Android

Samsung Finally Lets You Disable the Bixby Button Without a Third-Party App (androidpolice.com) 54

Samsung has released an update to allow you to disable Bixby on the Galaxy S8, S8+ and Note 8. The only problem is you can only disable the button and can't point it to another app. Android Police reports: As you're probably aware, there are two parts to Bixby -- Bixby Home and Bixby Voice. The main change here is to the Bixby Home shortcut; press the button and Bixby appears. After updating, a toggle is available under the settings gear at the top of Bixby home. Turn it off, and Bixby Home will no longer pop up when you tap the button (there's also a "Bixby Key" menu in the settings). Bixby Voice can be shut off in the settings as well, so the button will become completely inert. What if you want Bixby Home back? If you still have Bixby Voice turned on, pressing and holding the button will trigger Bixby on top of your current screen. You can open full screen mode and access your Bixby settings to turn Bixby Home back on at any time. Okay, but what if you also have Bixby Voice turned off in the Bixby settings? It seems at first like you've locked yourself out of Bixby, which might not be a problem for some people. However, you can access the Bixby settings by going into your main system settings -- Apps -- Bixby Home -- Mobile Data -- View app settings. That opens the Bixby settings without opening Bixby first.
Android

Apple's A11 Bionic Chip In iPhone 8 and iPhone X Smokes Android Handsets In Early Benchmarks (hothardware.com) 331

MojoKid writes: Many of the new releases of Apple's iPhone bring with it a new A-series SoC (System on Chip) and Apple is keeping that tradition with the iPhone 8 and iPhone 8 Plus, and iPhone X. Each of those handsets sports a custom ARM-based A11 Bionic processor with six cores -- four high performance cores and two power efficiency cores. The two power efficiency cores will perform the bulk medial chores to maintain battery life, which Apple says will be 2 hours longer than the iPhone 7. However, for heavier workloads, the chip is capable of not only firing up its four high performance cores, but also all six cores simultaneously. If early leaked benchmarks are any indication, the A11 Bionic is going to be a benchmark-busting beast of a chip. A set of just-posted Geekbench scores reinforces that notion. Just prior to Apple announcing its newest iPhone models, Geekbench's database was updated with a new entry for an "iPhone 10,5" which we assume to be the iPhone X. Based on the scores recorded, in this one benchmark at least, the A11 CPU powering the iPhone X appears to be 50 to 70 percent faster than any Android handset on the market currently, even those powered by the new Qualcomm Snapdragon 835.
Android

PSA: Google Will Delete Your Android Backups If Your Device Is Inactive For Two Months (vernonchan.com) 165

New submitter Vernon Chan writes: It was discovered that Google will automatically schedule to delete your Android device backups if it is inactive for more than two months. The issue was discovered by a Reddit user after his Nexus 6P was sent for a refund claim. He was using an old iPhone while he waited for an Android replacement device. When he glanced at his Google Drive Backup folder, he freaked out when he noticed his Nexus 6P backup was missing. He then stumbled upon this Google Drive help document regarding backup expirations: "Your backup will remain as long as you use your device. If you don't use your device for 2 weeks, you may see an expiration date below your backup. For instance: 'Expires in 54 days.'" Once a backup is deleted, there is zero chance for recovery.
Android

Target's Sales Floors Are Switching From Apple To Android Devices (gizmodo.com) 115

After three years of Apple products, Target is moving to Android devices for stocking, pulling items, and other essential sales floor duties. Target first outfitted its employees with Apple products in 2014, replacing PDAs with iPod Touches. Gizmodo reports: In Fall of 2016, Target stores began testing the Zebra TC51, which runs Android 6.0 Mashmallow and was confirmed to Gizmodo as "the new MyDevices for store team members chainwide" by a company spokesperson over email. On Reddit's r/Target page and the unofficial employee forum The Breakroom, the new devices have been met with enthusiasm -- and plenty of jabs at the old iOS scanners. "The current iOS my devices we have all sorts of issues, connection issues, scanner issues, and tons more," one Breakroom poster complained. On Reddit, a former store manager wrote that "the iPod hardware they used as on the floor scanners for employees died quickly and there was no way of swapping in new batteries. There were many hardware issues that came about with the ipods." While a Target spokesperson confirmed the company will still purchase some products from Apple -- iPads for online order pickups, iPhones for managers -- the sales floor is switching to Android, and the company is staffing up on Android developers to port over all the internal software stores use.
Security

