Category Archives: Chrome

This Hack Lets You Run Any Android App on Your Chromebook

image

Using a small JavaScript script, the hack, which is detailed in full on GitHub, allows any regular Android APK to be packaged up and, for want of a better term, side-loaded onto a Chromebook. It can then be run under the Android App Runtime in the same way as the ‘official’ Vine, Dulingo and Evernote. 

Restrictions mean that only one Android app can be run at a time.

To watch a Youtube video demonstration and the full original story follow this link to OMG Chrome.

Try It Out

If the thought of waiting for Google to partner up with the maker of your favourite app, game or utility is too much to bear, you could don your hard hat and try it out for yourself.

But be warned: it’s not a guide for the fainthearted or the technically averse. The developer behind the hack,
Vladikoff, cautions that his tool is for ‘proof of concept’ and is provided without any kind of warrant or assurance. The hack is also not endorsed by Google, Chromium or Android.

To follow along you’ll need a Chromebook with the Android Runtime plugin installed, the Android Vine app (which will be replaced during the course of the guide) and an OS X or Linux desktop from which to ‘package’ your app.

Applications tested and said to be working include Twitter, both tablet and mobile modes, and Flipboard (which was demoed running on a Chromebook at Google I/O).

Other apps tested but that crash include Google Chrome for Android (!), Spotify, SoundCloud and Swing Copters.

You can find more details and a download for the script on the project’s GitHub page, linked below.

‘Run Android APKs on Chromebooks’ Guide

Wikipedia has been visualized as an interactive galaxy powered by WebGL

image

Wikipedia is an almost boundless source of information — as close to a true compendium of human knowledge as we’ve ever come. It’s not very pretty, though, is it? Page after page of black text on a white background, and enough hyperlinks to suck you into a never ending vortex of related articles. Rendering Wikipedia as a nebula is more befitting its true nature, don’t you think? I just so happens there’s a Chrome experiment that does just that, and it’s called WikiGalaxy.

This Wikipedia visualization was created by French computer science student Owen Cornec. Each “star” in WikiGalaxy is a single article on Wikipedia. Highly related articles are placed close to each other in space with connections between them. So if you click on one point of light, you’ll see the text of the article in the left info panel. Over on the right are all the linked articles, which show up on the map as lines connecting the points of light. It’s interesting to see how wide-ranging some of the articles are. The beams of light might be confined to a little corner of the virtual galaxy on one article, then a neighboring page has its tendrils of influence creeping all the way across the map. To get a better feel of your meandering, you can enable the history path, which connects all the articles you’ve clicked on with a green line, winding through the stars.

The map view is the default mode, but you can also dive into fly mode for a more interactive experience. This places you in the middle of the galactic disc, surrounded by articles. The arrow keys move forward, back and side to side. The movement control is good enough, but anyone who has played a 4X game will be missing mouse zoom in map view. It just seems like you should be able to zoom in any out more quickly, and the buttons toward the upper left don’t quite cut it.

image

image

So it’s neat for poking around Wikipedia in a superficial way, but what about reading articles? The preview pane on the left is okay for getting the gist, but you can click on the title for a full page version. You can read through a whole article in this view, but the lack of links and busted table formatting make it less than ideal for in-depth research. Hey, it’s still Wikipedia in galaxy form. What more do you want? If you would like to simply enjoy the interface and click around, there’s a button up top to turn off the UI and get all those boxes out of the way. The beta version only has 100,000 articles, but that’s still a sizeable galaxy.

Cornec’s next project will be to color-code the different article categories so you’ll be able to tell what sort of article each star represents without clicking on it. More stars should be added along the way too. While this is a Chrome experiment running WebGL and HTML5, WikiGalaxy should work in most modern browsers. However, it might not play as nicely with Chrome on Macs. You can blame either Google or Apple for that — take your pick.

For more information and the original story follow the source link below.

Source: Extreme Tech

Android Browser flaw a “privacy disaster” for half of Android users

image

Bug enables malicious sites to grab cookies, passwords from other sites.

A bug quietly reported on September 1 appears to have grave implications for Android users. Android Browser, the open source, WebKit-based browser that used to be part of the Android Open Source Platform (AOSP), has a flaw that enables malicious sites to inject JavaScript into other sites. Those malicious JavaScripts can in turn read cookies and password fields, submit forms, grab keyboard input, or do practically anything else.

Browsers are generally designed to prevent a script from one site from being able to access content from another site. They do this by enforcing what is called the Same Origin Policy (SOP): scripts can only read or modify resources (such as the elements of a webpage) that come from the same origin as the script, where the origin is determined by the combination of scheme (which is to say, protocol, typically HTTP or HTTPS), domain, and port number.

The SOP should then prevent a script loaded from http://malware.bad/ from being able to access content at https://paypal.com/.

The Android Browser bug breaks the browser’s handling of the SOP. As Rafay Baloch, the researcher who discovered the problem found, JavaScript constructed in a particular way could ignore the SOP and freely meddle with other sites’ content without restriction.

This means that potentially any site visited in the browser could be stealing sensitive data. It’s a bug that needs fixing, and fast.

As part of its attempts to gain more control over Android, Google has discontinued the AOSP Browser. Android Browser used to be the default browser on Google, but this changed in Android 4.2, when Google switched to Chrome. The core parts of Android Browser were still used to power embedded Web view controls within applications, but even this changed in Android 4.4, when it switched to a Chromium-based browser engine.

But just as Microsoft’s end-of-life for Windows XP didn’t make that operating system magically disappear from the Web, Google’s discontinuation of the open source Browser app hasn’t made it disappear from the Web either. As our monthly look at Web browser usage shows, Android Browser has a little more real-world usage than Chrome for Android, with something like 40-50 percent of Android users using the flawed browser.

The Android Browser is likely to be embedded in third-party products, too, and some Android users have even installed it on their Android 4.4 phones because for one reason or another they prefer it to Chrome.

Google’s own numbers paint an even worse picture. According to the online advertising giant, only 24.5 percent of Android users are using version 4.4. The majority of Android users are using versions that include the broken component, and many of these users are using 4.1.x or below, so they’re not even using versions of Android that use Chrome as the default browser.

Baloch initially reported the bug to Google, but the company told him that it couldn’t reproduce the problem and closed his report. Since he wrote his blog post, a Metasploit module has been developed to enable the popular security testing framework to detect the problem, and Metasploit developers have branded the problem a “privacy disaster.” Baloch says that Google has subsequently changed its response, agreeing that it can reproduce the problem and saying that it is working on a suitable fix.

Just how this fix will be made useful is unclear. While Chrome is updated through the Play Store, the AOSP Browser is generally updated only through operating system updates. Timely availability of Android updates remains a sticking point for the operating system, so even if Google develops a fix, it may well be unavailable to those who actually need it.

Users of Android 4.0 and up can avoid much of the exposure by switching to Chrome, Firefox, or Opera, none of which should use the broken code. Other third-party browsers for Android may embed the broken AOSP code, and unfortunately for end users, there’s no good way to know if this is the case or not.

Update: Google has offered the following statement:

We have reviewed this report and Android users running Chrome as their browser, or those who are on Android 4.4+ are not affected. For earlier versions of Android, we have already released patches (1, 2) to AOSP.

Source: Ars Technica