Thursday, 30 January 2014

Open redirect URLs: Is your site being abused?

No one wants malware or spammy URLs inserted onto their domain, which is why we all try to follow good security practices. But what if there were a way for spammers to take advantage of your site, without ever setting a virtual foot in your server?

There is, by abusing open redirect URLs.

Webmasters face a number of situations where it's helpful to redirect users to another page. Unfortunately, redirects left open to any arbitrary destination can be abused. This is a particularly onerous form of abuse because it takes advantage of your site's functionality rather than exploiting a simple bug or security flaw. Spammers hope to use your domain as a temporary "landing page" to trick email users, searchers and search engines into following links which appear to be pointing to your site, but actually redirect to their spammy site.

We at Google are working hard to keep the abused URLs out of our index, but it's important for you to make sure your site is not being used in this way. Chances are you don't want users finding URLs on your domain that push them to a screen full of unwanted porn, nasty viruses and malware, or phishing attempts. Spammers will generate links to make the redirects appear in search results, and these links tend to come from bad neighborhoods you don't want to be associated with.

This sort of abuse has become relatively common lately so we wanted to get the word out to you and your fellow webmasters. First we'll give some examples of redirects that are actively being abused, then we'll talk about how to find out if your site is being abused and what to do about it.

Redirects being abused by spammers

We have noticed spammers going after a wide range of websites, from large well-known companies to small local government agencies. The list below is a sample of the kinds of redirect we have seen used. These are all perfectly legitimate techniques, but if they're used on your site you should watch out for abuse.

  • Scripts that redirect users to a file on the server—such as a PDF document—can sometimes be vulnerable. If you use a content management system (CMS) that allows you to upload files, you might want to make sure the links go straight to the file, rather than going through a redirect. This includes any redirects you might have in the downloads section of your site. Watch out for links like this:
example.com/go.php?url=
example.com/ie/ie40/download/?

  • Internal site search result pages sometimes have automatic redirect options that could be vulnerable. Look for patterns like this, where users are automatically sent to any page after the "url=" parameter:
example.com/search?q=user+search+keywords&url=

  • Systems to track clicks for affiliate programs, ad programs, or site statistics might be open as well. Some example URLs include:
example.com/coupon.jsp?code=ABCDEF&url=
example.com/cs.html?url=

  • Proxy sites, though not always technically redirects, are designed to send users through to other sites and therefore can be vulnerable to this abuse. This includes those used by schools and libraries. For example:
proxy.example.com/?url=

  • In some cases, login pages will redirect users back to the page they were trying to access. Look out for URL parameters like this:
example.com/login?url=

  • Scripts that put up an interstitial page when users leave a site can be abused. Lots of educational, government, and large corporate web sites do this to let users know that information found on outgoing links isn't under their control. Look for URLs following patterns like this:
example.com/redirect/
example.com/out?
example.com/cgi-bin/redirect.cgi?

Is my site being abused?

Even if none of the patterns above look familiar, your site may have open redirects to keep an eye on. There are a number of ways to see if you are vulnerable, even if you are not a developer yourself.

  • Check if abused URLs are showing up in Google. Try a site: search on your site to see if anything unfamiliar shows up in Google's results for your site. You can add words to the query that are unlikely to appear in your content, such as commercial terms or adult language. If the query [site:example.com viagra] isn't supposed to return any pages on your site and it does, that could be a problem. You can even automate these searches with Google Alerts.

  • You can also watch out for strange queries showing up in the Top search queries section of Webmaster Tools. If you have a site dedicated to the genealogy of the landed gentry, a large number of queries for porn, pills, or casinos might be a red flag. On the other hand, if you have a drug info site, you might not expect to see celebrities in your top queries. Keep an eye on the Message Center in Webmaster Tools for any messages from Google.

  • Check your server logs or web analytics package for unfamiliar URL parameters (like "=http:" or "=//") or spikes in traffic to redirect URLs on your site. You can also check the pages with external links in Webmaster Tools.

  • Watch out for user complaints about content or malware that you know for sure can not be found on your site. Your users may have seen your domain in the URL before being redirected and assumed they were still on your site.


What you can do

Unfortunately there is no one easy way to make sure that your redirects aren't exploited. An open redirect isn't a bug or a security flaw in and of itself—for some uses they have to be left fairly open. But there are a few things you can do to prevent your redirects from being abused or at least to make them less attractive targets. Some of these aren't trivial; you may need to write some custom code or talk to your vendor about releasing a patch.

