Trailrunner7 quotes a report from On The Wire: Apple has patched three critical vulnerabilities in iOS that were identified when an attacker targeted a human rights activist in the UAE with an exploit chain that used the bugs to attempt to remotely jailbreak and infect his iPhone. The vulnerabilities include two kernel flaws and one in WebKit and Apple released iOS 9.3.5 to fix them.

The attack that set off the investigation into the vulnerabilities targeted Ahmed Mansoor, an activist living in the UAE. Earlier this month, he received a text message that included a link to what was supposedly new information on human rights abuses. Suspicious, Manor forwarded the link to researchers at the University of Toronto's Citizen Lab, who recognized what they were looking at. "On August 10 and 11, 2016, Mansoor received SMS text messages on his iPhone promising ;new secrets' about detainees tortured in UAE jails if he clicked on an included link. Instead of clicking, Mansoor sent the messages to Citizen Lab researchers. We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based 'cyber war' company that sells Pegasus, a government-exclusive "lawful intercept" spyware product," Citizen Lab said in a new report on the attack and iOS flaws.

In honor of Women's Equality Day, an anonymous reader shares with us a festive report from Fortune: More than two months after the White House first announced its Equal Pay Pledge for the private sector, Facebook, Apple, Microsoft and other major industry players have signed on. By taking the pledge, which was first introduced at the United State of Women Summit in June of this year, companies promise to help close the national gender pay gap, conduct annual, company-wide pay analyses, and review hiring and promotion practices. The new signees were announced in a White House statement on Friday -- which also happens to be Women's Equality Day, the anniversary of the ratification of the 19th amendment, which gave women the right to vote. Apple, which announced earlier this year that it has no pay gap, released a statement promising to dig even deeper into compensation. "We're now analyzing the salaries, bonuses, and annual stock grants of all our employees worldwide. If a gap exists, we'll address it," the company said in a statement. Twenty-nine companies signed the pledge on Friday, bringing the total number of signatories to 57. The pledge is part of a $50-million, White House-led initiative to expand opportunities for and improve the lives of women and girls. The consortium members issued a statement via Whitehouse.gov's press release: "The Employers for Pay Equity consortium is comprised of companies that understand the importance of diversity and inclusion, including ensuring that all individuals are compensated equitably for equal work and experience and have an equal opportunity to contribute and advance in the workplace. We are committed to collaborating to eliminate the national pay and leadership gaps for women and ethic minorities. Toward that end, we have come together to share best practices in compensation, hiring, promotion, and career development as well as develop strategies to support other companies' efforts in this regard. By doing so, we believe we can have a positive effect on our workforces that, in turn, makes our companies stronger and delivers positive economic impact." The consortium members include: Accenture, Airbnb, BCG, Care.com, CEB, Cisco, Deloitte, Dow, Expedia, EY, Glassdoor, GoDaddy, Jet.com, L'Oreal USA, Mercer, PepsiCo, Pinterest, Rebecca Minkoff, Salesforce, Spotify, Staples, Stella McCartney, and Visa.

The music-streaming market is very competitive these days, especially since Apple released Apple Music last year. In retaliation for musicians giving Apple exclusive access to their new music, Spotify has reportedly been making their songs harder to find on its service. Bloomberg reports: "Artists who have given Apple exclusive access to new music have been told they won't be able to get their tracks on featuring playlists once the songs become available on Spotify, said the people [familiar with the strategy], who declined to be identified discussing the steps. Those artists have also found their songs buried in the search rankings of Spotify, the world's largest music-streaming service, the people said. Spotify said it doesn't alter search rankings. Spotify has been using such practices for about a year, one of the people said, though others said the efforts have escalated over the past few months. Artists who have given exclusives to Tidal, the streaming service run by Jay Z, have also retaliated against, the person said, declining to identify specific musicians."

Sam Gustin, writing for Motherboard: Facebook's decision to begin harvesting data from its popular WhatsApp messaging service provoked a social media uproar on Thursday, and prompted leading privacy advocates to prepare a federal complaint accusing the tech titan of violating US law. On Thursday morning, WhatsApp, which for years has dined out on its reputation for privacy and security, announced that it would begin sharing user phone numbers with its Menlo Park-based parent company in an effort "to improve your Facebook ads and products experiences." Consumer privacy advocates denounced the move as a betrayal of WhatsApp's one billion users -- users who had been assured by the two companies that "nothing would change" about the messaging service's privacy practices after Facebook snapped up the startup for a whopping $19 billion in 2014. "WhatsApp users should be shocked and upset," Claire Gartland, Consumer Protection Counsel at the Electronic Privacy Information Center, a leading US consumer advocacy group, told Motherboard. "WhatsApp obtained one billion users by promising that it would protect user privacy. Both Facebook and WhatsApp made very public promises that the companies would maintain a separation. Those were the key selling points of the deal."

