It's "the new generation of Tablet for simplicity and privacy..." according to its Kickstarter page. "Top-tier performance, lightweight design and completely Google-free." And it's already reached its funding goal of $53,312 — climbing to over $75,000 from 115 backers with another 26 days still to go. 9to5Linux reports: Volla, the maker of the Volla Phone smartphones, has launched a crowdfunding campaign on Kickstarter for their first tablet device, the Volla Tablet, which will also support the Ubuntu Touch mobile OS.

Featuring a 12.3-inch Quad HD display with 2650Ã--1600 pixel resolution, the Volla Tablet uses a powerful MediaTek Gaming G99 8-core processor, 12 GB RAM, and 256 GB internal storage. It also comes with a long-lasting 10,000 mAh battery, 2G/3G/4G cellular network support, Wi-Fi, Bluetooth, and a 13+5 MP main camera.

By default, Volla Tablet ships with Volla OS 13, Volla's in-house operating system based on the free Android Open Source Project (AOSP), but users will be able to buy the tablet with Ubuntu Touch featuring built-in convergence and support for Android apps with WayDroid container.
"Users will also be able to use desktop apps like Firefox or LibreOffice thanks to the help of the Libertine container," according to the article. ("Volla says that Volla Tablet with Ubuntu Touch is ideal for Linux enthusiasts and minimalists seeking a simplified, efficient, and familiar operating system experience.")

Its Kickstarter page points out the tablet even offers options like "hide.me VPN" and private speech recognition that's "cloud-independent for secure, confidential interactions."

("For U.S. users, please note that only roaming SIM cards from abroad can be used.")

Ben Schoon reports via 9to5Google: Google's Arif Dikici confirmed on LinkedIn this week that Android is now using VideoLAN's (the makers of VLC) "dav1d" software decoder to allow AV1 to work on more devices. This is now available on all devices running Android 12 or higher via a software update. Mishaal Rahman points out that this started to roll out with the March 2024 Google Play system update.

Dikici says that "most" devices can at least support 720p at 30 frames per second, but that apps will need to opt in "for now" to support AV1 via software decoding. One app that has opted in is YouTube, which now uses AV1 on all compatible devices (though it may have reverted this). This may result in increased power usage depending on your device, though. Improvements on that front may be coming, though, says VideoLAN on Twitter/X.

This week the new "Find My Device" feature rolled out to Android devices around the world, starting in the U.S. and Canada.

"With a new, crowdsourced network of over a billion Android devices, Find My Device can help you find your misplaced Android devices and everyday items quickly and securely," according to a Google blog post. ZDNet explains: Although Google already offers a Find My Device setting on Android phones, the device you're looking for must be powered on and connected for the feature to work. The new Find My Device network is designed to use Bluetooth to track down missing phones and other devices that are disconnected from a Wi-Fi or cellular network. A Powered Off Finding feature would let each device store beacons in its Bluetooth controller's memory, letting the network see any supported device even if it's not connected.
From Google's blog post: Locate your compatible Android phone and tablet by ringing them or viewing their location on a map in the app — even when they're offline. And thanks to specialized Pixel hardware, Pixel 8 and 8 Pro owners will also be able to find their devices if they're powered off or the battery is dead.

Starting in May, you'll be able to locate everyday items like your keys, wallet or luggage with Bluetooth tracker tags from Chipolo and Pebblebee in the Find My Device app.
Google promises "end-to-end encryption of location data as well as aggregated device location reporting, a first-of-its-kind safety feature that provides additional protection against unwanted tracking back to a home or private location." Find My Device is available on compatible devices running Android 9 or higher.

In addition, "Sometimes what we're looking for is right under our noses. If you're close to your lost device but need a little extra help tracking it down, a 'Find nearby' button will appear to help you figure out exactly where it's hiding. You'll also be able to use this to find everyday items, like your wallet or keys, when Bluetooth tags launch in May.

"More often than not, we lose everyday items like our keys or phone right at home. So the Find My Device app now shows a lost device's proximity to your home Nest devices, giving you an easy reference point."

