Iphone

10-Year-Old Boy Cracks the Face ID On Both Parents' IPhone X (wired.com) 294

An anonymous reader writes: A 10-year-old boy discovered he could unlock his father's phone just by looking at it. And his mother's phone too. Both parents had just purchased a new $999 iPhone X, and apparently its Face ID couldn't tell his face from theirs. The unlocking happened immediately after the mother told the son that "There's no way you're getting access to this phone."

Experiments suggest the iPhone X was confused by the indoor/nighttime lighting when the couple first registered their faces. Apple's only response was to point to their support page, which states that "the statistical probability is different...among children under the age of 13, because their distinct facial features may not have fully developed. If you're concerned about this, we recommend using a passcode to authenticate." The boy's father is now offering this advice to other parents. "You should probably try it with every member of your family and see who can access it."

And his son just "thought it was hilarious."

Iphone

Apple Fixes the iPhone X 'Unresponsive When It's Cold' Bug (arstechnica.com) 42

An anonymous reader quotes Ars Technica: Apple released iOS 11.1.2 for iPhones and iPads Thursday afternoon. It's a minor, bug-fix update that benefits iPhone X users who encountered issues after acquiring the new phone just under two weeks ago... The update fixes just two problems. The first is "an issue where the iPhone X screen becomes temporarily unresponsive to touch after a rapid temperature drop." Last week, some iPhone X owners began reporting on Reddit and elsewhere that their touchscreens became temporarily unresponsive when going outside into the cold... The update also "addresses an issue that could cause distortion in Live Photos and videos captured with iPhone X."
The article notes that the previous update "fixed a strange and widely mocked autocorrect bug that turned the letter 'i' into strange characters."

"To date, iOS 11's updates have largely been bug fixes."
Google

CNBC: Google's New 'Pixel Buds' Suck (yahoo.com) 100

Google's new Pixel Buds "are really bad" and "not worth buying," according to CNBC's technology products editor: The stand-out feature of Google Pixel Buds is that they're supposed to be able to translate spoken languages in near real-time. In my real-world tests, however, that wasn't the case at all. I took the Pixel Buds out on the streets of Manhattan, speaking to a Hungarian waiter in Little Italy, multiple vendors in Chinatown and more. If you press the right earbud and say "help me speak Chinese," for example, the buds will launch Google Translate, you can speak what you'd like to ask someone in another language, and a voice will read out the translated speech through your smartphone's speakers. Then, when someone replies, you'll hear that response through the Pixel Buds.

The microphone on the Pixel Buds is really bad, so it barely picked up my voice queries that I wanted to translate. I stood on the side of the road in Chinatown repeating myself at least 10 times trying to get the phone to pick up my speech in order to begin translation. It barely worked, even if I took the buds out and spoke directly into the microphone on the right earbud, and often only translated half of what I was trying to ask. In a quiet place, I was able to allow someone to respond to me, after which I'd hear the English translation through the headphones. That was neat, but it barely ever actually worked that way. To mitigate this, I found it was just easier to manually open the Google translate app, speak into my phone's microphone, and then let someone else also speak right into my phone. This executed the translation nearly perfectly, and meant that I didn't need the Pixel Buds at all.

The article ends by answering the question, Should you buy them? "Nope. There's nothing I recommend about the Pixel Buds.

"They're cheap-feeling and uncomfortable, and you're better off using the Google Translate app on a phone instead of trying to fumble with the headphones while trying to translate a conversation. The idea is neat, but it just doesn't work well enough to recommend to anyone on any level."
Bug

iPhone X Owners Experience 'Crackling' or 'Buzzing' Sounds From Earpiece Speaker (macrumors.com) 104

MacRumors reports: A limited but increasing number of iPhone X owners claim to be experiencing so-called "crackling" or "buzzing" sounds emanating from the device's front-facing earpiece speaker at high or max volumes. Over two dozen users have said they are affected in a MacRumors discussion topic about the matter, while similar reports have surfaced on Twitter and Reddit since the iPhone X launched just over a week ago. On affected devices, the crackling sounds occur with any kind of audio playback, including phone calls, music, videos with sound, alarms, and ringtones. The issue doesn't appear to be limited to any specific iPhone X configuration or iOS version.
"The speakerphone for an $1100 phone should be at least as good as it was on the iPhone 6 and 7," complained one user, "but instead, it's crackly, edgy and buzzy."

