VW will support Android Automotive for the “lifetime” of a car—15 years

A rendering of the VW ID.2 concept interior

Enlarge / Volkswagen is one of a number of automakers that have migrated to Android Automotive as their infotainment OS. But how long can you expect that OS to be patched and safe? (credit: Volkswagen)

Android is doing a pretty good job of colonizing the in-car infotainment ecosystem. At first, Google’s operating system started showing up in new vehicles as custom installations, but more recently the company developed Android Automotive, which you can find in new cars from General Motors, Polestar, Volvo, Honda, and soon, both BMW and Volkswagen Group.

A perennial question that has accompanied the spread of Android Automotive has been the question of support. A car has a much longer expected service life than a smartphone, especially an Android smartphone, and with infotainment systems so integral to a car’s operations now, how long can we reasonably expect those infotainment systems to be supported?

So far, a bit more than seven years is the longest any Android phone has received support, before unsupported chips finally called time on the Fairphone. I’m not sure anyone would be OK with having their car sent to the scrap heap after just seven years, however.

Read 11 remaining paragraphs | Comments

#android, #android-automotive, #android-updates, #cars, #end-of-life, #end-of-production, #infotainment-system, #infotainment-updates, #security-patches, #service-life

Google tells users of some Android phones: Nuke voice calling to avoid infection

Images of the Samsung Galaxy S21, which runs with an Exynos chipset.

Enlarge / Images of the Samsung Galaxy S21, which runs with an Exynos chipset. (credit: Samsung)

Google is urging owners of certain Android phones to take urgent action to protect themselves from critical vulnerabilities that give skilled hackers the ability to surreptitiously compromise their devices by making a specially crafted call to their number.  It’s not clear if all actions urged are even possible, however, and even if they are, the measures will neuter devices of most voice-calling capabilities.

The vulnerability affects Android devices that use the Exynos chipset made by Samsung’s semiconductor division. Vulnerable devices include the Pixel 6 and 7, international versions of the Samsung Galaxy S22, various mid-range Samsung phones, the Galaxy Watch 4 and 5, and cars with the Exynos Auto T5123 chip. These devices are ONLY vulnerable if they run the Exynos chipset, which includes the baseband that processes signals for voice calls. The US version of the Galaxy S22 runs a Qualcomm Snapdragon chip.

A bug tracked as CVE-2023-24033 and three others that have yet to receive a CVE designation make it possible for hackers to execute malicious code, Google’s Project Zero vulnerability team reported on Thursday. Code-execution bugs in the baseband can be especially critical because the chips are endowed with root-level system privileges to ensure voice calls work reliably.

Read 12 remaining paragraphs | Comments

#android, #baseband, #biz-it, #samsung, #volte, #vulnerabilities, #wifi-calling

20 years later, Second Life is launching on mobile

Second Life mobile preview.

Remember Second Life? The virtual world launched on the desktop web back in 2003 with 3D avatars and spaces for various social activities. Believe it or not, it has been running continually this entire time—and now it’s coming to mobile for the first time.

In fact, this will be the first time that Second Life has expanded beyond the PC (across Windows, macOS, and Linux) in any form.

In a post to the virtual world’s community web forum, a community manager for Second Life developer Linden Lab shared a video with some details about the mobile version’s development, and announced that a beta version of the mobile app will launch sometime this year.

Read 5 remaining paragraphs | Comments

#android, #gaming-culture, #ios, #linden-lab, #metaverse, #second-life, #virtual-worlds

The sketchy plan to build a Russian Android phone

Blurry picture of a phone

Enlarge (credit: Jeffrey Coolidge/Getty Images)

Since the invasion of Ukraine one year ago, Russia has faced an exodus of tech companies and services. This includes the exit of Samsung and Apple, two of the world’s most popular smartphone brands. In response, the country has doubled down on its efforts to attain technological self-sufficiency, including creating a new Android smartphone.

The handset, which does not yet have a name, will be built by the National Computer Corporation (NCC), one of Russia’s largest IT companies, with an ambitious goal to sell 100,000 smartphones and tablets by the end of 2023. Alexander Kalinin, the founder of NCC, told local media on Monday that he aims to invest 10 billion rubles ($132.9 million) in the project and hopes to capture 10 percent of the consumer market by 2026.

The news comes just days after the US Department of Commerce banned exports to Russia of phones and other electronics that cost more than $300. Experts say, however, that a Russian smartphone will have a hard time beating inexpensive competitors from China, and it may encounter problems with using Google’s Android.

Read 21 remaining paragraphs | Comments

#android, #invasion-of-ukraine, #russia, #sanctions, #syndication, #tech

Rovio delists pay-to-own Angry Birds because it hurt free-to-play earnings

Angry bird is angry.

Enlarge / Angry bird is angry. (credit: Rovio)

Back in the days before practically every mobile game was a free-to-play, ad- and microtransaction-laden sinkhole, Rovio found years of viral success selling paid downloads of Angry Birds to tens of millions of smartphone users. Today, though, the company is delisting the last “pay upfront” version of the game from mobile app stores because of what it says is a “negative impact” on the more lucrative free-to-play titles in the franchise.

Years after its 2009 launch, the original Angry Birds was first pulled from mobile app stores in 2019, a move Rovio later blamed on “outdated game engines and design.” The remastered “Rovio Classics” version of the original game launched last year, asking 99 cents for over 390 ad-free levels, complete with updated graphics and a new, future-proofed engine “built from the ground up in Unity.”

In a tweeted statement earlier this week, though, Rovio announced that it is delisting Rovio Classics: Angry Birds from the Google Play Store and renaming the game Red’s First Flight on the iOS App Store (presumably to make it less findable in an “Angry Birds” search). That’s because of the game’s “impact on our wider games portfolio,” Rovio said, including “live” titles such as Angry Birds 2, Angry Birds Friends, and Angry Birds Journey.

Read 6 remaining paragraphs | Comments

#ads, #android, #angry-birds, #gaming-culture, #ios, #microtransactions, #mobile, #mobile-games, #rovio

How to control your smart home without yelling at a dumb voice assistant

Woman staring disconcertedly at a smart speaker

Enlarge / We don’t have to rely on megacorp obelisks to operate the things we buy. We don’t have to learn their language. We can break free. (credit: PonyWang/Getty Images)

For many people, an automated smart home is about little things that add up to big conveniences over time. Lights turning on when you pull into the driveway, a downstairs thermostat adjustable from your upstairs bedroom, a robot vacuum working while you’re at the grocery store—you put in a bit of setup work and your life gets easier.

What most smart homes also include, however, is a voice assistant, the opposite of a quiet, unseen convenience. Alexa, Siri, Google Assistant: They demand that you learn specific device names and structures for commands, while they frequently get even the most simple command astoundingly wrong. And they are, of course, an always-listening corporate microphone you’re allowing inside your home.

There are ways to keep that smart home convenience while cutting out the conversation. Some involve your phone, some dedicated devices, but none of them involve saying a device’s name. Here’s an overview of the best options available.

Read 27 remaining paragraphs | Comments

#amazon, #amazon-alexa, #android, #apple-homekit, #automated-home, #batteries, #battery-life, #features, #google, #google-home, #home-assistant, #homekit, #ios, #samsung-smartthings, #smart-home, #smarthings, #tech, #z-wave, #zigbee

Apple beefs up smartphone services in “silent war” against Google

Apple allegedly still holds a ‘grudge’ against Google ever since co-founder Steve Jobs called its rival Android operating system a "stolen product."

