A 16-year-old high school student reverse engineered Apple's messaging protocol, leading to the launch of an interoperable Android app called "Beeper Mini".

But on Friday the Verge reported that "less than a week after its launch, the app started experiencing technical issues when users were suddenly unable to send and receive blue bubble messages." Reached for comment, Beeper CEO Eric Migicovsky did not deny that Apple has successfully blocked Beeper Mini. "If it's Apple, then I think the biggest question is... if Apple truly cares about the privacy and security of their own iPhone users, why would they stop a service that enables their own users to now send encrypted messages to Android users, rather than using unsecure SMS...? Beeper Mini is here today and works great. Why force iPhone users back to sending unencrypted SMS when they chat with friends on Android?"
Apple says they're unable to verify that end-to-end encryption is maintained when messages are sent through unauthorized channels, according to a statement quoted by TechCrunch: "At Apple, we build our products and services with industry-leading privacy and security technologies designed to give users control of their data and keep personal information safe. We took steps to protect our users by blocking techniques that exploit fake credentials in order to gain access to iMessage. These techniques posed significant risks to user security and privacy, including the potential for metadata exposure and enabling unwanted messages, spam, and phishing attacks. We will continue to make updates in the future to protect our users."
Beeper responded on X: We stand behind what we've built. Beeper Mini is keeps your messages private, and boosts security compared to unencrypted SMS. For anyone who claims otherwise, we'd be happy to give our entire source code to mutually agreed upon third party to evaluate the security of our app.
Ars Technica adds: On Saturday, Migicovsky notified Beeper Cloud (desktop) users that iMessage was working again for them, after a long night of fixes. "Work continues on Beeper Mini," Migicovsky wrote shortly after noon Eastern time.
Engadget notes: The Beeper Mini team has apparently been working around the clock to resolve the outage affecting the new "iMessage on Android" app, and says a fix is "very close." And once the fix rolls out, users' seven-day free trials will be reset so they can start over fresh.
Meanwhile, at around 9 p.m. EST, Beeper CEO Eric Migicovsky posted on X that "For 3 blissful days this week, iPhone and Android users enjoyed high quality encrypted chats. We're working hard to return to that state."

The iFixit team pulled apart the newest Fairphone 5 smartphone and awarded its highest score for repairability: 10 out of 10. With the exception of one or two compromises, the Fairphone 5 is just as repairable as its predecessors. The Register reports: As before, opening the phone is a simple matter of popping off the back of the case. The beefier battery -- 4200 mAh instead of the previous 3905 mAh -- remains easy to remove, although the bigger size has implications elsewhere in the device. Replacing the USB-C port remains simple thanks to a metal lip that allows it to be removed easily. Individual cameras can also be replaced, a nice upgrade from the all-in-one unit of the preceding phone.

However, rather than something along the lines of the Core Module of the previous phone, the iFixit team found a motherboard and daughterboard more akin to other Android handsets. According to Fairphone, the bigger battery made the change necessary, but it's still a little disappointing. Still, the teardown team noted clear labeling to stop cables from being accidentally plugged into the wrong places. It said: "That's what intuitive repair design is all about: it should be easy to do the right thing and complicated to do the wrong thing." According to iFixit co-founder and CEO Kyle Wiens: "Fairphone's promise of five Android version upgrades and over eight years of security updates with the Fairphone 5 is a bold statement in an industry that leans towards fleeting product life cycles. This is a significant stride towards sustainability and sets a new benchmark for smartphone lifespan."

"At iFixit, we believe in tech that lasts, and Fairphone is making that belief a reality. Fairphone's effort to attain a 10-year lifespan is not just impressive; it's unparalleled."

An anonymous reader quotes a report from TechCrunch: A number of popular mobile password managers are inadvertently spilling user credentials due to a vulnerability in the autofill functionality of Android apps. The vulnerability, dubbed "AutoSpill," can expose users' saved credentials from mobile password managers by circumventing Android's secure autofill mechanism, according to university researchers at the IIIT Hyderabad, who discovered the vulnerability and presented their research at Black Hat Europe this week. The researchers, Ankit Gangwal, Shubham Singh and Abhijeet Srivastava, found that when an Android app loads a login page in WebView, password managers can get "disoriented" about where they should target the user's login information and instead expose their credentials to the underlying app's native fields, they said. This is because WebView, the preinstalled engine from Google, lets developers display web content in-app without launching a web browser, and an autofill request is generated.

