Android Central 223: Wicked Game | Android Central

Pre-order Pixel: Google | Verizon Shop Chromebooks: Asus Flip | Acer 14 | Dell 13

Audio-only stream below

We're back with our last live recording before we head off to Mobile World Congress. On tap: We'll see if this Lenovo "Superfish" means anything for us on Android. We'll get Alex's initial thoughts on the LG G Flex 2. And we'll definitely preview what to expect from MWC in just one more short week.

And someone sings some Chris Isaak. 

Want to be on the podcast?

Sure, you can just listen to the AndroidCentral Podcast. (And you should.) But it's much more fun to be a part of it. And there are several ways you can do so.

  • Live Q&A: Look for the link each week to join the live Q&A.
  • E-mail us: Have a question and want us to answer it on-air? E-mail us here.
  • Leave a voicemail: Record your question with your phone or computer, and e-mail it to us. (Be sure to leave your name and where you're from!)

Podcast sponsorships

If you're interested in advertising on the Android Central Podcast, please contact Standard Broadcast Co..


The AndroidCentral Podcast is sponsored by And thanks to these great artists for providing their music under the Creative Commons license:


Reader comments

Android Central 223: Wicked Game


Why didn't we get a link on AC for the live broadcast like usual?

Posted via the Android Central App

Hey Andrew. I like in Kirkland and work in Bellevue and I use Apple pay approx 4 x/week. Walgreens, McD's, Whole foods, and now PCC markets. Don't know why you haven't seen it but it's a great service and people love it.

Not Gandalf... but I do see the resemblance.

No, I think Jerry looks like the Yeti in "Ski Safari".

I live in the central Florida area and use google wallet on my phone every where they have NFC or "apple pay" avalible. The payment from my phone go strait to what ever connect bank I want it to a switch between two bank accounts all the time without needed to add money to the google wallet account itself. The only time I need to move money to my google wallet account is when I plan to use the debt card. The only difference with apple pay and google wallet that I can see right now is speed. Apple pay is a quick thumb scan and NFC tap. Where Google wallet is a phone NFC tap then the normal debt card questions. Pin number cash back, ext. Apple pay has connections with banks to move past all that stuff and use a thumb scan as a pin number and so on. Other then that google wallet and apple pay sent that different and if in an area that has NFC (or anywhere with a McDonalds) googlewallet can be used to pay from you phone directly to your desired bank account.

Guys, you really didn't explain the superfish issue. Damn, this is a very technical thing. Do your homework.

Take a look at _The Code Book_ by Simon Singh, which does a terrific job of explaining the theory behind the technology.

As a group you totally ballsed up what a trusted certificate—probably you should use less ambiguous terms for the two main types of certificates at issue: ssl certificate & signing cert, CA cert or root cert—is: it is (i) a certificate which has been signed by a root certificate, (ii) a certificate signed by a trusted certificate as defined by i or (iii) part of a chain (of unlimited length) formed by certificates which are trusted as defined by i & ii. This is checked at runtime by your software (should be API call to do most/all of the checking, hence the problems when it was found OpenSSL didn't do these checks properly); you don't add trusted certificates, trust is established by checking the signing certificate of the SSL certificate, and then checking its signing certificate, and so on, until a chain is established to a root certificate. These ssl certificates are presented as part of the SSL handshake process; the user doesn't handle them in any way. It is totally automatic.

Root certificates are the ones which you can add, not trusted certificates. This process involves importing a certificate into a _store_ and marking it as trusted, giving it the same status as a CA certificate. This should never be necessary for a consumer device unless you take it to work (BYOD). Even then, companies using self-signed certificates is distinctly poor considering how little CAs charge to sign a certificate.

Of all people you guys should know getting terminology right is important. Experts use it to communicate in acceptably short passages. Get it wrong though and it hurts everybody so much.