"I believe we all knew the iPhone X would be highly scrutinized," writes Slashdot reader sqorbit, "but the reported problems appear to be stacking up."
Cellphones

New Samsung Video Demos Linux on Galaxy Smartphones (liliputing.com) 100

Slashdot reader boudie2 tipped us off to some Linux news. Liliputing reports: Samsung's DeX dock lets you connect one of the company's recent phones to an external display, mouse, and keyboard to use your phone like a desktop PC... assuming you're comfortable with a desktop PC that runs Android. But soon you may also be able to use your Android phone as a Linux PC [and] the company has released a brief video that provides more details. One of those details? At least one of the Linux environments in question seems to be Ubuntu 16.04... While that's the only option shown, the fact that it does seem to be an option suggests you may be able to run different Linux environments as well.

Once Ubuntu is loaded, the video shows a user opening Eclipse, an integrated development environment that's used to create Java (and Android apps). In other words, you can develop apps for Android phones with ARM-based processors on an Android phone with an ARM-based processor.

Samsung promised in October that its Linux on Galaxy app will ultimately let users "run their preferred Linux distribution on their smartphones utilizing the same Linux kernel that powers the Android OS."
Bug

The iPhone X Becomes Unresponsive When It Gets Cold (zdnet.com) 196

sqorbit writes: Apple is working on a fix for the newly release iPhone X. It appears that the touch screen can become unresponsive when the iPhone is subjected to cold weather. Users are reporting that locking and unlocking the phone resolves the issue. Apple stated that it is aware of the issue and it will be addressed in a future update.
Android

CopperheadOS Fights Unlicensed Installations On Nexus Phones (xda-developers.com) 97

An anonymous reader writes: Earlier this week security-hardened Android build CopperheadOS temporarily blocked Nexus updates on its servers after finding out that other companies have been flashing the ROM onto Nexus phones and selling them commercially in violation of the CopperheadOS licensing terms. The incident highlights an inherent problem in getting open source to be used by the masses: the difficulty of organizations being able to build and monetize a successful, long-term open source business model...
"We've enabled over-the-air updates again," CopperheadOS tweeted Saturday, "to avoid impacting our remaining customers on Nexus devices and other legitimate users. However, downloads on the site will no longer be available and we'll be making changes to the update client for Nexus devices."

In an earlier series of tweets, they explained it's an ongoing issue. "It's not okay to disrespect our non-commercial licensing terms for those official builds by flashing and selling it on hundreds of phones... This is why we've been unable to sell access to Pixel images. There are people that are going to buy those and flash + sell devices in direct competition with us in violation of the licensing terms. Needing to deal with so many people acting in bad faith makes this difficult.

"It's not permitted for our official Nexus builds and yet that's what's happening. We do all of the development, testing, release engineering and we provide the infrastructure, and then competitors sell far more devices than us in violation of our licensing terms. Ridiculous."
IOS

iOS 11 Passes 50 Percent Adoption In Under 2 Months (venturebeat.com) 133

An anonymous reader quotes a report from VentureBeat: After a longer wait than usual, Apple today finally released the first official numbers for iOS 11. The various figures and estimates released by marketing and research firms are no longer relevant, as we now know for certain that iOS 11 has passed the 50 percent mark in less than two months. In other words, the latest version of the company's mobile operating system is now on one in every two of its mobile devices. iOS 11 was released on September 13, meaning it took less than seven weeks to reach the majority of users that Apple tracks. While this is certainly impressive, keep in mind that iOS 10 took less than a month and iOS 9 took less than a week to hit the same adoption milestone. Sure, the number of iOS devices is growing, but Apple also cuts down the number allowed to get the latest updates.
Cellphones

Razer Unveils Gaming Smartphone With 120Hz UltraMotion Display, 8GB RAM and No Headphone Jack (cnet.com) 168