"Let's say you are trying to log into your favorite music app on your mobile device, and you use the option of 'login via Google or Facebook.' The music app will open a Google or Facebook login page inside itself via the WebView," Gangwal explained to TechCrunch prior to their Black Hat presentation on Wednesday. "When the password manager is invoked to autofill the credentials, ideally, it should autofill only into the Google or Facebook page that has been loaded. But we found that the autofill operation could accidentally expose the credentials to the base app." Gangwal notes that the ramifications of this vulnerability, particularly in a scenario where the base app is malicious, are significant. He added: "Even without phishing, any malicious app that asks you to log in via another site, like Google or Facebook, can automatically access sensitive information."

The researchers tested the AutoSpill vulnerability using some of the most popular password managers, including 1Password, LastPass, Keeper and Enpass, on new and up-to-date Android devices. They found that most apps were vulnerable to credential leakage, even with JavaScript injection disabled. When JavaScript injection was enabled, all the password managers were susceptible to their AutoSpill vulnerability. Gangwal says he alerted Google and the affected password managers to the flaw. Gangwal tells TechCrunch that the researchers are now exploring the possibility of an attacker potentially extracting credentials from the app to WebView. The team is also investigating whether the vulnerability can be replicated on iOS.

An anonymous reader shares a report: Beeper has been offering a unified messaging platform for a few years, allowing users to open a single app to communicate with contacts via SMS, Google Chat, Facebook Messenger, Slack, Discord, WhatsApp, and perhaps most significantly, iMessage. Up until this week though, Android users that wanted to use Beeper to send "blue bubble" messages to iMessage users had their messages routed through a Mac or iOS device. Now Beeper has launched a new app called Beeper Mini that handles everything on-device, no iPhone or Mac bridge required.

Beeper Mini is available now from the Google Play Store, and offers a 7-day free trial. After that, it costs $2 per month to keep using. [...] previously the company had to rely on a Mac-in-the-cloud? The company explains the method it's using in a blog post, but in a nutshell, Beeper says a security researcher has reverse engineered "the iMessage protocol and encryption," so that "all messages are sent and received by Beeper Mini Android app directly to Apple's servers" and "the encryption keys needed to encrypt these messages never leave your phone." That security researcher, by the way, is a high school student that goes by jjtech, who was hired by Beeper after showing the company his code. A proof-of-concept Python script is also available on Github if you'd like to run it to send messages to iMessage from a PC.

According to Microsoft Gaming CEO Phil Spencer, the company is talking to partners to help launch a mobile gaming store that will take on Apple and Google. "It's an important part of our strategy and something we are actively working on today not only alone, but talking to other partners who'd also like to see more choice for how they can monetize on the phone," Spencer said in an interview in Sao Paulo during the CCXP comics and entertainment convention. From the report: The executive declined to give a specific date for a launch of the online store, which earlier reports suggested could be next year. "I don't think this is multiple years away, I think this is sooner than that,'' he said. [...] Microsoft's mobile store would also enter a challenging regulatory climate around smartphone-based digital marketplaces. Fortnite-maker Epic Games has sued both Apple and Alphabet's Google over their iOS and Android store practices, alleging they are unnecessarily restrictive and unfair. Apple doesn't allow competing stores on its iPhone and iPad platforms, and collects a 30% cut of sales for most purchases. Game makers have taken issue with the fees.

Epic lost its battle with Apple but in September asked the US Supreme Court to weigh in. Apple is also petitioning that court to reverse an order that would force the company to let developers steer customers to other payment methods. Epic is still in court fighting its case against Google, which does allow third-party app stores on its devices.The European Union's Digital Markets Act, which is just beginning to take effect, could force Apple to open up its app store ecosystem. Apple is challenging the regulation.

