kremata said:
I really thought more people would be interested in knowing this. I would really like to know what you guys think about this.
Click to expand...
Click to collapse
Well, X-Ray scanner either does not detect this latest security flaw or N7100 (as of DM6) is allready patched.
Kremata said:
I really thought more people would be interested in knowing this. I would really like to know what you guys think about this.
Click to expand...
Click to collapse
This is the first link I found for XDA on this.
I think it's not that interesting because it's old, old news and exactly why it's being touted as a "new" discovery is beyond me, it's far from new.
We here at XDA have been using this method for years to modify stock Android and OEM system apps with great success. Here's an example by me from 2011: http://forum.xda-developers.com/showthread.php?t=994544 there's a literally hundreds of examples all over XDA.
The real question here is how Bluebox security got everybody to act as a PR machine for them. If they turn up at Black Hat with this "amazing discovery" they're going to get laughed off the stage.
djmcnz said:
This is the first link I found for XDA on this.
I think it's not that interesting because it's old, old news and exactly why it's being touted as a "new" discovery is beyond me, it's far from new.
We here at XDA have been using this method for years to modify stock Android and OEM system apps with great success. Here's an example by me from 2011: http://forum.xda-developers.com/showthread.php?t=994544 there's a literry hundreds of examples all over XDA.
The real question here is how Bluebox security got everybody to act as a PR machine for them. If they turn up at Black Hat with this "amazing discovery" they're going to get laughed off the stage.
Click to expand...
Click to collapse
Ahh! Thats the answer I was waiting for (and from a Recognized Developer). I knew XDA Devs were using this method. My new question is.. If they fix it will it be harder to create Mods? Will it slow down development?
Shouldn't this be posted in the generals forum?
Kremata said:
If they fix it will it be harder to create Mods? Will it slow down development?
Click to expand...
Click to collapse
I suspect so. If they fix it properly it would become impossible to change any aspect of the app without signing it again. If you wanted to maintain compatibility with the original then you'd need the developer's keys.
At the moment really only the manifest and some metadata within the apk is signed, if they extended that to the entire contents of the apk many mods (think themes for stock Google apps etc) are screwed unless users are happy to relinquish Play Store links and updates (i.e. backward compatibility).
Google may not go this far and may only choose to authenticate the code (smali) rather than all of the apk contents (graphics, strings etc), this approach would leave room for some mods to survive. Remains to be seen.
So I read today that apparently it has been known for quite a while that Sailfish OS' "Alien Dalvik" feature will be unavailable on all non-Jolla phones which makes it impossible for those of us who want to install Sailfish on their own devices to use Android applications and need to be locked to the Sailfish native applications.
This is due to Alien Dalvik being proprietary and licensed software from the Myriad Group, thus cannot be bundled with ports of Sailfish OS (that includes the Nexus 4, i9305, Nexus 7 ports). As far as I can see it's sold as well, so installing it on the side like Gapps seems to be out of the question.
Has Jolla mentioned anything about this? All I can find are community members saying Alien Dalvik will be unavailable on ports due to the licensing of the product. Without it, Sailfish OS might suddenly becomes a much less interesting as a whole to many, as the ability to install and run Android applications were one of the key features of a otherwise very interesting OS. Any thoughts or more light to shed on this? Will Sailfish OS users that aren't using Jolla phones be stuck with native applications permanently? Or is this something Jolla will change as the product matures?
It's obviously a "pay to play" situation. To rectify it, Jolla would have to charge users a fee to install Sailfish on 3rd party handsets or violate their TOS with Myriad. I don't see that happening. Maybe if enough users come on board, Myriad will find it attractive to offer a license/apk directly to Sailfish users?
Consistant said:
Will Sailfish OS users that aren't using Jolla phones be stuck with native applications permanently? Or is this something Jolla will change as the product matures?
Click to expand...
Click to collapse
Stuck? Really? I think it's a great opportunity for Android developers to start making applications for Sailfish instead of free riding on Android apps. It's open source, open to modifications, fast, smooth & capable. A true mobile Linux OS. There aren't much excuses not to develop for Sailfish.
Arty. said:
There aren't much excuses not to develop for Sailfish.
Click to expand...
Click to collapse
Yes, there is. The lack of a larger user base.
