Related
The Motorola Milestone Android 2.1 update has apparently been released in Europe and it includes some new Motorola custom apps: a replacement camera app; a new Motorola-specific Facebook app, and a custom CarHome app.
I haven't found anywhere much info about or screen shots of these yet as it looks like the update was just pushed yesterday.
Has anyone seen these apps floating around out there in an APK form for us to install on our Nexuses?
I've got a Milestone that has been at 2.1 for a couple of weeks now (love leaks).
I'll pull the APK's from the rom and post them, if you are interested. It would not shock me if they have run problems out of the box.
I'd like these as well if you don't mind.
I'd be interested in the email app with the new exchange security features.
I looked on android git and it doesn't seem like anything new has been committed to the email app in the last 7 weeks though.
Bump, anyone?
Just plugged in my 'stone - what apks do you want?
EDIT: I'm pulling /system/app and posting the zip to Filedropper as we speak. I'll post the link in a few seconds.
I've tried a few of them. The Facebook app doesn't seem like a massive improvement. The Moto Car Home app is less fancy but probably easier to use hile driving than the N1 - it is a rectangle with 6 big buttons. Milestone has the N1 and the Droid absolutely killed with the photo editor app. The camera and video app is OK - the effects mode is very nice, though I don't use that, but can't touch the Desire cam for speed and function. The corporate email and calendar apps apparantly still work pretty well with exchange (they already did with 2.0 and 2.0.1). The audio equalizer is very nice - I wish that the N1 had that (it hasn't changed from 2.0.1, that I can tell).
Here is the link to all of the apps. All are de-odexed.
http://www.filedropper.com/milestone21
http www filedropper com/milestone21 (in case the site strips my URL)
Thanks for posting this. Camera app FC on me . I really like the way milestone camera works and hoping that I can use it on my N1. Moto phone portal works pretty well with N1.
How did you get MotoCamera to work on your N1?
big_adventure said:
Here is the link to all of the apps. All are de-odexed.
http://www.filedropper.com/milestone21
http www filedropper com/milestone21 (in case the site strips my URL)
Click to expand...
Click to collapse
Thanks very much -- but the filedropper site isn't responding at all.
Could someone mirror please?
just keep hitting refresh... i just download it less than an hour ago...
scoopman said:
Thanks very much -- but the filedropper site isn't responding at all.
Could someone mirror please?
Click to expand...
Click to collapse
http://www.multiupload.com/FK8EIEITW9
Which one is the new FB app? If it's the Facebook.apk then it's the same one that comes on our nexus'......
Has anyone tried to install the photo editor app he mentioned? If it'll install through a file manager on a stock N1, then I'm wondering how it compares to Adobe's app.
Would like to know about that too^^^
The moto phone portal app is really cool too! works perfectly
Do u have too be rooted to install the phone portal and what does it do?
it lets you back up contacts, photos, sms.
And it lets you send/recieve sms from your phone using wifi, it's all done through a web page, really neat!
and idk if you have to be rooted or not :/
You are all welcome.
Has anyone tried to install the photo editor app he mentioned? If it'll install through a file manager on a stock N1, then I'm wondering how it compares to Adobe's app.
Click to expand...
Click to collapse
The photo editor is pretty close to Photoshop Mobile for Android, except it is linked to the Gallery, so opening a photo anywhere that uses the Gallery offers the edit options in the menu.
Therein lies the rub: at least on the Milestone, you have to use the 'stone's gallery to use the 'stone's editor. I have both the Milestone gallery and the Nexus gallery on my Milestone for exactly this reason.
When I get a chance, I'll try the Gallery and Photo Editor on my N1 to see if it works.
What about the Email app? Has anyone tried it yet?
Does it have any improvements compared to the stock app?
must my phone rooted for this apps??
WingnutStrikesBack said:
must my phone rooted for this apps??
Click to expand...
Click to collapse
Why dont you just try it?
If it doesnt work then you'll probably need it rooted
Hello all,
I hope I'm not infringing on some forum rules by asking/posting in this format.
I am looking for a Social centric phonebook much alike the one found with HTC sense or other customized interfaces.
To be clear I'd like to find all information attached to a particular contact in 1 place. So if I get to Mr X, i'll see all text messages ever exchanged with him, his facebook, twitter, what have you page and call logs.