An anonymous reader quotes a report from Apple Insider: As published by the U.S. Patent and Trademark Office, Apple's invention covering "Biometric capture for unauthorized user identification" details the simple but brilliant -- and legally fuzzy -- idea of using an iPhone or iPad's Touch ID module, camera and other sensors to capture and store information about a potential thief. Apple's patent is also governed by device triggers, though different constraints might be applied to unauthorized user data aggregation. For example, in one embodiment a single failed authentication triggers the immediate capture of fingerprint data and a picture of the user. In other cases, the device might be configured to evaluate the factors that ultimately trigger biometric capture based on a set of defaults defined by internal security protocols or the user. Interestingly, the patent application mentions machine learning as a potential solution for deciding when to capture biometric data and how to manage it. Other data can augment the biometric information, for example time stamps, device location, speed, air pressure, audio data and more, all collected and logged as background operations. The deemed unauthorized user's data is then either stored locally on the device or sent to a remote server for further evaluation.

An anonymous reader writes: The main question when picking a new phone is whether to choose an Android one or an iPhone. A new study coming from Blancco Technology Group sheds some light on which devices are the most reliable, based on reliability. The study entitled State of Mobile Device Performance and Health reveals the device failure rates by operating systems, manufacturers, models and regions, as well as the most common types of performance issues. The report reveals that in Q2 2016, iOS devices had a 58% failure rate, marking the first time that Apple's devices have a lower performance rate compared to Android. It seems that the iPhone 6 had the highest failure rate of 29%, followed by iPhone 6s and iPhone 6S Plus. Android smartphones had an overall failure rate of 35%, an improvement from 44% in Q1 2016. Samsung, Lenovo and LeTV were among the manufacturers with the weakest performance and higher failure rates. Samsung scored 26% in failure rate, while Motorola just 11%. The study also reveals that iOS devices fail more frequently in North America and Asia compared to Android. Specifically, the failure rate in North America is 59%, while in Asia 52%. The failures could be influenced by the fact that the quality of smartphones shipped around the world varies.

One of the world's most evasive digital arms dealers is believed to have been taking advantage of three security vulnerabilities in popular Apple products in its efforts to spy on dissidents and journalists, reports The New York Times. (Editor's note: the link could be paywalled, here's an alternate source). From the report: Investigators discovered that a company called the NSO Group, an Israeli outfit that sells software that invisibly tracks a target's mobile phone, was responsible for the intrusions. The NSO Group's software can read text messages and emails and track calls and contacts. It can even record sounds, collect passwords and trace the whereabouts of the phone user. In response, Apple on Thursday released a patched version of its mobile software, iOS 9.3.5. Users can get the patch through a normal software update.The Washington Post reports that these "zero-day" flaws were previously used by the governments to take over victims' phones by tricking them into clicking on a link to a text message. Motherboard says that this is the first time anyone has uncovered such an attack in the wild. "Until this month, no one had seen an attempted spyware infection leveraging three unknown bugs, or zero-days, in the iPhone. The tools and technology needed for such an attack, which is essentially a remote jailbreak of the iPhone, can be worth as much as one million dollars."

Let's talk about Apple, unarguably one of the most remarkable companies on the face of the earth. (Remarkable doesn't necessarily mean great -- it just means that the company is something worth making a remark). You can like it, or hate it, but you can simply not ignore Apple. But what's the occasion, you ask? It's been five years since Tim Cook took over as Apple CEO. (Editor's note: auto-playing video ahead, which may annoy you) Under his leadership, Apple has grown to become the world's most successful company, doubling the stock price and registering a staggering 84 percent growth in its net worth. Media outlets are abuzz with articles, analysis, and over-analysis of Tim Cook's Apple today. Some excerpts from a CNN article: Apple's culture has changed noticeably, both for the better and the worse. [...] If Jobs put a dent in the universe through Apple's coveted products, Cook is making his mark by highlighting the importance of social efforts: LGBT rights, philanthropy, corporate diversity, renewable energy and improving manufacturing conditions abroad. Under Cook's leadership, Apple finally began matching charitable contributions from employees, which had long been a sore spot for staff. Apple had 110,000 full-time employees as of the end of September 2015, nearly doubling from the 60,400 employees it reported having in September 2011, shortly after Cook took over, according to annual filings with the SEC. [...] There's now a feeling among some Apple insiders that the company is just running the same product playbook that Jobs created in his final years at the helm. "For four or five years, the playbook is the same that's been done," says Amit Sharma, a former Apple exec on the online store team. But, he adds, "just because everybody is looking for new doesn't mean it's not working."