I'd love for developers to make apps for Sailfish, but the tiny user base will scare AAA developers away from the platform as they would rather develop for a bigger niche OS like Ubuntu Touch or Firefox OS, Sailfish is rather obscure compared to those. Plus the fact that the native apps are required to be free at this point in time with no form of paid transactions being possible. Most of these AAA developers won't have the same view on open source, especially considering how few applications are open on other platforms.
The alien dalvik was one of the main things that could make Sailfish triumph over other niche mobile operating systems. It was of the key selling points to get people to convert to Sailfish from Android once the porting really starts happening. Otherwise they'll simply ask how big the app store is and once they hear answer is a number with two digits where most of them which are most likely rather lacking in features compared to applications on other platforms will scare people off big time.
The Android VM was one of the huge advantages Sailfish had to attract the niche user base and thus developers to make native apps and now I can see most potential converters sticking with whatever they had making Sailfish DOA together with Firefox OS and Ubuntu Touch. I'd really hate to see that happen.
Consistant said:
Yes, there is. The lack of a larger user base.
I'd love for developers to make apps for Sailfish, but the tiny user base will scare AAA developers away from the platform as they would rather develop for a bigger niche OS like Ubuntu Touch or Firefox OS, Sailfish is rather obscure compared to those. Plus the fact that the native apps are required to be free at this point in time with no form of paid transactions being possible. Most of these AAA developers won't have the same view on open source, especially considering how few applications are open on other platforms.
Click to expand...
Click to collapse
And how is Ubuntu touch bigger than Sailfish? Jolla launched and started selling their Sailfish phone way before Canonical. They have a more finished OS than any of these guys. They have all the needed tools to develop. Heck they even made an emulator to test apps. I don't see this being more obscure than others. Unlike Ubuntu's marketting schemes, Sailfish is here & it's happening now.
I agree on the open source part though. I tried to refer to the developers here that mod Android by saying open source.
Consistant said:
The alien dalvik was one of the main things that could make Sailfish triumph over other niche mobile operating systems. It was of the key selling points to get people to convert to Sailfish from Android once the porting really starts happening. Otherwise they'll simply ask how big the app store is and once they hear answer is a number with two digits where most of them which are most likely rather lacking in features compared to applications on other platforms will scare people off big time.
Click to expand...
Click to collapse
Will any others have dalvik on their images? Don't think so.
Consistant said:
The Android VM was one of the huge advantages Sailfish had to attract the niche user base and thus developers to make native apps and now I can see most potential converters sticking with whatever they had making Sailfish DOA together with Firefox OS and Ubuntu Touch. I'd really hate to see that happen.
Click to expand...
Click to collapse
Me too so instead of saying there aren't any reasons to develop for these OS's we should show that there are.
And time is needed for the large user base. People are always skeptical about new and rather "different" things. Hopefully these players will get more tracktion by time.
Is this final? Without Android Apps no Sailfish for me and many others I guess...
Gesendet von meinem GT-N7100 mit Tapatalk
IceTe said:
Is this final? Without Android Apps no Sailfish for me and many others I guess...
Click to expand...
Click to collapse
This has pretty much been set in stone. Jolla are paying Myriad for the licensing per Jolla phone, they can't distribute it for free as it would break their deal and be illegal. You won't be seeing any Alien Dalvik on non-Jolla phones unless a "fix" to make it happen comes around which certainly wouldn't be legal.
The only way I can see Jolla fixing this issue is by having licenses for the Alien Dalvik being sold in the Jolla Store or something similar and that it can be activated through the store. That doesn't seem to be happening soon, unfortunately. Especially considering nothing can be sold in the Jolla Store at this moment in time.
The lack of Alien Dalvik on 3rd party devices is actually a feature to many of us. Having Sailfish on this zooty LG Optimus G i have collecting dust, with no Google nonsense, would finally get me to retire my trusty Nokia N9.
croozah said:
The lack of Alien Dalvik on 3rd party devices is actually a feature to many of us. Having Sailfish on this zooty LG Optimus G i have collecting dust, with no Google nonsense, would finally get me to retire my trusty Nokia N9.
Click to expand...
Click to collapse
The lack of such a huge key feature should never be a feature in and of itself, rather having the freedom of choice would be.