Enlarge / Apple allegedly still holds a ‘grudge’ against Google ever since co-founder Steve Jobs called its rival Android operating system a “stolen product.” (credit: FT montage/Reuters)

Apple is taking steps to separate its mobile operating system from features offered by Google parent Alphabet, making advances around maps, search and advertising that has created a collision course between the Big Tech companies.

The two Silicon Valley giants have been rivals in the smartphone market since Google acquired and popularized the Android operating system in the 2000s.

Apple co-founder Steve Jobs called Android “a stolen product” that mimicked Apple’s iOS mobile software, then declared “thermonuclear war” on Google, ousting the search company’s then-CEO Eric Schmidt from the Apple board of directors in 2009.

Read 24 remaining paragraphs | Comments

#android, #apple, #google, #ios, #maps, #navigation, #search, #tech

Hacker group incorporates DNS hijacking into its malicious website campaign

DNS hijacking concept.

Enlarge / DNS hijacking concept.

Researchers have uncovered a malicious Android app that can tamper with the wireless router the infected phone is connected to and force the router to send all network devices to malicious sites.

The malicious app, found by Kaspersky, uses a technique known as DNS (Domain Name System) hijacking. Once the app is installed, it connects to the router and attempts to log in to its administrative account by using default or commonly used credentials, such as admin:admin. When successful, the app then changes the DNS server to a malicious one controlled by the attackers. From then on, devices on the network can be directed to imposter sites that mimic legitimate ones but spread malware or log user credentials or other sensitive information.

Capable of spreading widely

“We believe that the discovery of this new DNS changer implementation is very important in terms of security,” Kaspersky researchers wrote. “The attacker can use it to manage all communications from devices using a compromised Wi-Fi router with the rogue DNS settings.”

Read 8 remaining paragraphs | Comments

#android, #biz-it, #dns-hijacking, #smishing

Samsung’s Android app-signing key has leaked, is being used to sign malware

Samsung’s Android app-signing key has leaked, is being used to sign malware

(credit: Dsimic)

A developer’s cryptographic signing key is one of the major linchpins of Android security. Any time Android updates an app, the signing key of the old app on your phone needs to match the key of the update you’re installing. The matching keys ensure the update actually comes from the company that originally made your app and isn’t some malicious hijacking plot. If a developer’s signing key got leaked, anyone could distribute malicious app updates and Android would happily install them, thinking they are legit.

On Android, the app-updating process isn’t just for apps downloaded from an app store, you can also update bundled-in system apps made by Google, your device manufacturer, and any other bundled apps. While downloaded apps have a strict set of permissions and controls, bundled-in Android system apps have access to much more powerful and invasive permissions and aren’t subject to the usual Play Store limitations (this is why Facebook always pays to be a bundled app). If a third-party developer ever lost their signing key, it would be bad. If an Android OEM ever lost their system app signing key, it would be really, really bad.

Guess what has happened! Łukasz Siewierski, a member of Google’s Android Security Team, has a post on the Android Partner Vulnerability Initiative (AVPI) issue tracker detailing leaked platform certificate keys that are actively being used to sign malware. The post is just a list of the keys, but running each one through APKMirror or Google’s VirusTotal site will put names to some of the compromised keys: Samsung, LG, and Mediatek are the heavy hitters on the list of leaked keys, along with some smaller OEMs like Revoview and Szroco, which makes Walmart’s Onn tablets.

Read 1 remaining paragraphs | Comments

#android, #google-play-store, #tech

DuckDuckGo’s Android anti-tracking tool offers stronger third-party protections

Cloud of app tracking companies around a Google logo and DuckDuckGo's app tracking tool

Enlarge / DuckDuckGo says its App Tracking Protection automatically blocks many kinds of known trackers, while Apple’s App Tracking Transparency only blocks IDFA (Identifier for Adverstisers) and asks developers to block others. (credit: DuckDuckGo)

Privacy-focused search site DuckDuckGo has added yet another way to prevent more of your data from going to advertisers, opening its App Tracking Protection for Android to beta testers.

DuckDuckGo is positioning App Tracking Protection as something like Apple’s App Tracking Transparency for iOS devices, but “even more powerful.” Enabling the service in the DuckDuckGo app for Android (under the “More from DuckDuckGo” section) installs a local VPN service on your phone, which can then start automatically blocking trackers on DDG’s public blocklist. DuckDuckGo says this happens “without sending app data to DuckDuckGo or other remote servers.”

Read 5 remaining paragraphs | Comments

#advertising, #android, #app-tracking, #app-tracking-protection, #app-tracking-transparency, #apple, #duckduckgo, #google, #privacy, #tech

The Snapdragon 8 Gen 2 brings Wi-Fi 7, sticks with some 32-bit support

The Snapdragon 8 Gen 2 brings Wi-Fi 7, sticks with some 32-bit support

Enlarge (credit: Qualcomm)

Today, Qualcomm announced the Snapdragon 8 Gen 2 SoC, the company’s flagship chip that will be coming to many Android phones over the next few months. Besides the usual newer, better, hopefully faster cores, a big piece of news is the addition of Wi-Fi 7 support so you can get better home wireless—provided you invest in a new router.

Qualcomm has some claims for this new chip. The company says the CPU “improves performance up to 35 percent” and has “up to 40 percent more power efficiency.” The GPU supposedly “delivers up to 25 percent faster performance, with up to 45 percent better power efficiency.” Take both of these claims with a grain of salt, since Qualcomm last year promised a 20 percent CPU improvement that never manifested in shipping products. Even if Qualcomm hits these performance promises, it would still be about a year behind the iPhone. The company is trying to do something about its uncompetitive performance with the (now legally encumbered) Nuvia acquisition, but those chips aren’t ready yet.

Let’s start with the basics. This is a 4 nm chip with an unusual layout containing four different CPU cores, all designed by Arm. The prime core is a 3.2 GHz Arm Cortex X3—that’s all good and expected, and from here, Arm’s recommended layout is three Cortex A710 CPUs for “medium” duty and four A510 CPUs for low-power background processing. Qualcomm isn’t following the recommended layout, though, and after the Cortex X3 it has two different cores doing “medium” duty: a pair of Cortex-A715 CPUs and a pair of last-generation Cortex-A710 CPUs. After that, there are only three—not the expected four—Cortex A510 CPUs doing background duty.

Read 5 remaining paragraphs | Comments

#android, #qualcomm, #qualcomm-snapdragon, #snapdragon, #tech

Dramatic “Material You” colors arrive to desktop Chrome Canary builds

It looks like the beginning of Google’s color-changing “Material You” design language is finally coming to Chrome, at least in the canary builds. Redditor Leopeva64-2 spotted new flags in the latest nightly builds that will automatically recolor the Chrome UI based on what wallpaper you pick, just like Android.

If you want to try this yourself right now, you’ll need to grab yourself a copy of Chrome Canary and turn on two flags (paste these into the address bar): “chrome://flags/#customize-chrome-color-extraction,” and “chrome://flags/#ntp-comprehensive-theming.” Once those are turned on, picking a Chrome wallpaper from the “customize” button in the bottom right of the new tab page will also change the color of the tab bar. One more flag at “chrome://flags/#ntp-comprehensive-theming” will also apply these colors to the new tab page search bar.

Material You launched in 2021 with Android 12. In addition to a new set of guidelines for the sizes and shapes of UI components, Material You also came with an automatic color system. Android can automatically snatch colors from your wallpaper and apply that to the UI, with lots of algorithm magic to ensure zero contrast problems. It works great if you’re into a colorful UI, and it gives Android a unique look.