Evan Selleck, writing for iPhoneHacks (edited and condensed): For many iPhone 6 and iPhone 6 Plus owners out there in the wild, a design defect is apparently causing some huge issues. Gadget repair firm iFixit has reported about a flaw dubbed "Touch Disease", which it claims is cropping up. With it, owners of the phones are experiencing, to start, a gray bar that appears at the very top of their display. And, for many others, the display itself becomes unresponsive to touch, or less responsive overall. In the blog post, iFixit says the problem stems from issues with the touchscreen controller chip, which is soldered onto the logic board. Interestingly enough, iFixit posits that the same internal design decisions that led to "Endgate" might be causing the issue leading to Touch Disease, too: "In both the iPhone 6 and 6 Plus, the Touch IC chips connect to the logic board via an array of itty-bitty solder balls -- "like a plate resting on marbles," Jessa explains. Over time, as the phone flexes or twists slightly during normal use, those solder balls crack and start to lose contact with the board. "At first, there may be no defect at all. Later you might notice that the screen is sometimes unresponsive, but it is quick to come back with a hard reset," Jessa explains. "As the crack deepens into a full separation of the chip-board bond, the periods of no touch function become more frequent."

We've talked extensively about the missing headphone jack on the upcoming iPhone. While some say that the move will ruin user experience -- something that has already started to seem that way in the real world -- a few argue that someone needs to push the needle to move the technology forward. Now Apple co-founder Steve Wozniak has something to say about the missing legacy audio jack as well. He is asking Apple to fix the Bluetooth first if the company intends to give users to move to wireless headphones. From a Financial Review report: Apple co-founder Steve Wozniak has warned Apple is going to frustrate a lot of customers if it removes the headphone jack from the upcoming iPhone 7. [...] Customers wanting to use their existing, wired earbuds and headphones might have to buy an adaptor that attaches to the iPhone's Lightning port, or to whatever port does remain on the phone. "If it's missing the 3.5mm earphone jack, that's going to tick off a lot of people," Mr Wozniak told The Australian Financial Review. "I would not use Bluetooth ... I don't like wireless. I have cars where you can plug in the music, or go through Bluetooth, and Bluetooth just sounds so flat for the same music." Mr Wozniak said he would probably use the adaptor to connect his existing earphones to his next iPhone, and said that, like many other users he is attached to the accessories that he uses alongside the phone. "Mine have custom ear implants, they fit in so comfortably, I can sleep on them and everything. And they only come out with one kind of jack, so ''ll have to go through the adaptor," he said. "If there's a Bluetooth 2 that has higher bandwidth and better quality, that sounds like real music, I would use it. But we'll see. Apple is good at moving towards the future, and I like to follow that."

An anonymous reader quotes a report from Reuters: Samsung Electronics Co Ltd plans to launch a program to sell refurbished used versions of its premium smartphones as early as next year, a person with direct knowledge of the matter told Reuters. The world's top smartphone maker will refurbish high-end phones returned to the company by users who signed up for one-year upgrade programs in markets such as South Korea and the United States. Samsung would then re-sell these phones at a lower price, the person said, declining to be identified as the plan was not yet public. The person declined to say how big a discount the refurbished phones would be sold at, which markets the phones would be sold in or how many refurbished devices Samsung could sell. It was not clear to what extent the phones would be altered, but refurbished phones typically are fitted with parts such as a new casing or battery. Refurbished phones could help vendors such as Samsung boost their presence in emerging markets such as India, where high-end devices costing $800 or so are beyond most buyers. Samsung's refurbishment program, details of which the person said could be finalized as early as 2017, could help the firm generate revenue from dated high-end smartphones returned by users upgrading to newer versions.

Continuing to operate on razor thin margins, smartphone manufacturers other than Samsung and Apple are bleeding money. Apple accounted for 75 percent of the smartphone's profits in the second quarter this year, down from 90 percent a year ago, according to Canaccord Genuity. Samsung, which has reported strong sales thanks to its Galaxy S7 series of smartphones, accounted for more than 30 percent of the industry, the research added. ZDNet reports: While this tale could revolve around Apple vs. Samsung the larger question is this: Why would any company want to make smartphones? Let's get real. All the profits go to Apple (high end) or Samsung (high end and scale). The rest of the players in the market don't make money and get disrupted by whatever vendor is flavor of the month? Remember that Xiaomi was supposed to be the next big thing in China and elsewhere, but is now being disrupted by Oppo and Vivo. A quarter from now Oppo and Vivo will be thumped by some smartphone manufacturer we haven't heard of yet.

