Profile

Cover photo
Verified name
Phil Nickinson
Works at AndroidCentral.com
Attended University of Florida
Lives in Pensacola
34,946 followers|44,072,500 views
AboutPostsPhotosYouTubeReviews

Stream

Phil Nickinson

Shared publicly  - 
 
Really not the right week to do this.
15
Hugo Márquez (Dovlek)'s profile photo
 
Lmao all Hail #stagelight
Add a comment...

Phil Nickinson

Shared publicly  - 
 
The media reaction to this Stagefright stuff is shameful.
 
There’s common, mistaken assumption that any software bug can be turned into a security exploit.  In fact, most bugs aren’t exploitable and there are many things Android has done to improve those odds. We’ve spent the last 4 years investing heavily in technologies focused on one type of bug -- memory corruption bugs -- and trying to make those bugs more difficult to exploit. 

A list of some of those technologies that have been introduced since since Ice Cream Sandwich (Android 4.0) are listed here: https://source.android.com/devices/tech/security/enhancements/index.html  The most well known of these is called Address Space Layout Randomization (‘ASLR’), which was fully completed in Android 4.1 with support for PIE (Position Independent Executables) and is now on over 85% of Android devices. This technology makes it more difficult for an attacker to guess the location of code, which is required for them to build a successful exploit.  (For the layperson — ASLR makes writing an exploit like trying to get across a foreign city without access to Google Maps, any previous knowledge of the city, any knowledge of local landmarks, or even the local language.  Depending on what city you are in and where you’re trying to go, it might be possible but it’s certainly much more difficult.)  But we didn’t stop with ASLR, we’ve also added NX, FortifySource, Read-Only-Relocations, Stack Canaries, and more.

Like most advanced security technologies, we’re always assessing the effectiveness of these new approaches, and looking for ways to refine them to better protect users. We know that some bugs are simply not exploitable, even without exploit mitigation.  We know these technologies make exploitation more difficult — and that in some instances that they make exploitation impossible.  But the research community today is incentivized to find lots of bugs rather than to test exploit mitigation technologies, so it can be difficult to know if exploitation of bugs is actually possible.

So, to help test these technologies, we designed the Android Security Rewards [ https://g.co/androidsecurityrewards ] program to strongly incentivize researchers to actually prove that an issue is exploitable.  We will pay up to $30,000 for developers that provide working remote exploits against current Nexus devices.  So far we have had a few issues filed as security bugs, but haven’t had anyone submit an exploit in an attempt to be paid via Android Security Rewards.  (Some people warn me that it’s tempting fate to make that statement.  But that’s not true: this is an intentional request for researchers to start testing those defenses. We want to know about when Android’s exploitation mitigation works, and when it doesn’t work. So I hope this will result in an exploit being presented. The sooner we know about it, the sooner Android users will get better protections.)

Of course, if there is any chance that an issue might be exploitable, we’ll quickly provide a patch for the issue to our partners, to our Android devices, and to the public via the Android Open Source Project.

But updates are truly a last resort.  They should be neither the first nor the only step in a multi-layered stack of security technology. I’m optimistic that advanced exploitation mitigation technology in Android will help us to move beyond the period of time when fast patching was the only solution available to secure devices.  And I look forward to more research into how these technologies can be used to prevent exploitation on Android and other platforms.
10 comments on original post
41
10
Cassidy James Blaede's profile photoDarrell Ames's profile photoMahram Z. Foadi (‫مهرام‬‎)'s profile photoGeorge Byers's profile photo
13 comments
 
+Michael Rife no they wouldn't do that *said with a high level of sarcasm
Add a comment...

Phil Nickinson

Shared publicly  - 
 
Did we mention this is the OnePlus 2?

#neverwhatever
 
This is the OnePlus 2 
We're mere hours away from the big OnePlus 2 reveal, however the next flagship phone from the upstart manufacturer has already been unveiled in its entirety by a poster over on the Android Central forums. AC forums poster chinaleakking has outed the OnePlus 2 in what appears to be a series of professionally-shot photos of the phone. They show a handset with a metal frame, the...
15 comments on original post
21
2
amartya baidya's profile photoGrant Gelinas-Brown's profile photoDheebu John's profile photoM Helal's profile photo
13 comments
 
It looks too big for +Andrew Martonik hands.
Add a comment...