BlueBorne Vulnerabilities Impact Over 5 Billion Bluetooth-Enabled Devices (bleepingcomputer.com) 121

An anonymous reader quotes a report from Bleeping Computer: Security researchers have discovered eight vulnerabilities -- codenamed collectively as BlueBorne -- in the Bluetooth implementations used by over 5.3 billion devices. Researchers say the vulnerabilities are undetectable and unstoppable by traditional security solutions. No user interaction is needed for an attacker to use the BleuBorne flaws, nor does the attacker need to pair with a target device. They affect the Bluetooth implementations in Android, iOS, Microsoft, and Linux, impacting almost all Bluetooth device types, from smartphones to laptops, and from IoT devices to smart cars. Furthermore, the vulnerabilities can be concocted into a self-spreading BlueTooth worm that could wreak havoc inside a company's network or even across the world. "These vulnerabilities are the most serious Bluetooth vulnerabilities identified to date," an Armis spokesperson told Bleeping Computer via email. "Previously identified flaws found in Bluetooth were primarily at the protocol level," he added. "These new vulnerabilities are at the implementation level, bypassing the various authentication mechanisms, and enabling a complete takeover of the target device." Consumers are recommended to disable Bluetooth unless you need to use it, but then turn it off immediately. When a patch or update is issued and installed on your device, you should be able to turn Bluetooth back on and leave it on safely. The BlueBorne Android App on the Google Play Store will be able to determine if a user's Android device is vulnerable. A technical report on the BlueBorne flaws is available here (PDF).
Android

Android Always Beats the iPhone To New Features, Qualcomm Says (theverge.com) 176

An anonymous reader shares a report: Qualcomm has published a somewhat self-congratulatory blog post that lauds the company and its Android partners for achieving a series of industry firsts that include wireless charging, dual-camera systems, OLED smartphone screens, edge-to-edge displays, and more -- features that the upcoming iPhone is expected to have. Apple and Qualcomm are currently embroiled in what's turning into a vicious, global patent licensing dispute. So the timing of this adulation for Android -- hours before Apple's big September event -- doesn't really strike me as coincidental. It can't be. Qualcomm never mentions Apple by name; the closest the company ever comes is with this line: Inventions from Qualcomm lay the foundation for so many technologies and experiences we value in our smartphones today -- on Android and other platforms.
Software

How Proprietary Software Lets Companies Cheat (locusmag.com) 228

"Proprietary software makes it possible to design products to cheat ordinary users..." writes Richard Stallman -- linking to a new essay by Cory Doctorow: Carriers adapted custom versions of Android to lock customers to their networks with shovelware apps that couldn't be removed from the home-screen and app store lock-in that forced customers to buy apps through their phone company. What began with printers and spread to phones is coming to everything: this kind of technology has proliferated to smart thermostats (no apps that let you turn your AC cooler when the power company dials it up a couple degrees), tractors (no buying your parts from third-party companies), cars (no taking your GM to an independent mechanic), and many categories besides.

All these forms of cheating treat the owner of the device as an enemy of the company that made or sold it, to be thwarted, tricked, or forced into conducting their affairs in the best interest of the company's shareholders. To do this, they run programs and processes that attempt to hide themselves and their nature from their owners, and proxies for their owners (like reviewers and researchers). Increasingly, cheating devices behave differently depending on who is looking at them. When they believe themselves to be under close scrutiny, their behavior reverts to a more respectable, less egregious standard. This is a shocking and ghastly turn of affairs, one that takes us back to the dark ages.

