Google

Google Allo For Chrome Finally Arrives, But Only For Android Users (engadget.com) 87

Google Allo, the chat app that arrived on the iPhone and Android devices last year, now has a web counterpart. Head of product for Allo and video chat app Duo, Amit Fulay, tweeted: "Allow for web is here! Try it on Chrome today. Get the latest Allo build on Android before giving it a spin." Engadget reports: To give it a go, you'll need to open the Allo app on your device and use that to scan a QR code you can generate at this link. Once you've scanned the code, Allo pulls up your chat history and mirrors all the conversations you have on your phone. Most of Allo's key features, including smart replies, emoji, stickers and most importantly the Google Assistant are all intact here. In fact, this is the first time you can really get the full Google Assistant experience through the web; it's been limited to phones and Google Home thus far.
Software

App Developers Should Charge More If They Want People To Buy Subscriptions, Suggests Report (theverge.com) 50

A new report from Liftoff, a Silicon Valley-based mobile app marketing and retargeting firm, says that subscription-based apps may do better if developers charge a higher price for services, rather than setting prices too low to lure users in initially. The Verge reports: The Liftoff report, which analyzed data gathered between June 2016 and June 2017, categorized app subscriptions into low-cost monthly subs ($0.99 to $7), medium ($7 to $20), and high-cost subs ($20 to $50), while also factoring the cost of acquisition per customer. The company found that apps in the medium price range had the highest conversion rate -- 7.16 percent -- and the lowest cost to acquire a subscriber, at just over $106 dollars. This was five times higher than the rate of people who subscribed to apps when the apps were in the low-cost category. This may partly be because streaming media apps, like Netflix and Spotify, have already conditioned people to pay around $10 a month for services. But it also might be attributable to the sunk cost fallacy, Liftoff says: the "cognitive bias people have that makes them stay the course because they have already spent time or resources on it." The report also examines apps that fulfill "need states," like dating apps or cloud services. These have the potential to offer services that customers are willing to pay for, again and again. But, according to Liftoff, utility apps have a much higher install-to-subscriber rate compared to dating apps. Blame those who eventually find love?
Businesses

Snap Sold Fewer Than 42K Spectacles, Down 35% In Q2 (androidheadlines.com) 50

The hype surrounding Snap's Spectacles appears to be dwindling. Their sales have decreased by 35 percent in the second quarter of the year, with the company's latest consolidated financial report revealing that its "Other" revenue amounted to $5.4 million over the three-month period ending June 30. Android Headlines reports: With Spectacles being the company's only miscellaneous endeavor at this point in time and sporting a $130 price tag that has yet to see any discounts, it seems that the Venice, Los Angeles-based social media giant managed to only sell approximately 41,500 units of its first wearable in Q2 2017. During the first quarter of the year that also disappointed investors, Snap's "Other" business category recorded a revenue of $8.3 million, suggesting that the firm managed to sell around 64,000 units. The overall commercial performance of Spectacles may still improve during the current quarter as Snap just recently made the smart sunglasses available on Amazon, in addition to partnering with a number of physical retailers. Likewise, the Snapbot vending machines selling Spectacles only started appearing in Europe in June and are still popping up in a number of major cities on the Old Continent, which is another factor that could help improve the sales figures of Snap's camera-equipped pair of sunglasses. Regardless, the current state of affairs is unlikely to please investors, especially in light of the fact that Snap recently proclaimed itself to be "a camera company," noting how Snapchat is just one aspect of its product vision that's meant to incorporate a wide variety of photography-oriented hardware.
The Military

US Army Walks Back Decision To Ban DJI Drones Ever So Slightly (suasnews.com) 27

garymortimer shares a report from sUAS News: News has reached me that another DJI memo was passed around on Friday the 11th of August. An exception to policy with recommendations from the asymmetric warfare group that will permit the use of DJI kit once some conditions have been met. The Android Tactical Assault Kit will become the ground control station (GCS) of choice when a DJI plugin has passed OPSEC (Operational Security) scrutiny. In a separate report from Reuters, DJI said it is "tightening data security in the hopes that the U.S. Army will lift its ban on DJI drones because of 'cyber vulnerabilities.'" The company is "speeding deployment of a system that allows users to disconnect from the internet during flights, making it impossible for flight logs, photos or videos to reach DJI's computer servers," reports Reuters. While the security measure has been in the works for several months, it's being rolled out sooner than planned because of the Army's decision to discontinue the use of DJI drones.
Businesses

Andy Rubin's Essential Is Now Valued at Over a Billion Dollars Without Shipping a Single Phone (theverge.com) 75

