If you use an iPhone or Android phone, chances are the majority of your most-used apps were made by Apple and Google. From a report: That's the takeaway from a new Comscore study that ranks the popularity of preinstalled iOS and Android apps, such as Apple's Messages, alongside apps made by other developers. The results show that the majority of apps people use on their phones in the US come preinstalled by either Apple or Google. The first-of-its-kind report was commissioned by Facebook, one of Apple's loudest critics, and shared exclusively with The Verge. Preinstalled services dominate when it comes to basics like weather, photos, and clocks, according to the report, suggesting these categories will be difficult for other apps to compete in. Defaults don't win out exclusively, though: Apple Maps and Music don't appear on the iOS list at all, and Gmail makes the iOS list several entries below Apple Mail.

The timing, as Facebook likely intentioned, is apt: Apple and Google are increasingly under scrutiny for how they favor their own services over competitors like Spotify. US lawmakers are currently reviewing a new set of bills designed to curb the power of Big Tech, including legislation that could potentially bar Apple and Google from giving their services the upper hand against rivals. The pushback stems from how Apple and Google bundle their apps and services with their mobile operating systems in ways that some of their competitors think is unfair. The criticism is harsher against Apple, given that it more tightly controls the apps that come preinstalled on the iPhone and doesn't allow developers to circumvent its App Store.

Last month, it was revealed that OnePlus will become an Oppo sub-brand. Now, the company announced that it's also merging OxygenOS with Oppo's ColorOS operating system. 9to5Google reports: In a forum post today, OnePlus explains that the sub-brand of Oppo is "working on integrating the codebase of OxygenOS and ColorOS." Apparently, the change will go unnoticed because it is happening behind the scenes: "This is a change that you will likely not even notice since it's happening behind the scenes. We now have a larger and even more capable team of developers, more advanced R&D resources, and a more streamlined development process all coming together to improve the OxygenOS experience."

OnePlus also further reiterates that OxygenOS will remain the "global" operating system for OnePlus-branded devices rather than ColorOS, which runs on Oppo devices and OnePlus devices in China, too. It's not mentioned if OxygenOS will change visually, but it's fairly clear that will happen based on early looks at the Android 12 Beta which is available for OnePlus 9 devices. The bright side of this change, however, is that OnePlus will be committing to a stronger Android update schedule that delivers at least three years of support to the company's entire portfolio.

An anonymous reader quotes a report from Ars Technica: Google has given the boot to nine Android apps downloaded more than 5.8 million times from the company's Play marketplace after researchers said these apps used a sneaky way to steal users' Facebook login credentials. In a bid to win users' trust and lower their guard, the apps provided fully functioning services for photo editing and framing, exercise and training, horoscopes, and removal of junk files from Android devices, according to a post published by security firm Dr. Web. All of the identified apps offered users an option to disable in-app ads by logging into their Facebook accounts. Users who chose the option saw a genuine Facebook login form containing fields for entering usernames and passwords.

Then, as Dr. Web researchers wrote: "These trojans used a special mechanism to trick their victims. After receiving the necessary settings from one of the C&C servers upon launch, they loaded the legitimate Facebook web page https://www.facebook.com/login... into WebView. Next, they loaded JavaScript received from the C&C server into the same WebView. This script was directly used to hijack the entered login credentials. After that, this JavaScript, using the methods provided through the JavascriptInterface annotation, passed stolen login and password to the trojan applications, which then transferred the data to the attackers' C&C server. After the victim logged into their account, the trojans also stole cookies from the current authorization session. Those cookies were also sent to cybercriminals. Analysis of the malicious programs showed that they all received settings for stealing logins and passwords of Facebook accounts. However, the attackers could have easily changed the trojans' settings and commanded them to load the web page of another legitimate service. They could have even used a completely fake login form located on a phishing site. Thus, the trojans could have been used to steal logins and passwords from any service."