Read 3 remaining paragraphs | Comments

#android, #chrome, #google, #tech

Reddit now lets you mute subreddits you don’t like

The Reddit app icon on an iPhone screen.

Enlarge / The Reddit logo on a mobile device. (credit: Getty Images | stockcam)

In a post to /r/reddit, Reddit announced that it began rolling out a feature that will allow users to mute specific communities that contains content they don’t want to see.

If you mute a subreddit using this feature, posts from it won’t show up in your notifications, home feed recommendations, or Popular, Reddit’s feed of the most upvoted content from across its various communities.

Later, Reddit plans to apply muting to other places like “All” and “Discover.” Muting a community won’t stop you from being able to visit or post it, though.

Read 6 remaining paragraphs | Comments

#android, #ios, #reddit, #tech

Google Play Games beta now on Windows desktops, if that’s your thing

The Play Games available for Windows will often walk you through your uncommon keyboard/mouse controls—real classy-like, sometimes.

Enlarge / The Play Games available for Windows will often walk you through your uncommon keyboard/mouse controls—real classy-like, sometimes. (credit: AKPublish pty ltd / Kevin Purdy)

First Microsoft and Amazon conspired to make Android on Windows happen, and now Google’s staking its own claim. Starting today, some US Windows users can try a beta of Google Play Games on their desktop.

As of this writing, there were just over 60 games available to me in the Windows Play Games store, from a US location. All of them are free downloads because they’re the kind of games that make money on in-app purchases. It’s a mix of games that resemble or sound like better-known games, relaxed building/designing games, gacha bait, and then Genshin Impact. The selection is likely to expand, but the nature of Android’s free-to-play environment isn’t due to change any time soon.

If one of these games has already gotten its hooks into you, you can sync up your progress, achievements, friends, and other Google Play stats between your phone and Windows.

Read 5 remaining paragraphs | Comments

#amazon, #amazon-appstore, #android, #android-games, #gaming-culture, #google, #google-play-games, #microsoft, #tech

Unconfirmed hack of Liz Truss’ phone prompts calls for “urgent investigation”

Liz Truss, then Chief Secretary to the Treasury, taking a picture on her phone on May 1, 2018, in London.

Enlarge / Liz Truss, then Chief Secretary to the Treasury, taking a picture on her phone on May 1, 2018, in London. (credit: Getty Images)

British opposition politicians are calling for an “urgent investigation” into an unconfirmed media report that spies suspected of working for Russia hacked the phone of former Prime Minister Liz Truss while she was serving as foreign minister.

The report, published by the UK’s Mail on Sunday newspaper, cited unnamed people speaking on condition of anonymity saying that Truss’ personal cell phone had been hacked “by agents suspected of working for the Kremlin.” The attackers acquired “up to a year’s worth of messages,” discussing “highly sensitive discussions with senior international foreign ministers about the war in Ukraine, including detailed discussions about arms shipments.”

The Mail said that the hack was discovered during the Conservative Party’s first leadership campaign over the summer, which ultimately named Truss prime minister. The discovery was reportedly “suppressed” by Boris Johnson, the UK Prime Minister at the time of the campaign, and Cabinet Secretary Simon Case, with the latter reportedly imposing a news blackout.

Read 9 remaining paragraphs | Comments

#android, #biz-it, #europe-parliament, #european-parliament, #galaxy-note-8

Pebble, the OG smartwatch that may never die, updated to work with Pixel 7

Pebble's e-ink smartwatches, like the Pebble 2 HR pictured here, can now work on 64-bit Android phones like the Pixel 7, following a surprising official app update from Google.

Enlarge / Pebble’s e-ink smartwatches, like the Pebble 2 HR pictured here, can now work on 64-bit Android phones like the Pixel 7, following a surprising official app update from Google. (credit: Valentina Palladino)

When Pebble, an early, quirky, crowdfunded smartwatch, was acquired in a fire sale by Fitbit in December 2016, the company noted that while existing watches would work for the time being, “functionality or service quality may be reduced in the future.” You’d maybe get some bug fixes, but no software updates or features would arrive for the pioneering e-ink wearables.

Nearly six years later, a new Pebble app for Android has been released by the Rebble Alliance, a group that has kept Pebble viable for its users since Fitbit shut down Pebble’s servers in mid-2018. Pebble version 4.4.3 makes the app 64-bit so it can work on the mostly 64-bit Pixel 7 and similar Android phones into the future. It also restores a caller ID function that was hampered on recent Android versions.

Most notably, the app is “signed using the official Pebble keys,” with Google Fit integration maintained. Google acquired Fitbit for $2.1 billion, making it the steward of Pebble’s remaining IP and software pieces. Katharine Berry, a key Rebble coder and leader, works on Wear OS at Google and was one of the first to tweet news of the new update, “four years after 4.4.2.” That was the last Play Store update to the Pebble app, one that freed up many of the app’s functions to be replaced by independent servers. That’s exactly where Rebble picked up, providing web services to Pebble watches, including (for paying subscribers) voice dictation.

Read 2 remaining paragraphs | Comments

#android, #google, #pebble, #pixel-7, #smartwatch, #tech

Surface Duo continues its worst-in-class update record, ships Android 12L

The Surface Duo 2 running Android 12L.

Enlarge / The Surface Duo 2 running Android 12L. (credit: Microsoft)

Microsoft is still struggling to learn what exactly it takes to be a successful Android manufactuer. The company’s first self-branded Android phones, the dual-screened Surface Duo and Surface Duo 2, have tried to resurrect Microsoft’s mobile ambitions after the death of Windows Phone. They leave a lot to be desired, though, and the first version went through some embarrassing fire sales. An ongoing knock against the devices has also been Microsoft’s very slow OS updates. Unlike, say, Windows and Windows Update, Google’s expensive and labor-intensive Android update process puts the responsibility for updates on the hardware seller, and a big part of being a good Android OEM is how quickly you can navigate this complicated process. Microsoft is proving to not be good at this.

This week, Microsoft announced the Surface Duo and Surface Duo 2 are finally getting Android 12L, an OS update that came out in March. That puts that company at a more than seven-month update time, which is worst-in-class for a flagship device, especially for one costing the $1,499 Microsoft is charging for the Duo 2. The company took a prolonged 14 months to ship Android 11 to the Surface Duo, so at least it’s improving!

Android 12L features a bunch of changes aimed at big-screen tablet devices, but the awkward in-betweener Surface Duo seems to settle on the phone interface. The dual-pane notification panel isn’t here, nor is the (ironically very Windows 11-like) taskbar at the bottom of the screen.

Read 1 remaining paragraphs | Comments

#android, #microsoft-surface-duo, #tech

Pixel 7 Pro review: Google makes refinements to the best Android phone

Pixel 7 Pro review: Google makes refinements to the best Android phone

Enlarge (credit: Ron Amadeo)

The Pixel 7 might be Google’s first-ever flagship smartphone sequel.

That might seem like a strange thing to say about “version 7” of a smartphone, but before now, every flagship Pixel has switched manufacturers or used an all-new design from year to year. This strategy is the exact opposite of the one used by the larger, more serious hardware companies like Apple or Samsung, from which you can expect steady, iterative smartphone designs, with big redesigns coming every few years. When you’re scrambling to build a smartphone from scratch every year, it’s hard to do much in the way of error correction, improvements, or adjusting to customer feedback.

The Pixel 6 Pro was already the best Android phone you could buy, so Google didn’t have to do too much to turn in a good smartphone this year. All the important bits from the Pixel 6 are here, like the category-leading price tag, great camera, and speedy, clean software. But even with that solid base, Google did a good job of fixing some of our minor complaints about the Pixel 6. There’s no reason to upgrade if you have a Pixel 6, but an actual “version 2” of Google’s flagship smartphone might entice more people to try the brand.