An anonymous reader shares a report: Essential, the new phone startup from Android founder Andy Rubin, is now a unicorn, according to reports from over the weekend. If you're not up to date on the parlance of Silicon Valley, a unicorn is a company that's valued at over $1 billion dollars, which is no small feat in today's market. This title is even more impressive, given that Essential has yet to ship a single device to consumers. According to a report, Foxconn's FIH Mobile filing for a $3 million investment in Essential for around 0.25 percent of the fledgling phone company revealed Essential's new unicorn status with a valuation of around $1.2 billion.
Security

Spyware Apps Found on Google Play Store (bleepingcomputer.com) 35

Researchers at the security firm Lookout have identified a family of malicious Android apps, referred to as SonicSpy. From a report: Experts say the malware author modified a version of the official Telegram app, injected the spyware code, rebranded it, and uploaded the modified app on the Play Store. In total, the crook uploaded the app three times on the Play Store under the names Soniac, Hulk Messenger, and Troy Chat. Only Soniac was active on Google's app store when researchers first spotted the spyware, as the other two apps were already taken down, most likely by the developer himself. At the time of writing, Lookout says they identified over 1,000 variations of this new spyware called SonicSpy, which they believe to be a new version of an older Android spyware named SpyNote.
Iphone

Apple Refuses To Enable iPhone Emergency Settings that Could Save Countless Lives (thenextweb.com) 278

An anonymous reader shares a report: Despite being relatively easy, Apple keeps ignoring requests to enable a feature called Advanced Mobile Location (AML) in iOS. Enabling AML would give emergency services extremely accurate locations of emergency calls made from iPhones, dramatically decreasing response time. As we have covered before, Google's successful implementation of AML for Android is already saving lives. But where Android users have become safer, iPhone owners have been left behind. The European Emergency Number Association (EENA), the organization behind implementing AML for emergency services, released a statement today that pleads Apple to consider the safety of its customers and participate in the program: "As AML is being deployed in more and more countries, iPhone users are put at a disadvantage compared to Android users in the scenario that matters most: An emergency. EENA calls on Apple to integrate Advanced Mobile Location in their smartphones for the safety of their customers." Why is AML so important? Majority of emergency calls today are made from cellphones, which has made location pinging increasingly more important for emergency services. There are many emergency apps and features in development, but AML's strength is that it doesn't require anything from the user -- no downloads and no forethought: The process is completely automated. With AML, smartphones running supporting operating systems will recognize when emergency calls are being made and turn on GNSS (global navigation satellite system) and Wi-Fi. The phone then automatically sends an SMS to emergency services, detailing the location of the caller. AML is up to 4,000 times more accurate than the current systems -- pinpointing phones down from an entire city to a room in an apartment. "In the past months, EENA has been travelling around Europe to raise awareness of AML in as many countries as possible. All these meetings brought up a recurring question that EENA had to reply to: 'So, what about Apple?'" reads EENA's statement.
Android

T-Mobile To Launch Its Own Branded Budget Smartphone (cnet.com) 16

In a throwback to a time when carriers differentiated themselves by branding and selling exclusive phones, T-Mobile announced Wednesday that it's launching its very own budget Android smartphone called the Revvl. CNET reports: The Revvl, which runs on Android Nougat, offers pretty basic specs: a 5.5 inch HD display, 2GB of RAM, 32GB of storage, a 13-megapixel rear-facing camera a 5-megapixel front-facing camera. But it also throws in a fingerprint sensor and will cost T-Mobile customers just $5 a month with no down payment through the company's Jump! upgrade program. It goes on sale Thursday. In a blog post, T-Mobile COO Mike Sievert said the company is catering to those who want the latest smartphone technology but can't afford to pay for high-end devices.
Operating Systems

Android 8.0's 'Streaming OS Updates' Will Work Even If Your Phone Is Full (arstechnica.com) 40

Regardless of whether or not your phone is full of pictures, or videos, or apps, you will still be able to download and install an OS update with Android 8.0. According to the latest source.android.com documentation, Google has cooked up a scheme to make sure that an "insufficient space" error will never stop an update again. Ars Technica reports: Where the heck can Google store the update if your phone is full, though? If you remember in Android 7.0, Google introduced a new feature called "Seamless Updates." This setup introduced a dual system partition scheme -- a "System A" and "System B" partition. The idea is that, when it comes time to install an update, you can normally use your phone on the online "System A" partition while an update is being applied to the offline "System B" partition in the background. Rather than the many minutes of downtime that would normally occur from an update, all that was needed to apply the update was a quick reboot. At that point, the device would just switch from partition A to the newly updated partition B. When you get that "out of space" error message during an update, you're only "out of space" on the user storage partition, which is just being used as a temporary download spot before the update is applied to the system partition. Starting with Android 8.0, the A/B system partition setup is being upgraded with a "streaming updates" feature. Update data will arrive from the Internet directly to the offline system partition, written block by block, in a ready-to-boot state. Instead of needing ~1GB of free space, Google will be bypassing user storage almost entirely, needing only ~100KB worth of free space for some metadata. Ars Technica goes on to note that the feature will be backported to Google Play Services, and will be enabled on "Android 7.0 and later" devices with a dual system partition setup.
Youtube