  • Change the redirect code to check the referer, since in most cases everyone coming to your redirect script legitimately should come from your site, not a search engine or elsewhere. You may need to be permissive, since some users' browsers may not report a referer, but if you know a user is coming from an external site you can stop or warn them.

  • If your script should only ever send users to an internal page or file (for example, on a page with file downloads), you should specifically disallow off-site redirects.

  • Consider using a whitelist of safe destinations. In this case your code would keep a record of all outgoing links, and then check to make sure the redirect is a legitimate destination before forwarding the user on.

  • Consider signing your redirects. If your website does have a genuine need to provide URL redirects, you can properly hash the destination URL and then include that cryptographic signature as another parameter when doing the redirect. That allows your own site to do URL redirection without opening your URL redirector to the general public.

  • If your site is really not using it, just disable or remove the redirect. We have noticed a large number of sites where the only use of the redirect is by spammers—it's probably just a feature left turned on by default.

  • Use robots.txt to exclude search engines from the redirect scripts on your site. This won't solve the problem completely, as attackers could still use your domain in email spam. Your site will be less attractive to attackers, though, and users won't get tricked via web search results. If your redirect scripts reside in a subfolder with other scripts that don't need to appear in search results, excluding the entire subfolder may even make it harder for spammers to find redirect scripts in the first place.



Open redirect abuse is a big issue right now but we think that the more webmasters know about it, the harder it will be for the bad guys to take advantage of unwary sites. Please feel free to leave any helpful tips in the comments below or discuss in our Webmaster Help Forum.

Written by Jason Morrison, Search Quality Team
Posted by at No comments:
Labels:

Monday, 27 January 2014

Affiliate programs and added value

Webmaster level: All

Our quality guidelines warn against running a site with thin or scraped content without adding substantial added value to the user. Recently, we’ve seen this behavior on many video sites, particularly in the adult industry, but also elsewhere. These sites display content provided by an affiliate program—the same content that is available across hundreds or even thousands of other sites.

If your site syndicates content that’s available elsewhere, a good question to ask is: “Does this site provide significant added benefits that would make a user want to visit this site in search results instead of the original source of the content?” If the answer is “No,” the site may frustrate searchers and violate our quality guidelines. As with any violation of our quality guidelines, we may take action, including removal from our index, in order to maintain the quality of our users’ search results. If you have any questions about our guidelines, you can ask them in our Webmaster Help Forum.

Posted by Chris Nelson, Search Quality Team
Posted by at No comments:
Labels: , , ,

Thursday, 23 January 2014

A new Googlebot user-agent for crawling smartphone content

Webmaster level: Advanced

Over the years, Google has used different crawlers to crawl and index content for feature phones and smartphones. These mobile-specific crawlers have all been referred to as Googlebot-Mobile. However, feature phones and smartphones have considerably different device capabilities, and we've seen cases where a webmaster inadvertently blocked smartphone crawling or indexing when they really meant to block just feature phone crawling or indexing. This ambiguity made it impossible for Google to index smartphone content of some sites, or for Google to recognize that these sites are smartphone-optimized.

A new Googlebot for smartphones

To clarify the situation and to give webmasters greater control, we'll be retiring "Googlebot-Mobile" for smartphones as a user agent starting in 3-4 weeks' time. From then on, the user-agent for smartphones will identify itself simply as "Googlebot" but will still list "mobile" elsewhere in the user-agent string. Here are the new and old user-agents:

The new Googlebot for smartphones user-agent:
Mozilla/5.0 (iPhone; CPU iPhone OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5376e Safari/8536.25 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)

The Googlebot-Mobile for smartphones user-agent we will be retiring soon:
Mozilla/5.0 (iPhone; CPU iPhone OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A5376e Safari/8536.25 (compatible; Googlebot-Mobile/2.1; +http://www.google.com/bot.html)

This change affects only Googlebot-Mobile for smartphones. The user-agent of the regular Googlebot does not change, and the remaining two Googlebot-Mobile crawlers will continue to refer to feature phone devices in their user-agent strings; for reference, these are:

Regular Googlebot user-agent:
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)

The two Googlebot-Mobile user-agents for feature phones:

  • SAMSUNG-SGH-E250/1.0 Profile/MIDP-2.0 Configuration/CLDC-1.1 UP.Browser/6.2.3.3.c.1.101 (GUI) MMP/2.0 (compatible; Googlebot-Mobile/2.1; +http://www.google.com/bot.html)
  • DoCoMo/2.0 N905i(c100;TB;W24H16) (compatible; Googlebot-Mobile/2.1; +http://www.google.com/bot.html)

You can test your site using the Fetch as Google feature in Webmaster Tools, and you can see a full list of our existing crawlers in the Help Center.