Starting May 15th, almost all Google Photos users will be able to access the AI photo editing features previously limited to Pixel owners and Google One subscribers. All you'll need is a device with at least a 64-bit chip, 4GB of RAM, and either iOS 15 or Android 8.0. The Verge reports: Magic Editor is Google's generative AI photo editing tool, and it debuted as one of the headline AI features on the Pixel 8 and 8 Pro. Those kinds of features typically remain exclusive to new Pixels for six months after launch, and right on time, Google's bringing it to previous Pixel phones. But it's not stopping there; any Google Photos user with an Android or iOS device that meets the minimum requirements will be able to use it without a Google One subscription -- you'll just be limited to 10 saved edits per month. Pixel owners and paid subscribers, however, will get unlimited use.

Older features like Photo Unblur and Magic Eraser -- which used to be available only to Pixel owners and certain Google One subscribers -- will be free for all Photos users. Google has a full list of these features on its Photos community site, and it includes things like editing portrait mode blur and lighting effects (useful, but not the cutting-edge stuff, for better or worse). Other generative AI features that launched with the Pixel 8 series, like Best Take and Audio Magic Eraser, are remaining exclusive to those newest Pixels, at least for now.

An anonymous reader quotes a report from Ars Technica: Will Google ever launch its "Find My" network? The Android ecosystem was supposed to have its own version of Apple's AirTags by now. Google has had a crowd-sourced device-tracking network sitting dormant on 3 billion Android phones since December 2022. Partners have been ready to go with Bluetooth tag hardware since May 2023! This was all supposed to launch a year ago, but Google has been in a holding pattern. The good news is we're finally seeing some progress after a year of silence. The reason for Google's lengthy delay is actually Apple. A week before Google's partners announced their Android network Bluetooth tags, Google and Apple jointly announced a standard to detect "unknown" Bluetooth trackers and show users alerts if their phone thinks they're being stalked. Since you can constantly see an AirTag's location, they can be used for stalking by just covertly slipping one into a bag or car; nobody wants that, so everyone's favorite mobile duopoly is teaming up.

Google did its half of this partnership and rolled out AirTag detection in July 2023. At the same time, Google also announced: "We've made the decision to hold the rollout of the Find My Device network until Apple has implemented protections for iOS." Surely Apple would be burning the midnight oil to launch iOS Android tag detection as soon as possible so that Google could start competing with AirTags. It looks like iOS 17.5 is the magic version Google is waiting for. The first beta was released to testers recently, and 9to5Mac recently spotted strings for detecting "unwanted" non-Apple tracking devices that were suddenly following you around. This 17.5 update still needs to ship, and the expectation is sometime in May. That would be 11 months after Google's release. [...]

With the impending iOS release, Google seems to be getting its ducks in a row as well. 9to5Google has a screenshot of the new Find My Device settings page that is appearing for some users, which gives them a chance to opt out of the anonymous tracking network. That report also mentions that some users received an email Thursday of an impending tracking network launch, saying: "You'll get a notification on your Android devices when this feature is turned on in 3 days. Until then, you can opt out of the network through Find My Device on the web." The vast majority of Android users have not gotten this email, though, suggesting maybe it was a mistake. It's very weird to announce a launch in "days remaining" rather than just saying what date something will launch, and this email went out Thursday, which would mean a bizarre Sunday launch when everyone is off for the weekend.

An anonymous reader quotes a report from Ars Technica: Google closed its Fitbit acquisition in 2021. Since then, the tech behemoth has pushed numerous changes to the wearable brand, including upcoming updates announced this week. While Google reshapes its fitness tracker business, though, some long-time users are regretting their Fitbit purchases and questioning if Google's practices will force them to purchase their next fitness tracker elsewhere.

As is becoming common practice with consumer tech announcements of late, Google's latest announcements about Fitbit seemed to be trying to convince users of the wonders of generative AI and how that will change their gadgets for the better. In a blog post yesterday, Dr. Karen DeSalvo, Google's chief health officer, announced that Fitbit Premium subscribers would be able to test experimental AI features later this year (Google hasn't specified when). "You will be able to ask questions in a natural way and create charts just for you to help you understand your own data better. For example, you could dig deeper into how many active zone minutes... you get and the correlation with how restorative your sleep is," she wrote. DeSalvo's post included an example of a user asking a chatbot if there was a connection between their sleep and activity and said that the experimental AI features will only be available to "a limited number of Android users who are enrolled in the Fitbit Labs program in the Fitbit mobile app."

