Cover photo
Stuart Hicks
136 followers|292,149 views


Stuart Hicks

Developers (NOT for General Q&A)  - 
So, on 5.0-Alpha1 (OnePlusOne), I diabled both mtp and camera mode in the usb computer connection settings (was just messing around). Now the usb connection doesn't work at all (not even adb), and the usb computer connections page doesnt open (if I tap the menu item, nothing happens).

I've tried reanabling adb via setprop and the various options that a google search brings up, and nothing. After reboot, getprop shows adb, but it doesnt work. Developer Settings shows usb debugging as enabled, and trying to disable it causes a soft-reboot.

The problem persists on Alpha2 even after cache and dalvik wiped (so I guess the issue is on userdata, which I'd rather not wipe if at all possible. I have backups, but I'm lazy).

Anyone got any ideas?
Michael Schilling's profile photoStuart Hicks's profile photo
Linux, but unrelated. The udev rules have always been in place. When this was not working, the device was never showing up in lsusb or dmesg. It works now after changing the prop on the device.
Add a comment...

Stuart Hicks

Shared publicly  - 
Loving the new site!
At Paranoid Android, we go for providing the best usability and design. All day, every day. This is accomplished by dedication to the work. To celebrate that, we are pushing a brand new website. 

The website follows Paranoid Android's new design language aiming to help new and experienced users alike learn about us and our features through simple animations and short descriptions. You can learn about our team members through the Team page on the site, download the official AOSPA wallpapers for both desktops and mobile devices or easily reach important links from the menu. 

The downloads section also received an overhaul following a clean and bold design. You can now reach downloads for both Official and Legacy devices at the same place. 

The website is responsive, looks great on all displays and can be checked out right now at so head over there and #stayparanoid.
Add a comment...

Stuart Hicks

Shared publicly  - 
In celebration of London's Year of the Bus, today's #GoogleDoodle features an animated version of the iconic Routemaster bus.

The much-loved Routemaster made its first public appearance in London on 24 September 1954, and 60 years later is honoured with this fantastic +Google UK Doodle.
Add a comment...

Stuart Hicks

Shared publicly  - 
Wow.. What an amazing dog.

I would like to share this touching story of pup hero with all animal lovers
(= GoPro Video of the Week)
Add a comment...

Stuart Hicks

Shared publicly  - 
Am I doing it right?
Add a comment...

Stuart Hicks

Developers (NOT for General Q&A)  - 
I've been getting an awful lot of systemui crashes on beta7 causing lots of rebots (nexus-5). I'm getting the following stack trace in logcat:

D/AndroidRuntime( 5614): Shutting down VM
W/dalvikvm( 5614): threadid=1: thread exiting with uncaught exception (group=0x415a3ba8)
E/AndroidRuntime( 5614): FATAL EXCEPTION: main
E/AndroidRuntime( 5614): Process:, PID: 5614
E/AndroidRuntime( 5614): java.lang.NoSuchMethodError:
E/AndroidRuntime( 5614):     at$NotificationClicker.onClick(
E/AndroidRuntime( 5614):     at android.view.View.performClick(
E/AndroidRuntime( 5614):     at android.view.View$
E/AndroidRuntime( 5614):     at android.os.Handler.handleCallback(
E/AndroidRuntime( 5614):     at android.os.Handler.dispatchMessage(
E/AndroidRuntime( 5614):     at android.os.Looper.loop(
E/AndroidRuntime( 5614):     at
E/AndroidRuntime( 5614):     at java.lang.reflect.Method.invokeNative(Native Method)
E/AndroidRuntime( 5614):     at java.lang.reflect.Method.invoke(
E/AndroidRuntime( 5614):     at$
E/AndroidRuntime( 5614):     at
E/AndroidRuntime( 5614):     at
E/AndroidRuntime( 5614):     at dalvik.system.NativeStart.main(Native Method)

I have Xposed installed, so my first guess is that some module I have is no longer compatible with PA (perhaps replacing the implementation of that ingerface?), but I'm not sure how to debug that, short of trial-and-error disabling modules.

