Expanding the CM device family

Over the past few months, device maintainers new and old have been pushing hard to get support up to par for a wide range of devices. While some flagships (M9/S6/G4, etc) still need more time in the proverbial oven, we’ve seen a large increase in the medium range devices.


Thanks in part to device contributions from Huawei’s team directly, we are now supporting the Honor 4 & 4x (cherry), Ascend Mate 2 (mt2) and Snapto (g620_a2). These devices represent the first set of Huawei devices we’ve supported since CM 7(!) and it’s nice to see the company supporting the community ahead of the rumored Huawei Nexus. We’re expecting good things to come here.


Moto continues to make headway with their budget line – and we’ve now enabled support for both the Moto E (otus) and G (osprey) 2015 variants.


This Chinese OEM has been making waves in Asia. That wave has reached …

Read the Rest…

Releases, Releases, Releases – August 2015

Tapping into my inner Balmer with the post title

We’re queuing up releases across three branches this evening, releasing into the wild CM 11.0-security, 12.0-security and our very first 12.1 release. As always, these releases are being marked as ‘known good’ by their maintainer, and signed-off individually. This means that not every CM device will receive a release – only those marked as ‘Good to go’ by the maintainer.

The 11.0 and 12.0 builds are security releases built on top of the last CM11/12.0 releases, modified to include the recent security disclosures, including the vulnerabilities in Stagefright. Users of the previous 11/12.0 release builds are encouraged to update. Users of 11.0/12.0 weeklies (nightlies) will see no net change, and need not update.

The CM12.1 release marks our first Android 5.1.1 release which brings our IMAP idle support, SDK v1 release and the security fixes mentioned previously.

If you are updating to any of these builds, please pay close …

Read the Rest…

CVE-2015-3833 and you

The past month has been dominated by highly publicized vulnerabilities such as ‘Stagefright’, ‘Certifi-gate’, and ‘Deserialization’, however the August wave of fixes also included many other fixes, one of which in particular we have received a lot of questions/complaints over.

CVE-2015-3833 affects Android 5.0 and higher, and is officially described as follows:

Mitigation bypass of restrictions on getRecentTasks()

A local application can reliably determine the foreground application, circumventing the getRecentTasks() restriction introduced in Android 5.0. This is rated as a moderate severity vulnerability because it can allow a local app to access data normally protected by permissions with a “dangerous” protection level.

This particular patch was merged into CM sources on August 12th. As a result, apps that relied on attaining a list of running processes via the now plugged hole will fail to function properly. This includes (but is not limited to) apps like Greenify, FMR Memory cleaner, Zillow and System Panel [1]. …

Read the Rest…

More Stagefright

The issue described in the the latest publication of Stagefright issues (link) has been patched in source for CM 10.1 -> 12.1. Nightlies for 12.1 beginning tonight (~2hours) will include this fix, in addition to all the other exploits that came as a result of Stagefright and DefCon/Blackhat.

On the topic of 10.1 & 10.2, while these have been patched for this particular series of issues, we do not intend to issue a new release for these branches – the patches are there more so to protect derivative ROMs that use our source as base code.

We will be releasing another stable version of 11.0 and 12.0 (as well as a stable 12.1 release) with all of these fixes (and more) by the end of this month. More on that in a separate post.

Call for response: File Manager Redesign

Over the past couple of weeks we have given you insights into some of our proposed design changes across both Messaging and the Dialer Instant Contact Card. It has been great hearing your feedback, learning what you like and dislike. You’ll be happy to know that many of these suggestions are being reflected in the final product. Today, we’re excited to share with you our proposed File Manager experience.

File Manager has been a core part of the CyanogenMod portfolio, but has typically been an app that only advanced users use. We conducted a survey in March that indicated that by far the largest user complaint is the app’s unintuitive UI, especially when it comes to moving files around the system. In addition to this, the usage of cloud storage has increased over the years, and we wanted to enhance the platform and file manager experience with a tight integration to these services.

With …

Read the Rest…

Latest updates to CM 12.1

Over the past few weeks, contributions led by Jorge Ruesga (jruesga) and aided by Danny Baumann (maniac103) have added some much needed, and loved, features to CyanogenMod 12.1 nightlies.

Imap push enhancements

One of the most requested  features requested from Google since the ICS days was the implementation of the IMAP IDLE protocol to the stock Email app. The IMAP IDLE protocol (RFC 2177) is an extension to the IMAPv4 specification that allows for receiving email changes (new emails or modification/deletions of the current existing ones) as soon as they happen or are detected by the email server. This is accomplished by maintaining an active connection that allows the server to push notifications about these changes to email clients. Maintaining an idle connection to the server will reduce the overhead of polling the server every ‘n’ minutes, which leads to a better overall battery and networking usage performance.

In recent CM12.1 nightlies the …

Read the Rest…