Microsoft may be able to use long-standing resentment against the market leaders to martial support for its store offering. Xbox's cloud gaming technology already lets users stream blockbuster games to mobile phones. "We've talked about choice, and today on your mobile phones, you don't have choice,'' Spencer said. "To make sure that Xbox is not only relevant today but for the next 10, 20 years, we're going to have to be strong across many screens." Earlier this week, Xbox CFO Tim Stuart said during the Wells Fargo TMT Summit that Microsoft wants to make first-party games and Game Pass available on "every screen that can play games," including rival consoles. "It's a bit of a change of strategy. Not announcing anything broadly here, but our mission is to bring our first-party experiences [and] our subscription services to every screen that can play games," Stuart said. "That means smart TVs, that means mobile devices, that means what we would have thought of as competitors in the past like PlayStation and Nintendo."

An anonymous reader quotes a report from TechCrunch: Both Apple and Google today announced their best apps and games of the year, with the hiking and biking companion AllTrails winning as Apple's iPhone App of the Year in 2023, while the educational app Imprint: Learn Visually won as Google Play's best app. Meanwhile, Apple and Google agreed on their Game of the Year, as both picked Honkai: Star Rail as their winner.

These year-end "best of" lists aren't just a way to drive interest in new apps and games, but serve as a way to gauge the status of the app marketplaces, what the platforms themselves wanted to celebrate and what drew consumers' attention in the year. Surprisingly, however, Apple this year bucked the trend of highlighting apps that were new to the store or that had taken advantage of a recently released technology in an innovative way. Instead, its finalists for iPhone App of the Year included apps that have long deserved accolades as well-built and well-designed mobile companions, including the language learning app Duolingo and travel app Flighty, in addition to winner AllTrails. Still, it's worth noting that this is a different type of selection than in previous years, when App Store winners included the breakout social hit BeReal in 2022 and the well-received children's app Toca Life World the year prior.

It's also worth noting that neither Apple nor Google chose an AI app as its app of the year, despite the incredible success of ChatGPT's mobile app and others. That's particularly odd given that ChatGPT became the fastest-growing consumer application in history earlier this year when it reached 100 million users shortly after its launch. That record was later broken by Instagram Threads, which hit 100 million users within just five days, and as of October had still maintained an active user base of just under 100 million. (However, the 100 million users Threads initially counted were sign-ups, not monthly active users, we should note. Meanwhile, ChatGPT's rise to 100 million users included its web app, so it's not an apples-to-apples comparison.) Either one of these picks would represent a mobile app success story, but both app store platforms looked to others as the top winners this year. Plus, outside of ChatGPT, many other AI apps are raking in millions in revenue as well, so the decision to avoid the AI category seems a deliberate choice on Apple's part.

Google Play has reversed its latest ban on a web browser that keeps getting targeted by vague Digital Millennium Copyright Act (DMCA) notices. Downloader, an Android TV app that combines a browser with a file manager, was restored to Google Play last night. From a report: Downloader, made by app developer Elias Saba, was suspended on Sunday after a DMCA notice submitted by copyright-enforcement firm MarkScan on behalf of Warner Bros. Discovery. It was the second time in six months that Downloader was suspended based on a complaint that the app's web browser is capable of loading websites.

The first suspension in May lasted three weeks, but Google reversed the latest one much more quickly. As we wrote on Monday, the MarkScan DMCA notice didn't even list any copyrighted works that Downloader supposedly infringed upon. Instead of identifying specific copyrighted works, the MarkScan notice said only that Downloader infringed on "Properties of Warner Bros. Discovery Inc." In the field where a DMCA complainant is supposed to provide an example of where someone can view an authorized example of the work, MarkScan simply entered the main Warner Bros. URL: https://www.warnerbros.com/.

An anonymous reader shares a report: Until today, we'd never heard of "Project Boston." It was Activision Blizzard King's big plan to earn more money from its mobile games by changing its relationship with Google. And if things had gone differently, it would have given Activision Blizzard its own app store on Android. In late 2019, according to internal emails and documents I saw today in the courtroom during the Epic v. Google trial, the company decided it was going to dual-track two intriguing parallel plans.