Crawling and indexing

Please note this important implication of the user-agent update: The new Googlebot for smartphones crawler will follow robots.txt, robots meta tag, and HTTP header directives for Googlebot instead of Googlebot-Mobile. For example, when the new crawler is deployed, this robots.txt directive will block all crawling by the new Googlebot for smartphones user-agent, and also the regular Googlebot:


User-agent: Googlebot
Disallow: /

This robots.txt directive will block crawling by Google’s feature phone crawlers:


User-agent: Googlebot-Mobile
Disallow: /

Based on our internal analyses, this update affects less than 0.001% of URLs while giving webmasters greater control over the crawling and indexing of their content. As always, if you have any questions, you can:

Posted by Zhijian He, Smartphone search engineer
Posted by at No comments:

Wednesday, 22 January 2014

Feeling lucky at PubCon

Posted by Michael Wyszomierski, Search Quality

 Last month, several of us with Webmaster Central hit the "good times" jackpot at PubCon Vegas 2007. We realize not all of you could join us, so instead of returning home with fuzzy dice for everyone, we've got souvenir conference notes.

Listening to the Q&A, I was pleased to hear the major search engines agreeing on best practices for many webmaster issues. In fact, the presentations in the duplicate content session were mostly, well, duplicate. When I wasn't sitting in on one of the many valuable sessions, I was chatting with webmasters either at the Google booth, or at Google's "Meet the Engineers" event. It was exciting to hear from so many different webmasters, and to help them with Google-related issues. Here are a few things that were on the minds of webmasters, along with our responses:

Site Verification Files and Meta Tags
Several webmasters asked, "Is it necessary to keep the verification meta tag or HTML file in place to remain a verified owner in Webmaster Tools?" The answer is yes, you should keep your verification file or meta tag live to maintain your status as a verified owner. These verification codes are used to control who has access to the owner-specific tools for your site in Webmaster Tools. To ensure that only current owners of a site are verified, we periodically re-check to see if the verification code is in place, and if it is not, you will get unverified for that site. While we're on the topic:

Site Verification Best Practices
  • If you have multiple people working on your site with Webmaster Tools, it's a good idea to have each person verify the site with his or her own account, rather than using a shared login. That way, as people come and go, you can control the access appropriately by adding or removing verification files or meta tags for each account.
  • You may want to keep a list of these verification codes and which owner they are connected to, so you can easily control access later. If you lose track, you can always use the "Manage site verification" option in Webmaster Tools, which allows you to force all site owners to reverify their accounts.
Subdomains vs. Subdirectories
What's the difference between using subdomains and subdirectories? When it comes to Google, there aren't major differences between the two, so when you're making that decision, do what works for you and your visitors. Following PubCon, our very own Matt Cutts outlined many of the key issues in a post on his personal blog. In addition to those considerations, if you use Webmaster Tools (which we hope you do!), keep in mind that you'll automatically be verified for deeper subdirectories of any sites you've verified, but subdomains need to be verified separately.

Underscores vs. Dashes
Webmasters asked about the difference between how Google interprets underscores and dashes in URLs. In general, we break words on punctuation, so if you use punctuation as separators, you're providing Google a useful signal for parsing your URLs. Currently, dashes in URLs are consistently treated as separators while underscores are not. Keep in mind our technology is constantly improving, so this distinction between underscores and dashes may decrease over time. Even without punctuation, there's a good chance we'll be able to figure out that bigleopard.html is about a "big leopard" and not a "bigle opard." While using separators is a good practice, it's likely unnecessary to place a high priority on changing your existing URLs just to convert underscores to dashes.

Keywords in URLs
We were also asked if it is useful to have relevant keywords in URLs. It's always a good idea to be descriptive across your site, with titles, ALT attributes, and yes, even URLs, as they can be useful signals for users and search engines. This can be especially true with image files, which otherwise may not have any text for a search engine to consider. Imagine you've taken a picture of your cat asleep on the sofa. Your digital camera will likely name it something like IMG_2937.jpg. Not exactly the most descriptive name. So unless your cat really looks like an IMG_2937, consider changing the filename to something more relevant, like adorable-kitten.jpg. And, if you have a post about your favorite cat names, it's much easier to guess that a URL ending in my-favorite-cat-names would be the relevant page, rather than a URL ending in postid=8652. For more information regarding issues with how Google understands your content, check out our new content analysis feature in Webmaster Tools, as well as our post on the URL suggestions feature of the new Google Toolbar.