Phil Nickinson

Shared publicly  - 
 
Yes, that's my sweet daughter. (Who makes me promise to say "CHICKEN!") 
109
amartya baidya's profile photoRussel Santos's profile photoScott GrantSmith's profile photoZach Mauch's profile photo
5 comments
 
Heck yes! That's what is important in life! 
Add a comment...

Phil Nickinson

Shared publicly  - 
 
Dunno what's worse — the fact that the NYT blew this so bad, or the giant "ENTER TO WIN AN APPLE WATCH!!!" pop-up Newsweek thrusts on you before you can actually read this story.
On Thursday night, the Times dropped a “bombshell” about Hillary Clinton, but it was a much bigger dud than people realize.
27
1
Phil Ormsby's profile photoZach Mauch's profile photoScott Baker's profile photoDat Moose's profile photo
13 comments
 
What I find frustrating is that it's behind a paywall that doesn't work properly. I'm all for them making a living, but they've implemented a technology solution that doesn't work. Their site tells me that I have read my 5 free articles this month, even though I know that this is the first time I've visited their site this month.
Add a comment...

Phil Nickinson

Shared publicly  - 
 
This is a super important podcast if you have kids and questions about them using VR stuff! 

Great job by +Jerry Hildenbrand and +Russell Holly, and a huge thanks to +Joey Cohen MD for joining!
 
This is a must-listen for you nerd parents out there! We're shaking things up a bit this week as Russell and Jerry continue the discussion about virtual reality, bringing in "techie pediatrician" Dr. Joe Cohen of Austin, Texas, to help answer some burning questions about VR and our children. Is it…
This is a must-listen for you nerd parents out there! We're shaking things up a bit this week as Russell and Jerry continue the discussion about virtual reality, bringing in "techie pediatrician" Dr. Joe Cohen of Austin, Texas, to help answer some burning questions about VR and our children. Is it safe? How much is too much? And what's the right age to let a child try VR? You can hit...
3 comments on original post
12
2
Ryan Saldana's profile photoJoey “Dr Joe” Cohen MD's profile photo
Add a comment...
Have him in circles
34,946 people
PAUL STENZEL's profile photo
Naouman Bashir's profile photo
Stonara ncube's profile photo
MarkO: Smart Reminders & Tasks's profile photo
C. G. Abrams's profile photo
George bob's profile photo
Pyro MoverHD's profile photo
Suplementos Center3's profile photo
ahmed gamal's profile photo

Phil Nickinson

Shared publicly  - 
 
Ooooooooo. The Moto X Style is definitely bigger than the 2014 Moto X, but it also feels a little smaller than the Nexus 6. This is gonna be tough.
86
8
Ara Wagoner's profile photoAndrew Ingram's profile photoMax Luong's profile photoScott M's profile photo
15 comments
 
I agree about wanting a smaller screen size. I'm waiting for the z3 compact refresh and hoping Sony doesn't screw it up.
Add a comment...

Phil Nickinson

Shared publicly  - 
 
Love waking up to great work from +Russell Holly and +Andrew Martonik. Will have to do some serious thinking about how I feel about this "invite system" again, though.
OnePlus has finally pulled the covers off of its next phone. And despite all of the leaks and teases there are plenty of new and interesting things to explore. It has been 460 days since OnePlus last announced a smartphone — its only smartphone, actually. And as co-founder Carl Pei is quick to tell everyone within earshot (which on the Internet is a lot of folks) this is somewhat...
26
1
Mitchell Toland Jr.'s profile photoJeremy Miller's profile photoMichael Ludescher's profile photoDarrell Ames's profile photo
10 comments
 
+Jeremy Miller yeah, contacts for the NFC chip is not equal to a NFC Chip ;) This just means that you can buy a NFC Pad or a Swap-Cover with built-in NFC chip to plug it in there.
Add a comment...

Phil Nickinson

Shared publicly  - 
 
If you want people to take security exploits seriously, don't announce them alongside your rockin' rager of a bro party at BlackHat Vegas, yo!
14
Doug Lynch's profile photoZack Fawley's profile photoShane Passmore's profile photo
3 comments
 
Well at least people who have to go listen to the annoying dribble get drinks and a party. 
Add a comment...