I've seen Phonebook 2.0 www [.] voxmobili [.] com / phonebook / which looks just about right except it appears it hasn't been launched yet.
So is there anything right now that could do the trick.
Note: My nexus is 1 week old if even and I'd rather not root for now but I'd be glad to hear about apps that'd require rooting, for future reference.
Many thanks
www.getaddressbook.com
does what you wwant, but its not perfect. Hopefully it will improve.
That's definitely a good start thanks. I see that the latest version has FB disabled though, I'm not a big user but most of my contacts will be from there so I'm pondering a bit on whether I'll wait or install right away
Airbag888 said:
That's definitely a good start thanks. I see that the latest version has FB disabled though, I'm not a big user but most of my contacts will be from there so I'm pondering a bit on whether I'll wait or install right away
Click to expand...
Click to collapse
Are you sure? This appears to be the same version I used to use... You have to install the 'mix-ins' seperately comprende? Or did you do that and it still didn't work? If you want, you can ***** at the dev here http://forum.xda-developers.com/showthread.php?t=623851
stonew5082 said:
Are you sure? This appears to be the same version I used to use... You have to install the 'mix-ins' seperately comprende? Or did you do that and it still didn't work? If you want, you can ***** at the dev here http://forum.xda-developers.com/showthread.php?t=623851
Click to expand...
Click to collapse
Actually I read on the changelog that FB was disabled and on market people were complaining about FC's. But I installed it and it works
Seems that HTC is finally acknowledging Peep's vulnerabilities and while not publicly releasing an update, they will send it out to people who request it...
http://blog.taddong.com/2011/02/vulnerability-in-htc-peep-twitter.html
It's about time they got a fix out for it!
By the way, the Tweet for @xdadevelopers went out saying this was for Android users, instead of Windows Mobile users.
We have published an article regarding this situation on our Portal
http://www.xda-developers.com/android/htc-peep-vulnerability-update/
How did you find the vulnerability, is there a packet analyzing tool for android?
No luck
I just received a response from HTC saying they have no idea what I'm talking about. I just sent them back a response with the linked article. Hopefully someone can get the update from them and post it here so we don't have to deal with them at all.
So is this Windows mobile only, or Android too?
Sent from my HTC Desire using XDA App
Lothaen said:
So is this Windows mobile only, or Android too?
Sent from my HTC Desire using XDA App
Click to expand...
Click to collapse
I don't think Android uses Peep in its interface for Sense. I'm not 100% positive on that, but I know we've had an issue with this for WM for about five or six months now.
In trying to get a hold of this update, here are my responses from HTC so far for anyone interested.
Me said:
I just heard about the update to HTC Peep for Windows mobile users. I have an AT&T Tilt2 with Sense loaded on it. I was hoping you guys could send me the Peep update so I could use that tab again without worrying.
Click to expand...
Click to collapse
Kathleen said:
I understand how important it is for you to be able to update your Peep application. Unfortunately, we are not aware of an update for the Peep application. I have looked for the update and it is nowhere to be found. You will need to keep an eye on http://www.htc.com/us/support/tilt-2-att/downloads/ for updates for your device.
Click to expand...
Click to collapse
Me said:
I read about the security flaw in the HTC Peep tab back in August and never used it because of this. The Peep application discloses the username and password via a HTTP OAuth-related request during the initial sign in to anyone eavesdropping on the connection. It also exposes the username and password after the connection is established by having all of the requests from the mobile device to the Twitter service use a HTTP Basic authentication header even though the app is supposed to be using OAuth. For more information, please refer to this article: http://blog.taddong.com/2011/02/vulnerability-in-htc-peep-twitter.html
Click to expand...
Click to collapse
Lindsay said:
We have not made an official update, any updates found on 3rd Party websites are up to you to do the research and download yourself. Just know these updates are considered rooting on your Tilt 2, so make sure before you update you do the research.
Click to expand...
Click to collapse
Me said:
Then when will the update be made public? It is kind of a pain that I've waited for six months now to use a feature of this device because of a security issue. Also, how would this be considered rooting since I'm not using an Android device? Windows Mobile users have administrator-like privileges by default in this operating system. There is no such thing as rooting on a Windows Mobile device.
Click to expand...