YouTube Adds Mobile Chat, Because Google Doesn't Have Enough Messaging Apps (venturebeat.com) 25

Krystalo writes: YouTube today rolled out the ability to share videos with contacts directly in its mobile app for Android and iOS. Users can chat about shared videos using text, react with emoji, like messages with a heart, reply with other videos, and invite more friends to the conversation (up to a maximum of 30 people per group message). YouTube first started testing letting groups of users share and talk about videos in May 2016. The company then pushed the feature to Canada in January 2017 as a test, since Canadians share more videos online than any other nation. After some tweaks, the Google-owned company is now pushing it out to all its Android and iOS users. "We've been improving the feature since our experiments began last year," a YouTube spokesperson told VentureBeat. "For example, we've made changes to the chat visual; and we've made the video stick to the top of the chat when scrolling down, to allow replying and chatting while watching a video; and we'll continue making improvements." With the new update, YouTube has become yet another Google messaging app, on top of Android Messages, Allo, Duo, Hangouts Chat, and Hangouts Meet.
Debian

OpenSSL Support In Debian Unstable Drops TLS 1.0/1.1 Support (debian.org) 76

An anonymous reader writes: Debian Linux "sid" is deprecating TLS 1.0 Encryption. A new version of OpenSSL has been uploaded to Debian Linux unstable. This version disables the TLS 1.0 and 1.1 protocol. This currently leaves TLS 1.2 as the only supported SSL/TLS protocol version. This will likely break certain things that for whatever reason still don't support TLS 1.2. I strongly suggest that if it's not supported that you add support for it, or get the other side to add support for it. OpenSSL made a release 5 years ago that supported TLS 1.2. The current support of the server side seems to be around 90%. I hope that by the time Buster releases the support for TLS 1.2 will be high enough that I don't need to enable them again. This move caused some concern among Debian users and sysadmins. If you are running Debian Unstable on server tons of stuff is going to broken cryptographically. Not to mention legacy hardware and firmware that still uses TLS 1.0. On the client side (i.e. your users), you need to use the latest version of a browser such as Chrome/Chromium and Firefox. The Older version of Android (e.g. Android v5.x and earlier) do not support TLS 1.2. You need to use minimum iOS 5 for TLS 1.2 support. Same goes with SMTP/mail servers, desktop email clients, FTP clients and more. All of them using old outdated crypto.

This move will also affect for Android 4.3 users or stock MS-Windows 7/IE users (which has TLS 1.2 switched off in Internet Options.) Not to mention all the mail servers out there running outdated crypto.

Cellphones

Ask Slashdot: Are My Drone Apps Phoning Home? 132

Slashdot reader bitwraith noticed something suspicious after flying "a few cheap, ready-to-fly quadcopters" with their smartphone apps, including drones from Odyssey and Eachine. I often turn off my phone's Wi-Fi support before plugging it in to charge at night, only to discover it has mysteriously turned on in the morning. After checking the Wi-Fi Control History on my S7, it appears as though the various cookie-cutter apps for these drones wake up to phone home in the night after they are opened, while the phone is charging. I tried contacting the publisher of the Odyssey VR app, with no reply.

I would uninstall the app, but then how would I fly my drone? Why did Google grant permission to control Wi-Fi state implicitly to all apps, including these abusers? Are the apps phoning home to report my flight history?

The original submission asks about similar experiences from other drone-owning Slashdot users -- so leave your best answers in the comments. What's making this phone wake up in the night?

Are the drone apps phoning home?
Biotech

How Apple Is Putting Voices In Users' Heads -- Literally (wired.com) 91

schwit1 shared WIRED's report on "a life-changing technology." Steven Levy spoke with Mathias Bahnmueller as he tested a new Apple sound processor that beams digital audio directly into hearing aids. Bahnmueller suffers from hearing loss so severe that a year ago he underwent surgery to install a cochlear implant -- an electronic device in the inner ear that replaces the usual hearing mechanism. Around a million patients have undergone this increasingly mainstream form of treatment, and that's just a fraction of those who could benefit from it. (Of the 360 million people worldwide with hearing loss, about 10 percent would qualify for the surgery.) "For those who reach a point where hearing aids no longer help, this is the only solution," says Allison Biever, an audiologist in Englewood, CO who works with implant patients. "It's like restoring a signal in a radio station."