The majority of the downloads were for an app called PIP Photo, which was accessed more than 5.8 million times. The app with the next greatest reach was Processing Photo, with more than 500,000 downloads. The remaining apps were: Rubbish Cleaner: more than 100,000 downloads; Inwell Fitness: more than 100,000 downloads; Horoscope Daily: more than 100,000 downloads; App Lock Keep: more than 50,000 downloads; Lockit Master: more than 5,000 downloads; Horoscope Pi: 1,000 downloads; and App Lock Manager: 10 downloads. A search of Google Play shows that all apps have been removed from Play.

Neowin: Microsoft today released the first-ever Windows 11 build to Insiders in the Dev channel, bringing build 22000.51. While most of the announced features made it to the build, there are a few missing ones such as support for Android apps. The firm also posted a few known issues for the release. In addition to the build, the company has also posted clarification about the confusion surrounding the minimum system requirements.

The firm starts off by acknowledging that there has been confusion caused by the PC Health Check tool, something that was updated late last week after negative feedback from users about the lack of clarity on Windows 11 compatibility. It says that the tool was "not fully prepared to share the level of detail or accuracy you expected from us on why a Windows 10 PC doesn't meet upgrade requirements," which is why the company is taking down the tool to address the feedback, adding that the tool will be "back online" later in the fall, closer to the general availability of Windows 11. In a blog post, the company adds: [...] Using the principles above, we are confident that devices running on Intel 8th generation processors and AMD Zen 2 as well as Qualcomm 7 and 8 Series will meet our principles around security and reliability and minimum system requirements for Windows 11. As we release to Windows Insiders and partner with our OEMs, we will test to identify devices running on Intel 7th generation and AMD Zen 1 that may meet our principles.

There are some big announcements on DuckDuckGo's blog at SpreadPrivacy.com:

• "Our apps have been downloaded more than 50 million times over the last 12 months, more than all prior years combined...

• "Spurred by the increase in DuckDuckGo app usage, over the last 12 months our monthly search traffic increased 55% and we grew to become the #2 search engine on mobile in many countries including in the U.S., Canada, Australia, and the Netherlands. (StatCounter/Wikipedia)."

• "We don't track our users so we can't say for sure how many we have, but based on market share estimates, download numbers, and national surveys, we believe there are between 70-100 million DuckDuckGo users."

• "We're excited to start rolling out additional privacy features to our all-in-one privacy bundle. In a few weeks, DuckDuckGo Email Protection will be available in beta which will give users more privacy without having to get a new inbox. Later this summer, app tracker blocking will be available in beta for Android devices, allowing users to block app trackers and providing more transparency on what's happening behind the scenes on their device. Before the end of the year, we also plan to release a brand-new desktop version of our existing mobile app which people can use as a primary browser."

They're now pulling in over $100 million a year in revenue, "giving us the financial resources to continue growing rapidly," and at the end of 2020 they also landed a "mainly secondary investment" of over $100 million from a long list of investors (which included Tim Berners-Lee as well as Freada Kapor Klein and Mitch Kapor).

One thing they're doing with their money is spreading the word about online privacy — by purchasing billboard, radio, and TV ads in 175 different markets across the U.S., with more marketing blitzes now planned soon for Europe and other countries around the world.

Famed software engineer Miguel de Icaza confirmed on Twitter that you will be able to sideload Android APKs in Windows 11. Android Authority reports: Yesterday, Microsoft surprised us all by announcing that Windows 11 will support native Android app installation. Using the Microsoft Store, you'll be able to search for, install, and use Android apps right on your PC. This is possible through an integration of the Amazon App Store. However, a big question loomed over the announcement: would you be able to sideload Android APKs on Windows 11? Sideloading apps would allow you to install Android programs from outside the Microsoft Store, which would give you a much larger potential library.