Click to collapse
Lindsay said:
If you re-write the ROM it is considered rooting. If you can add any applications to the SD Card and install it to the device, that is not rooting. We do not have any information on any updates available for your device at this time. I apologize that we do not have any updates for HTC Peep.
Click to expand...
Click to collapse
Me said:
I don't mean to sound insulting, but rooting is not the same as flashing a custom ROM. Rooting is gaining root-level administrator privileges on a Linux based operating system. Windows Mobile provides this access to the user by default. There is no other setting for this. Android, being a Linux based distro, does not come with root privileges installed to protect itself from users inadvertently messing around with things they shouldn't. It is the same thing on desktop operating systems like Ubuntu, Fedora, and the like. Rooting is completely different from flashing a custom ROM, as you are suggesting. Either way, an updated Sense tab using HTTPS, as it originally should have done, would be as simple as installing a *.cab file. My question, then, becomes to whom should I address this issue to get further support should I decide to call about it with the information I have?
Click to expand...
Click to collapse
Lindsay said:
The fact is we do not have an update for your device at this time. I apologize for this, but at this time we do not have any updates.
Click to expand...
Click to collapse
Me said:
Yes, you mentioned that. I asked whom I should voice my concerns with since this is the case. I understand that you don't have any information to offer me. I wasn't questioning that. I would simply like to know where I should go from here as there has been a serious security flaw in this device for quite some time. I do not mean to insult you, if I have done so, and apologize if I have, but I want this matter resolved once and for all. Obviously, the users are not allowed to modify the HTC Sense code or this would have been resolved some time ago. If some users were allowed the Peep source code, this could be rectified very quickly with the SenseSDK, but as that isn't an option, I, and several others, look to HTC to provide support for their product and software. If it is simply a problem of my device becoming outdated, then the HTC HD2 (Leo_512, Leo_1024) has the same problem on the latest ROM image as well.
Click to expand...
Click to collapse
Lindsay said:
I have sent the forum you sent me to the appropriate department for review. If you would like to troublahoot you device I would be glad to further assist you, but at this time this email will need to be closed if there is no troubleshooting to be done on your device. Again, I have sent the forum to the appropriate department.
THREAD CLOSED
Click to expand...
Click to collapse
It doesn't look like HTC is playing ball here. I'm going to continue to try to figure this out as I would love to actually be able to use the Twitter tab for a change. I never really used it because of the security flaw that was found.
i contected taddong and they told me
yeah they told me they had no idea what i was talking about....i contacted "tadong" and they told me to sedn the link from there site regarding the issue to HTC and he would handle them if they wanted more info on it...i guess we'll see what happens
It doesn't look like HTC is playing ball here. I'm going to continue to try to figure this out as I would love to actually be able to use the Twitter tab for a change. I never really used it because of the security flaw that was found.[/QUOTE]
Uh... "If you can add any applications to the SD Card and install it to the device, that is not rooting."
Under that logic, if unrevoked forever ever releases a .apk to turn S-OFF, does that imply that merely doing that to get root access isn't rooting?
edit: this is what happens when companies aren't smart enough to release some kind of auto-app updater, separate from OTA updates. Stuff like this takes an eternity. How hard is it to add an "s" to the http of the authentication? (for that matter, why the hell is Twitter letting you log in this way in the first place?)
lol, first thing i thought of when i saw this posts title...
http://my.starstream.net/neobigd/htc_peep.jpg
HTC finally release the Peep security update for the Rhodium, Topaz, Leo, and Photon. I've attached the files to this post, but they can also be had at HTC's website at the link below.
HTC Peep security update
EDIT: These updates do not work with custom ROMs, it seems. The *.exe needs to be copied to your device and run from there. I'm working on extracting them and making proper *.cabs now.
Peep Update *.cabs
EDIT: DO NOT PM ME ABOUT THIS FIX. IT DOES NOT WORK.
Please do not PM me about this security fix. It has nothing to do with the current Twitter outage as of the beginning of May 2011.
After pulling them apart and recompiling them, with the help of JVH3, here are the HTC Peep Update *.cabs. These are for Windows Mobile users with version 6.5 or higher. It should work, in theory with version 6.1, but I didn't feel like testing it out. Obviously, you'll need Sense 2.5 as well. There are four versions, but they all seem to be exactly the same. I didn't notice any differences other than the dates they were packaged. The Rhodium version seemed to have a slightly smaller TwitterApp.exe file, but I still don't think it was different.