Computer hardware company Razer has unveiled its first smartphone. While the design doesn't appear to be up to par with the competition, it does pack some impressive specifications under the hood. The Razer Phone features a 5.7-inch, 2,560x1,440-resolution display, Snapdragon 835 chipset with 8GB of RAM, 12-megapixel dual camera with a wide-angle lens and 2x optical zoom, 4,000mAh battery, dual front-facing stereo speakers, and Android 7.1.1 Nougat running out of the box. While there is a microSD card slot for expandable storage, there is no headphone jack, no waterproofing, and no wireless charging. The device also won't support CDMA carriers like Verizon or Sprint. CNET reports: [W]here most new flagship phones are shiny rounded rectangles with curved screens, the Razer Phone is unabashedly a big black brick. It flaunts sharp 90-degree corners instead of curved edges. You can even stand the phone on end. The 5.7-inch, 2,560x1,440-resolution screen is flat as a pancake, and you'll find giant bezels above and below that screen, too -- just when we thought bezels were going out of style. When the Razer Phone ships Nov. 17 for $699 or £699 -- no plans for Australia at launch -- the company says it'll be the first phone with a display that refreshes 120 times per second, like a high-end PC gaming monitor or Apple's iPad Pro. And combined with a dynamic refresh technique Razer's calling Ultramotion (think Nvidia G-Sync), it can mean beautiful, butter-smooth scrolling down websites and apps, and glossy mobile gameplay.
Security

Researchers Devise 2FA System That Relies On Taking Photos of Ordinary Objects (bleepingcomputer.com) 138

An anonymous reader quotes Bleeping Computer: Scientists from Florida International University and Bloomberg have created a custom two-factor authentication (2FA) system that relies on users taking a photo of a personal object. The act of taking the photo comes to replace the cumbersome process of using crypto-based hardware security keys (e.g., YubiKey devices) or entering verification codes received via SMS or voice call. The new system is named Pixie, and researchers argue it is more secure than the aforementioned solutions.

Pixie works by requiring users to choose an object as their 2FA key. When they set up the Pixie 2FA protection, they take an initial photo of the object that will be used for reference. Every time users try to log into their account again, they re-take a photo of the same object, and an app installed on their phone compares the two photos... In automated tests, Pixie achieved a false accept rate below 0.09% in a brute force attack with 14.3 million authentication attempts. An Android app is available for testing here.

Social Networks

TechCrunch Argues Social Media News Feeds 'Need to Die' (techcrunch.com) 154

"Feeds need to die because they distort our views and disconnect us from other human beings around us," argues TechCrunch's Romain Dillet: At first, I thought I was missing out on some Very Important Content. I felt disconnected. I fought against my own FOMO. But now, I don't feel anything. What's going on on Instagram? I don't care. Facebook is now the worst internet forum you can find. Twitter is filled with horrible, abusive people. Instagram has become a tiny Facebook now that it has discouraged all the weird, funny accounts from posting with its broken algorithm. LinkedIn's feed is pure spam.

And here's what I realized after forgetting about all those "social" networks. First, they're tricking you and pushing the right buttons to make you check your feed just one more time. They all use thirsty notifications, promote contrarian posts that get a lot of engagement and play with your emotions. Posting has been gamified and you want to check one more time if you got more likes on your last Instagram photo. Everything is now a story so that you pay more attention to your phone and you get bored less quickly -- moving pictures with sound tend to attract your eyes... [F]inally, I realized that I was missing out by constantly checking all my feeds. By putting my phone on 'Do Not Disturb' for days, I discovered new places, started conversations and noticed tiny little things that made me smile.

He concludes that technology has improved the way we learn, communicate, and share information, "But it has gone too far...

"Forget about your phone for a minute, look around and talk with people next to you."
Encryption

FBI Couldn't Access Nearly 7,000 Devices Because of Encryption (foxbusiness.com) 299

Michael Balsamo, writing for Associated Press: The FBI hasn't been able to retrieve data from more than half of the mobile devices it tried to access in less than a year, FBI Director Christopher Wray said Sunday, turning up the heat on a debate between technology companies and law enforcement officials trying to recover encrypted communications. In the first 11 months of the fiscal year, federal agents were unable to access the content of more than 6,900 mobile devices, Wray said in a speech at the International Association of Chiefs of Police conference in Philadelphia. "To put it mildly, this is a huge, huge problem," Wray said. "It impacts investigations across the board -- narcotics, human trafficking, counterterrorism, counterintelligence, gangs, organized crime, child exploitation." The FBI and other law enforcement officials have long complained about being unable to unlock and recover evidence from cellphones and other devices seized from suspects even if they have a warrant, while technology companies have insisted they must protect customers' digital privacy.
Cellphones

Essential Announces $200 (29%) Discount on Phones -- Price Dropped To $499 (cnet.com) 106