Fitbit is also working with the Google Research team and "health and wellness experts, doctors, and certified coaches" to develop a large language model (LLM) for upcoming Fitbit mobile app features that pull data from Fitbit and Pixel devices, DeSalvo said. In a blog post yesterday, Yossi Matias, VP of engineering and research at Google, said Google wants to use the LLM to add personalized coaching features, such as the ability to look for sleep irregularities and suggest actions "on how you might change the intensity of your workout." Google's Fitbit is building the LLM on Gemini models that are tweaked on de-identified data from unspecified "research case studies," Matias said, adding: "For example, we're testing performance using sleep medicine certification exam-like practice tests." Other recent changes to Fitbit include a name tweak from Fitbit by Google, to Google Fitbit, as spotted by 9to5Google this week. Charge 5 users are especially concerned after users noticed their devices suddenly stopped holding a charge after a December firmware update was pushed. The problem has persisted with Google offering no solution other than offer discounts or, if the device was within its warranty period, a replacement.

"This is called planned obsolescence. I'll be upgrading to a watch style tracker from a different company. I wish Fitbit hadn't sold out to Google," a forum user going by Sean77024 wrote on Fitbit's support forum yesterday. "Others, like 2MeFamilyFlyer, have also accused Fitbit of planning Charge 5 obsolescence," notes Ars. "2MeFamilyFlyer said they're seeking a Fitbit alternative."

Apple is preparing to allow EU-based iPhone users to uninstall its first-party Safari browser by the end of 2024 and is working on a more "user-friendly" way of transferring data "from an iPhone to a non-Apple phone" by fall 2025. From a report: That's according to a new compliance document published by the company, which outlines all the ways it's complying with the European Union's new Digital Markets Act that comes into force this week.

Other user-facing initiatives detailed in Apple's document include a "browser switching solution" to transfer data between browsers on the same device, which it plans to make available by late 2024 or early 2025. It'll also be possible to change the default navigation app on iOS by March 2025 in the EU. The document doesn't explicitly state whether any of these features will be available globally or whether they'll be exclusive to users in the EU. But many of the company's previously announced plans to comply with the DMA -- including the ability to run browser engines other than WebKit and install third-party app stores -- are only available in the bloc.

Amazon has issued an update to Fire TV streaming devices and televisions that has broken apps that let users bypass the Fire OS home screen. From a report: The tech giant claims that its latest Fire OS update is about security but has refused to detail any potential security concerns. Users and app developers have reported that numerous apps that used to work with Fire TV devices for years have suddenly stopped working. As first reported by AFTVnews, the update has made apps unable to establish local Android Debug Bridge (ADB) connections and execute ADB commands with Fire TV devices.

The update, Fire OS 7.6.6.9, affects several Fire OS-based TVs, including models from TCL, Toshiba, Hisense, and Amazon's Fire TV Omni QLED Series. Other devices running the update include Amazon's first Fire TV Stick 4K Max, the third-generation Fire TV Stick, as well as the third and second-generation Fire TV Cubes and the Fire TV Stick Lite. A code excerpt shared with AFTVnews by what the publication described as an "affected app developer," which you can view here, shows a line of code indicating that Fire TVs would not be allowed to make ADB connections with a local device or app. As pointed out by AFTVnews, such apps have been used by Fire TV modders for abilities like clearing installed apps' cache and using a different home screen than the Fire OS default.

An anonymous reader quotes a report from BleepingComputer: A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access. The new malware, spotted by Group-IB, is part of a malware suite developed by the Chinese threat group known as 'GoldFactory,' which is responsible for other malware strains such as 'GoldDigger', 'GoldDiggerPlus,' and 'GoldKefu.' Group-IB says its analysts observed attacks primarily targeting the Asia-Pacific region, mainly Thailand and Vietnam. However, the techniques employed could be effective globally, and there's a danger of them getting adopted by other malware strains. [...]