Anyone having this and already found the problem? Or does anyone have a way to inspect what implementation is being used for that interface?
Dayne Close's profile photoIlham Hamzah's profile photoStuart Hicks's profile photo
Wiping system and doing a reflash does seem to have fixed it, although I can't imagine why.  I suspect there's still a bug somewhere that caused this, but reproducing it is not going to be easy... Thanks anyway +Dayne Close and +Ilham Hamzah :)
Add a comment...
Have him in circles
136 people
Kamilla Bremeraunet's profile photo
noriko hamada's profile photo
p woods's profile photo
John Kishimoto's profile photo
Tom Hulton-Harrop's profile photo
Jon Baker's profile photo
Rachel Evans's profile photo
Adaeze Bosvieux-Onyekwelu's profile photo
Mitsuho Iizuka's profile photo

Stuart Hicks

Shared publicly  - 
On LPX13D, SELinux, and root

As promised, here are some more details about the current situation.

Why it breaks

Google has really put some effort into better securing Android, and we've seen a lot of SELinux related commits to the AOSP tree over the past months. There is some disconnect between the AOSP tree and actual L preview builds, some things from AOSP are not in the L preview build, and vice versa. Ultimately, it's a pretty good bet these things will mostly align, though.

On most devices and firmwares, SuperSU's daemon is started by the service script that runs at system boot time, as user root with the init context. This is what the daemon needs to function.

Recently, they've started requiring all started services to run in their own SELinux context, instead of init. Developers and security guys following AOSP have known this was coming; AOSP builds have been logging complaints about this specific service not having its own context for a while now.

Now this script runs as root, but as the install_recovery context, which breaks SuperSU's operation, as it is a very restrictive context.

In the last AOSP build I have tried (a few weeks old), there were a fair number of other holes that we could use to launch the daemon. At first glance(!), it seems those have all been closed. An impressive feat by the guys working on this, if it proves true.

How to fix it

To fix root, all that really had to be done was ensure the daemon's startup script is run at boot as the root user with the init context.

There are multiple ways to do this, but unfortunately for now it seems that it does require a modified kernel package (changing the ramdisk).

In the modified kernel packages I've posted for the Nexus 5 and Nexus 7, the daemon's startup is fixed by commenting out the line in init.rc that forces the script to run as the install_recovery context, so now it runs as init again, and all is well.


As stated above, it seems for now that modifications to the kernel package are required to have root, we cannot attain it with only modifications to the system partition.

Combine that with a locked bootloader (and optionally dm-verity) and a device becomes nigh unrootable - exactly as intended by the security guys.

Exploit-based roots are already harder to do thanks to SELinux, and now because of the kernel requirements for persistent root, these exploits will need to be run at every boot. Exploits that make the system unstable (as many do) are thus out as well.

Of course, this is all dependent on OEMs implementing everything exactly right. If a certain OEM doesn't protect one of their services correctly, then we can leverage that to launch the daemon without kernel modifications. While I'm fairly certain this will be the case for a bunch of devices and firmwares, especially the earlier L firmwares, this is not something you should expect or base decisions on. It is now thus more important than ever to buy unlocked devices if you want root.

It might also mean that every firmware update will require re-rooting, and OTA survival mode will be broken. For many (but far from all) devices we can probably automate patching the kernel package right in the SuperSU installer ZIP. We can try to keep it relatively easy, but updating stock firmwares while maintaining root is probably not going to work as easy and fast as it did until now.

Apps need updates

Unsurprisingly, with a new major Android release, apps will need updates. None more so than apps that go beyond the Android API, as root apps do, but even some non-root apps will be affected by the security changes.

As one example, someone posted in the SuperSU thread of a kernel flashing app that didn't work. From the logcat you could see that it was looking for partitions in /dev/block from its normal non-root user and non-init context. That used to be possible, but now it is restricted: normal apps no longer have read access there. 

