LightBlog

vendredi 29 mai 2020

StrandHogg 2.0 Exploit Explained – Why Users and Android App Developers should care

It’s 10:00 PM. Do you know where your Activities are? There’s a new vulnerability that can be exploited on millions of Android devices, and it’s a pretty nasty one, too. In a nutshell, this design flaw allows an attacker to present their own Activity (page) on top of another app’s, potentially confusing the user into giving away their private data. The vulnerability has been dubbed StrandHogg 2.0 and was recently disclosed by Promon, a Norwegian security firm.

The StrandHogg 2.0 vulnerability theoretically affects all Android devices running Android versions as old as Honeycomb (3.0) and up to Android 9 Pie (9.0). Based on the latest Android version distribution statistics, that means that approximately 91.8% of all Android devices are vulnerable to StrandHogg 2.0. The vulnerability was assigned CVE-2020-0096 and was given a severity level of “critical.” It doesn’t require any special permissions to work and can function almost entirely without user interaction. All a user has to do is open an app with malicious code hidden away in it, and then they’re vulnerable to exploitation.

Promon was kind enough to send us their proof of concept app and its source code so we could best explain how the exploit works, why it matters to users, and how developers can protect their apps against it.


How It Works

Say you’re using Gmail and you click a web link. If you go to your recent apps screen, you may notice that the web page appears to be “inside” Gmail. The preview shows the website, but the app icon and name are still from Gmail. This is something that happens when an app/Activity launches another app/Activity in the same task. Now imagine that you didn’t purposely open that link. To you, it looks like it’s just part of the Gmail app. This is the behavior that StrandHogg 2.0 exploits.

We’re going to have to leave out some details here, but here’s roughly how this exploit works. For the following, let’s assume the attacker wants to get the user’s Gmail login.

  1. The user downloads a malicious app (of course, without knowing it’s malicious) and opens it.
  2. In the background, the app opens Gmail, puts a look-alike login Activity on top of it, and then launches another Activity.
  3. The user opens Gmail and sees what looks like Gmail’s login screen but is actually the attacker’s phishing Activity.

The final Activity launched in step 2 can be anything that avoids suspicion. The app could fake a crash and go back to the home screen, or it could just open to its main Activity as if nothing happened. The only suspicious thing the user might see is a bunch of opening animations as all the Activities launch. The worst part: It won’t even look like Gmail was opened.

StrandHogg 2.0 password hijack example

Source: Promon

Of course, an attacker can do more than just showing a fake login screen. A malicious app could present a permissions prompt instead, tricking the user into granting unwanted permissions. While requesting any special permissions like Accessibility might make the user suspicious, it’s possible to do a lot of damage with something like Storage Access.


The Technical Bits

This next section is a high-level overview of how StrandHogg 2.0 works. Promon won’t release the full details for another few months, so we can’t share exactly how this exploit is implemented. There are some technical details that we can talk about, though.

In a nutshell, StrandHogg 2.0 hijacks Android’s Context.startActivities() API method, using three Intents.

  • The first Intent is the one that launches, in our example’s case, Gmail. It’s flagged with Intent.FLAG_ACTIVITY_NEW_TASK.
  • The second Intent is the malicious one. In our example, it’s for the look-alike login Activity. This Intent has no flags.
  • The third Intent is the distraction. It makes sure the user isn’t suspicious of Gmail just randomly opening instead of the app they tapped (i.e. the one launching the attack). It’s flagged with Intent.FLAG_ACTIVITY_NEW_TASK.

All of these Intents are then passed in an array to the startActivities() method.

The second Intent’s lack of flags is the key here. By doing so, we’ve basically just replicated the Gmail example from above. The task is technically Gmail’s, but the topmost Activity is the attacker’s. When the user then clicks Gmail’s home screen icon, the attacker’s Activity displays instead of Gmail’s.


Proof of Concept

With the information that Promon sent us, we were able to replicate their proof of concept. Here’s a screen recording from a Samsung Galaxy Note8 running Android 9 Pie showing it in action.


Mitigation Techniques and Issues

Now, simply replicating the above in code won’t actually work. It’s not a complete example, and there are a few other things that an attacker has to do to make it work, which we can’t share. But they’re not particularly hard to guess on your own, and that’s part of what makes this attack so dangerous. StrandHogg 2.0 is a relatively easy exploit to implement, and difficult to mitigate.

Mitigation can’t just involve blacklisting all apps that use startActivities(), since there are plenty of legitimate uses for it. It’s also really difficult to automate a detection algorithm for it. Malicious developers can employ all sorts of tricks to make their implementation of StrandHogg 2.0 effectively invisible to services like Google Play Protect. StrandHogg 1.0 required the attacker to add an attribute in the malicious app’s AndroidManifest.xml, which was relatively easy to detect. StrandHogg 2.0, on the other hand, functions entirely in Java/Kotlin.

Taking into account obfuscation, reflection, and even just different coding styles, it seems impractical to automatically properly detect an app making use of this exploit. What’s more is that if a user is the subject of a StrandHogg 2.0 attack, they may not even know. If you open Gmail and you see its login screen, you might just think your session expired and enter your login details without a second thought.

When we contacted Google for a response, a spokesperson offered the following statement:

“We appreciate the work of the researchers, and have released a fix for the issue they identified. Additionally, Google Play Protect detects and blocks malicious apps, including ones using this technique.”

This sounds good, and hopefully it has at least some effect against StrandHogg 2.0 attacks. It’s worth noting, though, that Google Play Protect did not detect our proof of concept app as malicious, even after performing a manual scan.

Promon says that they “have not observed any real-life malware utilizing the StrandHogg 2.0 vulnerability,” but there’s no guarantee that this is the first time the exploit has been discovered. For that reason, Promon recommends that developers go ahead and protect their apps by setting their launcher Activity’s launchMode flag to either singleTask or singleInstance. Either of these flags will prevent task injection, which is what StrandHogg 2.0 relies on. However, having your Activity use one of these flags can cause issues with certain app flows, so it’s not always desirable.

Promon is also promoting its own “In-App Protection by Promon SHIELD” product which sounds like a library that app developers can implement to monitor the tasks in your app’s process to check for irregular insertions. Because there’s no truly effective developer or user mitigation strategy, it’s pretty important that manufacturers implement the patch to fix this ASAP.

Thankfully, Promon followed responsible disclosure guidelines before making this exploit public (and it’s still not fully public—Promon is waiting 90 days before fully disclosing how StrandHogg 2.0 works). Google has since backported patches for this exploit to Android 8.0 Oreo, Android 8.1 Oreo, and Android 9 Pie with the May 2020 Android Security Patch Level (SPL). Users on Android 10 and above aren’t vulnerable, though we’re not entirely sure why that’s the case. It likely has something to do with Android 10’s new restrictions concerning launching Activities and how Google integrated that into the task stack. Promon says that “on Android 10 the attack is entirely ineffective, and the activities are split into different tasks and into separate task stacks according to adb shell dumpsys activity activities.”

If your device manufacturer is still providing security updates (you can read more about how the security patch process works here), you should pester them for an update as soon as possible. Otherwise, you’ll just need to be careful about which apps you download and run (although you should be doing that anyway).

For more details and use-cases of StrandHogg 2.0, check out the official announcement on Promon’s website. For custom ROM developers, you can find the relevant AOSP commits for preventing StrandHogg 2.0 attacks here and here.


Disclosure Timeline

Here is the disclosure timeline that Promon shared in its StandHogg 2.0 document:

  • Dec 4, 2019 – Reported issue to Google
  • Dec 4, 2019 – Shared a PoC «malicious app» and video with Google
  • Dec 4, 2019 – Google confirmed receiving the report
  • Dec 9, 2019 – Google set the severity of the finding as «Critical»
  • Dec 9, 2019 – Google confirms that they are able to reproduce the issue
  • Feb 14, 2020 – We inform Google the 90-day disclosure is nearing in the beginning of March, and ask for status on their side
  • Feb 14, 2020 – Google responds that April is the soonest they can roll out a fix
  • Feb 14, 2020 – We inform Google we are working on mitigations
  • Feb 14, 2020 – Google responds. They are working on remediations, and ask if we can share what mitigations we are recommending
  • Feb 17, 2020 – We inform Google that we can hold back the disclosure until April. We request the CVE number
  • Feb 17, 2020 – We share our mitigation strategies, as well as how we envisage a platform mitigation
  • Mar 23, 2020 – Google responds with the CVE ID (CVE-2020-0096)
  • Mar 23, 2020 – Google responds that general availability of the fix for Android will be available in May
  • Mar 23, 2020 – Google asks if we will consider delaying disclosure to May
  • Mar 27, 2020 – We respond that we will delay disclosure until May
  • Apr 22, 2020 – Google informs us that the May Security Bulletin is scheduled to contain a patch for the vulnerability

The post StrandHogg 2.0 Exploit Explained – Why Users and Android App Developers should care appeared first on xda-developers.



from xda-developers https://ift.tt/2ZOZRpR
via IFTTT

Nintendo 3DS emulation: Official Citra for Android performance testing on the Snapdragon 865, 855, and 845

Citra, the most popular Nintendo 3DS emulator, was officially released for Android onto the Google Play Store last week, and its performance has been at the forefront of the conversation. I’m sure anybody who saw its release wondered whether they could play their favorite Nintendo 3DS games on their Android smartphone or tablet, so I’ve spent the past few days playing games on various different devices powered by multiple different SoCs to see what kind of performance you can expect to get from your device.

I tested the following popular Nintendo 3DS games:

  • Animal Crossing: New Leaf
  • Mario Kart 8
  • Pokemon X/Y
  • The Legend of Zelda: A Link Between Worlds
  • Fire Emblem: Fates
  • Super Mario 3D Land

…on the following Android smartphones:

…and the results were rather mixed. I tested each of these 3DS games with the unofficial Citra MMJ version as well as the official Citra 3DS emulator that was just released on the Google Play Store. Some of the results were surprising. Note that all of these tests were done with audio stretching disabled as I found that it had a pretty significant performance hit for little benefit when enabled. Keep in mind that different GPU driver versions may also affect performance, and so one device with a particular chipset may not perform the same as another device with the same chipset.

Citra for Android Nintendo 3DS emulator

Nintendo 3DS emulation using the official Citra for Android port. Left to right: OnePlus 8 Pro, OnePlus 6, Realme 6 Pro.

Note: You can legally acquire 3DS ROMs for your smartphone by dumping and decrypting your own Nintendo 3DS games. For this, you will need a hacked Nintendo 3DS and a legally purchased copy of the 3DS game that you want to play.


Current performance issues with Nintendo 3DS emulation via Citra for Android (and potential fixes)

Before going into detail of the performance of the aforementioned Nintendo 3DS games on various Android smartphones, it’s worth mentioning that currently, the Citra 3DS emulator port for Android does not support a shader cache. A shader cache is simply a cache of files that keeps track of compiled shaders that are shown in-game, and having one greatly reduces CPU and GPU load. When new shaders are encountered in Citra, they are then compiled and aren’t saved to the storage. This means that they can’t be cached, and instead must be recompiled once encountered every time. This is why currently, Citra on Android can be quite stuttery when playing some 3DS games. Citra on PC supports a shader cache, and it’s quite common for users to want to download a precompiled shader cache to avoid slowly and painstakingly generating their own. Also, I found that disabling audio stretching helped performance a little bit.


Nintendo 3DS Emulation Performance – Qualcomm Snapdragon 865, 855, 845, 720G, and Kirin 980

Qualcomm Snapdragon 865

Animal Crossing: New Leaf – OnePlus 8 Pro

Official Citra

  • Mostly 60 FPS
  • Drops frames frequently, particularly when shaking trees to drop fruit
  • Audio hangs for a second or so often, and when audio hangs, the game hangs for a second too

MMJ/Unofficial Citra

  • 30 FPS to 45 FPS with occasional spikes to 60 FPS
  • No audio hangs
  • More consistent experience overall, though slower
  • Attempting to sell items will freeze the game, which does not happen on the official Citra build

Mario Kart 7 – OnePlus 8 Pro

  • Runs perfectly at 60 FPS
  • Occasional audio cues cause slight stuttering
  • No difference in performance between Official and MMJ build

Pokemon X/Y – OnePlus 8 Pro

  • Not a very intensive game, runs perfectly at 30 FPS (this game runs at 30 FPS in the overworld)
  • Battles run perfectly
  • Audio sounds great, music is in AAC format and can now be decoded
  • No difference in performance between Official and MMJ build

Note: The flickering as seen in the above video only occurred when I was screen recording.

The Legend of Zelda: A Link Between Worlds – OPPO Find X2 Pro/OnePlus 8 Pro

  • Runs perfectly, no slowdowns
  • Audio is great
  • Occasional stutters in combat
  • Cutscenes work
  • No difference in performance between Official and MMJ build

Fire Emblem Fates – OPPO Find X2 Pro

  • Some slowdowns when entering combat
  • Some audio stuttering in battles
  • Audio works great
  • Cutscenes work
  • The game mostly runs at full speed, which it didn’t on the MMJ build

Qualcomm Snapdragon 855

Animal Crossing: New Leaf – OPPO Reno 10x Zoom

Official Citra

  • Runs nearly flawlessly
  • Very few stutters
  • Virtually no audio lag

MMJ/Unofficial Citra

  • Anywhere from 30 to 60 FPS, though mostly towards the higher-end
  • Very few stutters
  • Virtually no audio lag
  • Attempting to sell items will freeze the game, which does not happen on the official Citra build

Mario Kart 7 – OPPO Reno 10x Zoom/OnePlus 7 Pro

  • Runs nearly flawlessly
  • Pretty much no audio lag
  • Pretty much no stutters
  • No performance difference between Official and MMJ build

Pokemon X/Y – OPPO Reno 10x Zoom

  • Not a very intensive game, runs perfectly at 30 FPS (this game runs at 30 FPS in the overworld)
  • Battles run perfectly
  • Audio sounds great, music is in AAC format and can now be decoded
  • No difference in performance between Official and MMJ build

The Legend of Zelda: A Link Between Worlds – OPPO Reno 10x Zoom

  • Runs nearly flawlessly
  • Pretty much no audio lag
  • Occasional stutters in combat
  • No performance difference between Official and MMJ build

Qualcomm Snapdragon 845

Animal Crossing: New Leaf – OnePlus 6

Official Citra

  • Mostly 50-60 FPS
  • Drops frames very frequently, particularly when shaking trees to drop fruit, but also in many other situations too
  • Audio hangs for a second or so often, and when audio hangs, the game hangs for a second too

MMJ/Unofficial Citra

  • Around 30-60 FPS, sticking somewhere around 45 FPS for most of the time
  • Drops frames less frequently
  • Audio stutters occasionally

Mario Kart 7 – OnePlus 6

  • Stuttering when navigating menus
  • 50-60 FPS in races, though fluctuates wildly and sometimes dips as low as 30 FPS
  • Occasional audio stutters

Pokemon X/Y – OnePlus 6

  • Not a very intensive game, runs perfectly at 30 FPS (this game runs at 30 FPS in the overworld)
  • Battles run perfectly
  • Audio sounds great, music is in AAC format and can now be decoded
  • No difference in performance between Official and MMJ build

The Legend of Zelda: A Link Between Worlds – OnePlus 6

  • Consistent in the 40-60 FPS range
  • Lots of stutters in combat
  • Marginally better performance in the MMJ build over the Official build

Qualcomm Snapdragon 720G

Animal Crossing: New Leaf – Realme 6 Pro

Official Citra

  • Mostly 50-60 FPS
  • Drops frames occasionally, particularly when shaking trees to drop fruit, but also in many other situations too
  • Audio hangs for a second or so often, and when audio hangs, the game hangs for a second too
  • MMJ and Official build more or less perform the same here

Pokemon X/Y – Realme 6 Pro

  • Runs mostly perfectly at 30 FPS, though occasionally dips in performance
  • Battles run perfectly
  • Audio sounds great, music is in AAC format and can now be decoded, minimal stuttering
  • No difference in performance between Official and MMJ build

The Legend of Zelda: A Link Between Worlds – OnePlus 6

  • Consistent in the 40-60 FPS range
  • Lots of stutters in combat
  • Marginally better performance in the MMJ build over the Official build

Kirin 980

The Honor 20 Pro with its HiSilicon Kirin 980 was unable to run any of the Nintendo 3DS games that I tested at any playable framerate. The official and unofficial Citra 3DS emulators don’t really support devices with non-Snapdragon chipsets due to driver issues, and as such, this means that Samsung smartphones with Exynos processors will also likely face issues playing any of the 3DS games listed here.


Conclusion – Nintendo 3DS Emulation is very viable (for most flagships)

Oddly enough, I found the best performance to be not with the Qualcomm Snapdragon 865 but rather with the Qualcomm Snapdragon 855. It’s possible that Citra was developed primarily on Qualcomm Snapdragon 855 devices as the Qualcomm Snapdragon 865 is a relatively recent release, but this is only speculation on my part. The Snapdragon 855 found in both the OnePlus 7T Pro and the OPPO Reno 10x Zoom handled pretty much all Nintendo 3DS games I threw at it perfectly, which greatly impressed me, and the games themselves were very much playable. The Qualcomm Snapdragon 720G also fared incredibly well, with more or less identical results to the Snapdragon 845.

Citra (Nintendo 3DS emulator) website

Citra Emulator (Free+, Google Play) →

The post Nintendo 3DS emulation: Official Citra for Android performance testing on the Snapdragon 865, 855, and 845 appeared first on xda-developers.



from xda-developers https://ift.tt/2M8fgcv
via IFTTT

Prepare for 9 Top IT Certification Exams With This $39 Training Bundle

In the current financial climate, finding a secure job has become the top priority for many of us. While some industries are struggling, there are still many vacancies in IT. If you would like to break into this lucrative sector, make The Complete 2020 IT Certification Exam Prep Mega Bundle your starting point. This learning library includes all the prep you need to ace nine top exams, with insight from top instructors. You can get it now for just $1,800 at the XDA Developers Depot. 

You don’t need an amazing academic record to land a good job in IT. However, recruiters do look for certifications. If you can pass the exams, the rewards are pretty great — AWS-certified IT professionals earn $129,868 on average.

This bundle helps you prep for nine top exams, with extensive video training. Through concise lessons, you learn about cloud computing with AWS and Microsoft Azure, and work towards Cisco networking exams. In addition the training helps you earn the all-important CompTIA Security+ certification. With lifetime access to all the courses, you can study at your own pace.

You learn from a roster of top instructors, including Scott Duffy. This certified Enterprise Architect has helped over 343,000 students, earning a rating of 4.4/5 stars on Udemy. 

They’re worth $1,800 in total, but you can get these courses now for just $39.

 
The Complete 2020 IT Certification Exam Prep Mega Bundle – $39

See Deal

Prices subject to change 

More from the XDA Developers Depot

The post Prepare for 9 Top IT Certification Exams With This $39 Training Bundle appeared first on xda-developers.



from xda-developers https://ift.tt/2TPYBP8
via IFTTT

Back cover shows off what the cancelled Pixel 4a XL could have been

The Pixel 4a has been on our radar since late last year. At first, we were operating under the assumption that there would be a Pixel 4a XL. After all, every Pixel generation has included two sizes, including the Pixel 3a series. Eventually, it became clear that Google would not be launching an XL model this time around. However, that doesn’t mean they weren’t working on one.

It’s perhaps no surprise that Google started the development of the Pixel 4a series with the intention of releasing an XL model. There was a leak last month of a Pixel 4a XL replacement back cover on eBay. The part doesn’t have the typical Google “G” logo, however, indicating it’s actually from a prototype device. Now, new images of the Pixel 4a XL back panel have surfaced.

There’s nothing super notable about these images. The back cover includes the camera Pixel 4-like camera module we’ve seen on the smaller Pixel 4a. One clear difference is the number of cameras. It looks like the XL model may have actually sported dual rear cameras, compared to the single camera on the smaller model. The white cover also has an orange power button, which is typical for the Google Pixel line.

It’s interesting to think about a larger Pixel 4a XL with dual rear cameras at a slightly higher price point. Google could have positioned the 4a as the super-budget option and the 4a XL as a slightly more premium mid-range device. In the end, though, Google decided to ride with just one model.

Pixel 4a XDA Forums

As for the Pixel 4a that we will be getting, the launch has reportedly been delayed until July. The rumored specifications are below.

Rumored Pixel 4a Specifications

  • Processor: Qualcomm Snapdragon 730
  • GPU: Adreno 618
  • RAM: 6GB
  • Internal storage: 64GB(?), 128GB UFS 2.1
  • Display: Single hole-punch 5.81-inch display, 2,340 x 1,080 resolution, 443 dpi, 60Hz refresh rate
  • Rear camera: 12.2 MP Sony IMX363, f/1.73 aperture, 1.4µm pixels, OIS, EIS, LED flash, 4K video recording, Autofocus
  • Front camera: 8.0 MP Sony IMX355, f/2.0 aperture, 1.14µm pixels, EIS, Fixed focus
  • Connectivity: 4G, Dual SIM, GPS, WiFi 5, Bluetooth, GLONASS
  • Ports: USB Type-C, 3.5mm headphone jack
  • Security: Rear fingerprint sensor
  • Battery: 3,080 mAh
  • Software: Android 10

Source: 9to5Google

The post Back cover shows off what the cancelled Pixel 4a XL could have been appeared first on xda-developers.



from xda-developers https://ift.tt/2zGQnSN
via IFTTT

[Update: Partnership Concluded] OnePlus removed from McLaren’s partners page, hinting there won’t be another McLaren Edition

Update 1 (05/29/2020 @ 09:40 AM ET): McLaren has clarified that the partnership with OnePlus has been concluded as per schedule. Scroll to the bottom for more information. The article as published on May 20, 2020, is preserved below.

OnePlus has been doing special editions of its phones for a few years now. The OnePlus 5T was available in the Star Wars: The Last Jedi Edition and the OnePlus 6 was available in a Marvel Avengers Edition. Both of these phones were available in limited quantities and in select regions only. The company expanded the scope of these special editions with the launch of the OnePlus 6T McLaren Edition. This variant not only came with a new and distinct CMF (color-material-finish), but it also bumped up the RAM to 10GB and the charging technology to Warp Charge 30. The McLaren Edition made a return with the OnePlus 7T Pro, once again bumping up the RAM and opting for the signature CMF. However, this run appears to have come to an end, as recent developments indicate that there may not be another McLaren edition in the works.

A keen-eyed Redditor noticed that OnePlus was no longer listed as a Formula 1 partner for McLaren for the 2020 F1 season. We checked through Wayback machine (internet archive) and can spot that OnePlus continued to remain listed until March 29, 2020, at least. So, it is safe to presume that the company was delisted as a partner within the last month or so.

OnePlus 7T Pro McLaren Edition

What does this mean? This means that there is unlikely to be another McLaren Edition phone coming from OnePlus. The next McLaren iteration was expected to be on the presumed OnePlus 8T, but we can rule this out from happening based on how things stand right now.

OnePlus CMF Concepts

That’s not to say that there won’t be a special edition for the OnePlus 8T series, at all. OnePlus could always collaborate with a new partner and market a different CMF with different features as a special edition. Some have taken this news to also mean that there won’t be a “T” version at all this year — we do not have any evidence of this statement being true or false, either way.

We’ve reached out to OnePlus for comment on this delisting. We’ll update our article when we get more information.


Update: McLaren confirms that its partnership with OnePlus has concluded

While OnePlus has not responded with any comment, McLaren has responded to AndroidAuthority with a statement:

Our partnership with OnePlus, which came to its scheduled conclusion recently, has been a highly successful collaboration between two iconic and innovative brands. Since the start of this partnership in 2018, OnePlus has been a supportive, valued partner and we wish them well and hope to see them in the future.

This means that OnePlus and McLaren had a fixed duration contract for the collaboration, and that contract has been honored and completed. This means that we are unlikely to see another McLaren smartphone in H2 2020, unless the companies renew their partnership. Keep in mind that OnePlus could collaborate with another partner too, for the presumed T-release of 2020.

The post [Update: Partnership Concluded] OnePlus removed from McLaren’s partners page, hinting there won’t be another McLaren Edition appeared first on xda-developers.



from xda-developers https://ift.tt/2AMa4ZD
via IFTTT

Huawei partners with Dailymotion to show video content in Huawei Video

Improvise, adapt, and overcome seems to be the motto for Huawei since the company was placed on an Entity List by the U.S. Commerce Department last year. The company has developed its own alternatives to Google Mobile Services and the Play Store, re-released older devices with Google Mobile Services, and has even partnered with third-party service provides to offer features that previously relied on popular Google apps. Now, in a bid to offer a YouTube-like experience on its devices, Huawei has partnered with Dailymotion to show video content in the Huawei Video app.

To do so, Huawei has integrated Dailymotion’s video player in the Huawei Video app which will allow users to search for and play Dailymotion videos from within the app. In a statement regarding the partnership, Dailymotion’s Chief Content Officer, Stéphane Godin, was quoted saying, “Thanks to all our premium partners, Dailymotion is able to distribute a large amount of videos and playlists to third-party publishers. We are proud to collaborate with Huawei to make all of our content catalog reach new premium audiences.”

Dailymotion’s technology package will bring a white-label video player, the platform’s large volume of local and international video content via Dailymotion’s API, and a monetization solution for the content on the Huawei Video app. While Dailymotion may not be nearly as popular as YouTube when it comes to user-generated content, the platform still has a decent amount of content from prominent media groups like Le Monde, l’Equipe, BeIN SPORTS, JPI Media, Marie Claire, NBA G League, Media Prima, One India and more.

Speaking of the partnership, Huawei’s Vice President of Mobile Services, Jervis Su, said, “We’re pleased to offer our Huawei Video service so that people across the globe can easily explore thousands of videos and movies available from our partners, including Dailymotion, anywhere and anytime. We are committed to bringing more choice to consumers. We also hope it will bring some joy to all of their lives at this time.”


Source: Dailymotion

The post Huawei partners with Dailymotion to show video content in Huawei Video appeared first on xda-developers.



from xda-developers https://ift.tt/3dfj5c0
via IFTTT

The Sony Xperia 1 II has a neat gaming feature that lets you charge and play without degrading the battery

Smartphone gaming has evolved to become a proper use case for smartphones, to the point that we have gaming smartphones that specifically target this audience. While smartphone gaming is definitely fun and you can easily pour in hours into it, it does have drawbacks for your phone’s battery. Games require a lot of processing power to run, and an intensive gaming session can quickly chew through your battery life. And if you are someone who likes to game while you charge your phone, your phone may have to contend with a lot of poorly dissipated heat originating from both, the running of the game, and the charging of the battery. All of this heat is not good for your phone’s battery health and the overall longevity of your glass-sandwich smartphone. Sony may have worked out a good solution for this scenario, as the Sony Xperia 1 II comes with a nifty new feature that lets the phone use power directly from the charger without charging the battery.

Sony Xperia 1 II XDA Forums

The Sony Xperia 1 II comes with a decent 4,000 mAh battery that supports USB PD fast-charging up to 18W. It also comes with a feature called “H.S. Power Control”, where the H.S. stands for “Heat Suppression”. This feature is part of the “Game Enhancer” on the Xperia 1 II, and it can be enabled on a per-app basis.