For iOS (iPhone) users, the threat actors initially directed targets to a TestFlight URL to install the malicious app, allowing them to bypass the normal security review process. When Apple remove the TestFlight app, the attackers switched to luring targets into downloading a malicious Mobile Device Management (MDM) profile that allows the threat actors to take control over devices. Once the trojan has been installed onto a mobile device in the form of a fake government app, it operates semi-autonomously, manipulating functions in the background, capturing the victim's face, intercepting incoming SMS, requesting ID documents, and proxying network traffic through the infected device using 'MicroSocks.'

Group-IB says the Android version of the trojan performs more malicious activities than in iOS due to Apple's higher security restrictions. Also, on Android, the trojan uses over 20 different bogus apps as cover. For example, GoldPickaxe can also run commands on Android to access SMS, navigate the filesystem, perform clicks on the screen, upload the 100 most recent photos from the victim's album, download and install additional packages, and serve fake notifications. The use of the victims' faces for bank fraud is an assumption by Group-IB, also corroborated by the Thai police, based on the fact that many financial institutes added biometric checks last year for transactions above a certain amount.

AT&T, Google and Vodafone are investing a total of $206.5 million in AST SpaceMobile, a satellite manufacturer that plans to be the first space-based network to connect standard mobile phones at broadband speeds. Fierce Wireless reports: AST SpaceMobile claims it invented the space-based direct-to-device market, with a patented design facilitating broadband connectivity directly to standard, unmodified cellular devices. In a press release, AST SpaceMobile said the investment from the likes of AT&T, Google and Vodafone underscores confidence in the company's technology and leadership position in the emerging space-based cellular D2D market. There's the potential to offer connectivity to 5.5 billion cellular devices when they're out of coverage.

Bolstering the case for AST SpaceMobile, Vodafone and AT&T placed purchase orders -- for an undisclosed amount -- for network equipment to support their planned commercial services. In addition, Google and AST SpaceMobile agreed to collaborate on product development, testing and implementation plans for SpaceMobile network connectivity on Android and related devices. AST SpaceMobile boasts agreements and understandings with more than 40 mobile network operators globally. However, it's far from alone in the D2D space. Apple/Globalstar, T-Mobile/SpaceX, Bullitt and Lynk Global are among the others.

In a blog post today, Google announced that WebGPU is "now enabled by default in Chrome 121 on devices running Android 12 and greater powered by Qualcomm and ARM GPUs," with support for more Android devices rolling out gradually. Previously, the API was only available on Windows PCs that support Direct3D 12, macOS, and ChromeOS devices that support Vulkan.

Google says WebGPU "offers significant benefits such as greatly reduced JavaScript workload for the same graphics and more than three times improvements in machine learning model inferences." With lower-level access to a device's GPU, developers are able to enable richer and more complex visual content in web applications. This will be especially apparent with games, as you can see in this demo.

Next up: WebGPU for Chrome on Linux.

"The ambient light sensors present in most mobile devices can be accessed by software without any special permissions, unlike permissions required for accessing the microphone or the cameras," writes longtime Slashdot reader BishopBerkeley. "When properly interrogated, the data from the light sensor can reveal much about the user." IEEE Spectrum reports: While that may not seem to provide much detailed information, researchers have already shown these sensors can detect light intensity changes that can be used to infer what kind of TV programs someone is watching, what websites they are browsing or even keypad entries on a touchscreen. Now, [Yang Liu, a PhD student at MIT] and colleagues have shown in a paper in Science Advances that by cross-referencing data from the ambient light sensor on a tablet with specially tailored videos displayed on the tablet's screen, it's possible to generate images of a user's hands as they interact with the tablet. While the images are low-resolution and currently take impractically long to capture, he says this kind of approach could allow a determined attacker to infer how someone is using the touchscreen on their device. [...]

"The acquisition time in minutes is too cumbersome to launch simple and general privacy attacks on a mass scale," says Lukasz Olejnik, an independent security researcher and consultant who has previously highlighted the security risks posed by ambient light sensors. "However, I would not rule out the significance of targeted collections for tailored operations against chosen targets." But he also points out that, following his earlier research, the World Wide Web Consortium issued a new standard that limited access to the light sensor API, which has already been adopted by browser vendors.