Iphone

Leaks Reveal New Features In Apple's Next iPhone 224

Though Apple officially unveils their newest iPhone on Tuesday, information is already leaking on the internet.
  • Mashable: "Physically, it's expected to be about the same size as an iPhone 7, but with an edge-to-edge OLED display that's bigger than what is currently on the iPhone 7 Plus. It won't have a home button or Touch ID, and will likely use some kind of facial recognition tech to unlock."
  • MacRumors cites a report from KGI Securities analyst Ming-Chi Kuo suggesting facial recognition may just be one feature of a complex front camera with 3D sensing hardware, including a proximity sensor, ambient light sensor, and a structured light transmitter (using a surface-emitting laser) and receiver.
  • Fortune: "Apple's iPhone line is expected to catch up with Android phones in the area of wireless charging this year... just lay the phone down on a compatible charger mat or base or dock, and watch the battery fill up."
  • 9to5Mac: "We've found a brand new feature called 'Animoji', which uses the 3D face sensors to create custom 3D animated emoji based on the expressions you make into the camera. Users will be able to make Animoji of unicorns, robots, pigs, pile of poo and many more."
GUI

Linux.com Raves About New Snap-Centric 'Nitrux' Distro (linux.com) 137

An anonymous reader quotes Linux.com: What happens when you take Ubuntu 17.10, a new desktop interface (one that overlays on top of KDE), snap packages, and roll them all up into a pseudo rolling release? You get Nitrux. At first blush, this particular Linux distribution seems more of an experiment than anything else -- to show how much the KDE desktop can be tweaked to resemble the likes of the Elementary OS or MacOS desktops. At its heart, however, it's much more than that... This particular take on the Linux desktop is focused on the portable, universal nature of snap packages and makes use of a unique desktop, called Nomad, which sits atop KDE Plasma 5... The desktop includes a dock, a system/notification tray, a quick search tool (Plasma Search), and an app menu. Of all the elements on the desktop, it's the Plasma Search tool that will appeal to anyone looking for an efficient means to interact with their desktops. With this tool, you can just start typing on a blank desktop to see a list of results. Say, for example, you want to open LibreOffice writer; on the blank desktop, just start typing "libre" and related entries will appear...

Skilled Linux users should have no problem using Nitrux and might find themselves intrigued with the snap-centric Nomad desktop. The one advantage of having a distribution centered around snap packages would be the ease with which you could quickly install and uninstall a package, without causing issues with other applications... In the end, Nitrux is a beautiful desktop that is incredibly efficient to use -- only slightly hampered by an awkward installer and a lack of available snap packages. Give this distribution a bit of time to work out the kinks and it could become a serious contender.

The GUI-focused distro even includes Android apps in the menu -- although Linux.com's reviewer notes that "on two different installations, I have yet to get this feature to work. Even the pre-installed Android apps never start."
Facebook

Facebook Finds a New Service To Copy: Tinder (vice.com) 46

An anonymous reader shares a report from Motherboard, written by Jacob Dube: Facebook is trying out a new feature that connects users on its Messenger chat platform, but only if they both accept. It looks a lot like Tinder, except it only appears to be connecting people who are already friends with each other. While using Facebook on my phone Wednesday night, I was greeted by a notification that said "[Name redacted] and 15 others may want to meet up with you this week." When I opened the link, I was taken to a page with photos of my Facebook friends and a question: "Want to meet up with [name redacted] this week?" It indicated that my response would be private unless we both said yes. Tap "No Thanks," and that's the end of it. The feature seems to be in beta, and, though it is currently available to me and a few of my friends in Canada, the rest of Motherboard was unable to access it. It's unclear what the feature might be called. It's not hard to see the similarity between the feature and dating apps like Tinder or Bumble, but the Facebook feature seems to connect you only to people you already know, and could have already reached on the Messenger app. The feature didn't just show me potential love interests, however. It also displayed some of my friends, indicating that it might be used to encourage people who are already friends on Facebook to hang out IRL. "People often use Facebook to make plans with their friends," a Facebook spokesperson told Motherboard in an email. "So, we're running a very small test in the Facebook app to make that easier. We look forward to hearing people's feedback." The test is reportedly limited to a small number of users in parts of Toronto and New Zealand, on iOS and Android.
Android