The solution for that app is actually quite simple: list the /dev/block contents using root instead. But simple solution or not, the app will still need to be updated.

By far most root apps should be updateable for L without too much issue. There are indeed exceptions that will need some special care, but those are rare.

Permissive vs enforcing

The kernel packages I posted for the Nexus 5 and 7 LPX13D  firmware keep SELinux mostly set to enforcing. I say mostly, because SuperSU actually switches a small part of the system to permissive, so apps calling su can do most things without much interference. The details on this are lengthy (yes, your apps will be able to modify policies as well if needed, which should be rare), and I will document these for other developers after L retail release, assuming it will all still work at that time.

Alternatively, you can set the whole system to permissive or otherwise disable SELinux. There are other kernel packages released that indeed do this. The advantage here is that it instantly fixes some apps' issues, as the SELinux based restrictions have all gone the way of the dodo. The disadvantage here is that you've just shut down a major part of the security system of the device.

Some would argue that a device with an unlocked bootloader, root, encrypted modem firmwares of which nobody really knows what they're doing, etc, is inherently insecure, and thus disabling SELinux doesn't make much difference.

I personally disagree with this. While I do agree that these things weaken security down from the ideal level, I would still not disable more security features than I absolutely need to. Just because you cannot eliminate all attack vectors, is no reason to just completely give up on defending against them.

It is of course your own choice if you want to run a permissive system or not. I will strive to keep everything working in enforcing mode though, and I hope other root app developers will do the same - as stated earlier in the post, I believe this is still possible.

(everything in this post is subject to change for retail L release, obviously)
Add a comment...

Stuart Hicks

Shared publicly  - 
To disable SSLv3 in Firefox, go to about:config and set security.tls.version.min to 1
The title given to this article is incorrect due to technical limitations. The correct title is security.tls.version.(min,max). This article describes the preference security.tls.version.(min,max). To add, delete, or modify this preference, you will need to edit your configuration — do not edit ...
Add a comment...

Stuart Hicks

Shared publicly  - 
Thousands of people have been evacuated in the #Philippines as Mount #Mayon rumbles back to life:
Add a comment...

Stuart Hicks

Shared publicly  - 
Lightning has struck the UK more than 3,000 times in two hours - this is what it looked like...

(Oh, and a #heatwave alert is still in place:
Add a comment...

Stuart Hicks

Shared publicly  - 
Huzzah! PA 4.4 now declared stable! Combined with XPosed for XPrivacy and AppSettings it's a pretty unbeatable ROM.
4.4 FINAL / ANDROID 4.4.4

This week at PA headquarters we worked very hard to bring you the most stable experience ever since 4+. 
Too many hot fixes have been merged today, along with some new goodies.

What does 4.4 Final mean?
Current featured branch reached final stable state. Doesn’t mean at all that development has stopped :) You can just flash this, and feel safe.

Android 4.4.4 upstream tag has been merged into our source. 

The Volume Panel has been re-designed as you can see in the image below to be inline with hover, be less intrusive and more beautiful.

Hover UI/UX has been reworked a bit for tablet users: Hover will not take the whole screen width, but it will respect notification size. Also status bar isn’t hidden when hover shows and you can pull it down when you want, as you touch status bar Hover will be dismissed to not overload on top of status bar expanded state. Another awesome thing is that un-dismissible notifications cases like screenshots etc have been solved (yea is true). Last but not least the marriage with ticker view has been reworked, when hover is enabled and you receive notifications from foreground app they will not be shown in Hover but in ticker.

Fixed a couple of issues regarding repositioning. Also, Pie now follows same behavior of navigation bar on phone when in landscape, sticks at right. Last but not least Pie is now themeable by external xml resources, by Theme Engine.

As for Peek App our Native Peek got some love on sensors side. They should work better now. You can find latest Peek App with advanced features on Play Store, check link below.

Merged upstream changes and added style support to Dialer app, IME switcher alert dialog and many more.