It seems the answer to that question is "yes," at least according to famed engineer Miguel de Icaza. Miguel is responsible for numerous software projects, including GNOME, and currently works at Microsoft. However, his Twitter bio explicitly says "Working at Microsoft, not speaking for them," so we need to take this news with some skepticism. Of course, it's not quite clear how sideloading Android APKs on Windows 11 will work. Will you be able to simply download an APK as you would an EXE, double-click it, and install it? Or will there be some sort of workaround protocol? We'll need to wait to see how this develops.

An anonymous reader quotes a report from Ars Technica: For years, security researchers and cybercriminals have hacked ATMs by using all possible avenues to their innards, from opening a front panel and sticking a thumb drive into a USB port to drilling a hole that exposes internal wiring. Now, one researcher has found a collection of bugs that allow him to hack ATMs -- along with a wide variety of point-of-sale terminals -- in a new way: with a wave of his phone over a contactless credit card reader. Josep Rodriguez, a researcher and consultant at security firm IOActive, has spent the last year digging up and reporting vulnerabilities in the so-called near-field communications reader chips used in millions of ATMs and point-of-sale systems worldwide. NFC systems are what let you wave a credit card over a reader -- rather than swipe or insert it -- to make a payment or extract money from a cash machine. You can find them on countless retail store and restaurant counters, vending machines, taxis, and parking meters around the globe.

Now Rodriguez has built an Android app that allows his smartphone to mimic those credit card radio communications and exploit flaws in the NFC systems' firmware. With a wave of his phone, he can exploit a variety of bugs to crash point-of-sale devices, hack them to collect and transmit credit card data, invisibly change the value of transactions, and even lock the devices while displaying a ransomware message. Rodriguez says he can even force at least one brand of ATMs to dispense cash -- though that "jackpotting" hack only works in combination with additional bugs he says he has found in the ATMs' software. He declined to specify or disclose those flaws publicly due to nondisclosure agreements with the ATM vendors. "You can modify the firmware and change the price to one dollar, for instance, even when the screen shows that you're paying 50 dollars. You can make the device useless, or install a kind of ransomware. There are a lot of possibilities here," says Rodriguez of the point-of-sale attacks he discovered. "If you chain the attack and also send a special payload to an ATM's computer, you can jackpot the ATM -- like cash out, just by tapping your phone."

Rodriguez says he alerted the affected vendors -- which include ID Tech, Ingenico, Verifone, Crane Payment Innovations, BBPOS, Nexgo, and the unnamed ATM vendor -- to his findings between seven months and a year ago. Even so, he warns that the sheer number of affected systems and the fact that many point-of-sale terminals and ATMs don't regularly receive software updates -- and in many cases require physical access to update -- mean that many of those devices likely remain vulnerable. "Patching so many hundreds of thousands of ATMs physically, it's something that would require a lot of time," Rodriguez says.

Millions of Americans received stimulus checks in the past year, but Salvadoreans will be soon be receiving one paid in Bitcoin. From a report: The Central American country will give U.S. $30 worth of Bitcoin to each adult citizen that downloads and registers on the country's new cryptocurrency app, Chivo, President Nayib Bukele said during a televised speech Thursday. The $30 promotion is the nation's latest effort to push adoption of Bitcoin as legal currency. Bukele announced via video at the Bitcoin 2021 conference in Miami earlier this month that he would be introducing legislation to make Bitcoin legal tender. His "Bitcoin Law" goes into effect on Sept. 7.

"This law is made to generate employment, to generate investments, and at no moment will it affect anybody, like opponents have tried to say with their dirty campaign," Bukele said during the hour-long speech Thursday. Chivo, the crypto wallet whose name translates to "goat" in English, will be compatible with both dollars and Bitcoin, and will be available on both iOS and Android devices, Bukele said. Since former Salvadorean President Francisco Flores passed a 2001 dollarization law, the U.S. dollar has been the most used legal tender in the country.

