Just setting the record straight about a somewhat dated topic (I'm far from happy that a state before this commit managed to be real for any period of time):
https://github.com/eu-digital-identity-wallet/eudi-app-android-wallet-ui/commit/9367289f3da1abd7f2cff0e7e05d67a95f4fdf60
https://github.com/eu-digital-identity-wallet/eudi-app-android-wallet-ui/commit/9367289f3da1abd7f2cff0e7e05d67a95f4fdf60
GitHub
Update README.md · eu-digital-identity-wallet/eudi-app-android-wallet-ui@9367289
EUDI Wallet Prototype. Contribute to eu-digital-identity-wallet/eudi-app-android-wallet-ui development by creating an account on GitHub.
❤3😐3👍2
Forwarded from R0rt1z2’s Dumpster
Since Nothing decided to ignore my report, after waiting for about a month I decided to release it publicly :)
You can find the source code and full details here: https://github.com/R0rt1z2/fenrir. Currently, it only supports the Nothing Phone 2a but it should apply to more MediaTek devices from what I've seen on
You can also test the patched LK image from the releases section. It should spoof the bootloader state as locked while it’s actually unlocked, allowing you to pass strong integrity anywhere (as shown in the pictures I shared a few months ago).
Have fun, and sorry for the messy repo. I wish I had more time to write a proper guide and clean things up.
You can find the source code and full details here: https://github.com/R0rt1z2/fenrir. Currently, it only supports the Nothing Phone 2a but it should apply to more MediaTek devices from what I've seen on
expdb dumps.You can also test the patched LK image from the releases section. It should spoof the bootloader state as locked while it’s actually unlocked, allowing you to pass strong integrity anywhere (as shown in the pictures I shared a few months ago).
Have fun, and sorry for the messy repo. I wish I had more time to write a proper guide and clean things up.
🔥14😐1
R0rt1z2’s Dumpster
Since Nothing decided to ignore my report, after waiting for about a month I decided to release it publicly :) You can find the source code and full details here: https://github.com/R0rt1z2/fenrir. Currently, it only supports the Nothing Phone 2a but it should…
Obviously, it's an example of an exploit that could be further utilized for PIA proxying. Google knows they can't really keep up with banning and the vulnerable build will keep passing strong for a significant time, hence:
https://news.1rj.ru/str/TadiBlog/547
https://news.1rj.ru/str/TadiBlog/547
Telegram
Tadi Channel
So Google already acknowledges the feasibility of proxying PIA results to/from (a good linguistic question...) vulnerable devices
😐2
The future is proxying PIA from your own vulnerable ewaste device that won't ever be downgraded to no integrity because of coming from a major OEM (assuming it'll be secured enough to make secret extraction impossible but unpatched enough to be fine with proxying)
🤯9😐2❤1🥰1
Forwarded from Codeaurora Releases
New CodeLinaro OSS release detected!
Tag:
Manifests: Vendor - dummy (AUDIO_IOT.LA.11.0.R2) - dummy (GRAPHICS.LA.16.1.R2) - dummy (VIDEO.LA.5.1.R1) - dummy (LA.QISI.16.0.R1)
Chipsets:
Build ID: BQ2A.250705.001
Date: 2025-08-22T11:17:33.000+00:00
Tag:
LA.VENDOR.16.2.1.r1-03700-LAHAINA.0 Manifests: Vendor - dummy (AUDIO_IOT.LA.11.0.R2) - dummy (GRAPHICS.LA.16.1.R2) - dummy (VIDEO.LA.5.1.R1) - dummy (LA.QISI.16.0.R1)
Chipsets:
blair, canoe, common, kalama, lahaina612, sepolicy_vndr, sun, taro, vendor-common, wlanBuild ID: BQ2A.250705.001
Date: 2025-08-22T11:17:33.000+00:00
😐3
It's an IoT tag, don't expect your lahaina smartphones or tablets on stock to get a new vendor. Unless it's Fairphone or industrial device.
😐5
If you don't swipe on your keyboard yet (especially if it's Gboard and you often use English), you should absolutely start to, it's like riding a bike, except that not enough people will shame you for missing this skill.
(I just read that there are people who WANT the Xiaomi behavior of back gesture working over the keyboard which obviously breaks swiping, smh)
Alternatively, if you still refuse to swipe, I'll excuse you if your daily phone screen time doesn't exceed an hour. Otherwise, please learn it, for your own wellbeing. Disable typing personalisation and form a basic memory on which words you can expect to be easily swipable and ones you expect to need typing manually. From there, single handed typing will become actually pleasant and accurate.
(I just read that there are people who WANT the Xiaomi behavior of back gesture working over the keyboard which obviously breaks swiping, smh)
Alternatively, if you still refuse to swipe, I'll excuse you if your daily phone screen time doesn't exceed an hour. Otherwise, please learn it, for your own wellbeing. Disable typing personalisation and form a basic memory on which words you can expect to be easily swipable and ones you expect to need typing manually. From there, single handed typing will become actually pleasant and accurate.
❤12
Google is asking non-GP developers to identify themselves so that Google gets a better opportunity to show how extremely compliant they are by skipping the Play Protect nag screens on such third party verified developers
AND/OR
they're looking for a chance to be a bigger nuisance for apps distributed by third parties which refuse to identify themselves.
Either way, you already disabled Play Protect long ago, right? The chance that disabling Play Protect won't suffice is rather slim. Going so far as to require Google stamp on every sideloaded app no matter the way of installation would be absolutely great news to move privacy conscious people away from GMS Android, hence a bulletproof restriction is very unlikely. We don't even know if European Union and other countries are completely fine with existing Apple policy where they're always in your way of permanent installation of an "unauthorized" app. Google must balance their greed.
AND/OR
they're looking for a chance to be a bigger nuisance for apps distributed by third parties which refuse to identify themselves.
Either way, you already disabled Play Protect long ago, right? The chance that disabling Play Protect won't suffice is rather slim. Going so far as to require Google stamp on every sideloaded app no matter the way of installation would be absolutely great news to move privacy conscious people away from GMS Android, hence a bulletproof restriction is very unlikely. We don't even know if European Union and other countries are completely fine with existing Apple policy where they're always in your way of permanent installation of an "unauthorized" app. Google must balance their greed.
😐5
Google is asking non-GP developers to identify themselves so that Google gets a better opportunity to show how extremely compliant they are by skipping the Play Protect nag screens on such third party verified developers
AND/OR
they're looking for a chance to be a bigger nuisance for apps distributed by third parties which refuse to identify themselves.
Either way, you already disabled Play Protect long ago, right? The chance that disabling Play Protect won't suffice is rather slim. Going so far as to require Google stamp on every sideloaded app no matter the way of installation would be absolutely great news to move privacy conscious people away from GMS Android, hence a bulletproof restriction is very unlikely. We don't even know if European Union and other countries are completely fine with existing Apple policy where they're always in your way of permanent installation of an "unauthorized" app. Google must balance their greed.
AND/OR
they're looking for a chance to be a bigger nuisance for apps distributed by third parties which refuse to identify themselves.
Either way, you already disabled Play Protect long ago, right? The chance that disabling Play Protect won't suffice is rather slim. Going so far as to require Google stamp on every sideloaded app no matter the way of installation would be absolutely great news to move privacy conscious people away from GMS Android, hence a bulletproof restriction is very unlikely. We don't even know if European Union and other countries are completely fine with existing Apple policy where they're always in your way of permanent installation of an "unauthorized" app. Google must balance their greed.
😐13
(turns out adding same or two (?) captions for both images hides them completely)
🤯6❤1😐1
Tadi Channel
Google is asking non-GP developers to identify themselves so that Google gets a better opportunity to show how extremely compliant they are by skipping the Play Protect nag screens on such third party verified developers AND/OR they're looking for a chance…
🔥26😐2
Hacker News
Word documents will be saved to the cloud automatically on Windows going forward Article, Comments
Telegram
Tadi Channel
https://tuta.com/blog/how-to-disable-gemini-on-android
Don't login into your OS vendor's account. The capabilities and incentives of screwing you are way too high. "There was a contract which you accepted" is less of a working defense when a given contract…
Don't login into your OS vendor's account. The capabilities and incentives of screwing you are way too high. "There was a contract which you accepted" is less of a working defense when a given contract…
😐3