Read 48 remaining paragraphs | Comments

#android, #features, #google, #google-pixel-7, #pixel, #pixel-7, #pixel-7-pro, #tech, #tensor

Google Play apps with >20M downloads depleted batteries and network bandwidth

Google Play apps with >20M downloads depleted batteries and network bandwidth

Enlarge (credit: NurPhoto | Getty Images)

Google Play has given the boot to 16 apps with more than 20 million combined installations after researchers detected malicious activity that could cause the Android devices they ran on to drain batteries faster and use more data than normal.

The apps provided legitimate functions, including flashlight, camera, QR reading, and measurement conversions, security firm McAfee said on Wednesday. When opened, however, the apps surreptitiously downloaded additional code that caused them to perform ad fraud. From then on, infected devices received messages through the Google-owned Firebase Cloud Messaging platform that instructed them to open specific web pages in the background and select links to artificially inflate the number of clicks ads received.

“Mainly, it is visiting websites which are delivered by FCM message and browsing them successively in the background while mimicking user’s behavior,” McAfee’s SangRyol Ryu wrote. “This may cause heavy network traffic and consume power without user awareness during the time it generates profit for the threat actor behind this malware.”

Read 5 remaining paragraphs | Comments

#android, #apps, #biz-it, #google-play

Google ships Android 13 to Pixels; adds customization options, spatial audio

Android 13 on phone, tablet, laptop

Enlarge (credit: Google)

Google has begun its rollout of Android 13, the company announced today. The update is now shipping to Pixel phones, and Google is also releasing Android 13 to its Android Open Source Project (AOSP).

According to Google’s blog post, Android 13 will come to Android devices from Samsung’s Galaxy line and to devices from Asus, Nokia (via HMD), iQOO, Motorola, OnePlus, Oppo, Realme, Sharp, Sony, Tecno, Vivo, Xiaomi, and others “later this year.”

Android 13 doesn’t come with many groundbreaking features, but it includes enhancements to customization options, audio, and security. Google is also expanding the Material You UI it introduced with Android 12 so that even non-Google apps can coordinate with the colors of your wallpaper and theme.

Read 7 remaining paragraphs | Comments

#android, #google, #smartphones, #tech

Google closes data loophole amid privacy fears over abortion ruling

Google closes data loophole amid privacy fears over abortion ruling

Enlarge (credit: Lari Bat | Getty Images)

Google is closing a loophole that has allowed thousands of companies to monitor and sell sensitive personal data from Android smartphones, an effort welcomed by privacy campaigners in the wake of the US Supreme Court’s decision to end women’s constitutional right to abortion.

It also took a further step on Friday to limit the risk that smartphone data could be used to police new abortion restrictions, announcing it would automatically delete the location history on phones that have been close to a sensitive medical location such an abortion clinic.

The Silicon Valley company’s moves come amid growing fears that mobile apps will be weaponized by US states to police new abortion restrictions in the country.

Read 18 remaining paragraphs | Comments

#android, #biz-it, #google, #period-trackers, #policy, #privacy, #roe-v-wade

Billing fraud apps can disable Android Wi-Fi and intercept text messages

Billing fraud apps can disable Android Wi-Fi and intercept text messages

Enlarge (credit: Aurich Lawson)

Android malware developers are stepping up their billing fraud game with apps that disable Wi-Fi connections, surreptitiously subscribe users to pricey wireless services, and intercept text messages, all in a bid to collect hefty fees from unsuspecting users, Microsoft said on Friday.

This threat class has been a fact of life on the Android platform for years, as exemplified by a family of malware known as Joker, which has infected millions of phones since 2016. Despite awareness of the problem, little attention has been paid to the techniques that such “toll fraud” malware uses. Enter Microsoft, which has published a technical deep dive on the issue.

The billing mechanism abused in this type of fraud is WAP, short for wireless application protocol, which provides a means of accessing information over a mobile network. Mobile phone users can subscribe to such services by visiting a service provider’s web page while their devices are connected to cellular service, then clicking a button. In some cases, the carrier will respond by texting a one-time password (OTP) to the phone and requiring the user to send it back in order to verify the subscription request. The process looks like this:

Read 5 remaining paragraphs | Comments

#android, #biz-it, #joker, #malware, #microsoft

Email client K-9 Mail will become Thunderbird for Android

K-9 Mail will become Thunderbird for Android in time.

Enlarge / K-9 Mail will become Thunderbird for Android in time. (credit: Mozilla)

The open source Mozilla Thunderbird email client has a long and storied history, but until now, that history has been limited to the desktop. That’s about to change, according to a post on the Thunderbird blog. Thunderbird will be coming to Android through the popular open source mobile email client K-9 Mail.

According to Thunderbird’s Jason Evangelho, Mozilla has acquired the source code and naming rights to K-9 Mail. K-9 Mail project maintainer Christian Ketterer (who goes by “cketti” in the OSS community) will join the Thunderbird team, and over time, K-9 Mail will become Thunderbird for Android.

Mozilla will invest finance and development time in K-9 to add several features and quality-of-life enhancements before that happens, though. The blog post lists these bullets on the features road map:

Read 4 remaining paragraphs | Comments

#android, #email-client, #k-9-mail, #mozilla, #tech, #thunderbird

Mozilla releases Firefox version 100 this week

A special 100th-version splash page appears on the first launch of a new Firefox installation.

Enlarge / A special 100th-version splash page appears on the first launch of a new Firefox installation. (credit: Samuel Axon)

Firefox released its 100th update, and some fanfare accompanied the release on Mozilla’s blog about the web browser. Firefox 100 is available this week for both desktop and mobile versions.

To celebrate, Mozilla says it will be regularly sharing fan art inspired by Firefox throughout May. But while that 100 number carries some symbolic weight, the update itself isn’t particularly monumental.

On the desktop, subtitles and captions are now supported in Firefox’s picture-in-picture mode for videos. Three key websites officially support subtitles and captions in PIP: YouTube, Netflix, and Amazon Prime Video. Plus, the feature works on websites that support the WebVTT standard, like Twitter.

Read 4 remaining paragraphs | Comments

#android, #browser, #firefox, #firefox-100, #https, #ios, #mozilla, #tech, #web-browser, #webvtt

Critical bug could have let hackers commandeer millions of Android devices

Critical bug could have let hackers commandeer millions of Android devices

Enlarge (credit: Getty Images)

Security researchers said they uncovered a vulnerability that could have allowed hackers to commandeer millions of Android devices equipped with mobile chipsets made by Qualcomm and MediaTek.

The vulnerability resided in ALAC—short for Apple Lossless Audio Codec and also known as Apple Lossless—which is an audio format introduced by Apple in 2004 to deliver lossless audio over the Internet. While Apple has updated its proprietary version of the decoder to fix security vulnerabilities over the years, an open-source version used by Qualcomm and MediaTek had not been updated since 2011.

Together, Qualcomm and MediaTek supply mobile chipsets for an estimated 95 percent of US Android devices.

Read 9 remaining paragraphs | Comments

#alac, #android, #biz-it, #mediatek, #qualcomm

Data-harvesting code in mobile apps sends user data to “Russia’s Google”

Photo taken on October 12, 2021 in Moscow shows Russia's internet search engine Yandex's logo on a laptop screen. (Photo by Kirill KUDRYAVTSEV / AFP) (Photo by KIRILL KUDRYAVTSEV/AFP via Getty Images)

Enlarge / Photo taken on October 12, 2021 in Moscow shows Russia’s internet search engine Yandex’s logo on a laptop screen. (Photo by Kirill KUDRYAVTSEV / AFP) (Photo by KIRILL KUDRYAVTSEV/AFP via Getty Images) (credit: Kirill Kudryavtsev | Getty Images)

Russia’s biggest Internet company has embedded code into apps found on mobile devices that allows information about millions of users to be sent to servers located in its home country.