An anonymous reader quotes a report from PCGamesN: Microsoft has finally debuted Windows 11, and it's not just packing auto HDR and native Android apps. The long-teased DirectStorage API that's meant to cut down loading times on gaming PCs much in the same way the Xbox Velocity Architecture speeds things up on Microsoft's consoles is on its way, and it won't be coming to Windows 10 like we originally thought. The Windows 11 exclusive feature improves communication between your storage device and graphics card, allowing assets to load quicker without having to pass through the CPU first. Naturally, this means more time spent gaming and less time reading the same hints as you move from area to area.

It'll work best with systems that are dubbed 'DirectStorage Optimized', containing the right hardware and drivers for the job. If you're more of the DIY type that prefers to build the best gaming PC yourself, requirements demand an NVMe SSD with 1TB of storage or more. PCIe 4.0 NVMe SSDs and the latest GPUs from Nvidia and AMD will offer a better experience, but DirectStorage will still work with older standards like the third generation PCIe 3.0 -- you won't have much luck with 2.5-inch SATA drives, though. DirectStorage will only work with games built using DirectX 12, so there's no telling how many titles will support the feature when you upgrade to Windows 11 for free later this year.

At the end of a surprisingly eventful, exciting presentation of Windows 11, Microsoft CEO Satya Nadella came on the video feed to deliver some closing remarks. He laid out his vision for Windows 11 as a "platform for platform creators," and in doing so, he issued a subtle but nonetheless stinging critique of Apple. From a report: Nadella's speech was almost entirely about building a case that Windows would be a better platform for creators than either macOS or (especially) iOS. He argued that "there is no personal computing without personal agency," insisting that users should be more in control of their computers. Nadella called out the changes Microsoft is making to its app store rules, allowing more types of apps, Android apps, and -- most importantly -- allowing apps to use their own payment systems if they so choose. He said, "A platform can only serve society if its rules allow for this foundational innovation and category creation." That rhetoric sounds vaguely nice and inspiring out of context, but in the specific context of the current debates, lawsuits, and legislation over app store rules, it's a sharp and direct critique.

Microsoft has announced that Windows 11 will support Android apps via the Amazon App Store. From a report: These apps will be locally installed, meaning they will show up in the Taskbar and Start menu and not require your smartphone to function. Microsoft didn't go into much detail, but it's likely that Android apps on Windows 11 are powered by Microsoft's Windows Subsystem for Linux 2. These apps will be discoverable in the Microsoft Store.

Jio Platforms, run by India's richest man (Mukesh Ambani), and Google on Thursday unveiled the JioPhone Next, an affordable Android smartphone, as the top Indian telecom operator and the American giant make further push to expand their reach in the world's second largest internet market. From a report: The Indian firm, which secured $4.5 billion investment from Google (and another $15.5 billion from Facebook and others) last year and shared plans to work on low-cost smartphones, said the JioPhone Next is aimed at helping roughly 300 million users in India who are still on 2G network upgrade their gadget to access faster networks. The phone, which is "powered by extremely optimized Android" mobile operating system, will first launch in India on September 10 ahead of the festive season in the country, and will eventually be made available outside of India, said Mukesh Ambani, chairman of Reliance Industries, at its annual general meeting Thursday. The JioPhone Next will be an "ultra-affordable 4G smartphone," claimed Ambani, though he didn't reveal the price or the hardware specifications of the handset.

India's antitrust watchdog has ordered an investigation into allegations that Google has abused the dominant position of Android in the country's smart TV market. From a report: The news comes hours after the European Union opened a formal antitrust investigation into allegations that Google abuses its leading role in the advertising-technology sector. In its initial review, the Competition Commission of India, which began looking into these allegations last year, said Google had breached certain anti-competitive laws.

