Thursday, August 2, 2012

Lenovo Ideapad K1 - Icecream Sandwich options

Well, this is a change.

Lenovo finally came out with the long sought after Icecream Sandwich update for their K1 tablet last week, and what appeared at first to be a major disappointment turned out to contain a major, and extremely positive, surprise.

Let's quickly get the negatives out of the way. You are very, very, very, unlikely to want their official update. Their official update is missing the Google Play Store. This wasn't originally the plan, and Lenovo intended to include it, but found their plans to get an ICS update out there quickly resulted in a version of Android that wasn't compliant with Google's standards.

Fortunately, while Google is strict about official, commercial, versions of Android and the Google Play Store, they're more forgiving when it comes to open source, third party, distributions. And that kinda brings me onto the good point: Lenovo released the source code to their version of Icecream Sandwich - and opened the bootloader while they were at it.

Essentially, the K1 is now an open tablet. And already the number of versions of ICS has blossomed from one limited version to FIVE rather good versions. And it seems probable that, thanks to Lenovo's decision to work with, rather than against, the Open Source Android community, the K1 may be one of the first tablets out there with Jellybean.

Most of the work is down to a programmer called Kreg Hanning, a regular on Lenovo's forums as well as a contributor to Rootzwiki and XDA Developers. He's done an awesome job analyzing the Lenovo code and combining it with the Google software and official Android releases, and produced four new versions of Android ICS. These are:

  • A simple distribution of the official Lenovo build but with the Google Play Store added.
  • A version of the above with "root" access for users needing advanced functionality.
  • A version of AOSP - Google's official open source distribution of Android - with the ClockworkMod recovery (I'm simplifying it a little, but essentially CWM is an OS update mechanism ) and Lenovo's drivers.
  • A version of the above with "root" access for users needing advanced functionality.
And Kreg Hanning's also working on a Jellybean port.

You can get the first two here, and the others here. All four can be installed using either Windows or GNU/Linux and come with the necessary tools to do so.

There are some problems you probably need to be aware of. On my version, at least, camera access seems to be dodgy. And most users are having problems with many apps on the Google Play store - including apps that worked fine under Honeycomb - being marked as "incompatible" with the various ICS distributions. Interestingly, it seems to be an entirely different set of apps - the versions derived from the official Lenovo distribution will not run Google Maps, and the versions derived from AOSP will not run Google Play Music, and none of them will run Chrome.

So... which one do you want to run? Well, it's fairly easy:

  • If you're reliant on your existing apps, wait. There's no rush and there really are problems with the compatibility thing.
  • If you want to make the jump, and you know what root is, enough to know to reject it if an app asks for it for no reason, get the AOSP version with root. Otherwise get the AOSP version without it.
Why the AOSP version? Well:
  • All five versions will wipe your tablet. Completely. None of your old apps or data will survive. However, ClockworkMod Recovery in the AOSP versions will ensure you at least keep your data (and sometimes, if rarely, your apps) between updates in the future.
  • The AOSP versions seem to be slightly more compatible with apps in the Google Play Store.
I'll keep writing about this here if nobody objects... ;-)

Killing a project

One of the nerdy things I'm fairly interested in is computer security, and I've been banging on about the need to get people to understand, and in the case of Ubuntu, implement domain management as part of an overall security system for IPv6 networks. The reason is fairly easy to explain: it's an established model that is going to become extremely necessary when every computer can "see" every other computer. You're going to need to implement IPSec - encrypted connections between identifiable computers - in that environment, and without a domain system, IPSec is hard.

One of the projects I was working on was a "Download, install, and forget about it" system I called "On my 6". The idea was that you'd be able to install a simple tool on each PC that would do the hard work of configuring and setting up the security aspect, and use a common login system across all the computers you use.

There were, however, one or two problems with the approach:
  • My personal favorite was that it was a "security in the cloud" system, which seemed inherently... well, just wrong! I mean, I trust me, but why would a stranger do so? And while I could see people using it anyway there was always reasons to be concerned anyway. If a law enforcement group, or goodness help me, one of the more extreme copyright holder rights enforcement organizations, came at me with a warrant to force me to help them hack into someone's system, could I say no?
  • A more traditional problem: feature creep. Do we limit this "common logon" to just letting users use network shares on each other's PCs? Or do we, say, add email, and instant messaging, and voice over IP, and...? It's a more legitimate question than you might at first think - all those features do require authentication, they're all cases where computers need to identify one another and the users of those computers.
  • Explaining it - the marketing of the site needed to explain how this would actually be helpful. I can see how it's helpful, but unless you're using it it probably looks like nerdy mumbo-jumbo, and probably makes it look more complicated than not using it, even though, actually, the idea is to make things less complicated.
Microsoft's Windows 8 appears to have features that pretty much seal On My 6's fate - the operating system already comes with the ability to log in to a PC via a cloud based identity. Either they've implemented, for the most popular OS on the planet, the system I was working on, or they've made it very difficult for me to do so in a way that doesn't make things even more confusing, but either way I think they've killed it!

So... time to think of something else.