The revelation relates to software created by Yandex that permits developers to create apps for devices running Apple’s iOS and Google’s Android, systems that run the vast majority of the world’s smartphones.

Yandex collects user data harvested from mobiles, before sending the information to servers in Russia. Researchers have raised concerns the same “metadata” may then be accessed by the Kremlin and used to track people through their mobiles.

Read 25 remaining paragraphs | Comments

#android, #apple, #biz-it, #data-harvesting, #google, #ios, #security, #yandex

Samsung Galaxy S22 Ultra review: The slab phone retirement plan

The Samsung Galaxy S22 Ultra.

Enlarge / The Samsung Galaxy S22 Ultra. (credit: Ron Amadeo)

Is there anything left to do in the slab phone market?

Samsung’s launch of the Galaxy S22 feels like a retirement plan for the company’s slab line. After killing the Galaxy Note line and skipping a 2021 release, Samsung is merging the S-Pen-equipped Note line and the Galaxy S line, cutting the slab phone flagships down to a single yearly release.

Look at the Galaxy Note 10 from 2019 and you’ll see that Samsung has essentially been recycling its design for three years now. It feels like Samsung is standing still, as if the plan is to have slab phones slowly ride off into the sunset while the company directs resources toward a future in foldables.

Read 40 remaining paragraphs | Comments

#android, #ars-shopping, #gadgetology, #galaxy-s22, #samsung, #tech

Researcher uses Dirty Pipe exploit to fully root a Pixel 6 Pro and Samsung S22

Stylized illustration of a robot holding a smart tablet.

Enlarge (credit: Getty Images)

A researcher has successfully used the critical Dirty Pipe vulnerability in Linux to fully root two models of Android phones—a Pixel 6 Pro and Samsung S22—in a hack that demonstrates the power of exploiting the newly discovered OS flaw.

The researcher chose those two handset models for a good reason: They are two of the few—if not the only—devices known to run Android version 5.10.43, the only release of Google’s mobile OS that’s vulnerable to Dirty Pipe. Because the LPE, or local privilege escalation, vulnerability wasn’t introduced until the recently released version 5.8 of the Linux kernel, the universe of exploitable devices—whether mobile, Internet of Things, or servers and desktops—is relatively small.

Behold, a reverse shell with root privileges

But for devices that do package affected Linux kernel versions, Dirty Pipe offers hackers—both benign and malicious—a platform for bypassing normal security controls and gaining full root control. From there, a malicious app could surreptitiously steal authentication credentials, photos, files, messages, and other sensitive data. As I reported last week, Dirty Pipe is among the most serious Linux threats to be disclosed since 2016, the year another high-severity and easy-to-exploit Linux flaw named Dirty Cow came to light.

Read 14 remaining paragraphs | Comments

#android, #biz-it, #dirty-pipe, #exploits, #linux, #vulnerabilities

Reddit’s iOS and Android app gets its biggest update in years

The Reddit app icon on a smartphone screen.

Enlarge / The Reddit iOS app icon. (credit: Getty Images | Yuriko Nakao )

The Reddit mobile app doesn’t often get big updates, but this week was an exception, with the company adding a new “Discover Tab” and menus for managing subscriptions.

In a blog post announcing the feature, Reddit says that one in five users joined at least one new community after using the Discover Tab. Jason Costa, Reddit’s director of product for content and communities, offered the following statement in the blog post:

We’re ushering in a new era of discovery on Reddit, with images and video top of mind. We’re making discovering relevant content and communities more intuitive with the Discover Tab. It’s a great new way for people to explore and engage with hundreds of thousands of communities around the world.

The Discover tab is now in the top-level app navigation, replacing the communities and subscriptions tab. Tapping it brings you to a scrollable grid list of Reddit content from a variety of subreddits you may not already be following.

Read 6 remaining paragraphs | Comments

#algorithmic-recommendations, #android, #ios, #reddit, #social-media, #subreddit, #tech

Android’s toothless “Privacy Sandbox” fails to answer iOS tracking limits

A large Google logo is displayed amidst foliage.

Enlarge (credit: Sean Gallup | Getty Images)

Google is announcing the “Android Privacy Sandbox” today, a move the company says will be “a multi-year initiative” to introduce “more private advertising solutions” into Android. After Apple made tracking opt-in in iOS 14, Android wants to be seen as matching its main rival. Today’s announcement is in addition to existing ad systems, not a replacement for them, so this will probably be even less effective than the “Privacy Sandbox” for Chrome.

Apple’s tracking changes blew up the advertising industry and are already costing ad-based companies like Facebook $10 billion in revenue for the year. Google, the world’s largest ad company, doesn’t seem to want to do that on Android.

Here’s how Google addresses iOS 14 in its blog post:

Read 8 remaining paragraphs | Comments

#android, #google, #tech

Samsung’s giant 14.6-inch Android tablet has a Macbook-style display notch

Promotional image of mammoth computer tablet being used.

Enlarge / The Galaxy Tab S8 Ultra, with S-Pen and outrageously slim bezels. (credit: Samsung)

Android tablets might be showing new signs of life thanks to Google’s push with Android 12L, but Samsung never left the Android tablet market. Alongside Samsung’s announcement of the Galaxy S22, the company is also revving its tablet line, and for the first time ever, it’s supersizing Galaxy tablets with the Galaxy S8 Tab Ultra.

The Galaxy S8 Tab Ultra is a monster. Its 14.6-inch (370.8 mm), 120 Hz 2960 × 1848 OLED display has a 16:10 aspect ratio. The 326.4 x 208.6 x 5.5 mm (12.8 x 8.2 x 0.2 inch) aluminum body houses an 11,200 mAh battery, and it weighs a whopping 1.6 pounds (0.73 kg). It’s bigger than the top half of many laptops.

Samsung’s choice to build an ultrabig tablet came with the decision to slim down the bezels, which I don’t think anyone has ever asked for on a tablet. You can grip a smartphone around the side of it, so the bezel doesn’t contribute much. But you need something to hold onto with a tablet. Samsung went all out on the bezel war and added a MacBook Pro-like notch to the S8 Tab Ultra’s front display, which houses two 12MP front-facing cameras (one is a wide-angle lens).

Read 5 remaining paragraphs | Comments

#android, #android-tablet, #ars-shopping, #galaxy, #tech

Android malware can factory-reset phones after draining bank accounts

Android malware can factory-reset phones after draining bank accounts

Enlarge (credit: Getty Images)

A banking-fraud trojan that has been targeting Android users for three years has been updated to create even more grief. Besides draining bank accounts, the trojan can now activate a kill switch that performs a factory reset and wipes infected devices clean.

Brata was first documented in a post from security firm Kaspersky, which reported that the Android malware had been circulating since at least January 2019. The malware spread primarily through Google Play but also through third-party marketplaces, push notifications on compromised websites, sponsored links on Google, and messages delivered by WhatsApp or SMS. At the time, Brata targeted people with accounts from Brazil-based banks.

Covering its malicious tracks

Now Brata is back with a host of new capabilities, the most significant of which is the ability to perform a factory reset on infected devices to erase any trace of the malware after an unauthorized wire transfer has been attempted. Security firm Cleafy Labs, which first reported the kill switch, said other features recently added to Brata include GPS tracking, improved communication with control servers, the ability to continuously monitor victims’ bank apps, and the ability to target the accounts of banks located in additional countries. The trojan now works with banks located in Europe, the US, and Latin America.

Read 6 remaining paragraphs | Comments

#android, #bank-fraud, #biz-it, #factory-reset, #malware

Android 13 leaks: More Material You options, opt-in to app notifications

Android 13 leaks: More Material You options, opt-in to app notifications

Enlarge (credit: Getty Images)

The very first Android 13 developer previews won’t be out until at least March, but that isn’t stopping Android 13 leaks from popping up already. Of course, more features will be revealed in the coming months, but Android 13 is already shaping up to be a solid release.

More Material You color options

The headline feature of Android 12 was “Material You,” a top-to-bottom redesign and dynamic theming system that automatically changed the UI colors depending on your wallpaper. Set a primarily yellow background and Material You will apply various yellow hues to your app backgrounds, notifications, buttons, icons, and more. I think it looks great, but it might not be for everyone.

Android 13 looks to be expanding on the color system and giving users more options. Android Police’s Ryne Hager has screenshots from a prerelease build that show four different theming algorithms to pick from. There is “Tonal Spot,” which just seems to be the current Android 12 color system, and then three new color systems called “Vibrant,” “Expressive” and “Spritz.”

Read 10 remaining paragraphs | Comments

#android, #android-13, #google, #tech

Volvo shows off the Polestar 3’s sweet new Android Automotive interface

The full Polestar 3 design isn't revealed yet, but Volvo released this camouflaged photo.

Enlarge / The full Polestar 3 design isn’t revealed yet, but Volvo released this camouflaged photo. (credit: Volvo)

Volvo, Qualcomm, Google are teaming up to make car infotainment even more smartphone-like than ever. If Wintel (Windows plus Intel) is the default software+hardware combo of the PC era, then the smartphone equivalent has got to be Android and Qualcomm (Andcom? Qualdroid?). Volvo is bringing this combo to the upcoming Polestar 3 electric SUV, which is due sometime in 2022. We also got a sneak peek at what the new interface would look like.

Volvo’s Polestar 2 was the first to ship Google’s Android Automotive OS in a car. Unlike Android Auto or Apple’s CarPlay, which run on your smartphone, Android Automotive OS has a custom version of Android preinstalled on the car, as the main car infotainment OS. Even if you have an iPhone, your car still runs Android. The Polestar 2 used an x86 chip (an Intel Atom A3900), but now Volvo is pairing a Qualcomm smartphone chip with its Google smartphone OS. The Polestar 3 will ship with Qualcomm’s “Snapdragon Cockpit Platform Gen 3,” and while that sounds unique, it is really just a repackaged smartphone chip with a few extra features.

The integration of cars with computer technology is always tough. Car development takes around five years, which can seem almost incompatible with the development pace of smartphones and computers. That’s still true of the 2022 Polestar 3. Qualcomm’s Gen 3 automotive platform was actually announced back in 2019, but design wins for the platform are just now being announced at CES 2022. Qualcomm says the Gen 3 automotive platform is based on the Snapdragon 820 SoC, an ARM flagship smartphone chip from 2016. You may remember this chip from phones such as the Samsung Galaxy S7 and the Google Pixel 1. The Polestar 2’s Intel Atom was also from 2016.

Read 10 remaining paragraphs | Comments

#android, #cars, #polestar, #qualcomm, #tech, #volvo

Google fixes nightmare Android bug that stopped user from calling 911

Rotating lights flash on an ambulance.

Enlarge (credit: Eric Lagace / Flickr)

Android’s January security patch is out, and it’s addressing one of the nastiest Android bugs to come up in some time: certain apps can stop you from contacting 911 or other worldwide emergency services numbers.

In early December, a harrowing tale popped up in the GooglePixel subreddit from a user whose Pixel 3 crashed when they needed it most: while dialing 911 for their grandmother who “appeared to be having a stroke.” The whole phone subsystem seemed to immediately crash upon calling emergency services, with user “KitchenPicture5849” saying they couldn’t get the call to connect or hang up to try the call again. Luckily, a nearby landline was available after their Android phone let them down, and emergency services was able to be contacted.

After the crisis was over, the user gave calling 911 from their smartphone another shot, and Android crashed again, indicating it wasn’t a one-off bug. A check of their phone bill also revealed that KitchenPicture5849 never actually connected to 911. They say they also got a few other DMs from users reporting that they were experiencing the same bug.

Read 16 remaining paragraphs | Comments

#android, #google-pixel, #tech

Google urges developers to adapt Android apps for Chromebooks

Google Play Store on Chrome OS.

Enlarge / Google is putting more emphasis on Android apps on Chromebooks. (credit: Google)

The number of people using Android Apps on Chromebooks grew 50 percent year over year, according to a blog post from Chrome OS product managers Fahd Imtiaz and Sanj Nathwani this week. The execs cited internal Google data recorded from 2020-2021.

In 2021, as some smartphones moved to Android 12, Google worked on updating Chromebooks to support Android 11, while attempting to boost security and performance by bringing Android on Chrome OS to a virtual machine, rather than a container. The company also improved its general usability, using runtime improvements to make the resizing and scaling of Android apps on Chromebooks work better, as well as app rendering.

As the developer-focused blog noted, Chromebooks on Chrome OS 93 or newer (the latest is Chrome OS 96) automatically run Android apps made for mobile devices in a window that’s set to stay in a “phone or tablet orientation.” And, yes, you can turn this feature off.

Read 8 remaining paragraphs | Comments

#android, #chrome-os, #chromebook, #google, #tech

Google Play app with 500,000 downloads sent user contacts to Russian server

A robotic hand tries to activate a smartphone.

Enlarge (credit: Getty Images)

An Android app with more than 500,000 downloads from Google Play has been caught hosting malware that surreptitiously sends users’ contacts to an attacker-controlled server and signs up users to pricey subscriptions, a security firm reported.

The app, named Color Message, was still available on Google servers at the time this post was being prepared. Google removed it more than three hours after I asked the company for comment.

Ostensibly, Color Message enhances text messaging by doing things such as adding emojis and blocking junk texts. But according to researchers at Pradeo Security said on Thursday, Color Message contains a family of malware known as Joker, which has infected millions of Android devices in the past.

Read 5 remaining paragraphs | Comments

#android, #biz-it, #google-play, #joker, #malware

Vivaldi 5.0 makes web browsing on Android tablets fun again

Vivaldi 5.0 makes web browsing on Android tablets fun again

Enlarge (credit: Vivaldi)

Vivaldi is one of our favorite web browsers, and the company (of the same name) behind it recently announced another major release. Vivaldi 5.0 is now available for Windows, Mac, Linux, and, perhaps most notably given the changes in this release, Android.

Version 5 of Vivaldi has some new features for the desktop, but much of what’s new and intriguing in this release is focused on mobile. In Vivaldi’s case, this means the Android version of the browser. (There is no iOS version of Vivaldi.) Android tablets get special attention in this release, with several features aimed at improving the web browsing experience on larger screens—something even Google hasn’t managed to do with its own mobile browser.

In fact, the idea that an app would be optimized for performance on Android tablets is almost unheard of these days. That unfortunate reality is central to our major complaint about the Android-powered iPad alternatives, where the software experience is universally subpar. I should note that Google is currently revamping the overall Android tablet experience by adding some improvements for larger screens that will roll into the next version of the mobile operating system. An early beta release is available now.