Moving to a new IP address
We got a question about changing a site's IP address, and provided a few steps you can take as a webmaster to make sure things go smoothly. Here's what you can do:
  1. Change the TTL (Time To Live) value of your DNS configuration to something short, like five minutes (300 seconds). This will tell web browsers to re-check the IP address for your site every five minutes.
  2. Copy your content to the new hosting environment, and make sure it is live on the new IP address.
  3. Change your DNS settings so your hostname points to the new IP address.
  4. Check your logs to see when Googlebot starts crawling your site on the new IP address. To make sure it's really Googlebot who's visiting, you can verify Googlebot by following these instructions. You can then log into Webmaster Tools and monitor any crawl errors. Once Googlebot is happily crawling on the new IP address, you should be all set as far as Google is concerned.
  5. To make sure everyone got the message of your move, you may want to keep an eye out for visits to your old IP address before shutting it down.
Proxies
A few webmasters were concerned that proxy services are being indexed with copies of their content. While it's often possible to find duplicate copies of your content in our results if you look hard enough, the original source is most likely going to be ranked higher than a proxy copy. However, if you find this not to be the case, please drop us some URLs in the Webmaster Help Group. There are many Googlers including myself who monitor this group and escalate issues appropriately.

It was great talking with webmasters at the conference -- we hope those of you unable to join us found this post useful. If you want to continue to talk shop with me, other Googlers, and your fellow webmasters, join the follow-up conversation in the Webmaster Help Group.

Update: Additional PubCon notes from Jonathan Simon are available in our discussion group.
Posted by at No comments:
Labels:

Year in Review

2008 was another great year for the Webmaster Central team. We experienced tremendous user growth with our blogs (97% increase in monthly pageviews), Help Center (25%), Help Forums (225%), and Webmaster Tools (35%). We would like to welcome our new users that joined us in '08, and thank our loyal and passionate user base that have been with us for the last couple of years. We focused on two basic goals for 2008, and here's how we think we did:

Goal #1: Educate and grow our webmaster community
  • We had our first ever online webmaster chat in February '08 to answer your top questions, and followed it up with three more. They have been incredibly successful, and we're planning for more this year.
  • We'd like to send a special thank you to our Bionic Posters, who have played a huge part in supporting our growing community.
  • Localization has been a big focus for us, so we launched our blog and Help Center in additional languages, and made Webmaster Tools available in 40 languages. We hope this makes it easier for people in other parts of the world to adopt our tools and gain a better understanding of how search works.
  • We launched a new Help Forum in English and Polish, with a broader rollout planned in other languages this year.
  • Our SEO starter guide was released and it has been one of our most successful articles to date.
  • We placed an emphasis on sharing material via YouTube and created seven video series totaling two hours of content. We kicked off '09 with a bang on the video front with Matt's "Virtual Blight" presentation.
Goal #2: Iterate early and often on Webmaster Tools
Thank you once again and we hope for another exciting and eventful year!

Written by Sagar Kamdar, Webmaster Tools Product Manager, in need of some Rock Band skillz
Posted by at No comments:
Labels: ,

Changes in crawl error reporting for redirects

Webmaster level: intermediate-advanced

In the past, we have seen occasional confusion by webmasters regarding how crawl errors on redirecting pages were shown in Webmaster Tools. It's time to make this a bit clearer and easier to diagnose! While it used to be that we would report the error on the original - redirecting - URL, we'll now show the error on the final URL - the one that actually returns the error code.


Let's look at an example:



URL A redirects to URL B, which in turn returns an error. The type of redirect, and type of error is unimportant here.

In the past, we would have reported the error observed at the end under URL A. Now, we'll instead report it as URL B. This makes it much easier to diagnose the crawl errors as they're shown in Webmaster Tools. Using tools like cURL or your favorite online server header checker, you can now easily confirm that this error is actually taking place on URL B.

This change may also be visible in the total error counts for some websites. For example, if your site is moving to a new domain, you'll only see these errors for the new domain (assuming the old domain redirects correctly), which might result in noticeable changes in the total error counts for those sites.

Note that this change only affects how these crawl errors are shown in Webmaster Tools. Also, remember that having crawl errors for URLs that should be returning errors (e.g. they don't exist) does not negatively affect the rest of the website's indexing or ranking (also as discussed on Google+).