When H.S. Power Control is enabled, you can use the Xperia 1 II running on power derived directly from the phone charger. Essentially, you can use the charger to keep the phone powered and the game running, without actually charging the battery. This is particularly useful when playing intensive games for longer periods, as such gaming sessions generate a lot of heat and use up a lot of battery. The heat is not good for your battery health in the long term, generally speaking, and the quicker discharge cycle also takes a toll on the overall battery health. With this feature enabled, you can presumably play for extended periods without worrying about the charging mechanism affecting your battery health. For gamers, this is a game changer, especially if they plan on keeping their phone around for a while.

H.S. Power Control is already available on the Sony Xperia 1 II. It is unknown if the feature will make its way to other Sony devices. The Xperia 1 II is coming to the USA for a price tag of $1,200.

Sony Xperia 1 II — Specifications and Hands-On

Specification Table

Specifications Sony Xperia 1 II
Dimensions & Weight
  • 165.1 x 71.1 x 7.6 mm
  • 181.4 g
Display
  • 6.5-inch 4K OLED
  • 3840×1644 pixels, 643 PPI
  • 21:9 aspect ratio
  • 100% coverage of the DCI-P3 gamut, D65 white point
  • Motion Blur Reduction (90Hz “equivalent”)
  • HDR BT.2020 (Rec.2020)
  • Gorilla Glass 6
SoC
  • Qualcomm Snapdragon 865:
    • 1x Kryo 585 Prime core (2.84GHz)
      3x Kryo 585 Performance cores (2.4GHz)
      4x Kryo 585 Efficiency cores (1.8GHz)
  • Adreno 650 GPU
RAM & Storage
  • 8GB/256GB
  • microSD card slot (uses shared SIM 2 slot)
Battery
  • 4,000mAh
  • 18W USB-C PD fast charging
  • Qi wireless charging
Fingerprint Sensor Side-mounted fingerprint
Rear Cameras
  • 12MP primary sensor, Sony IMX555 – 1/1.7″, 1.8-micron, f/1.7, 24mm, Dual Pixel PDAF, OIS
  • 12MP ultra-wide angle sensor, 1/2.55″, 1.4-micron, f/2.2, 16mm, Dual Pixel PDAF
  • 12MP telephoto sensor, 1/3.4″, 1.0-micron, f/2.4, 70mm, 3x optical zoom, OIS
  • Zeiss optics
  • Up to 20fps AF/AE burst shooting
  • Up to 60 times per second continuous AF/AE evaluation
  • Video recording:
    • 4K HDR at 60, 30, 25, 24fps
    • OIS, EIS, Optical SteadyShot (hybrid EIS and OIS), SteadyShot with Intelligent Active Mode (5-axis stabilization)
    • Slow motion up to 120fps
Front Camera
  • 8MP, f/2.0, 1/4″, 1.12-micron, 24mm
Audio
  • 3.5mm headphone jack, Hi-Res 24-bit/192kHz audio
  • True front stereo speakers
Network Bands
  • 5G: Sub-6GHz Bands N1, N3, N28, N77, N78;
    no mmWave support
  • 4G: LTE Cat19/Cat13: Bands 1, 2, 3, 4, 5, 7, 8, 12, 13, 17, 19, 20, 25, 26, 28, 29, 32, 34, 38, 39, 40, 41, 46, 66) / LTE 6CA / 2CA
  • 3G
    UMTS HSPA+ (Bands 1, 2, 4, 5, 6, 8, 19)
  • 2G
    GSM GPRS/EDGE (Bands 850, 900, 1800, 1900)
Connectivity
  • Wi-Fi 6
  • Bluetooth 5.1
  • A-GNSS (GPS + GLONASS)
  • USB 3.1 Type-C port, DisplayPort support for video output, USB-C to HDMI
Android Version Android 10

The post The Sony Xperia 1 II has a neat gaming feature that lets you charge and play without degrading the battery appeared first on xda-developers.



from xda-developers https://ift.tt/36Er6Vg
via IFTTT