Android Oreo Bug Eats Up Mobile Data Even When On Wi-Fi (betanews.com) 89

Mark Wilson shares a report from BetaNews: An apparent bug with Android Oreo has been discovered which means Google's mobile operating system could be munching its way through your data allowance, even if you're connected to a wireless network. A thread on Reddit highlighted the issue, with many people pointing out that it could prove expensive for anyone not using an unlimited data plan. Google is apparently aware of the problem and is working on a patch, but in the meantime Oreo users are being warned to consider disabling mobile data when they are at home or using a wireless connection elsewhere.
Android

Android Oreo's Rollback Protection Will Block OS Downgrades (androidpolice.com) 119

jbernardo writes: Google is using the boiling frog method to exclude power users and custom ROMs from android. A new feature in Android 8.0 Oreo, called "Rollback Protection" and included in the "Verified Boot" changes, will prevent a device from booting should it be rolled back to an earlier firmware. The detailed information is here. As it rejects an image if its "rollback index" is inferior than the one in "tamper evident storage," any attempts to install a previous version of the official, signed ROM will make the device unbootable. Much like iOS (without the rollback grace period) or the extinct Lumias. It is explained in the recommended boot workflow and notes below, together with some other "smart" ideas.

Now, this might seem like a good idea at first, but let's just just imagine this on a PC. It would mean no easy rollback from windows 10 to 7 after a forced installation, and doing that or installing linux would mean a unreasonably complex bootloader unlocking, with all your data wiped. Add safetynet to the mix, and you would also be blocked from watching Netflix or accessing your banking sites if you dared to install linux or rollback windows. To add insult to injury, unlocked devices will stop booting for at least 10 seconds to show some paternalist message on how unlocking is bad for your health: "If the device has a screen and buttons (for example if it's a phone) the warning is to be shown for at least 10 seconds before the boot process continues." Now, and knowing that most if not all android bootloaders have vulnerabilities/backdoors, how can this be defended, even with the "security/think of the children" approach? This has no advantages other than making it hard for users to install ROMs or to revert to a previous official ROM to restore missing functionality.

Chrome

Chrome 61 Arrives With JavaScript Modules, WebUSB Support (venturebeat.com) 115

The latest version of Google Chrome has launched, bringing a host of new developer features like JavaScript modules and WebUSB support. An anonymous Slashdot reader shares a report from VentureBeat: Google has launched Chrome 61 for Windows, Mac, and Linux. Additions in this release include JavaScript modules and WebUSB support, among other developer features. You can update to the latest version now using the browser's built-in silent updater or download it directly from google.com/chrome. Google also released Chrome 61 for Android today. In addition to performance and stability fixes, you can expect two new features: Translate pages with a more compact toolbar and pick images with an improved image picker.

Chrome now supports JavaScript modules natively via the new element, letting developers declare a script's dependencies. Modules are already popular in third-party build tools, which use them to bundle only the required scripts. Native support means the browser can fetch granular dependencies in parallel, taking advantage of caching, avoiding duplications across the page, and ensuring the script executes in the correct order, all without a build step. Google recommends these two blog posts for more information: ECMAScript modules in browsers and ES6 Modules in Depth. Speaking of JavaScript, Chrome 61 also upgrades the browser's V8 JavaScript engine to version 6.1. Developers can expect performance improvements and a binary size reduction. The WebUSB API meanwhile allows web apps to access user-permitted USB devices. This enables all the functionality provided by hardware peripherals such as keyboards, mice, printers, and gamepads, while still preserving the security guarantees of the web.