Google was in the EU antitrust spotlight again on Tuesday as regulators opened an investigation into whether its digital advertising business gives the Alphabet unit an unfair advantage over rivals and advertisers. From a report: The European Union competition enforcer's move marks a new front against Google and follows more than 8 billion euros ($9.5 billion) in fines over the past decade for blocking rivals in online shopping, Android smartphones and online advertising. The European Commission said it would investigate whether Google distorts competition by restricting third party access to user data for advertising purposes on websites and apps, while reserving such data for its own use. "We are concerned that Google has made it harder for rival online advertising services to compete in the so-called ad tech stack," European Competition Commissioner Margrethe Vestager said in a statement. Google generated $147 billion in revenue from online ads last year, more than any other company in the world, with ads including search, YouTube and Gmail accounting for the bulk of its overall sales and profits.

According to leaker Evan Blass, OnePlus and Oppo are merging, with OnePlus becoming an Oppo sub-brand. OnePlus CEO Pete Lau made the announcement last week in a forum post, but Blass obtained a document that explains the integration in plainer terms. The Verge reports: "With the integration, OnePlus becomes a brand within Oppo, however will continue to function as an independent entity," reads the most pertinent answer. The memo also says that Lau's role as chief product officer at Oppo will make him responsible for the product strategies of both Oppo and OnePlus. [...] The memo confirms that this is essentially what's going to happen, removing any need to read between the lines. "With the merging of both the firms, we will have more resources at hand to create even better products," it says. "It will also allow us to be more efficient in our operations." OnePlus and Oppo had already merged their R&D departments around the turn of the year, so the further integration is more to do with streamlining day-to-day business operations.

OnePlus customers shouldn't necessarily expect too much to change -- the shared ownership and supply chain meant that there have been similarities between Oppo and OnePlus phones for as long as OnePlus has existed. But now that OnePlus is acknowledging the relationship out loud instead of acting like it's a scrappy startup, all eyes will be on the company's next round of flagship phones.

Facebook's Clubhouse competitor, Live Audio Rooms, is making its way stateside. From a report: The company announced today that some US-based public figures, as well as certain groups, can start hosting rooms through the main Facebook iOS app. (People can join, however, from both iOS and Android.) Anyone can be invited up as a speaker with up to 50 people able to speak at once. There's no cap on the number of listeners allowed in -- a major shot at Clubhouse, which imposes room size limitations. It's also introducing other nifty features, like notifications when your friends or followers join a room, as well as live captions. There will be a "raise a hand" button to request to join the conversation, and reactions will be available to to interact throughout the chat. Twitter Spaces, Twitter's live audio feature, includes captions, but Clubhouse still does not.

Within groups, admins can control who's allowed to create a room: moderators, group members, or other admins. Public group chats will be accessible both in and outside the group, but private group chats will be restricted to members. Additionally, hosts can also select a nonprofit or fundraiser to support during their conversation with a button to directly donate showing up on the chat. Again, this feels like a feature directly built to address a key Clubhouse use case and make it frictionless. (Many Clubhouse creators have hosted fundraisers on the app but have to direct people to outside links in order to facilitate donations.)

"Google said Thursday it's funding a project to increase Linux security by writing parts of the operating system's core in the Rust programming language, a modernization effort that could bolster the security of the internet and smartphones," reports CNET: If the project succeeds, it'll be possible to add new elements written in Rust into the heart of Linux, called the kernel. Such a change would mark a major technological and cultural shift for an open-source software project that's become foundational to Google's Android and Chrome operating systems as well as vast swaths of the internet. Miguel Ojeda, who's written software used by the Large Hadron Collider particle accelerator and worked on programming language security, is being contracted to write software in Rust for the Linux kernel. Google is paying for the contract, which is being extended through the Internet Security Research Group, a nonprofit that's also made it easier to secure website communications through the Let's Encrypt effort.

Adding Rust modules to the Linux kernel would improve security by closing some avenues for hackers can use to attack phones, computers or servers. Since it was launched in 1991, Linux has been written solely in the powerful but old C programming language. The language was developed in 1972 and is more vulnerable to hacks than contemporary programming languages...

