OnePlus phone and Notification issues

I recently acquired the OnePlus phone, and immediately started digging into customizations. One of the features is Quiet Hours.

I didn’t realize it at the time, but Quiet Hours in CyanogenMod 11 u38+ breaks notifications on the OnePlus.

After some Googling, finally found the right post with directions that worked for me (and based on comments, many others).

[elink link=”https://jira.cyanogenmod.org/browse/BACON-6″]. Read the comment by Jake on Oct. 21, 2014 at 8:13 AM.

Here’s a summary:

  • Turn Quiet Hours on
  • Remove the Quiet Hours
  • Restart phone
  • Add Quiet Hours tile back
  • Turn Quiet Hours off using the tile

You may safely remove the Quiet Hours tile after this and until this defect is corrected, don’t turn quiet hours on again.

Presentations using HTML/CSS3

Have been doing some work with socket.io, and investigating implementation using the Python micro-framework Bottle.

In my investigations, came across a presentation that showed this integration with an example. The presentation also used Reveal.js both for the presentation and as part of the demo.

Reveal.js runs in the browser, and has very impressive features. They use the product for the overview on the website, and is well worth skimming through. As it’s all Javascript, custom features, styling and any other customization is available, but they also provide an online editor for creating presentations.

The presenter at Moo used Reveal.js for his presentation, but for the socket.io portion of his talk, it was also the demo app. He tied socket.io into Reveal.js, and published a version on his website. Attendees could then open that version in their browser, and when he changed slides, all the attendee’s versions advanced to that slide. A very impressive way to demonstrate your talking point, but also an interesting idea for presentations in general.

Tell a client to open their browser to the presentation, and they can follow along. This could also drastically improve remote presentations. A remote person could conference call in, and open the presentation on their machine. When the presenter advances slides, their copy will also advance. No more trying to share desktops, or having to tell people which slide your currently viewing.

That last point needs to be confirmed that it will work, but I believe the presentation enables CORS so that the client machine will accept messages from the presenter. So, the presenter would have to know their IP before publishing the presentation, and would only be able to remote control from that IP. Still an interesting thing to investigate.

Links

  • Socket io: [elink link=”http://socket.io/”]
  • Bottle: [elink link=”http://bottlepy.org”]
  • Presentation: [elink link=”https://github.com/abourget/moo”]
  • Reveal.js: [elink link=”http://lab.hakim.se/reveal-js/#/”]
  • CORS: [elink link=”http://enable-cors.org/index.html”]

Phishing attacks keep getting smarter.

Listening to the StackExchange podcast this morning, and they discussed an interesting question.

How was my mums gmail account hacked?

Turns out this mom received an email from a friend, and clicked the link. It opened a whole number of browser tabs schilling medical supplies.

The mother dutifully closed them all, and then came to a tab informing her that her Gmail session had expired. She entered her credentials, and continued on. This is when the emails started flying.

Reading through the question, it appears this phishing attack is quite smart. It shows the session expired screen as each of the supported services would display it, and then likely uses the credentials immediately. The individual answering the question hypothesized that 2-stage authentication wouldn’t necessarily help in this case, as the site behind this could take the entered credentials, attempt to login immediately, and if it got the 2-stage request, forward it to the victim.

Bottom-line: Be VERY leery of ANY links in emails. Don’t login to a site unless you’ve used a bookmark or typed in the URL yourself. Maintain unique passwords for all sites (A password manager is very helpful here, and there are several available).