Android

TrustZone Downgrade Attack Opens Android Devices To Old Vulnerabilities (bleepingcomputer.com) 45

An anonymous reader writes from a report via Bleeping Computer: An attacker can downgrade components of the Android TrustZone technology -- a secure section of smartphone CPUs -- to older versions that feature known vulnerabilities. The attacker can then use previously published exploit code to attack up-to-date Android OS versions. The research team proved their attack in tests on devices running the ARM TrustZone technology, such as Samsung Galaxy S7, Huawei Mate 9, Google Nexus 5, and Google Nexus 6. They replaced updated versions of the Widevine trustlet with an older version that was vulnerable to CVE-2015-6639, a vulnerability in Android's Qualcomm Secure Execution Environment (QSEE) -- Qualcomm's name for its ARM TrustZone version that runs on Qualcomm chips. This vulnerability allows attackers root level access to the TrustZone OS, which indirectly grants the attack control over the entire phone. The research paper is available here, and one of the researcher's authors explains the attack chain in an interview here.
Google

Android One Is Anything But Dead, Google Reaffirms With Xiaomi Mi A1 (ndtv.com) 97

An anonymous reader shares a report: Google executives shared the stage with Xiaomi chiefs at a media event in New Delhi on Tuesday as the Chinese phone maker unveiled its "new flagship" Mi A1 smartphone. Google's presence at the event was essential. Xiaomi's Mi A1 is the latest phone to be launched under Google's Android One program, a three-year-old initiative from Google, which in the past year has been presumed dead by many. It's anything but that, Google executives said. The Xiaomi Mi A1 smartphone features a 5.5-inch full-HD (1080x1920 pixels) display. It also offers a duo of 12-megapixel rear cameras, one with telephoto capability and 2X optical zoom feature. On the front, for the selfie enthusiasts is a 5-megapixel shooter. The dual-SIM capable Mi A1 smartphone houses a Snapdragon 625 octa-core SoC, 4GB of RAM, 64GB internal storage, IR blaster, a 3080mAh battery, a fingerprint scanner, modems for 4G LTE bands in its gold- and black-coloured thin, full-metal unibody form factor. It is priced at $235, and will be available in dozens of markets including Mexico, India, Indonesia, Russia, and Singapore.
Android

Vulnerabilities Discovered In Mobile Bootloaders of Major Vendors (bleepingcomputer.com) 76

An anonymous reader writes: Android bootloader components from five major chipset vendors are affected by vulnerabilities that break the CoT (Chain of Trust) during the Android OS boot-up sequence, opening devices to attacks. The vulnerabilities were discovered with a new tool called BootStomp, developed by nine computer scientists from the University of California, Santa Barbara. Researchers analyzed five bootloaders from four vendors (NVIDIA, Qualcomm, MediaTek, and Huawei/HiSilicon). Using BootStomp, researchers identified seven security flaws, six new and one previously known (CVE-2014-9798). Of the six new flaws, bootloader vendors already acknowledged five and are working on a fix. "Some of these vulnerabilities would allow an attacker to execute arbitrary code as part of the bootloader (thus compromising the entire chain of trust), or to perform permanent denial-of-service attacks," the research team said (PDF). "Our tool also identified two bootloader vulnerabilities that can be leveraged by an attacker with root privileges on the OS to unlock the device and break the CoT."
Android

With Android Oreo, Google Is Introducing Linux Kernel Requirements (betanews.com) 120

Mark Wilson shares a report from BetaNews: As is easy to tell by comparing versions of Android from different handset manufacturers, developers are -- broadly speaking -- free to do whatever they want with Android, but with Oreo, one aspect of this is changing. Google is introducing a new requirement that OEMs must meet certain requirements when choosing the Linux kernel they use. Until now, as pointed out by XDA Developers, OEMs have been free to use whatever Linux kernel they wanted to create their own version of Android. Of course, their builds still had to pass Google's other tests, but the kernel number itself was not an issue. Moving forward, Android devices running Oreo must use at least kernel 3.18, but there are more specific requirements to meet as well. Google explains on the Android Source page: "Android O mandates a minimum kernel version and kernel configuration and checks them both in VTS as well as during an OTA. Android device kernels must enable the kernel .config support along with the option to read the kernel configuration at runtime through procfs."
Android