Cochlear implants bypass the usual hearing process by embedding a device in the inner ear and connecting it via electrodes to the nerve that sends audio signals to the brain... The system Bahnmueller was using came from a collaboration between Apple and Cochlear, a company that has been involved with implant technology since the treatment's early days. The firms announced last week that the first product based on this approach, Cochlear's Nucleus 7 sound processor, won FDA approval in June -- the first time that the agency has approved such a link between cochlear implants and phones or tablets. Those using the system can not only get phone calls directly routed inside their skulls, but also stream music, podcasts, audio books, movie soundtracks, and even Siri -- all straight to the implant... Apple will offer the technology free to qualified manufacturers.

Google's accessibility team for Android has no public timeline for any similar hearing aid support, though according to the article it's "on the roadmap."
Android

BLU Claims Innocence, Gets Phones Reinstated On Amazon (slashgear.com) 43

Earlier this week, Amazon suspended budget phone maker BLU from selling its phones on the site, citing a "potential security issue." A few days have passed and BLU has made its defense. SlashGear reports: AdUps, the Chinese company that provides affordable firmware update software to countless budget Android phones, is not spyware and not even Kryptowire, the security firm that broke the news last year, called it that, insists BLU. To be fair, Kryptowire really didn't. In its 2016 report, it simply described AdUps' OTA software as "FIRMWARE THAT TRANSMITTED PERSONALLY IDENTIFIABLE INFORMATION (PII) WITHOUT USER CONSENT OR DISCLOSURE." Curiously, that is more or less how the FTC defines spyware (PDF). In its 2017 follow-up, it did drop the second part of that phrase and simply reported on "mobile devices for Personally Identifiable Information (PII) collection and transmission to third parties." While BLU, and a few other OEMs, was caught unaware by the first report, it's insisting on its innocence in this second instance. Its defense stems from the argument that it is doing nothing that violates its Privacy Policy and, therefore, doesn't constitute any wrongdoing. Yes, that privacy policy that barely anyone reads, which can't legally be blamed on manufacturers anyway.

In other words, when you agreed to use BLU's devices, you basically agreed that such PII could possibly be transmitted to a third party outside the US. In this particular case, that does apply to the situation with AdUps. Interestingly, the policy's copyright dates back to 2016, when the AdUps issue first came up. The Internet Archives doesn't seem to have any version of that page before April this year. And so we come to BLU's second arguments: everybody's doing it. The data that AdUps collects is the same or even just a fraction of what other OEMs are collecting. Google is hardly the bastion of privacy and other OEMs are also collecting such data and sending it to servers in China, as is the case with Huawei and ZTE. Finally, BLU says that Kryptowire's new report really only identifies the Cubot X16S, from a Chinese OEM, as the only smartphone really spying on its users.
UPDATE: BLU has confirmed that its devices "are now back up for sale on Amazon."
Businesses

Popular Password Manager LastPass Doubles Price of Its Premium Plan, Removes features From Its Free Service Tier (neowin.net) 156

An anonymous reader shares a report: In November, LastPass made a big change to its service, allowing users to keep track of their passwords across all their internet-enabled mobile and desktop devices, free of charge. In addition to the free tier, the cross-platform password manager - available on iOS, Android, and Windows 10 -- also offered a Premium plan with additional features, priced at $12 per year. Today, LastPass announced another wave of changes to its lineup for individual users -- but this time, the changes are unlikely to be welcomed with open arms by its customers. LastPass Premium has now doubled in price to $24 a year, which includes "emergency access, the ability to share single passwords and items with multiple people, priority tech support, advanced multi-factor authentication, LastPass for applications, and 1GB of encrypted file storage," along with all the other features of the Free tier. In a statement, the company said, "While LastPass Free continues to offer access on all browsers and devices and the core LastPass password management functionality, unlimited sharing and emergency access are now Premium features. Free users will be able to share one item with one other individual.
Android

Lenovo Switches To Stock Android For All Future Smartphones (ndtv.com) 80

Lenovo is canning its Vibe Pure UI Android skin in favor of the stock version of Google's mobile OS for its future smartphones, starting with the upcoming K8 Note, according to an interview from Gadgets 360 with Anuj Sharma, Lenovo India's head of marketing. From a report: Lenovo has confirmed that going forward, it will be abandoning its Vibe Pure UI Android customisation which ran on top of its recent Android smartphones in almost all markets. "What we have done in last 11 months is we looked at what we had in terms of software perspective. We have been close to the consumers and we saw what they were asking for. There was a certain trend and we have now decided to cut the Vibe Pure UI off from our phones. So you will now get the stock Android which consumers have been asking for," Sharma told Gadgets 360.
Android