Liu notes, however, that there are still no blanket restrictions for Android apps. In addition, the researchers discovered that some devices directly log data from the light sensor in a system file that is easily accessible, bypassing the need to go through an API. The team also found that lowering the resolution of the images could bring the acquisition times within practical limits while still maintaining enough detail for basic recognition tasks. Nonetheless, Liu agrees that the approach is too complicated for widespread attacks. And one saving grace is that it is unlikely to ever work on a smartphone as the displays are simply too small. But Liu says their results demonstrate how seemingly harmless combinations of components in mobile devices can lead to surprising security risks.

It's hard to think of a more self-explanatory feature than Circle to Search: it does exactly what it sounds like it does. You circle something on your phone screen, tap a button, and voila! A page full of Google search results telling you about the thing you circled. The Verge: The new feature is launching on five phones to start -- the three members of Samsung's brand-new Galaxy S24 series, as well as Google's Pixel 8 and 8 Pro -- before it comes to other "select, premium" Android phones. Well, maybe it does need a little explaining. If the feature sounds familiar, you might be thinking of Google Lens, which is similar. But instead of opening up the Google app, you can use Circle to Search anywhere on your device. Just long-press the home button if you're using three-button navigation -- or the navigation handle if you're using gesture nav -- and it will appear on top of whatever app or screen you're currently using. You can circle, highlight, or tap a subject, including text as well as images.

Google Maps is about to get better at showing directions inside tunnels. A new feature spotted by SmartDroid allows the Android version of the app to use Bluetooth beacons to track your location in areas where GPS signals typically can't reach. The Verge: These beacons transmit Bluetooth signals that give location data to your phone, according to the Google-owned Waze, which already supports the feature. The app then uses this information along with the device's mobile connectivity to "provide real-time traffic data as it would with a typical GPS connection."

After removing the feature with Android 5.0 in 2015, Google appears to be bringing back lock screen widgets in the next version of Android. "There haven't been any indications since then that Google would ever bring this feature back," notes Android Authority. "But after Apple introduced widgets to the iPhone lock screen in iOS 16, many speculated that it was only a matter of time." From the report: As for how they might do that, there seem to be two different approaches that are being developed. The first one involves the creation of a new "communal" space -- an area on the lock screen that might be accessed by swiping inward from the right. Although the communal space is still unfinished, I was able to activate it in the new Android 14 QPR2 Beta 3 update. Once I activated the communal space, a large gray bar appeared on the right side of the lock screen on my Pixel device. After swiping inward, a pencil icon appeared on the top left of the screen. Tapping this icon opened a widget selector that allowed me to add widgets from Google Calendar, Google Clock, and the Google App, but I wasn't able to add widgets from most of my other apps. This is because the widget category needs to be set to KEYGUARD in order for it to appear in this selector. KEYGUARD is a category Google introduced in Android 4.2 Jelly Bean that very few apps utilize today since the lock screen hasn't supported showing widgets in nearly a decade. After adding the widgets for Google Clock and Google Finance, I returned to the communal space by swiping inward from the right on the lock screen. The widgets were indeed shown in this space without me needing to unlock the device. However, the lock screen UI was shown on top of the widgets, making things difficult to see. Clearly, this feature is still a work in progress in the current beta. [...]

While it's possible this communal space won't be coming to all devices, there's another way that Google could bring widgets back to the lock screen for Android phones: leveraging At a Glance. If you aren't familiar, Pixel phones have a widget on the home screen and lock screen called At a Glance. The interesting thing about At a Glance is that it isn't actually a widget but rather a "custom element behaving like a widget," according to developer Kieron Quinn. Under the hood, At a Glance is built on top of Smartspace, the API that is responsible for creating the various cards you can swipe through. Although Smartspace supports creating a variety of card types, it currently can't handle RemoteViews, the API on which Android app widgets are built. That could change soon, though, as Google is working on including RemoteViews into the Smartspace API.

It's unclear whether this will allow raw widgets from all apps to be included in At a Glance, since it's also possible that Google is only implementing this so it has more freedom in building new cards. Either way, this new addition to the Smartspace API would supercharge the At a Glance widget in Android 15, and we're excited to see what Google has in store for us.