Read 13 remaining paragraphs | Comments

#android, #google, #tablets, #tech, #vivaldi

DuckDuckGo wants to stop apps tracking you on Android

Gabriel Weinberg, creator of DuckDuckGo.

Enlarge / Gabriel Weinberg, creator of DuckDuckGo. (credit: Washington Post | Getty Images)

At the end of April, Apple’s introduction of App Tracking Transparency tools shook the advertising industry to its core. iPhone and iPad owners could now stop apps from tracking their behavior and using their data for personalized advertising. Since the new privacy controls launched, almost $10 billion has been wiped from the revenues of Snap, Meta Platform’s Facebook, Twitter, and YouTube.

Now, a similar tool is coming to Google’s Android operating system—although not from Google itself. Privacy-focused tech company DuckDuckGo, which started life as a private search engine, is adding the ability to block hidden trackers to its Android app. The feature, dubbed “App Tracking Protection for Android,” is rolling out in beta from today and aims to mimic Apple’s iOS controls. “The idea is we block this data collection from happening from the apps the trackers don’t own,” says Peter Dolanjski, a director of product at DuckDuckGo. “You should see far fewer creepy ads following you around online.”

Read 12 remaining paragraphs | Comments

#android, #biz-it, #duckduckgo, #privacy, #search, #smartphones, #tech

Android 12: The Ars Technica Review

Android 12: The Ars Technica Review


Welcome to Android API level 31, aka Android 12. Google’s latest OS had one of the weirdest rollouts ever. An anticlimactic source code release happened in the beginning of October, but if you wanted to run Android 12 on a device officially, you had to wait until Pixel 6 launch day, when Google also shipped Android 12 out to older Pixel devices.

In a way, this was appropriate for Android 12: a Pixel-centric release for what feels like a Google-centric OS. Android 12 rolls out Material You, a design style that Google says will someday follow you across the company’s ecosystem. It’s a Google-centric design that will probably not please a lot of big brands, but it looks great.

Besides Material You, there are also a million features to cover, like a new file system, a fresher and more upgradable Linux kernel, and notification changes. Let’s dive in.

Read 113 remaining paragraphs | Comments

#android, #features, #tech

>1,000 Android phones found infected by creepy new spyware

>1,000 Android phones found infected by creepy new spyware

Enlarge (credit: Getty Images)

More than 1,000 Android users have been infected with newly discovered malware that surreptitiously records audio and video in real time, downloads files, and performs a variety of other creepy surveillance activities.

In all, researchers uncovered 23 apps that covertly installed spyware that researchers from security firm Zimperium are calling PhoneSpy. The malware offers a full-featured array of capabilities that, besides eavesdropping and document theft, also includes transmitting GPS location data, modifying Wi-Fi connections, and performing overlay attacks for harvesting passwords to Facebook, Instagram, Google, and the Kakao Talk messaging application.

“These malicious Android apps are designed to run silently in the background, constantly spying on their victims without raising any suspicion,” Zimperium researcher Aazim Yaswant wrote. “We believe the malicious actors responsible for PhoneSpy have gathered significant amounts of personal and corporate information on their victims, including private communications and photos.”

Read 5 remaining paragraphs | Comments

#android, #malware, #surveillance, #tech

Netflix now comes with Android video games for paying subscribers

Only five Android-only games for now, but Ars Technica is famliar with more Netflix Games projects for smartphones in the pipeline.

Enlarge / Only five Android-only games for now, but Ars Technica is famliar with more Netflix Games projects for smartphones in the pipeline. (credit: Netflix )

After a region-limited tease earlier this year, Netflix’s gaming push officially begins this week in the form of a global update to the streaming company’s Android app. Starting tomorrow, all Netflix subscribers on Android will begin seeing a row labeled either “N Games” or “Games On Mobile” inside the normal video-streaming app. The games are exclusively for smartphones and tablets.

And if you don’t want to wait, you don’t have to. The games are now live.

Today’s announcement confirms what we already learned after a test version launched in late August exclusively in Poland. Netflix Games are downloaded to your Android device as opposed to being streamed from Netflix’s cloud servers. (Subscription services like Nvidia GeForce Now, Xbox Game Streaming, and Amazon Luna remain poised to vie for the “Netflix of gaming” crown, as they stream computationally intense games from server farms to your favorite screen.)

Read 7 remaining paragraphs | Comments

#android, #gaming-culture, #netflix, #netflix-games

Firefox 94 for iOS and Android adds new features for bookmarks and tabs

Mozilla's current logo for Firefox.

Enlarge / Mozilla’s current logo for Firefox. (credit: Mozilla)

Today, Mozilla updated the mobile versions of its Firefox web browser on iOS and Android with an overhauled home page and a new tab management feature.

Mozilla wrote in a blog post today announcing the update that the mobile version of the browser is specifically designed for “on-the-go, short bursts of online interactions that are constantly interrupted by life.”

To that end, the new update seeks to make it easier to jump into previously abandoned or uninterrupted content. There’s a new “jump back in” feature that lets you go directly to your last opened tab.

Read 4 remaining paragraphs | Comments

#android, #firefox, #firefox-94, #ios, #mobile, #mozilla, #pocket, #tech, #web-browser

Google halves its revenue share of in-app subscriptions on the Play store

Multicolored triangular logo.

Enlarge (credit: Google Play)

Google has made another tweak to the fee structure for apps hosted on the Google Play app store, again granting certain developers a larger slice of the pie. The change specifically affects apps that rely on recurring subscription revenue.

Previously, Google took a cut of 30 percent in the first year that a recurring subscription was active, then 15 percent in the years after that. Now, Google will take a cut of only 15 percent from the very start.

Some apps that fit the Play Media Experience Program, such as apps for distributing books or streaming video or audio, will see even smaller cuts—as low as 10 percent. To join that program, developers have to opt in.

Read 5 remaining paragraphs | Comments

#android, #app-store, #apps, #developers, #google, #google-play, #subscriptions, #tech

You may soon be able to answer phone calls on your Chromebook

Samsung Galaxy Chromebook, on white background

Enlarge / Samsung Galaxy Chromebook. (credit: Samsung)

Chromebooks, which are powered by Chrome OS, are generally viewed as a simpler alternative to Windows and macOS systems. But as more Chromebooks flirt with four-figure price tags—take, for example, the Asus Chromebook Flip C436, Samsung Galaxy Chromebook, and recently announced Acer Chromebook Spin 514—consumers will start to demand at least a little more functionality. To that end, a feature being worked on in Chromium’s open source code reviews tool would give Chromebooks an ability that Windows and macOS machines already have.

Based on an “add feature” flag spotted in the Chromium Gerrit by Chrome Unboxed, you might soon be able to answer phone calls on your Chromebook through its Phone Hub feature. The description for the flag, made to “enable the Incoming/Ongoing call notification feature,” says that it “enables the incoming/ongoing call feature in Phone Hub.”

Currently, you can use Phone Hub to view your Android phone’s notifications and recently used Chrome tabs and send and receive text messages. The ability to answer phone calls would give you one less reason to pick up your phone. Windows users with Android devices already have this option via Your Phone, and macOS users with iPhones, iPads, and Apple Watches have the same ability with the Continuity feature.

Read 4 remaining paragraphs | Comments

#android, #chrome-os, #chromebook, #google, #smartphones, #tech

Hundreds of scam apps hit over 10 million Android devices

Never put a GriftHorse on your phone.

Enlarge / Never put a GriftHorse on your phone. (credit: John Lamparsky | Getty Images)

Google has taken increasingly sophisticated steps to keep malicious apps out of Google Play. But a new round of takedowns involving about 200 apps and more than 10 million potential victims shows that this longtime problem remains far from solved—and in this case, potentially cost users hundreds of millions of dollars.

Researchers from the mobile security firm Zimperium say the massive scamming campaign has plagued Android since November 2020. As is often the case, the attackers were able to sneak benign-looking apps like “Handy Translator Pro,” “Heart Rate and Pulse Tracker,” and “Bus – Metrolis 2021” into Google Play as fronts for something more sinister. After downloading one of the malicious apps, a victim would receive a flood of notifications, five an hour, that prompted them to “confirm” their phone number to claim a prize. The “prize” claim page loaded through an in-app browser, a common technique for keeping malicious indicators out of the code of the app itself. Once a user entered their digits, the attackers signed them up for a monthly recurring charge of about $42 through the premium SMS services feature of wireless bills. It’s a mechanism that normally lets you pay for digital services or, say, send money to a charity via text message. In this case, it went directly to crooks.

The techniques are common in malicious Play Store apps, and premium SMS fraud in particular is a notorious issue. But the researchers say it’s significant that attackers were able to string these known approaches together in a way that was still extremely effective—and in staggering numbers—even as Google has continuously improved its Android security and Play Store defenses.

Read 7 remaining paragraphs | Comments

#android, #biz-it, #google, #malware, #scam, #tech

The Surface Duo’s two-year-old Android OS will be updated sometime this year

If Microsoft wants to be taken seriously as an Android manufacturer, one of the things it will need to establish is a track record of reliable, on-time software updates. But as the company launches a second generation of the Surface Duo and the company’s first Android phone turns a year old, so far Microsoft has failed to impress.

The Surface Duo 1 shipped in September 2020 with Android 10, which was a full year old at the time, and Android 11 had already launched. The hope was that Microsoft would quickly update the Duo to the latest version of Android, but that never happened. Today the device is still running Android 10, which is now two years old, and Android 12 is about to ship. Microsoft has finally broken its silence about Surface Duo 1 updates, and the company tells The Verge it plans to update the device to Android 11 “before the end of this year.”

Assuming Microsoft follows through on its promise, the company’s $1,400 flagship device will be updated from a two-year-old operating system to a one-year-old operating system. Microsoft committed to three years of updates, and it has been delivering monthly security updates. But this is still worst-in-class update support, especially for the price. Samsung usually rolls out Android to its latest flagship three months after Google’s release, while OnePlus usually takes around a month—Microsoft’s one-year timeframe is really bad.

Read 3 remaining paragraphs | Comments

#android, #microsoft, #surface-duo, #tech, #updates

Android to take an “upstream first” development model for the Linux kernel

The Linux Plumbers Conference is this week, and since Android is one of the biggest distributors of the Linux kernel in the world, Google software engineer Todd Kjos stopped by for a progress report from the Android team. Android 12—which will be out any day now—promises to bring Android closer than ever to mainline Linux by shipping Google’s “Generic Kernel Image” (GKI) to end-users.

Traditionally, the Linux kernel is forked several times before it hits an Android phone, usually by each stakeholder in an Android device. First, Google forks the Linux kernel into “Android common”—the Linux kernel plus a bunch of phone- and Android-specific changes. Then SoC vendors like Qualcomm, Samsung, or MediaTek fork Android Common to make an SoC-specific kernel for each major chip release. Then each device gets a fork of the SoC kernel for device-specific hardware support.

Android’s kernel fragmentation is a huge mess, and you can imagine how long and difficult the road is for a bugfix at the top of the fork tree to reach to the bottom, where end-users live. The official Android.com documentation notes that “These modifications can be extensive, to the point that as much as 50% of the code running on a device is out-of-tree code (not from upstream Linux or from AOSP common kernels).” It’s also a big time sink, and even Google phones typically ship kernels that start at two years old.

Read 6 remaining paragraphs | Comments

#android, #google, #linux, #tech

Google abused dominant position of Android in India, antitrust probe finds

Google has abused the dominant position of Android in India to illegally hurt competitors in the world’s second largest internet market, a two-year antitrust probe by the nation’s watchdog has found.

The Android-maker reduced device manufacturing firms’ ability and incentive to develop — and sell — devices running alternative versions of Android (more popularly known as forks), the probe found, according to two people have have been briefed on the findings.

Additionally, the report found Google’s requirement to make it mandatory for device manufacturers to pre-install its apps to be in violation of India’s competition law.

More than five dozen firms including Amazon and Apple responded to queries from the Indian watchdog — the Competition Commission of India — during the course of the investigation, the report said.

The Indian watchdog also found issues with the way Google has enforced policies on Play Store, saying those are “one-sided, ambiguous, vague, biased and arbitrary.”

Google said it looks forward to engage with the CCI to demonstrate how “Android has led to more competition and innovation, not less.”

The report’s findings — which are yet to be formally published by the CCI — is the latest setback for Google in India, where it has faced strong criticism from local entrepreneurs in recent quarters and several other antitrust probes.

The Alliance of Digital India Foundation, a group of 350 startups, founders and investors, lauded the CCI report’s findings and said the watchdog’s step “is in line with the Indian digital ecosystem’s needs.”

#android, #asia, #google, #google-india, #government, #india

Google’s R&D division experiments with newsletters powered by Google Drive

Following entries into the newsletter market from tech companies like Facebook and Twitter, Google is now experimenting with newsletters, too. The company’s internal R&D division, Area 120, has a new project called Museletter, which allows anyone to publish a Google Drive file as a blog or newsletter to their Museletter public profile or to an email list.

The effort would essentially repurpose Google’s existing document-creation tools as a means of competing with other newsletter platforms, like Substack, Ghost, Revue, and others, which are today attracting a growing audience.

Google’s experiment was spotted this week by sites including 9to5Google and Android Police.

Reached for comment, an Area 120 spokesperson declined to share further details about Museletter, saying only that it was “one of the many experiments” within the R&D group and that “it’s still very early.”

From the Museletter website, however, there is already much that can be learned about the project. The site explains how Google Drive could be monetized by creators in a way that would allow Google’s newsletter project to differentiate itself from the competition. Not only could newsletters be written in a Google Doc, other productivity apps could also be used to share information with readers. For example, a newsletter creator could offer a paid subscription plan that would allow readers to access their Google Slides. A creator who writes about finance could publish helpful spreadsheets to Google Sheets, which would be available to their subscribers.

Image Credits: Google

To make this possible, Museletter publishers would create a public profile on their Google Drive, then publish any Google Drive file directly to it. This provides them with a landing page where they can market their subscriptions and showcase how many different Drive files they’ve made publically available across Docs, Sheets, and Slides.

Creators can also optionally publish to an email list — including a list brought in from other platforms. The newsletter subscriptions can be free or paid, depending on the creator’s preferences, but using Museletter itself will be free. Instead, the project aims to monetize with premium features like custom domains, welcome emails, and more.

The platform also promises tools and analytics to engage audiences and track the newsletter’s performance.

While the site doesn’t mention any plans for advertising, a success in this space could provide Google with a new ad revenue stream — and one that arrives at a time when the tech giant’s multi-billion dollar advertising market has a new challenger in the form of Amazon, whose own ad business could eventually challenge the Facebook-Google duopoly.

Google didn’t say when it plans to launch Museletter, but the website is offering a link to a form where users can request early access.

#amazon, #android, #area-120, #computing, #creators, #finance, #google, #google-sheeets, #google-slides, #google-docs, #google-drive, #media, #news, #newsletter, #newsletters, #publish, #publishers, #rd, #substack, #world-wide-web