Disclaimer: I take no responsibility for anything you do to your devices. These are posted for informational purposes. If you choose to install the application update, then any side effects (of which there should not be) are on you.
Changes
This update changes the way the Twitter Tab (HTC Peep) authenticates your user account. Before this update, your account information is sent via unencrypted http headers upon login which reveal both the username and password to anyone who happens to be eavesdropping on the connection, whether it is by cellular data or wifi as seen below.
Code:
authenticity_token=c8b5abaf53f223e827d9258ddfef4285a816db5f&
oauth_token=I4FK956n1foaHjayLKXJT2IaBpsmoo0amKyPhebc&
session%5B[B]username_or_email%5D=USERNAME&session%5Bpassword%5D=PASSWORD[/B]
Also, when sending tweets or receiving them, their is a continuous authenticate request sent which exposes the username and password again as illustrated below.
Code:
GET /statuses/friends_timeline.json?count=50&page=1 HTTP/1.1
Accept: text/xml, application/xml;q=0.9, */*;q=0
[B]Authorization: Basic BASE64("USERNAME:PASSWORD")[/B]
User-Agent: TwitterEngine
Host: twitter.com
I haven't been able to confirm the status of the current update yet with traffic monitoring, but according to HTC, this update sets the Peep application to use OAuth to establish a connection with https to encrypt the username and password instead of leaving it exposed for all the world to see.
EDIT: This is not a 100% fix. It seems that while the initial session is now being sent over https using TCP port 443 (sending against the api.twitter.com domain), during the rest of the session, Peep switches back to HTTP basic. This still leaves the whole session after the initial login vulnerable to hijacking based on the Twitter's session ID through cookies. I suggest using a different Twitter client, as neither HTC nor Twitter care for our aging devices.
EDIT: DO NOT PM ME ABOUT THIS FIX. IT DOES NOT WORK.
i dont like to install os on sd card
squaloforte said:
i dont like to install os on sd card
Click to expand...
Click to collapse
What relevance does your post have to anything related to this thread?
Nothing about this thread has anything to do with installling an os or anything to your sd card.
It is about the twitter tab security flaw and the recent patch by HTC.
A patch could only be installed to the device, since patches need to replace files on the device.
Still getting login error!
I'm still getting login error problem on my HTC HD2 o2 uk phone, this update and the HTC HD2 Peep Security update on the HTC website http://www.htc.com/europe/SupportViewNews.aspx?dl_id=1085&news_id=866 doesn't work
Is anyone else getting this problem?
ramonguthrie said:
I'm still getting login error problem on my HTC HD2 o2 uk phone, this update and the HTC HD2 Peep Security update on the HTC website http://www.htc.com/europe/SupportViewNews.aspx?dl_id=1085&news_id=866 doesn't work
Is anyone else getting this problem?
Click to expand...
Click to collapse
Please try to keep up.
This fix has nothing to do with login errors.
This fixes a security vulnerablity.
Without the fix, user name and password are sent in plain text through http.
With the fix, oauth is used instead, so each request does not send this information. And when it initially is sent to authenticate, https is used.
The twitter tab works for just about everybody. And the fact that no one else is reporting problems since applying the fix indicates that the fix does not have a problem.
Things to check:
Do you have a twitter acount?
Are you entering your twitter user name and password correctly?
Is your twitter account locked by twitter? (try using it with your computer)
Do you have a data plan?
Do you have a strong cell signal with Edge or 3G service?
Have you tried soft resetting your device?
Are you in the UK?
If not, does the country you are in block access to twitter?
Can you browse web pages with your phone?
No need to reply to this reply to your post since your post was not on topic for this thread.
JVH3 said:
Please try to keep up.
This fix has nothing to do with login errors.
This fixes a security vulnerablity.
Without the fix, user name and password are sent in plain text through http.
With the fix, oauth is used instead, so each request does not send this information. And when it initially is sent to authenticate, https is used.
The twitter tab works for just about everybody. And the fact that no one else is reporting problems since applying the fix indicates that the fix does not have a problem.
Things to check:
Do you have a twitter acount?