We hope this change makes it a bit easier to track down crawl errors, and to clean up the accidental ones that you weren't aware of! If you have any questions, feel free to post here, or drop by in the Google Webmaster Help Forum.


Posted by John Mueller, Website Error Analyst
Posted by at No comments:
Labels: , , ,

Tuesday, 21 January 2014

HOT HD9 (Dual SIM) - Part II

Introduction

As promised, here is the second review of HOT HD9 Dual SIM, that will now cover only the operating system part, now running Android. I flashed the Android ROM just two days ago, so I haven't really had the time to fully enjoy my "new" phone. Yes, I can say that it became a completely new and different phone because Android is simply amazing and runs really well on it.


The first boot...

Flashing a new ROM always makes me nervous, so it's a relief when the boot screen finally appears...



Android user interface

I believe that you already know or heard about Google's operating system for mobiles - the Android. This is the stock user interface.


And the default lock screen...


I let you with a video of the official Android 2.2 features:



Functionality

In the first part of this review, I did told that this phone runs Windows Mobile quite smoothly, but Android runs much better. 

From the moment you start the experience of Android with the phone, it can be easily noticed that there was a very thorough development of the dual SIM support. As before, the user can choose from which SIM to initiate the call from the dialler. In call history screen, missed / received / made calls can be checked with the indication of the SIM number. In addition, you can filter calls by SIM.


The messaging application displays threaded conversations, just like internet messengers. There's also the indication of the SIM from which the message was sent or received. 


It's a breeze to set up e-mail accounts (especially if you have Google accounts), make calls and send text messages, surf the web and add new programs from the Android Market.



The ability for the user to choose the SIM that can establish a data connection is still present, as well as the schedule power on / off feature.



Just as I expected, the battery lifetime with Android was reduced. As you can see from the next chart, the average lifetime of some native Android smartphones is almost 6 hours.


Don't worry, HD9 is way above the average and beats all those phones. In the first two days of my Android experience, the battery had to be charged every day. Although, I used GPS and Wi-Fi a lot, along with my normal usage... about 2 hours of calls, Bluetooth always on and GPRS data connection from time to time.

The camera

The default camera application, once again with lots of settings.

                                                  
    


Final thoughts

I  have to say to you that this is not my first dual SIM smartphone, however it is the first one that supports both Windows Mobile and Android. Now that I have tried Android, I can say for sure that I will never go back to Windows Mobile.

I will let you with my conclusions about highs and lows when comparing this phone running Android versus Windows Mobile.

Highs:
  • Smoother operation
  • Multi-touch functions works much smoother
  • Better dual SIM integration
Lows:
  • Decreased battery lifetime (Android is known for being more power hungry)
  • Camera driver only supports 3MP resolution photos (may be solved in future ROM updates)
Posted by at No comments:

Thursday, 16 January 2014

HOT HD9 (Dual SIM) - Part I

Introduction

Well, my first review will focus on the newest HTC HD2 clone. This clone is based on a MediaTek chipset and features dual SIM dual standby support. This clone is also known as HD9 because it's a new release which is an exact copy of the original HTC HD2 (in terms of size, camera location and compatibility with original accessories).

Specifications

Chipset

Name:MediaTek MT6516
CPU:416 MHz ARM9™
Instruction set:ARMv5

Software environment

Embedded OS:Windows Mobile 6.5
Android 2.2.1 (Froyo)

Body

Dimensions
(width x height x depth):		120.5 x 67 x 11.3 millimetres
Weigth:150 grams
Color:Black

Memory

RAM:capacity:256 MB
ROM-capacity:512 MB
Expansion slot:microSD memory card, supporting up to 16 GB

Network support

Primary phone:GSM850, GSM900, GSM1800, GSM1900
Secondary phone:GSM850, GSM900, GSM1800, GSM1900
Data links:GPRS, EDGE

Display

Type:LCD capacitive touchscreen
Size:4.3 inches, WVGA resolution (480 x 800 pixels)

Camera

Main (rear):8 megapixels (interpolated) with autofocus and dual LED flash
Secondary (front):0.3 megapixels

Interfaces

Bluetooth (802.15):Bluetooth 2.0 + Enhanced Data Rate
Wireless LAN / Wi-Fi (802.11):  IEEE 802.11b, IEEE 802.11g
USB:USB 2.0 Client, Hi-Speed (480 Mbit/s)
USB Series Micro-B (Micro-USB) connector

Satellite navigation

Built-in GPS module:MT6620 chipset
GPS antenna:Internal
Complementary GPS services:  A-GPS (Assisted GPS)

Additional features

Sensors:
Gravity and Proximity sensors
Analog Radio:FM radio (87.5-108 MHz)


Unboxing

Well, I was very anxious to open the case and try out the phone, but had to control myself and take some pictures first...