The Wi-Fi Alliance is now starting to certify devices that use the latest generation of wireless connectivity, and the goal is to make sure these devices work with each other seamlessly. Android Central: Basically, the certification allows router brands and device manufacturers to guarantee that their products will work with other Wi-Fi 7 devices. Qualcomm, for its part, is announcing that it has several designs that leverage Wi-Fi 7, and that it achieved the Wi-Fi Alliance certification -- dubbed Wi-Fi Certified 7 -- for the FastConnect 7800 module that's baked into the Snapdragon 8 Gen 3 and 8 Gen 2, and the Networking Pro portfolio.

Wi-Fi Certified 7 is designed to enable interoperability, and ensure that devices from various brands work without any issues. In addition to Qualcomm, the likes of MediaTek, Intel, Broadcom, CommScope, and MaxLinear are also picking up certifications for their latest networking products. I chatted with Andy Davidson, Sr. Director of Technology Planning at Qualcomm, ahead of the announcement to understand a little more about how Wi-Fi 7 is different. Wi-Fi 7 uses the 6GHz band -- similar to Wi-Fi 6E -- but introduces 320Mhz channels that have the potential to deliver significantly greater bandwidth. Wi-Fi 7 also uses a clever new feature called Multi-Link Operation (MLO) that lets devices connect to two bands at the same time, leading to better signal strength and bandwidth. Further reading: Wi-Fi 7 Signals the Industry's New Priority: Stability.

Qualcomm today unveiled a new Snapdragon XR2+ Gen 2 chipset, a single-chip architecture that will likely power Apple Vision Pro competitors from Meta, Samsung, Google and HTC, among others. ZDNet reports: Succeeding last year's XR2 Gen 2, the plus variant brings improved GPU and CPU frequency -- up 15% and 20% respectively, support for 4.3K per eye resolution at 90fps, and the ability for headsets to field 12 or more cameras with on-device AI capabilities. The latter allows equipped models to better track user movements and surrounding objects for more immersive (and harmonious) VR and MR experiences. As for efficiency gains, you'll still be getting the 50% improvement as the previous XR2 Gen 2 when stacked against the XR2 Gen 1 platform. Basically, there's no change on that front.

"(Snapdragon XR2+ Gen 2) will take XR productivity and entertainment to the next level by bringing spectacularly clear visuals to use cases such as room-scale screens, life-size overlays and virtual desktops," said Hugo Swart, vice president and general manager of XR, Qualcomm Technologies, Inc, in a Thursday press release. Clearly, the new silicon is aimed at headsets that can do it all -- with feature parity to the $3,500 gorilla in the room, Apple's upcoming Vision Pro headset -- though Qualcomm says it'll be priced accessibly for manufacturers to build hardware around.

How affordable will these competing wearables be? Your guess is as good as mine. But considering we've already gotten products like the $500 Meta Quest 3 fielding the slightly less capable XR2 Gen 2 chip, the future of XR may not be as expensive as it seems. The new Snapdragon XR2+ Gen 2 chipset is made in collaboration with Google and Samsung, both of which bring expertise in the Android ecosystem and developing mobile VR devices. The trio had announced plans to develop an XR platform back in February of 2023, likely in reaction to the then-rumored headset by Apple.

TechCrunch reports: Apple's warnings in late October that Indian journalists and opposition figures may have been targeted by state-sponsored attacks prompted a forceful counterattack from Prime Minister Narendra Modi's government. Officials publicly doubted Apple's findings and announced a probe into device security.

India has never confirmed nor denied using the Pegasus tool, but nonprofit advocacy group Amnesty International reported Thursday that it found NSO Group's invasive spyware on the iPhones of prominent journalists in India, lending more credibility to Apple's early warnings. "Our latest findings show that increasingly, journalists in India face the threat of unlawful surveillance simply for doing their jobs, alongside other tools of repression including imprisonment under draconian laws, smear campaigns, harassment, and intimidation," said Donncha Ã" Cearbhaill, head of Amnesty International's Security Lab, in the blog post.
Cloud security company Lookout has also published "an in-depth technical look" at Pegasus, calling its use "a targeted espionage attack being actively leveraged against an undetermined number of mobile users around the world." It uses sophisticated function hooking to subvert OS- and application-layer security in voice/audio calls and apps including Gmail, Facebook, WhatsApp, Facetime, Viber, WeChat, Telegram, Apple's built-in messaging and email apps, and others. It steals the victim's contact list and GPS location, as well as personal, Wi-Fi, and router passwords stored on the device...