Added colorizing support for all components for both circle and stock look. Themers can play with everything now :)

Hopefully fixed rare blank screen and always show translucent decors.

Updated system API to let it delete folders.

Fixed some FCs.

Imported new crowdin translations.

Fixed various bugs as rare softboots and cleanups.

Crowdin translation system:

Community legacy corner:

P.S. The theme shown off in the images below was made by our own +Carlo Savignano and will be available on the Play Store soon this week. Follow him to get state updates and to show him some love :)

P.P.S. The icons in the screens are from Kraken Rounded icon pack made by our own +Matt Flaming , link to the pack down below.

Peek App:
Kraken Rounded Icon Pack:

Wallpaper used in the image from +Justin Maller Facets Project.
Check his work here:
Support him, buy his awesome 365 wallpapers app:

Add a comment...

Stuart Hicks

Shared publicly  - 
That last reaction xD
Add a comment...
Have him in circles
136 people
Kamilla Bremeraunet's profile photo
noriko hamada's profile photo
p woods's profile photo
John Kishimoto's profile photo
Tom Hulton-Harrop's profile photo
Jon Baker's profile photo
Rachel Evans's profile photo
Adaeze Bosvieux-Onyekwelu's profile photo
Mitsuho Iizuka's profile photo
Software Engineer
Code Monkey
Bragging rights
BSc Computer Science with Games Development, CEFL Japanese Level B2, iTEFL
Collections Stuart is following
Basic Information
Other names
Stuart Hicks's +1's are the things they like, agree with, or want to recommend.

❉ EARLY ACCESS DISCOUNTED BETA VERSION ❉ ❤︎ Please contact us at for any inquiry or help, please don't rate the app yet ❤︎ VPN+ with anti-ph

Chrome Beta

Welcome to Chrome Beta for Android!• Preview the latest features: Try out the newest features. (Sometimes these may be a little rough around

Per-App Modes

Android Authority - March 11, 2014: "The bottom line is this: every hardcore root user in the entire Android ecosystem waited years to have

Human Japanese

Human Japanese presents the Japanese language from square one in a warm, engaging tone. The software goes much deeper than just vocabulary,


ConnectBot is a powerful open-source Secure Shell (SSH) client. It can manage simultaneous SSH sessions, create secure tunnels, and copy/pas

Nothing To Envy: Real Lives In North Korea

North Korea is Orwell’s 1984 made reality: it is the only country in the world not connected to the internet; Gone with the Wind is a danger

Circle - Nearby Friends Chat!

SOCIAL RADAR- The #1 App to Find your Friends, Contacts and Suggested Contacts that are nearby, anywhere in the world! Circle magically tell

Google I/O 2012

Google I/O 2012 brings together thousands of developers for three days of deep technical content focused on building the next generation of

ClamBook Android and iPhone Laptop Dock

ClamBook Android and iPhone Laptop Dock


Woojung hasn't shared anything on this page with you.


夢と魔法と感動のカイロパークの入口. (C)Kairosoft.

Let's work together. - 人材募集 - Google

Let's work together. Google 東京オフィスでは、様々な職種の社員が活躍しています。エンジニアは、日本だけではなく世界に向けた最新のプロダクトを、世界中のエンジニアとともに研究開発しています。卓越したビジネスセンスと経験をもったセールスやマーケティ

xkcd: Home Organization

XKCD updates every Monday, Wednesday, and Friday. You can get prints, posters, and t-shirts in the store. Home Organization. |< · < Prev · R

Trippy. : funny

reddit: the front page of the internet


Real-life sharing, rethought for the web

YouTube - Florence + The Machine - No Light, No Light

Criar contaFazer login. Home. ProcurarEnviar. Ei, você, isso não é uma interrupção comercial. Você está usando um navegador desatualizado, a

YouTube - Lenny Kravitz - Let Love Rule 2009

Create AccountSign In. Home. BrowseFilmsUpload. Hey there, this is not a commercial interruption. You're using an outdated browser, whic