An anonymous reader quote CNET: The heavily hyped, Andy Rubin-backed Essential phone launched late in August. Now, two months later, its price has been cut from $699 to $499. The news was announced in a Sunday blog post by company president Niccolo de Masi. He said the price cut comes in lieu of the company spending money on an expensive marketing campaign. "We could have created a massive TV campaign to capture your attention," Masi wrote, "but we think making it easier for people to get their hands on our first products is a better way to get to know us." A spokesperson added to this, telling CNET, "We've heard from many people that once they got their hands on an Essential Phone they were hooked by the device's unique look and feel... it was a strategic decision to invest in bold pricing to get our products into more hands instead of traditional marketing such as TV to generate awareness and word of mouth."
"There is really no other way to read the move except as a signal that it wasn't selling well at $699," counters the Verge, "especially given that the only U.S. carrier stores it's available in have 'Sprint' above the door. It certainly doesn't help that it now has to face the Pixel 2 and Pixel 2 XL head-to-head."

"To help salve the burn that customers who paid the full price might be feeling, the company is offering a $200 Essential Store 'friends & family code' to be used towards the purchase of another phone or a module."
Security

With Rising Database Breaches, Two-Factor Authentication Also At Risk (hackaday.com) 84

Two-factor authentication "protects from an attacker listening in right now," writes Slashdot reader szczys, "but in many case a database breach will negate the protections of two-factor." Hackaday reports: To fake an app-based 2FA query, someone has to know your TOTP password. That's all, and that's relatively easy. And in the event that the TOTP-key database gets compromised, the bad hackers will know everyone's TOTP keys.

How did this come to pass? In the old days, there was a physical dongle made by RSA that generated pseudorandom numbers in hardware. The secret key was stored in the dongle's flash memory, and the device was shipped with it installed. This was pretty plausibly "something you had" even though it was based on a secret number embedded in silicon. (More like "something you don't know?") The app authenticators are doing something very similar, even though it's all on your computer and the secret is stored somewhere on your hard drive or in your cell phone. The ease of finding this secret pushes it across the plausibility border into "something I know", at least for me.
The original submission calls two-factor authentication "an enhancement to password security, but good password practices are far and away still the most important of security protocols." (Meaning complex and frequently-changed passwords.)
Advertising

For Under $1,000, Mobile Ads Can Track Your Location (mashable.com) 52

"Researchers were able to use GPS data from an ad network to track a user to their actual location, and trace movements through town," writes phantomfive. Mashable reports: The idea is straightforward: Associate a series of ads with a specific individual as well as predetermined GPS coordinates. When those ads are served to a smartphone app, you know where that individual has been... It's a surprisingly simple technique, and the researchers say you can pull it off for "$1,000 or less." The relatively low cost means that digitally tracking a target in this manner isn't just for corporations, governments, or criminal enterprises. Rather, the stalker next door can have a go at it as well... Refusing to click on the popups isn't enough, as the person being surveilled doesn't need to do so for this to work -- simply being served the advertisements is all it takes.
It's "an industry-wide issue," according to the researchers, while Mashable labels it "digital surveillance, made available to any and all with money on hand, brought to the masses by your friendly neighborhood Silicon Valley disrupters."
Science

Astronomers Strike Gravitational Gold In Colliding Neutron Stars (npr.org) 109

For the first time, scientists have caught two neutron stars in the act of colliding, revealing that these strange smash-ups are the source of heavy elements such as gold and platinum. From a report: The discovery, announced today at a news conference and in scientific reports written by some 3,500 researchers, solves a long-standing mystery about the origin of these heavy elements -- which are found in everything from wedding rings to cellphones to nuclear weapons. It's also a dramatic demonstration of how astrophysics is being transformed by humanity's newfound ability to detect gravitational waves, ripples in the fabric of space-time that are created when massive objects spin around each other and finally collide. "It's so beautiful. It's so beautiful it makes me want to cry. It's the fulfillment of dozens, hundreds, thousands of people's efforts, but it's also the fulfillment of an idea suddenly becoming real," says Peter Saulson of Syracuse University, who has spent more than three decades working on the detection of gravitational waves. Albert Einstein predicted the existence of these ripples more than a century ago, but scientists didn't manage to detect them until 2015. Until now, they'd made only four such detections, and each time the distortions in space-time were caused by the collision of two black holes. That bizarre phenomenon, however, can't normally be seen by telescopes that look for light. Neutron stars, by contrast, spew out visible cosmic fireworks when they come together. These incredibly dense stars are as small as cities like New York and yet have more mass than our sun. Further reading: 'A New Rosetta Stone for Astronomy' (The Atlantic), and Gravitational Wave Astronomers Hit Mother Lode (Scientific American).
Crime