The charger, just like the original...


...and the rest of accessories.


Construction


As you can see, this clone looks exactly like the original HTC HD2. The quality of the materials is very good.


Only two ports dot the outside of the phone: the micro-USB connector and the 3,5 mm headphone jack. Both are located side-by-side at the bottom of the phone, leaving the rest of the perimeter unmarred.



Up and down volume buttons in the left...


The 8 megapixels camera with dual LED flash...



Looks good, doesn't it? The body is exactly like the original HD2. You can have both side-by-side and can't even tell which one is the original and the clone.




After removing the battery, you have the access to the two SIM slots. The one in the bottom is the SIM2 slot, while the upper one is the SIM1 slot. You can also see the microSD slot in the left. 


The super AMOLED display

One of the greatest features of this smartphone is it's beautiful screen. It sports a Sharp super AMOLED 4,3 inch screen. This is actually one of the best screens around, and whose colors... must be seen live.


Viewing angles of this screen are... almost unlimited!



Functionality

From the moment you start working with this phone you can notice the difference speed when compared to the original HD2. This is obviously due to the used processor, but nevertheless the phone runs really smoothly.

The phone came with SPB Mobile Shell pre-installed, but personally I prefer the good old WM6.5 layout. 



The dual SIM integration in Windows Mobile is great. From the dialler, you can choose from which SIM to initiate the call. In call history screen, missed / received / made calls can be checked with the indication of the SIM number.


Using the wireless manager, you can easily enable / disable Wi-Fi, Bluetooth, Phone 1 or 2. Airplane mode (also known as flight mode) disables all wireless radios. From the menu, you can set each SIM card independently. Different ringtones can be set for each card, for example.


Another great feature is the ability for the user to choose the SIM that can establish a data connection. Just as an example, you can have your private card as SIM1 and your data card as SIM2. It's just a matter of selecting to connect through SIM2. Another example could be if you can receive multimedia messages (MMS) in both cards, then you would have to set here the card that should be able to connect to the MMS server and download the message.


The next feature is something that's only available on MTK based smartphones and can be quite useful. Under system settings, you can find a tool that can schedule power on / off. Well, I'm just evidencing this feature because you can only find in very few smartphones.  


A fantastic feature that I noticed while doing some test calls was the ability to turn off the display when your head is next to the earpiece, by making use of the proximity sensor. That can obviously save your battery life as well as prevent you from "touching" something that you don't want to.

In terms of battery performance, it's considerably good taking into consideration that the phone has a very big screen and dual SIM with dual standy support. With a not so intense phone usage, about 2 hours of calls in total, BT always on and sometimes connected to my car kit, some short messages, GPRS connection every 30 minutes to check for e-mails and sync contacts / calendar with Google, the battery lasts two days.


Photos and videos

I got quite amazed by the camera application, as the user can tweak a lot of settings.





For a smartphone, it takes acceptable photos. Although lacking in edge detail like most cell-cam photos, images are bright, pop-out colorful, and as long as you keep the phone stock-still, the flash brilliantly illuminates indoor scenes. However, with a touchscreen shutter release, it’s very difficult to keep the phone as still as necessary to get an unblurred shot in anything but bright sunlight.


HD9 sample photos

Supported operating systems

By the time I got this phone, the only OS supported was Windows Mobile 6.5. As several other clones based on the MT6516 chipset, this one can also be flashed with the newest operating system from Google - the Android. It's said that this year will be the year of Android and this clone couldn't be out of the run.

Please keep in touch and don't miss my next review. I will show you how this smartphone behaves with Android 2.2 (Froyo). Just a few candy for you:



Final thoughts

This is indeed a great phone. If you are looking for a new dual SIM smartphone (to replace your old ACER DX900 like I did), then this is definitely "the" smart choice.

Highs:
  • Dual SIM Dual Standby
  • Multi-touch AMOLED screen
  • Good battery life for a dual SIM smartphone
Lows:
  • Doesn't support 3G networks
  • Could be too big for some people (personally I like this one because of the big screen)
Posted by at No comments: