Public Service Announcement: Sony CM12 users

Due to a change introduced this morning to our BusyBox source, to flash a new nightly moving forward you must do a one-time manual process.

Download tonight’s (2/14) nightly, unpack the zip and use fastboot to flash the boot.img.

Command: fastboot flash boot boot.img

This will allow you to resume the normal update process. Sorry in advance for the hassle, but this was a necessary change for how mounts are handled in BusyBox. As Sony devices use a combined boot and recovery.img (no separate recovery partition), fastboot is the only way to workaround this latest change.



Developer Blog – The CyanogenMod Theme Engine

Today we have a guest post from CyanogenMod contributor, Cyanogen Inc. employee, and co-author of the new CM Theme Engine to provide a brief overview of how the Theme Engine works. Please welcome Clark Scheff. – ciwrl

CyanogenMod makes it easy to quickly customize & change the look of your UI, allowing you to really make your device your device.  As someone that loves to tinker, I like to know how things actually work and I wanted to explain how themes actually work in CyanogenMod.

At the most basic level, themes are simply a mechanism to allow resources to be replaced at runtime (as opposed to compilation time – the time when the build is created on the buildbots).

I’ll get into more details about resources, but for now just think of them as the elements which make up the application’s UI.  Whenever an application is started, Android loads up the resources associated with …

Read the Rest…

CyanogenMod for Android One

Android One represents Google’s attempt at reaching “the next billion users” – starting today, CyanogenMod 11 (KitKat) builds are available for the ‘sprout’ devices. As the devices are currently setup for CM11 only (work on CM12 is in progress) these builds will trickle once a week, every Sunday.

This release represents a few firsts for us. Not only are these the first Android One devices and first official release of CM for these devices, the Android One device is the first ever officially supported Mediatek device. Mediatek (MTK) devices have been notoriously difficult for the developer community to complete fully functional bring-ups, and this marks a milestone in that effort.

The kudos for this goes to a young upstart CM contributor Varun Chitre, who had the beginnings of CM on the Android One kicked off within two weeks of Google’s launch. He’s dedicated his time since October to bring this device to Android One users, …

Read the Rest…

The “L” is for Lollipop

Happy New Years (for all you Gregorian calendar folks)! Hope everyone enjoyed the holidays and month of December.

In the CM11 M12 post, we mentioned that we were entering the beginnings of CM 12 work, based on Lollipop. Today, we are enabling CM12 nightlies to showcase how far we’ve come since. The full list of devices ready for tonight’s first rollout is further below.

We would like to note that at this point we consider ourselves 85% complete for our initial CM12 M release. We’ll spend the remainder of this month bringing up additional devices and finishing up the features you’ve come to love from CM11 – implementing them into the new Material UI.

At this point, the following large items are not implemented, but should be in the next few weeks. Some additional smaller tweaks are also missing, but left off this list:

Theme Engine Quick Settings reorganization and customization Quick Settings Ribbon mode Navigation …

Read the Rest…

CyanogenMod 11 M12

Taking a breather from all the work on L, we snuck in another M release yesterday against the CM 11.0 (KitKat) branch. This release is less heavy on features, instead focussing on stability for various device trees and security fixes.

Notably on the security topic, this release incorporates the upstream Google patches against last months POODLE vulnerability in SSLv3. You can read more about the POODLE vulnerability on Google’s Security Blog. Users are strongly encouraged to update to the latest available build to keep in line with the latest security patches.

Multi-sim users should also see added improvements throughout the OS experience, and there has been similar polishes of improvements and features throughout the system as we look towards sunsetting CM11; CM12 looms over the horizon.

For those of you hopping between M and nightlies, the branch point was November 3rd.


No doubt the big news at the beginning of November was the …

Read the Rest…

In Response to The Register “MITM” Article

On Monday, The Register put out an article reporting that CyanogenMod was open to a Man-in-the-middle (MITM) attack via a “0-day” vulnerability relating to a SSL vulnerability in Android’s JSSE from 2 years ago.

There are a number of issues we could point out regarding the nature of this report – the least of which was the lack of contact regarding this topic prior to publishing. Our followup request to the author for direct references to his claims (or a retraction) has gone unanswered, so we are left to refute this article on our own. This is odd as The Register has historically had good messaging with respect to CM, but mistakes happen.

First, JSSE is not used in Android 4.4, which would mean any vulnerability would be applicable to Android 4.3 or below only.

Second, CyanogenMod does not customize this particular level of code – meaning if such a vulnerability …

Read the Rest…