Are you entering your twitter user name and password correctly?
Is your twitter account locked by twitter? (try using it with your computer)
Do you have a data plan?
Do you have a strong cell signal with Edge or 3G service?
Have you tried soft resetting your device?
Are you in the UK?
If not, does the country you are in block access to twitter?
Can you browse web pages with your phone?
No need to reply to this reply to your post since your post was not on topic for this thread.
Click to expand...
Click to collapse
My Peep app stop working in January, there are no problems with my twitter account, all I'm looking for is a solution or fix!
Do you know where i can get a Peep.cab?
ramonguthrie said:
My Peep app stop working in January, there are no problems with my twitter account, all I'm looking for is a solution or fix!
Do you know where i can get a Peep.cab?
Click to expand...
Click to collapse
As I previously said, this thread is dedicated to the HTC Security Patch for the twitter tab.
I suggest either looking for a thread dedicated to the twitter tab not working or creating your own thread in the question and answer section.
http://forum.xda-developers.com/forumdisplay.php?f=456
This thread is not the appropriate place for your question.
My HTC Peep stopped working on my Rhodium after installing this update. Peep worked right up until I installed the HTTPS Fix.
Verizon TP2, using the Custom ROM --> Verizon MR2 Fixed by Mr. X
(ROM Found here)
http://forum.ppcgeeks.com/cdma-tp2-...zon-mr2-fixed-mr-x-boots-unlocked-device.html
I see the "Tap Here to Authenticate" Screen
I type in Username/Password (which works when logging into the website)
HTC Peep tries to log in, but I get an error --> "You entered an incorrect username or password."
I cleaned out the Temp folder to try and get a fresh start, but no luck.
I tried to uninstall, but I am unable to uninstall properly.
I tried to Re-install, but no luck.
I shut down Sense, re-installed, and rebooted and turned on Sense, no luck.
So, minus doing a brand new ROM flash it looks like this .CAB tanked the Twitter tab for me. I didn't really want to keep using it unsecured, but it sucks that the update stopped it from working altogether.
I've had this apk since I grabbed my Droid on release day, since then I've noticed it's been removed and I find others are seeking it. If anyone would like the ultra-cool Cents Clock(App+Widget) v1.6 - I'll send to anyone upon request.
HINT: If you can't figure out what apk it is simply Google the name and you'll find out everything you need to know about it.
Thanks for allowing me to attach files!
JLG1985 said:
I've had this apk since I grabbed my Droid on release day, since then I've noticed it's been removed and I find others are seeking it. If anyone would like the ultra-cool S.... Clock(App+Widget) v1.5 - I'll send to anyone upon request.
HINT: If you can't figure out what apk it is simply Google the name and you'll find out everything you need to know about it.
Click to expand...
Click to collapse
What are you talking about? What name?
Google this
Cents Clock(App+Widget) v1.5 - I don't know if against the rules to share a FREE app that's been removed.
Forgive me it's version 1.6 - added file download up above!.
pm'd you an email address...
Thanks
I sent it, check your inbox
why exactly cant you type "Sense Clock"? Why do you keep leaving the "sense" part out?
I'm not sure if it's against forums rules to share an apk that's been removed because of an C&D order.
im pretty sure it would be
lol whats the name of the app ?
It's posted in #6 post - just a few above this
Sense clock Sense clock Sense clock Sense clock Sense clock Sense clock Sense clock
Sorry, felt like being a rebel today.
I cant imagine saying its name is against the rules, Im sure posting it may be.
thread fail
You're okay to share the app. It's free and you're basically just saying you prefer it over whats given in the stock version of Android and that you'd like people to check it out.
However, if it's a PAID app; then that's different. You can talk about it; but under no circumstances can you POST it here on the forums, unless given consent to do so by the author of app. I see no reason why you should be afraid of stating your opinion about your app choices, continue doing so.
pseudoremora said:
You're okay to share the app. It's free and you're basically just saying you prefer it over whats given in the stock version of Android and that you'd like people to check it out.
However, if it's a PAID app; then that's different. You can talk about it; but under no circumstances can you POST it here on the forums, unless given consent to do so by the author of app. I see no reason why you should be afraid of stating your opinion about your app choices, continue doing so.
Click to expand...