Google credits the Linux community programmers who began the Rust for Linux project. "The community had already done and continues to do great work toward adding Rust support to the Linux kernel build system," Google said in a blog post...

[Rust] has been the most loved programming language for five years running in Stack Overflow's annual developer survey. "Rust represents the best alternative to C and C++ currently available," Microsoft's security team concluded in 2019. The team said Rust would have prevented memory problems at fault in 70% of its significant security issues. And because Rust's checks happen while software is being built, the safety doesn't come at the expense of performance when the software is running.

The goal of the Linux on Rust project isn't to replace all of Linux's C code but rather to improve selective and new parts.

Alphabet unit Google could face its biggest regulatory threat, with EU antitrust regulators set to open a formal investigation into its lucrative digital advertising business before the end of the year, said people familiar with the matter. From a report: It would mark a new front by the EU competition enforcer against Google. It has in the last decade fined the company more than 8 billion euros ($9.8 billion) for blocking rivals in online shopping, Android smartphones and online advertising. An EU probe would focus on Google's position vis-a-vis advertisers, publishers, intermediaries and rivals, one of the people said, indicating deeper scrutiny than the French antitrust agency's case concluded last week. Google made $147 billion in revenue from online ads last year, more than any other company in the world. Ads on its properties, including search, YouTube and Gmail, accounted for the bulk of sales and profits. About 16% of revenue came from its display or network business, in which other media companies use Google technology to sell ads on their website and apps.

Google said Thursday it's funding a project to increase Linux security by writing parts of the operating system's core in the Rust programming language, a modernization effort that could bolster the security of the internet and smartphones. From a report: If the project succeeds, it'll be possible to add new elements written in Rust into the heart of Linux, called the kernel. Such a change would mark a major technological and cultural shift for an open-source software project that's become foundational to Google's Android and Chrome operating systems as well as vast swaths of the internet.

Miguel Ojeda, who's written software used by the Large Hadron Collider particle accelerator and worked on programming language security, is being contracted to write software in Rust for the Linux kernel. Google is paying for the contract, which is being extended through the Internet Security Research Group, a nonprofit that's also made it easier to secure website communications through the Let's Encrypt effort. Adding Rust modules to the Linux kernel would improve security by closing some avenues for hackers can use to attack phones, computers or servers. Since it was launched in 1991, Linux has been written solely in the powerful but old C programming language. The language was developed in 1972 and is more vulnerable to hacks than contemporary programming languages.

Apple CEO Tim Cook said that he believes a proposed European law known as DMA would "not be in the best interest of users," signaling the iPhone maker's opposition to European legislation that would force it to allow users to install software outside of Apple's App Store. From a report: "I look at the tech regulation that's being discussed, I think there are good parts of it. And I think there are parts of it that are not in the best interests of the user," Cook said on Wednesday through videoconference at the Viva Tech conference in France. The European Union proposed two laws regulating big tech companies, the Digital Services Act and the Digital Markets Act, earlier this year. The DSA focuses on the online ad industry, but the DMA focuses on companies with large numbers of customers -- like Apple, Google and Amazon -- and sets rules requiring them to open up their platforms to competitors.

One of Cook's issues with the law is that it would force Apple to permit sideloading apps on the iPhone, which is manually installing software from the internet or a file instead of through an app store. Currently, Apple's App Store is the only way to install apps on an iPhone, which has made it the focus of lawsuits and regulators around the world. Apple has claimed that its control over the App Store ensures high-quality apps and helps prevent malware. Cook noted that the iPhone's market share in France is only 23% and said that permitting sideloading on iPhones would damage both the privacy and security of users, citing increased malware on Android phones versus iPhones. Google's Android allows sideloading. "If you take an example of where I don't think it's in the best interest, that the current DMA language that is being discussed, would force sideloading on the iPhone," Cook said. "And so this would be an alternate way of getting apps onto the iPhone, as we look at that, that would destroy the security of the iPhone."