Having the option to install the VM or not, just like Google Apps, would solve both the problems. Locking many of the potential converters down to using the current sloppy apps in the Jolla Store would not be an advantage for both sides as less people would convert, thus less developers will make quality native applications which will in turn affect both parties.
Even Carol Chen, one of the core Sailfish OS team members, mentioned in a recent Jolla blog post that over half of her apps on her Jolla smartphone were Android apps which means the native apps certainly aren't cutting it right now for many.
Just to clarify...
Alien dalvik allows sailfish OS users to also install android apps? But without it (licensed software only on jolla phones) it is not possible to install these apps on 3rd party phones. And only sailfish or native apps are available?
If this is the case, at least for me, I would be using sailfish as a secondary to my android. I wouldnt be jumping right in, which means that surely other people would be in the same boat. This is also assuming that a port will be fully functional without alien dalvik on a 3rd party phone?
Kesselaar said:
This is also assuming that a port will be fully functional without alien dalvik on a 3rd party phone?
Click to expand...
Click to collapse
It'll be fully functional (although limited to just a handful of Android devices to ensure a relatively reliable/stable experience), there just won't be a compat. layer for Android apps/content. Such a compat. layer could ofc eventually be offered via the store, but that remains to be seen, people need to be pressing Jolla & Myriad about all of that.
It all depends what you use on Android, if its just the standard stuff plus a few big ones such as whatsapp (check out the port) you'll be fine. To me Alien Dalvik is mostly for those niche apps, that turn up and have everyone going crazy for a few days. Like flappy bird, etc etc
Consistant said:
The lack of such a huge key feature should never be a feature in and of itself, rather having the freedom of choice would be.
Click to expand...
Click to collapse
Your premise is fundamentally flawed. Alien Dalvik is a licensed, patent-encumbered, proprietary software, therefore having it is not a choice unless you somehow buy it; or steal it. The community cannot distribute it; there is no choice.
As I said, and it may be obtuse to some, but this is a feature. A true Linux-based OS that is mostly/completely F/OSS running on modern high-spec hardware is a huge draw. That there is no Android/Google stuff is an added bonus.
Too bad. I really liked the OS before I read this thread...
Oh well, staying on android untill someone figures out how to build an OS that is written in some kind of C for performance and has a VM to emulate existing apps untill they are developed for the OS natively...
ilans93 said:
Too bad. I really liked the OS before I read this thread...
Oh well, staying on android untill someone figures out how to build an OS that is written in some kind of C for performance and has a VM to emulate existing apps untill they are developed for the OS natively...
Click to expand...
Click to collapse
buy a jolla phone?!
only the ports on android phones missing alien dalvik. The jolla phone is able to do that. Also it's a linux based mobile os. Many parts, like in android, are written in c. With QT5 they use a technology like kde desktop.
carepack said:
buy a jolla phone?!
only the ports on android phones missing alien dalvik. The jolla phone is able to do that. Also it's a linux based mobile os. Many parts, like in android, are written in c. With QT5 they use a technology like kde desktop.
Click to expand...
Click to collapse
I know, and that's exactly what I like about it.
As for the android phones, I really don't feel the need to upgrade from my galaxy nexus.
I just don't want to see SailfishOS end up like maemo and meego. They were great, but only among us geeks so they didn't become mainstream enough and development stopped (in a way).
If Alien Dalvik could be exported to android hardware then the OS would have a sure future, this way it is uncertain...
ilans93 said:
...If Alien Dalvik could be exported to android hardware then the OS would have a sure future, this way it is uncertain...
Click to expand...
Click to collapse
If there are enough adopters of Sailfish on Nexus 4 and Galaxy S3, Myriad may offer a license of their Alien Dalvik to those users... For a few dollars you might be able to "have it all."
RumoredNow said:
If there are enough adopters of Sailfish on Nexus 4 and Galaxy S3, Myriad may offer a license of their Alien Dalvik to those users... For a few dollars you might be able to "have it all."
Click to expand...
Click to collapse
What if you can capture the Dalvik RPM from a Jolla phone when downloading from store?
n9 can capture deb from Nokia Store
RumoredNow said:
If there are enough adopters of Sailfish on Nexus 4 and Galaxy S3, Myriad may offer a license of their Alien Dalvik to those users... For a few dollars you might be able to "have it all."
Click to expand...