The first plan was to build its own mobile game store -- either in partnership with Epic Games and Clash of Clans publisher Supercell or all by itself -- to bypass the Google Play Store. You'd download it from a website, sideload it onto your Android phone, and then you'd be able to purchase, download, and patch games like Candy Crush, Call of Duty: Mobile, and Diablo Immortal there. In private emails with Epic CEO Tim Sweeney, Activision Blizzard CFO Armin Zerza pitched it as the "Steam of Mobile" -- a single place to buy mobile games, with a single payment system. Documents suggest the store would charge a transaction fee of 10 to 12 percent, lower than the 30 percent fee Google (and Nintendo, Sony, Microsoft, and Steam) impose on gaming transactions.

Microsoft Phone Link, previously known as Microsoft Your Phone, lets you control your Android phone from your computer. Now, the company appears to be working on letting you use your Android phone as a webcam with Windows computers, similar to how you can use your iPhone as a webcam on Mac. Android Authority reports: Microsoft's Link to Windows v1.23102.190.0 for Android app includes code that suggests that the company is working on letting your Android phone provide a video stream to your Windows PC. This would effectively allow it to be used as a webcam. [...] These strings indicate that once Microsoft's Phone Link app is working on both connected devices, users would be able to start a camera stream that lets their phone's camera be available to their Windows PC. The strings do not explicitly mention "webcam," but other clues indicate that the feature would be related to video calls in some ways.

Phone Link can already access your camera and video conferencing apps, but this is just mirroring apps running on your phone. What you see on your phone screen is what you see on the computer. If you record a video, it gets saved to your phone as typical video recordings do. With the new functionality spotted above, Phone Link could potentially compete against Apple's Continuity Camera features. With Continuity Camera, users can mount their iPhone to their Mac and then use the iPhone's camera and microphone for FaceTime or other camera apps.

Mozilla is opening the floodgates on extensions for Firefox on Android, with hundreds of new add-ons arriving in December. From a report: In a blog post, Mozilla explains that Firefox extensions compatible with Android will be "openly available" to users, with over 400 coming at launch. That launch will arrive on December 14. Technically, Firefox already supports extensions on Android. However, the library is a bit more limited as Mozilla details on a support page. With this new update, though, Firefox users will get a lot more options as developers will have a route to port desktop extensions to Android.

An anonymous reader quotes a report from Hackaday: The BBC has a long history of teaching the world about computers. The broadcaster's name was proudly displayed on the BBC Micro, and BBC Basic was the programming language developed especially for that computer. Now, BBC Basic is back and running on a whole mess of modern platforms. BBC Basic for SDL 2.0 will run on Windows, MacOS, x86 Linux, and even Raspberry Pi OS, Android, and iOS. Desktop versions of the programming environment feature a BASIC editor that has syntax coloring for ease of use, along with luxury features like search and replace that weren't always available at the dawn of the microcomputer era. Meanwhile, the smartphone versions feature a simplified interface designed to work better in a touchscreen environment.

It's weird to see, but BBC Basic can actually do some interesting stuff given the power of modern hardware. It can address up to 256 MB of memory, and work with far more advanced graphical assets than would ever have been possible on the original BBC Micro. If you honed your programming skills on that old metal, you might be impressed with what they can achieve with BBC Basic in a new, more powerful context.

An anonymous reader quotes a report from Ars Technica: App developer Elias Saba has had some bad luck with Digital Millennium Copyright Act (DMCA) takedowns. His Android TV app Downloader, which combines a web browser with a file manager, was suspended by Google Play in May after several Israeli TV companies complained that the app could be used to load a pirate website. Google reversed that suspension after three weeks. But Downloader has been suspended by Google Play again, and this time the reason is even harder to understand. Based on a vague DMCA notice, it appears that Downloader was suspended simply because it can load the Warner Bros. website. [...]

The notice includes a copy of the DMCA complaint, which came from MarkScan, a "digital asset protection" firm that content owners hire to enforce copyrights. MarkScan said in its complaint that it represents Warner Bros. Discovery Inc. A DMCA notice is supposed to identify and describe the copyrighted work that was infringed. But MarkScan's notice about Downloader identifies the copyrighted work only as "Properties of Warner Bros. Discovery Inc." It provides no detail on which Warner Bros. work was infringed by Downloader. A DMCA notice is also supposed to provide an example of where someone can see "an authorized example of the work." In this field, MarkScan simply entered the main Warner Bros. URL: https://www.warnerbros.com/. The Downloader app had been installed over 10 million times before the takedown, according to an Internet Archive capture taken before the latest suspension.

Saba appealed the takedown today, but he told us that the appeal was rejected by Google Play after 24 minutes. Saba said he also submitted a DMCA counter-notice, which gives the complainant 10 business days from today to file a legal action. After his first takedown in May, his app was reinstated after the DMCA complainant didn't take any legal action. Saba also wrote a blog post today about the latest takedown. "Given that my app still does not contain any copyright-infringing content and never has, I've countered this new DMCA takedown which will, hopefully, mean the app will be restored sometime in the coming weeks," he wrote. "In the meantime, you can sideload the app onto your Google TV or Android TV devices by downloading the APK from https://www.aftvnews.com/downloader.apk. Downloader remains available on Fire TV devices directly from the Amazon Appstore." Saba said it's "absurd that Google seems to make no effort at all to verify the copyright claims being made on my app which is just a web browser that can download files and has no content of any sort in it."

"If loading a website with infringing content in a standard web browser is enough to violate DMCA, then every browser in the Google Play Store including @googlechrome should also be removed," said Saba in May. "It's a ridiculous claim and an abuse of the DMCA."

Simon Sharwood reports via The Register: Amazon Web Services has announced the WorkSpaces Thin Client -- a device dedicated to connecting to its WorkSpaces desktop-as-a service offering and based on Amazon's own "Fire Cube" smart TV box. The $195 machine has the same hardware as the Fire Cube: the eight-core Arm-powered Amlogic POP1-G SoC, plus 2GB of LPDDR4 RAM, 10/100 ethernet, and a single USB-A 2.0 port. Bluetooth is included to connect other peripherals. A second HDMI output can be added by acquiring an $85 hub that also offers four more USB ports. Like the Fire TV Cube, the Thin Client also runs a modified cut of Android.

But there the similarities end. AWS created custom firmware and ripped out anything remotely related to running a consumer device, replacing it with software designed solely to create a secure connection between the device and desktops running in the Amazonian cloud. Amazon Business -- the B2B version of Jeff Bezos's digital souk -- will ship the device to your door, and charge it to your AWS bill. At least if you are in the USA. Europe will get the Thin Client in early 2024, and it'll eventually migrate elsewhere.

AWS decided to base the box on the Fire Cube because, according to a corporate blog post, AWS customers expressed a desire for cheaper and easier-to-maintain client devices. As AWS execs searched for a well-priced box, they considered the Fire TV Cube, found it fit the bill and noted it was already being made at scale. Keeping things in-house made sense, too. And so we find ourselves with AWS taking on established thin client providers. The cloudy concern is also keen to have a crack at the thick wedge of the enterprise PC market: call centers, payment processing centers, and other environments with lots of users and high staff turnover due to factors like seasonal demand for workers.

OpenAI's "ChatGPT with voice" feature announced in September is now rolling out to all free users on mobile. Engadget reports: When the company first introduced voice chats, it admitted that the capability to create "realistic synthetic voices from just a few seconds of real speech" presents new risks. It could, for instance, allow bad actors to impersonate public figures or anybody they want. As a result, it decided that ChatGPT's voice feature will focus on conversations. It's powered by a text-to-speech model that can generate "human-like audio from just text and a few seconds of sample speech." OpenAI worked with voice actors to create the capability and offers five different voices to choose from.

Sunbird, the app that brings iMessage to Android, has temporarily shut down the service over "security concerns." From a report: In a notice to users, Sunbird says it has "decided to pause Sunbird usage for now" while it investigates reports that its messages aren't actually end-to-end encrypted. Sunbird launched in 2022 as a messaging app that attempts to put the blue versus green bubble battle to rest. It has only been available to those who sign up for its waitlist, touting numerous privacy features, like end-to-end encryption, no message data collection, and no ads.

Last week, Sunbird partnered with Nothing, the phone brand owned by OnePlus co-founder Carl Pei, on the launch of Nothing Chats. The Sunbird-powered messaging service is supposed to let owners of the Phone 2 send texts via iMessage, but it was pulled from the Google Play Store just one day after its launch. At the time, Nothing said it had to fix "several bugs" within the app. However, its removal from the Play Store came around the same time a post from Texts.blog revealed that messages sent via Sunbird may not be end-to-end encrypted.

Epic Games Chief Executive Officer Tim Sweeney testified that Google's Android operating system is a "fake open platform" in a high-stakes antitrust lawsuit over claims that the technology giant thwarts app market competition. From a report: Sweeney, who founded the company that makes the blockbuster Fortnite, took the witness stand Monday in San Francisco federal court to reinforce his claims that Google Play policies are unlawful and allow Alphabet to maintain a monopoly in the Android mobile-app distribution market. The court fight started in 2020 when Epic marketed Fortnite on Android and sidestepped the Google Play billing system and the 30% revenue cut it was taking from app developers.

"We very much wanted to avoid that and do business directly with our customers," Sweeney told jurors. Google denies abusing its market power. The jury trial started two weeks ago and is expected to wrap up in early December. If Epic prevails, Google could be forced to allow competing app marketplaces and payment methods on its app store, threatening billions of dollars in revenue generated by Google Play. Sweeney previously testified in a 2021 trial in a similar antitrust suit targeting Apple's App Store policies as unfair and self-serving. Epic mostly lost that fight, which was decided by a federal judge in Oakland, California, after a trial. An appeals court upheld the judge's ruling and Epic is now asking the US Supreme Court to review it.

An anonymous reader quotes a report from The Verge: Music streaming service Spotify struck a seemingly unique and highly generous deal with Google for Android-based payments, according to new testimony in the Epic v. Google trial. On the stand, Google head of global partnerships Don Harrison confirmed Spotify paid a 0 percent commission when users chose to buy subscriptions through Spotify's own system. If the users picked Google as their payment processor, Spotify handed over 4 percent -- dramatically less than Google's more common 15 percent fee. Google fought to keep the Spotify numbers private during its antitrust fight with Epic, saying they could damage negotiations with other app developers who might want more generous rates.

Google's User Choice Billing program, launched in 2022, is typically described as shaving about 4 percent off Google's Play Store commission if developers use their own payment system, bringing down Google's 15 percent subscription service fee to more like 11 percent. That often ends up saving developers little or no money since they must foot the cost of payment processing themselves. And in court, Google has focused on benefits like greater flexibility rather than cost savings. [...] Harrison says Spotify's "unprecedented" popularity was great enough to justify a "bespoke" deal. "If we don't have Spotify working properly across Play services and core services, people will not buy Android phones," Harrison testified. As part of the deal, both parties also agreed to commit $50 million apiece to a "success fund."

Google acknowledged Harrison's testimony in a statement to The Verge. "A small number of developers that invest more directly in Android and Play may have different service fees as part of a broader partnership that includes substantial financial investments and product integrations across different form factors," says spokesperson Dan Jackson. "These key investment partnerships allow us to bring more users to Android and Play by continuously improving the experience for all users and create new opportunities for all developers." Google would not name other developers that have gotten the company to agree to more generous rates. During the trial, we learned that Google offered Netflix a special discounted rate of just 10 percent, but Netflix refused. Netflix no longer offers an in-app purchase option on Android and no longer pays Google anything to distribute its app as a result.

Last week, Android smartphone manufacturer "Nothing" announced that it's bringing iMessage to its newest phone through a new "Nothing Chats" app powered by the messaging platform Sunbird. After launching Friday, the app was shut down within 24 hours and the Sunbird app, which Nothing Chat is a clone of, was put "on pause." The reason? It's a security nightmare. Ars Technica reports: The initial sales pitch for this app -- that it would log you into iMessage on Android if you handed over your Apple username and password -- was a huge security red flag that meant Sunbird would need an ultra-secure infrastructure to avoid disaster. Instead, the app turned out to be about as unsecure as you could possibly be. Here's Nothing's statement: "We've removed the Nothing Chats beta from the Play Store and will be delaying the launch until further notice to work with Sunbird to fix several bugs. We apologize for the delay and will do right by our users."

How bad are the security issues? Both 9to5Google and Text.com (which is owned by Automattic, the company behind WordPress) uncovered shockingly bad security practices. Not only was the app not end-to-end encrypted, as claimed numerous times by Nothing and Sunbird, but Sunbird actually logged and stored messages in plain text on both the error reporting software Sentry and in a Firebase store. Authentication tokens were sent over unencrypted HTTP so this token could be intercepted and used to read your messages. [...]

Despite being the cause of this huge catastrophe, Sunbird has been bizarrely quiet during this whole mess. The app's X (formerly Twitter) page still doesn't say anything about the shutdown of Nothing Chats or Sunbird. Maybe that's for the best because some of Sunbird's early responses to the security concerns raised on Friday do not seem like they came from a competent developer. [...] Nothing has always seemed like an Android manufacturer that was more hype than substance, but we can now add "negligent" to that list. The company latched on to Sunbird, reskinned its app, created a promo website and YouTube video, and coordinated a media release with popular YouTubers, all without doing the slightest bit of due diligence on Sunbird's apps or its security claims. It's unbelievable that these two companies made it this far -- the launch of Nothing Chats required a systemic security failure across two entire companies.

An anonymous reader shared this report from InfoWorld: JetBrains' Kotlin language, a Java rival endorsed by Google for Android mobile development, continues to scale up Tiobe's index of language popularity, reaching the 15th spot in the November 2023 rankings...

Software quality services company Tiobe cites Kotlin advantages including interoperability with Java and unrivaled Android accommodations as reasons for the language's rise. Kotlin, Tiobe CEO Paul Jansen said, also fits in with a modern programming culture of expressive languages that have a strong type system and avoid null pointer exceptions by design. "Based on my experience, I am pretty sure Kotlin can reach a top 10 position," Jansen said. It remains to be seen if it can ever scale as high as a top four slot, he added...

In the rival Pypl Popularity of Programming languages index this month, Kotlin was ranked 13th with a 1.76% share, having slipped slightly year-over-year.
Kotlin's rank on the TIOBE index rose three positions in the last month — after rising two positions the month before. TIOBE's CEO says the language has now achieved its highest ranking ever on the index, surpassing 2017's "first wave of Kotlin popularity...when Google announced first class support for Kotlin on Android."

Rust now ranks #20 on the index, behind Delphi/Object Pascal, Swift, Ruby, and R.

Here's TIOBE November rankings for top-20 most popular programming languages:

1. Python
2. C
3. C++
4. Java
5. C#
6. JavaScript
7. PHP
8. Visual Basic
9. SQL
10. Assembly Language
11. Scratch
12. Fortran
13. Go
14. MATLAB
15. Kotlin
16. Delphi/Object Pascal
17. Swift
18. Ruby
19. R
20. Rust

"NFTs aren't gone yet," writes the Verge.

"Disney will launch an 'all-new socially driven collectible experience' called Disney Pinnacle later this year, turning characters from Pixar, Star Wars, and its classic animated films into tradable digital pins." While announcing Pinnacle, Disney and its partner Dapper Labs won't even say the word "NFT." Dapper Labs still calls itself "the NFT company," but between a variety of scams, an eye-blistering episode at a recent Bored Ape event, and a market that has plunged since peaking in early 2021, that's a term they apparently will steer clear of. The only thing available on the site right now is a privacy policy that makes clear this is a Dapper Labs effort that's licensing content from Disney — not an in-house effort on the level of Disney Plus.

The NFT collection is being launched through an iOS app, and a spokesperson tells CoinDesk that web and Android applications will come later.
The Disney Pinnacle website has a few seconds of background animation showing the pins — and, of course, a waitlist signup form.