Click to collapse
thank you for the clarification, there's a lot of people that want to be mods and are always calling out things...
xhazyx said:
thank you for the clarification, there's a lot of people that want to be mods and are always calling out things...
Click to expand...
Click to collapse
No problem, just didn't want him to feel like he couldn't contribute or what not.
Also, you should take your advice from your signature and brother out.
Cents (good eh?) Clock App+Widget
Could one of the moderators please allow me to attach files to my posts and PM's. I can't put up a working link right now and it would be easier to just include a link to the apk from right here.
Thanks you in advance!
I have tried to send the apk via email to whomever has asked for it - it is NOT A MOD - it is simply an apk that was listed on the Market then removed. Nothing more nothing less.
JLG1985 said:
Colud one of the moderators please allow me to attach files to my posts and PM's. I can't put up a working link right now and it would be easier to just include a link to the apk from right here.
Thanks you in advance!
I have tried to send the apk via email to whomever has asked for it - it is NOT A MOD - it is simply an apk that was listed on the Market then removed. Nothing more nothing less.
Click to expand...
Click to collapse
One more post, and you will be able to. 10 is the magic number, or at least it used to be.
Attachments
Help, I need somebody, Help, not just anybody, Help, you know I need someone, Heeeelp...
Will this do?
JLG1985 said:
Help, I need somebody, Help, not just anybody, Help, you know I need someone, Heeeelp...
Will this do?
Click to expand...
Click to collapse
Yeah that works..
Better than fancy or beautiful widgets? Pic?
Anyone figured out how to delete it? Every time I erase the 'sent from Tmobile' crap it reverts back.
there should be a signature setting somewhere in the email app
Take it out of your Gmail
Sent from my HTC Glacier using XDA Premium App
It does not allow itself to be removed in the regular imap email app. Annoying as hell. If u delete or change the sig it just reverts back to the T-Mobile sig.
Fortunately gmail app doesn't behave that way.
I gotta say that for a "vanilla" Android phone, T-Mobile really dug their nails into it. This ain't no nexus vanilla that's for sure.
Sent from my LG-P999 using XDA App
This is happening to me too and it is completely unacceptable. This is happening on my exchange email, I know I can use touchdown but I have to pay for that. This should not be like this.
Would it be possible to get the apk from the Nexus One email client and install it on this phone?
And me. I don't want this T-Mobile signature on my corporate e-mail account. Calling support right now...
Talked to support. After the usual basic steps she looked in the database and said "oh yes, I see others are having the same issue. It would need a software update from Google, and there's no timeframe for that".
Time to get hacking...
IMHO, this is completely unacceptable; I just discovered this today. I can't use this for my work email (we have to put in our own corporate disclaimer) if I can't change the signature. The only tedious work around is to to delete it every time I start a new email/reply and put in some shortcut to insert my actual shortcut. As a former BB owner, this is terrible, and this phone is going back to t-mobile right now. Might be time to bite the bullet and just switch to Verizon and the droid pro. Sigh.
Yes it's a stupid bug for sure. Glad I already paid for touchdown.
If you don't want to pay for Touchdown, there are others as good if not better than Touchdown for free. Just look for them.
Fixed the issue by replacing the email.apk file with the one from here:
http://forum.xda-developers.com/showthread.php?t=775007
Can you tell me how you did this. I have tried to install the apk but it fails.
1) End the task of your existing one and click delete data/cache in manage applications.
2) Use Root Explorer and rename the old one in system\app to email.apk.old / make a backup of it
3) Copy the new one to system\app and click install
Thanks so much. No more signature! I was really bummed out about this one, but now all is good.
ahh, glad the directions worked. I had to work from memory as I initially tried the Gingerbread email.apk file and had to do a bunch of delete, uninstall, delete motions to get the one linked above to work.
No - the default Gingerbread version does not work. I believe the one above is based on the 2.3 code and does work. The black back ground is a lot nicer than the grey that the default client had.
This is the default email client and may work better for people that don't want to bypass Exchange security policies:
http://forum.xda-developers.com/showthread.php?t=1041962
Awesome thanks...now I dont have to ask T-Mobile for a monthly fee for the advertising my emails were providing.
This is total crap!
How did you guys get around to renaming the original file? When I try it says insufficient permission. Looks like it is a read only file and am unable to change it.
You need root access.