Petition Asks the Developers of Phoenix OS to Open Source the Kernel (xda-developers.com) 34

An anonymous reader shares a report: Android is mainly considered an open source mobile operating system, but there are a number of closed source elements that hundreds of millions of people use every day. The actual requirements of Android is that the kernel be open sourced for the public. This is enforced by the GPL but sadly this is one of those gray areas where someone actually needs to take legal action to enforce it. Some companies have violated this time and time again, and a new petition is calling for the developers of Phoenix OS to do the right thing. For those who are unaware, Phoenix OS is one of the only full desktop versions of Android that is still being maintained. [...] So a dedicated fan of the platform, Karol Putra, has created a Change.org petition in hopes that it will change their minds.
Data Storage

SanDisk Breaks Storage Record With 400GB MicroSD Card (extremetech.com) 70

SanDisk has managed to cram 400GB into a microSD card, making it the largest microSD card currently on the market. The company said the capacity breakthrough was the result of Western Digital, the company that owns SanDisk, "leveraging its proprietary memory technology and design and production processes that allow for more bits per die." The nitty-gritty details weren't revealed beyond that. ExtremeTech reports: The speed appears to come with a tradeoff. SanDisk trumpets its A1 speed rating, saying: "Rated A1, the SanDisk Ultra microSD card is optimized for apps, delivering faster app launch and performance that provides a better smartphone experience." This is a generous reading of the A1's target performance specification. Last year, the SD Association released a report discussing the App Performance Class memory card specification and why the spec was created in the first place. When Android added support for running applications from an SD card, there was a need to make certain the cards people bought would be quick enough to run apps in the first place. The A1 is rated for 1500 read and 500 write IOPS, with a sequential transfer speed of 10MB/s.

This SanDisk drive should run applications just fine. SanDisk claims it can be used for recording video, not just storing it. But it's not going to be fast enough for 4K data; Class 10 devices are limited to 10MB/s of sequential write performance. Obviously not all phones support shooting in 4K anyway, so whether this is a limitation will depend on what device you plan to plug it into. The 100MB/s speed trumpeted by Western Digital is a reference to read speeds; write speeds are lower and likely closer to the 10MB/s sequential target mentioned above. The microSD card is expected to retail for $250.

Android

LG Announces V30 Smartphone With 'FullVision' OLED Display, Dual Cameras (phonedog.com) 45

At a press conference in Berlin, LG announced their newest flagship smartphone, the LG V30. The V30 doesn't feature a removable battery or a secondary display like its predecessor, but it does feature faster performance and a significantly redesigned build construction that puts in more in line with Samsung and Apple's offerings. PhoneDog reports: A bigger device with beefier specs, the LG's V series took more design cues from the G series this year more than ever. As expected, LG got rid of the secondary display in favor of a single 6-inch LG P-OLED display (not Super AMOLED, although practically the same with rich black and vibrant colors). The V30 switches out its secondary display for slimmer bezels, which may prove to be a smart move considering how popular the concept is this year. Specs look pretty solid, although there were reports that the device would feature 6GB of RAM rather than 4GB. The bread and butter of the V30 are its sophisticated audio and its dual rear camera set-up. Speaking of the back of the device, another small advantage that LG may have over the competition is the center placement of its rear fingerprint sensor, which has been a bit of a pain point for Samsung this year with the S8 and the Note 8. The LG V30 is set to release on September 21 in South Korea, with releases in North America, Asia, Africa, and Europe following shortly after. LG also has yet to announce a price for the V30, although rumors peg it to be around 800,000 KRW in South Korea (which equates to about $699 in the U.S.). For those interested, GSMArena has a full spec sheet available for the LG V30. Some of the noteworthy specs include a 6-inch LG P-OLED display with an 18:9 aspect ratio and QHD (1440 x 2880) resolution, Snapdragon 835 processor with 4GB RAM, dual 16-megapixel/13-megapixel rear-facing camera sensors, headphone jack, 32-bit/192kHz audio, wireless charging and Android 7.1.2 Nougat.

Slashdot Top Deals