Google Now Permits Android Apps That Facilitate Gambling With Real Money (betanews.com) 44

Mark Wilson shares a report from BetaNews: Google has relaxed its rules surrounding real-money gambling apps in Google Play -- in some countries, at least. There has been a ban on apps and games that allow users to gamble with real money since 2013, but that has now changed. While there was previously a ban in place due to the difficulty in policing ages and complying with different gambling laws around the world, real-money gambling apps are now permitted in the UK, France and Ireland. The new rules stipulate that developers must submit their gambling apps for a special vetting process, and they must have an IARC content rating. Other rules include a ban on the use of Google payment services, a requirement to display information about responsible gambling, and a requirement to block underage use. The full list of requirements [can be viewed here].
Cloud

Apple's Adoption Of HEVC Will Drive A Massive Increase In Encoding Costs Requiring Cloud Hardware Acceleration (streamingmedia.com) 203

An anonymous reader shares a report: For the last 10 years, H.264/AVC has been the dominant video codec used for streaming but with Apple adopting H.265/HEVC in iOS 11 and Google heavily supporting VP9 in Android, a change is on the horizon. Next year the Alliance for Open Media will release their AV1 codec which will again improve video compression efficiency even further. But the end result is that the codec market is about to get very fragmented, with content owners soon having to decide if they need to support three codecs (H.264, H.265, and VP9) instead of just H.264 and with AV1 expected to be released in 2019. As a result of what's take place in the codec market, and with better quality video being demanded by consumers, content owners, broadcasters and OTT providers are starting to see a massive increase in encoding costs. New codecs like H.265 and VP9 need 5x the servers costs because of their complexity. Currently, AV1 needs over 20x the server costs. The mix of SD, HD and UHD continues to move to better quality: e.g. HDR, 10-bit and higher frame rates. Server encoding cost to move from 1080p SDR to 4K HDR is 5x. 360 and Facebook's 6DoF video are also growing in consumption by consumers which again increases encoding costs by at least 4x. If you add up all these variables, it's not hard to do the math and see that for some, encoding costs could increase by 500x over the next few years as new codecs, higher quality video, 360 video and general demand increases.
Facebook

Facebook Is Working On a Video Chat Device (bloomberg.com) 86

An anonymous reader quotes a report from Bloomberg: Facebook Inc. is working on a video chat device for the home -- the first major hardware product from its experimental Building 8 lab. Featuring a laptop-sized touchscreen, the device represents a new product category and could be announced as soon as next spring's F8 developer conference, according to people familiar with the matter. They say the large screen and smart camera technology could help farflung people feel like they're in the same room, which aligns with Chief Executive Officer Mark Zuckerberg's mission of bringing Facebook users closer together. The device is in the prototype phase but is already being tested in people's homes. Geared to the living room, the video chat device will feature a wide-angle camera lens, microphones and speakers that are all powered by artificial intelligence to boost performance, the people said. A version of the device in testing includes a thin, vertical stand that holds a large touchscreen measuring between 13 and 15 inches diagonally, the people said. Facebook has considered running a version of the Android operating system on its device instead of building its own core operating system, according to the people. Facebook is testing a feature that would allow the camera to automatically scan for people in its range and lock onto them, one of the people said. Facebook is also working on a standalone smart speaker to compete with the Amazon Echo and Google Home, reports Bloomberg. The social media giant is "hiring Apple veterans to help create a Siri-style voice assistant that would run on both devices."
Chrome

Google Chrome Starts Testing a Built-in Ad Blocker on Windows, Android (mspoweruser.com) 236

An anonymous reader shares a report: Earlier this year, Google was rumored to be working on a built-in ad blocker for its Chrome browser. The new ad blocker inside Chrome won't block every ad you see on the web -- instead, it'll only block ads that are considered intrusive and go against the standards set by the Coalition for Better Ads. Google has started testing the new built-in ad blocker for Chrome today on the desktop and Android devices. The latest canary release for Google Chrome includes a new option under Chrome's Settings where you can enable the new ad blocker inside Chrome. Users can enable the new feature by going to the Content options inside Chrome's settings page (chrome://settings/content/ads). The built-in ad blocker should automatically block ads that are considered "intrusive." But Google Chrome also lets you strictly block ads on certain sites, and you can also choose to allow ads on certain sites if you'd like.

Slashdot Top Deals