According to news reports, NSO Group sells weaponized software that targets mobile phones to governments and has been operating since 2010, according to its LinkedIn page. The Pegasus spyware has existed for a significant amount of time, and is advertised and sold for use on high-value targets for multiple purposes, including high-level espionage on iOS, Android, and Blackberry.
Thanks to Slashdodt reader Mirnotoriety for sharing the news.

An anonymous reader quotes a report from Ars Technica: Apple's AirTags are meant to help you effortlessly find your keys or track your luggage. But the same features that make them easy to deploy and inconspicuous in your daily life have also allowed them to be abused as a sinister tracking tool that domestic abusers and criminals can use to stalk their targets. Over the past year, Apple has taken protective steps to notify iPhone and Android users if an AirTag is in their vicinity for a significant amount of time without the presence of its owner's iPhone, which could indicate that an AirTag has been planted to secretly track their location. Apple hasn't said exactly how long this time interval is, but to create the much-needed alert system, Apple made some crucial changes to the location privacy design the company originally developed a few years ago for its "Find My" device tracking feature. Researchers from Johns Hopkins University and the University of California, San Diego, say, though, that they've developed (PDF) a cryptographic scheme to bridge the gap -- prioritizing detection of potentially malicious AirTags while also preserving maximum privacy for AirTag users. [...]

The solution [Johns Hopkins cryptographer Matt Green] and his fellow researchers came up with leans on two established areas of cryptography that the group worked to implement in a streamlined and efficient way so the system could reasonably run in the background on mobile devices without being disruptive. The first element is "secret sharing," which allows the creation of systems that can't reveal anything about a "secret" unless enough separate puzzle pieces present themselves and come together. Then, if the conditions are right, the system can reconstruct the secret. In the case of AirTags, the "secret" is the true, static identity of the device underlying the public identifier that is frequently changing for privacy purposes. Secret sharing was conceptually useful for the researchers to employ because they could develop a mechanism where a device like a smartphone would only be able to determine that it was being followed around by an AirTag with a constantly rotating public identifier if the system received enough of a certain type of ping over time. Then, suddenly, the suspicious AirTag's anonymity would fall away and the system would be able to determine that it had been in close proximity for a concerning amount of time.

Green notes, though, that a limitation of secret sharing algorithms is that they aren't very good at sorting and parsing inputs if they're being deluged by a lot of different puzzle pieces from all different puzzles -- the exact scenario that would occur in the real world where AirTags and Find My devices are constantly encountering each other. With this in mind, the researchers employed a second concept known as "error correction coding," which is specifically designed to sort signal from noise and preserve the durability of signals even if they acquire some errors or corruptions. "Secret sharing and error correction coding have a lot of overlap," Green says. "The trick was to find a way to implement it all that would be fast, and where a phone would be able to reassemble all the puzzle pieces when needed while all of this is running quietly in the background." The researchers published (PDF) their first paper in September and submitted it to Apple. More recently, they notified the industry consortium about the proposal.

The Vision Pro, Apple's first "spatial computing" device that costs $3,499, is expected to have a "late-January/early-February" release date, according to Apple analyst Ming-Chi Kuo. "The analyst says that the first wave of Vision Pros are being shipped to Apple in about a month, with total shipments numbering around 500,000 for the full year," adds TechCrunch. From the report: The company's precise target for the year remains an open-ended question. About a month after the device was revealed, reports suggested that Apple has scaled back expectations from around one million to "fewer than 400,000." Even the updated 500,000 figure is small for a company of Apple's massive size and influence. Keep in mind that the company should be shipping more than 200 million iPhones this calendar year.

The Vision Pro, however, is widely regarded as the biggest gambit of Tim Cook's 12-year tenure as CEO. Not only is it an entirely new category and form factor for the company, it's also prohibitively priced, even for customers accustomed to shelling out extra for apple products. Add to that VR's decades-long failure to live up to expectations, and you've got a big uphill fight on your hands. Kuo refers to Vision Pro as "Apple's most important product of 2024." Given the years of speculation and all the time and money the company has no doubt poured into the headset, it's a tough statement to argue.