Click to collapse
That would be a dream come true!
flotron said:
What if you can capture the Dalvik RPM from a Jolla phone when downloading from store?
n9 can capture deb from Nokia Store
Click to expand...
Click to collapse
You could, but that's not exactly legal...
I think the answer may be more simple than you all have considered so far. The phone does not come with the Alien Dalvik included it has to be downloaded, no? Maybe Jolla pays based on downloads of the Alien Dalvik from the store and that's why (or one of the reasons why) the store is not enabled yet on this early Alpha release.
edit: OK I just asked if there will be a way for us to purchase a license in the future on IRC and stskeeps said they are not leaving it out as a possibility but basics are first.
So there is hope. I guess they will decide after they see how everything goes. I guess it's one of those company strategy things. Will letting us have Alien Dalvik lead to less apps being developed for Sailfish or more? I think more simply because it will excite developers to get in on the cover actions.
Sailfish OS will soon be spreading to many devices when they release the development kit but that still leaves us without the ability to run Android apps on our phones.
If we were allowed to buy a license for Myriad Alien Dalvik how much would you be willing to pay?
aironeous said:
Sailfish OS will soon be spreading to many devices when they release the development kit but that still leaves us without the ability to run Android apps on our phones.
If we were allowed to buy a license for Myriad Alien Dalvik how much would you be willing to pay?
Click to expand...
Click to collapse
I think that Sailfish OS should not support android application and Dalvik at all.
1. Android is developed constantly and very quickly. Very soon new apps will not be able to work on Dalvik.
2. Android layer will always be more eating CPU power then Qt apps.
We should better pay for Qt development, because Qt is much better and powerful then "google java".
nimnull said:
I think that Sailfish OS should not support android application and Dalvik at all.
1. Android is developed constantly and very quickly. Very soon new apps will not be able to work on Dalvik.
2. Android layer will always be more eating CPU power then Qt apps.
We should better pay for Qt development, because Qt is much better and powerful then "google java".
Click to expand...
Click to collapse
Android will support Dalvik Apps a long time from now because many phone are still running with version that don't support ART and so the apps will support Dalvik.
taaeem said:
Android will support Dalvik Apps a long time from now because many phone are still running with version that don't support ART and so the apps will support Dalvik.
Click to expand...
Click to collapse
Dalvik support by Google is not the reason why Sailfish OS should support Dalvik.
Most of the money for "Android compatibility layer" will be payed for google license. Why we should give our money to Google, then it is better to spend them motivating native application development.
Sailfish should develop native applications, because Qt5 is open source now and community will be much bigger.
Best regards.
Apps are always a key issue. The forums are filled with people posting, "I'm considering leaving OS 'A" in favor of OS 'B' but I need to know if I can get apps X, Y and Z or a suitable replacement."
It's not necessarily the number of apps in an ecosystem so much as specific apps and what they accomplish. And the list is mutable. Every user has a make-or-break app need. For some it is banking, others require certain social media apps, office editing, navigation, entertainment, games... If you can't fill that perceived need, you can't lure anyone to your OS. It was smart of Jolla to team with Myriad and offer Alien Dalvik with their Jolla phone. It breaks down resistance to change for the widest possible spectrum of users. Don't forget - most users aren't capable of writing their own apps - even if they can flash a ROM. At this stage of the game, any OS needs a robust ecosystem to prosper.
Myriad seems a savvy company to me. I'm quite sure they will have Alien ART to go alongside Alien Dalvik. They need to in order for their business model to continue. Jolla will want to upgrade to Alien ART. And they should if they want to prosper.
I agree that development of QT based apps is highly desirable. Throw in HTML 5, Enyo 2 and Mochi as well. Open the standards. Great all around for developers and users when apps can easily be ported from one OS to another and run seamlessly within each OS and identically through each version. But to believe that it currently will support most users, or will do so soon, is a dream. And to insist that it should right this moment is elitist and alienates huge swaths of the potential user base.
Should Myriad (not Jolla - they don't own it) provide a license and installer for Alien Dalvik for Sailfish images on Android handsets? They should if they want to expand their market and recognition. But what are the logistics? Would it not need to be tuned for each specific device's hardware configuration? I believe it does... That may be why it isn't in the N4 images yet. Not ready for the hardware, and the image isn't ready either. Sailfish need to at least reach a Beta level and have the ability for OTA updates. What point is there to Alien Dalvik at this point when you need to flash the OS complete at each new release? It's just masturbation right now to have Sailfish on your N4. I know; I've slathered my N4 in Sailfish and stroked it.
Let Sailfish mature for the N4 where it can be a daily and receive OTA and then, yes, at that point please give us Alien Dalvik. And Alien ART afterwards.
How much would I pay. Not $30. Not $20... I think $15 is probably my top price. I'd like to see $10 or even $5... I know $1 is a crack induced daydream.
RumoredNow said:
Apps are always a key issue. The forums are filled with people posting, "I'm considering leaving OS 'A" in favor of OS 'B' but I need to know if I can get apps X, Y and Z or a suitable replacement."
It's not necessarily the number of apps in an ecosystem so much as specific apps and what they accomplish. And the list is mutable. Every user has a make-or-break app need. For some it is banking, others require certain social media apps, office editing, navigation, entertainment, games... If you can't fill that perceived need, you can't lure anyone to your OS. It was smart of Jolla to team with Myriad and offer Alien Dalvik with their Jolla phone. It breaks down resistance to change for the widest possible spectrum of users. Don't forget - most users aren't capable of writing their own apps - even if they can flash a ROM. At this stage of the game, any OS needs a robust ecosystem to prosper.
Myriad seems a savvy company to me. I'm quite sure they will have Alien ART to go alongside Alien Dalvik. They need to in order for their business model to continue. Jolla will want to upgrade to Alien ART. And they should if they want to prosper.
I agree that development of QT based apps is highly desirable. Throw in HTML 5, Enyo 2 and Mochi as well. Open the standards. Great all around for developers and users when apps can easily be ported from one OS to another and run seamlessly within each OS and identically through each version. But to believe that it currently will support most users, or will do so soon, is a dream. And to insist that it should right this moment is elitist and alienates huge swaths of the potential user base.
Should Myriad (not Jolla - they don't own it) provide a license and installer for Alien Dalvik for Sailfish images on Android handsets? They should if they want to expand their market and recognition. But what are the logistics? Would it not need to be tuned for each specific device's hardware configuration? I believe it does... That may be why it isn't in the N4 images yet. Not ready for the hardware, and the image isn't ready either. Sailfish need to at least reach a Beta level and have the ability for OTA updates. What point is there to Alien Dalvik at this point when you need to flash the OS complete at each new release? It's just masturbation right now to have Sailfish on your N4. I know; I've slathered my N4 in Sailfish and stroked it.
Let Sailfish mature for the N4 where it can be a daily and receive OTA and then, yes, at that point please give us Alien Dalvik. And Alien ART afterwards.
How much would I pay. Not $30. Not $20... I think $15 is probably my top price. I'd like to see $10 or even $5... I know $1 is a crack induced daydream.
Click to expand...
Click to collapse
Agreed, it's the applications that make an ecosystem, NOT how elegant that ecosystem is. Paraphrasing badly but: if you have no users, who's there to see the tree fall? To simply say "well, everyone should just code QT!" is pretty short-sighted, even though I agree. You need to coax people over and then have them notice how lovely this also-supported-by-the-now-popular-OS framework is. Just because you build it, doesn't mean they will come.
The reason there is no installer for Jolla N4 adaptation yet though is just plain licensing. They don't seem to be too fussed about driving adoption of their VM (maybe they're happy already with their customer base?) so why should they give away their proprietary software for free? As for Jolla, why should they pay for it for people who haven't forked out for their handset? I think these are reasonable standpoints from both Myriad and Jolla and why, as long as I can get full functionality out of my N4 running Sailfish, I'll happily fork out for a VM to run those must-have 'droid apps. That would be reasonable. If I can get a free, Free one then even better!
Backstory: I've always used iPhones, was tired of the bull****, and wished for Android especially the S8. Was shocked, and I'm rarely shocked, but the agressive violation of privacy, the crazy amount of bloatware, and the unoptimised UX and system services overall.
Now, I'm in charge of a wide ecosystem of people using smartphones in our company as well as other companies I consult for. While people always blab about personal privacy (which is a concern of course), what I don't understand is how people dealing with either sensitive, contractual or strategic informations could use Android devices given that it *excuse but there's no better terms* rapes your privacy in every, but also I'm pretty sure, illegal, ways.
For exemple the Sound Detector app, even when disabled, is constantly listening to your environment without your priori knowledge or permissions. In fact it's mainly the permissions scheme that baffles me: on iOS or any PC or Mac, you can install any app without being constrained to accept giving out information or accessing functions that have nothing to do with the app, THEN you can choose what precise permissions, when and why. And of course there's the whole wider problem of usage and data tracking (which I apparently have to install...a firewall??) or even malware (I have to install a separate antivirus for...on a smartphone). Worst exemple being that of course: www.theverge.com/2018/1/2/16842294/android-apps-microphone-access-listening-tv-habits
Now I like Android for all their efforts, development and implementation, as well as Samsung efforts...but I'm on the verge of having to present a report to ban all Android phones (for a "leave at door" Policy or either iPhone, BBMs and any other "more" secure smartphones) like I just realise they did in the US government and other official institutions as well as some corporations...or...understand very well how it works, and devise a clearly guide on how to completely optimise and secure Android smartphones like I would for PCs/Macs.
So here's my mission if you accept to help me:
1. I want to deconstruct how Android works in a very simple scheme for noob.
2. From that I want to list all the system packages and services, to determine those that are critical, optional or bloatware, and actually describe exactly what they're for so people have a clear idea.
3. I want to list all the base applications, stores or packages apps, to determine those that are critical, optional or bloatware, then what they're for and most importantly the best alternative apps to these.
4. I want to list and make a simple schemes of how the device components (sensors, cam, mic...), the different data canals, and the the different permissions are circulating or violating privacy while screwing cpu time, battery and data.
5. Finally I want to learn, understand and create a simple noob introduction to the different tools like Xposed (and XprivacyLua which seems to be the best options), package disablers (I personally went for BK), Firewall, Adblockers and Antivirus (honestly didn't even think I would need those on Android).
So I guess first, I'll list all the apps, packages (and sub-services) that my Galaxy S8 came shipped with that overwhelmed me, so as to know for a basic Galaxy S8/+/Note what is a consensus of what to disable, why, how and by what to replace if there's alternative, while listing basic how-to's of the tools to that. Note that I only know about BK Disabler as of now.
Reserved
Upd: I haven't had time, but I'm starting to do a table with all the packages, what they're for and wether to disable them.
You do know that Silverpush do affect both iPhone and Android, right? And "leave at the door" policy or either iPhone or BBM? There's two errors in this sentence. Are you really what you claim to be? Or just someone with an agenda who just created an XDA account?
why would you need an antivirus for a phone if you stick to play store apps?
rashat999 said:
why would you need an antivirus for a phone if you stick to play store apps?
Click to expand...
Click to collapse
There are plenty of play store garbage apps with spy ware and crap in them
vladimir_carlan said:
You do know that Silverpush do affect both iPhone and Android, right? And "leave at the door" policy or either iPhone or BBM? There's two errors in this sentence. Are you really what you claim to be? Or just someone with an agenda who just created an XDA account?
Click to expand...
Click to collapse
iPhone (pretends to) be safe and secure and doesn't straight-up violate your privacy by forcing unneeded permission even before installing the app and running tons of spyware as per unbox while giving all your infos out to apps that demand it and more. It's also a question of procedure: iPhone are really easy to fix/secure with a jailbreak, I didn't even root this Android I got and realised how terribly aggressive their violation of privacy is.
But again, I just want to give people the choice as long as their device is secure, that's why I'm learning all the quirks of Android and how to secure them. All our IT guys confirmed that unless you know exactly how to secure Android devices like we did for our computer park, employees better go for an iPhone.
There's a difference between Apple that might have backdoors to the NSA, and Android that is a crazy open buffet for -permitted- informations stealing without even talking about spyware or silverpush. My Galaxy S8 came with apps and packages that were constantly listening through the mic without my prior knowledge, installation or authorisation, this is intolerable. But I switched for a reason, I'll see if using Android is easily manageable or if it's better to ban them from inside use.
OgreTactic said:
iPhone (pretends to) be safe and secure and doesn't straight-up violate your privacy by forcing unneeded permission even before installing the app and running tons of spyware as per unbox while giving all your infos out to apps that demand it and more. It's also a question of procedure: iPhone are really easy to fix/secure with a jailbreak, I didn't even root this Android I got and realised how terribly aggressive their violation of privacy is.