Dutch Police Build a Pokemon Go-Style App For Hunting Wanted Criminals (csoonline.com) 62

"How can the police induce citizens to help investigate crime? By trying to make it 'cool' and turning it into a game that awards points for hits," reports CSO. mrwireless writes: Through their 'police of the future' innovation initiative, and inspired by Pokemon Go, the Dutch police are building an app where you can score points by photographing the license plates of stolen cars. When a car is reported stolen the app will notify people in the neighbourhood, and then the game is on! Privacy activists are worried this creates a whole new relationship with the police, as a deputization of citizens blurs boundaries, and institutionalizes 'coveillance' -- citizens spying on citizens. It could be a slippery slope to situations that more resemble the Stasi regime's, which famously used this form of neighborly surveillance as its preferred method of control.
CSO cites Spiegel Online's description of the unofficial 189,000 Stasi informants as "totally normal citizens of East Germany who betrayed others: neighbors reporting on neighbors, schoolchildren informing on classmates, university students passing along information on other students, managers spying on employees and Communist bosses denouncing party members."

The Dutch police are also building another app that allows citizens to search for missing persons.
Microsoft

PSA: Microsoft Is Using Cortana To Read Your Private Skype Conversations (betanews.com) 180

BrianFagioli shares a report from BetaNews: With Cortana's in-context assistance, it's easier to keep your conversations going by having Cortana suggest useful information based on your chat, like restaurant options or movie reviews. And if you're in a time crunch? Cortana also suggests smart replies, allowing you to respond to any message quickly and easily -- without typing a thing," says The Skype Team. The team further says, "Cortana can also help you organize your day -- no need to leave your conversations. Cortana can detect when you're talking about scheduling events or things you have to do and will recommend setting up a reminder, which you will receive on all your devices that have Cortana enabled. So, whether you're talking about weekend plans or an important work appointment, nothing will slip through the cracks."

So, here's the deal, folks. In order for this magical "in-context" technology to work, Cortana is constantly reading your private conversations. If you use Skype on mobile to discuss private matters with your friends or family, Cortana is constantly analyzing what you type. Talking about secret business plans with a colleague? Yup, Microsoft's assistant is reading those too. Don't misunderstand -- I am not saying Microsoft has malicious intent by adding Cortana to Skype; the company could have good intentions. With that said, there is the potential for abuse. Microsoft could use Cortana's analysis to spy on you for things like advertising or worse, and that stinks. Is it really worth the risk to have smart replies and suggested calendar entries? I don't know about you, but I'd rather not have my Skype conversations read by Microsoft.

Cellphones

Alphabet's Balloons Will Bring Cellphone Service To Puerto Rico (wired.com) 65

An anonymous reader writes:Hurricanes Irma and Maria wiped out more than 90 percent of the cellphone coverage on Puerto Rico. Now the FCC has given "Project Loon" permission to fly 30 balloons more than 12 miles above the island for the next six months, Wired reports, to temporarily replace the thousands of cellphone towers knocked down by the two hurricanes.

Each balloon can service an area of 1,930 miles, so the hope is to restore service to the entire island of Puerto Rico and parts of the U.S. Virgin Islands. In May Project Loon, part of Google's parent company Alphabet, deployed its technology in Peru and later provided emergency internet access there during serious flooding. (Those balloons were acually launched from Puerto Rico.) These new Project Loon balloons will be "relaying communications between Alphabet's own ground stations connected to the surviving wireless networks, and users' handsets," according to the article, which reports that eight wireless carriers in Puerto Rico have already consented to the arrangement.

Government

White House Chief of Staff's Phone Was Reportedly Hacked Months Ago (reuters.com) 138

93 Escort Wagon writes: The personal cellphone belonging to Trump's Chief of Staff, John Kelly, may have been compromised, Reuters reports in a story originating from Politico. This may have happened as early as last December. The issue was discovered when Kelly submitted the phone to the White House's tech support crew during the summer, complaining that the phone would not update correctly.

Slashdot Top Deals