Phil Nickinson

Shared publicly  - 
 
Excellent preview from +Russell Holly.
 
Few smartphones generated as much buzz among Android enthusiasts in 2014 as the OnePlus One. While that buzz often emerged from a series of controversies spawned from a series of misguided attempts to drum up even more hype for something the company lacked sufficient inventory to sell in the first…
Few smartphones generated as much buzz among Android enthusiasts in 2014 as the OnePlus One. While that buzz often emerged from a series of controversies spawned from a series of misguided attempts to drum up even more hype for something the company lacked sufficient inventory to sell in the first place, to go from being a company no one has ever heard of to something it seemed like...
2 comments on original post
11
Charles Adoki's profile photoShiv Manas's profile photo
2 comments
 
+Charles Adoki It's pretty much the same as last time - you'll have to beg on the forums, beg on G+, Twitter, Facebook, and participate in degrading contests only for a chance to win an invite...
Add a comment...

Phil Nickinson

Shared publicly  - 
 
Having a blast showing off some toys tonight for the +Pensacola Network​!

Showing folks Google Cardboard for the first time - especially kids - never gets old. 
29
MA Milián's profile photoLloyd Reshard's profile photo
2 comments
 
Thanks Much Phil
Add a comment...

Phil Nickinson

Shared publicly  - 
 
 
This isn't the Chromebook for everyone, but it offers enough to be a compelling option for those who need ultimate portability. The quick take The Chromebook Flip is pushing the envelope of what we consider a "standard" Chromebook, with extreme portability, good components and the option to convert…
This isn't the Chromebook for everyone, but it offers enough to be a compelling option for those who need ultimate portability. The quick take The Chromebook Flip is pushing the envelope of what we consider a "standard" Chromebook, with extreme portability, good components and the option to convert into a pseudo-tablet. At 10.1 inches and less than two pounds it's easily the smallest...
5 comments on original post
14
1
Jacek Malinowski's profile photoDarren's profile photoMatteo Doni's profile photo
2 comments
Darren
 
see in England we'd put a cushion on it... and it would be a comfy foot rest lol +Jacek Malinowski​
Add a comment...
People
Have him in circles
34,946 people
PAUL STENZEL's profile photo
Naouman Bashir's profile photo
Stonara ncube's profile photo
MarkO: Smart Reminders & Tasks's profile photo
C. G. Abrams's profile photo
George bob's profile photo
Pyro MoverHD's profile photo
Suplementos Center3's profile photo
ahmed gamal's profile photo
Work
Occupation
Journalist
Employment
  • AndroidCentral.com
    Journalist, present
  • Pensacola News Journal
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Pensacola
Previously
Gainesville
Links
Other profiles
Contributor to
Story
Introduction
Editor of AndroidCentral.com, subtitles and street signs. Recovering print journalist.
Education
  • University of Florida
  • University of West Florida
Basic Information
Gender
Male
Relationship
Married
Apps with Google+ Sign-in
  • Mayday2
  • PBA® Bowling Challenge™
  • Monument Valley
  • BADLAND
  • Yahtzee With Buddies
  • Hungry Shark Evolution
  • Plunder Pirates
  • Leo's Fortune
  • Asphalt 8:Airborne
  • Plants vs. Zombies 2
  • Crossy Road
  • Sky Force 2014
  • One More Line!
  • DEAD TRIGGER 2
  • Golf Star
Can't beat Starbucks inside the hotel. Rooms were clean. Internet speed left a lot to be desired.
Public - 4 years ago
reviewed 4 years ago
Great dive bar in Hell's Kitchen.
Public - 4 years ago
reviewed 4 years ago
Smack in the middle of town, security lines are quick. Not much in the way of amenities, but you're not likely to be waiting long. Can be oddly warm inside in the mornings.
Public - 4 years ago
reviewed 4 years ago
Better bar than restaurant, but the sandwiches are HUGE. Can be too loud when there' sa band inside.
Public - 4 years ago
reviewed 4 years ago
15 reviews
Map
Map
Map
LOVE Dr. Ellis! :)
Public - 4 years ago
reviewed 4 years ago
Don't judge me.
Public - 4 years ago
reviewed 4 years ago
Food's just so-so, but a lot of beer, TVs and good fish tacos.
Public - 4 years ago
reviewed 4 years ago