But again, I just want to give people the choice as long as their device is secure, that's why I'm learning all the quirks of Android and how to secure them. All our IT guys confirmed that unless you know exactly how to secure Android devices like we did for our computer park, employees better go for an iPhone.
There's a difference between Apple that might have backdoors to the NSA, and Android that is a crazy open buffet for -permitted- informations stealing without even talking about spyware or silverpush. My Galaxy S8 came with apps and packages that were constantly listening through the mic without my prior knowledge, installation or authorisation, this is intolerable. But I switched for a reason, I'll see if using Android is easily manageable or if it's better to ban them from inside use.
Click to expand...
Click to collapse
Mate my question still stand: are you really what are you claiming to be or you just have an agenda? Some badass company appointed you to decide what is secure and what not. Really? You? In Op you are talking about thinking to allow only iOS and BBM (it's Bbos BTW) only. BBOSS? Really? BBOS was discontinued one year ago...no more updates no more security patches, no more nothing.
vladimir_carlan said:
Mate my question still stand: are you really what are you claiming to be or you just have an agenda? Some badass company appointed you to decide what is secure and what not. Really? You? In Op you are talking about thinking to allow only iOS and BBM (it's Bbos BTW) only. BBOSS? Really? BBOS was discontinued one year ago...no more updates no more security patches, no more nothing.
Click to expand...
Click to collapse
That's not my job, but that's part of mine to decide or push in front of committees what tool we should use, purely from a utilitarian, managerial and system POV. None of us beside IT guys ever realised how Android were intolerably insecure, I've had my head in Apple buttock for years thinking "yeah, that's too limited and I heard Android is now as stable and well made".
But I don't want to go back to iPhone either, so here I am sitting with a Galaxy S8 I'm still not using because I don't where to start to secure it, whether I should try to fix everything on the factory rom or just root it.
OgreTactic said:
That's not my job, but that's part of mine to decide or push in front of committees what tool we should use, purely from a utilitarian, managerial and system POV. None of us beside IT guys ever realised how Android were intolerably insecure, I've had my head in Apple buttock for years thinking "yeah, that's too limited and I heard Android is now as stable and well made".
But I don't want to go back to iPhone either, so here I am sitting with a Galaxy S8 I'm still not using because I don't where to start to secure it, whether I should try to fix everything on the factory rom or just root it.
Click to expand...
Click to collapse
Okay...what exactly makes you to feel insecure? I understand you're bothered that some apps are accessing your microphone. That's easy... Settings-Apps. Tap on those three dots and chose app permission. You'll see what apps have access to microphone and deny permission for them. Job done. What else makes you to feel insecure?
vladimir_carlan said:
Okay...what exactly makes you to feel insecure? I understand you're bothered that some apps are accessing your microphone. That's easy... Settings-Apps. Tap on those three dots and chose app permission. You'll see what apps have access to microphone and deny permission for them. Job done. What else makes you to feel insecure?
Click to expand...
Click to collapse
I put my S8 away for now I went back to an iPhone. I'm using it off-grid to still try and figure out how it works.
Basically my problems are clear:
1. There's no transparency in background processes/services, the component they use and the data they send.
2. The way permissions are managed is intolerable: forcing you to accept non-necessary and arbitrary access to connected components or private information BEFORE installing the app is a form of extortion. The same goes when running the app: forcing permissions that are not critical to the app code actually running is a form of extortion. Baffles me how Google even allows that today.
3. The fact that there's even a need for a firewall and antivirus, and that the official stores is filled with illegal (copyright infringing app so blatant) and therefor myriads of potential malicious apps like Silverpush-enabled one, without any store control or curation on Google's part.
All this means there is no way I will use an Android rather than an iPhone and allow anyone dealing with private or "sensitive" commercial informations using one inside the company. I'm still trying to figure out if going straight to root is the solution, if I'll have to use cryptography for documents and coms, or if I'll have to spend days figuring out Xposed+Xprivacy, Packages Disablers, MicroG alternative libraries, Firewall and Antivirus and god knows what to make it decently secure like an iPhone (which doesn't aggressively violates your privacy and is really easy to secure with a jailbreak...unless there are hidden backdoors which is still far from the probably illegal open-buffet of private and sensitive informations Google provides to any potential malicious websites, scripts or apps).