An anonymous reader quotes a report from VentureBeat: Google today announced plans to kill off Chrome apps for Windows, Mac, and Linux in early 2018. Chrome extensions and themes will not be affected, while Chrome apps will continue to live on in Chrome OS. Here's the deprecation timeline:

Late 2016: Newly published Chrome apps will not be available to Windows, Mac, and Linux users (when developers submit apps to the Chrome Web Store, they will only show up for Chrome OS). Existing Chrome apps will remain available as they are today and developers can continue to update them.
Second half of 2017: The Chrome Web Store will no longer show Chrome apps on Windows, Mac, and Linux.
Early 2018: Chrome apps will not load on Windows, Mac, and Linux. There appears to be two main reasons why Google is killing Chrome apps off now. First, as Google explains in a blog post: "For a while there were certain experiences the web couldn't provide, such as working offline, sending notifications, and connecting to hardware. We launched Chrome apps three years ago to bridge this gap. Since then, we've worked with the web standards community to enable an increasing number of these use cases on the web. Developers can use powerful new APIs such as service worker and web push to build robust Progressive Web Apps that work across multiple browsers." Secondly, Chrome apps aren't very popular: "Today, approximately 1 percent of users on Windows, Mac and Linux actively use Chrome packaged apps, and most hosted apps are already implemented as regular web apps. Chrome on Windows, Mac, and Linux will therefore be removing support for packaged and hosted apps over the next two years."

An anonymous reader shares a Bloomberg report: Xiaomi is preparing to enter the U.S. smartphone market "in the near future," employing the same online sales and social media marketing tactics that helped the six-year-old startup become China's largest privately funded startup. Xiaomi can no longer afford to ignore the world's largest smartphone arena by revenue, company vice president Hugo Barra said in an interview. Its international expansion is taking on new-found urgency as growth at home slows and rivals such as Huawei erode its market share. "The U.S. is a market that we definitely have in our sights," Barra said on Bloomberg Television. "We will lead with social media, with the channels that allow us to get in touch with the young generation that are enthusiastic about new technology. We are definitely going there." Barra, who oversees the Chinese company's international expansion, has signaled Xiaomi's U.S. debut before. But the smartphone vendor is now in a better position to launch an incursion onto Apple's turf. In June, the Beijing-based company announced the acquisition of nearly 1,500 technology patents from Microsoft -- a deal that may smooth potential legal tangles over intellectual property as it pushes abroad.

Last month the FCC had pressed major U.S. phone companies to take immediate steps to develop technology that blocks unwanted automated calls available to consumers at no charge. It had demanded the concerned companies to come up with a "concrete, actionable" plan within 30 days. Well, the companies have complied. On Friday, 30 major technology companies announced they are joining the U.S. government to crack down on automated, pre-recorded telephone calls that regulators have labeled as "scourge." Reuters adds: AT&T, Alphabet, Apple, Verizon Communications and Comcast are among the members of the "Robocall Strike Force," which will work with the U.S. Federal Communications Commission. The strike force will report to the commission by Oct. 19 on "concrete plans to accelerate the development and adoption of new tools and solutions," said AT&T Chief Executive Officer Randall Stephenson, who is chairing the group. The group hopes to put in place Caller ID verification standards that would help block calls from spoofed phone numbers and to consider a "Do Not Originate" list that would block spoofers from impersonating specific phone numbers from governments, banks or others.

An anonymous reader writes: The research firm Gartner has crunched some numbers and found that Android and iOS accounted for a record 99.1% worldwide market share in the second calendar quarter of 2016, which is compared to 96.8% in the year-ago period. What some may view as even more shocking is that Android accounted for 86.2% of the market share in the second quarter, up from 82.2% a year ago. Meanwhile, iOS lost some ground as it dropped to 12.9% market share from 14.6% in the year-ago period. It's no surprise that Windows and BlackBerry have been losing market share. They dropped to 0.6% and 0.1% market share worldwide respectively. Just six years ago, BlackBerry and Symbian operating systems were industry leaders. Now, they're industry losers. Which third-party operating system has what it takes to take on the establishment?

Reader Jason Koebler writes: Manufacturers that threaten to void the warranties of consumers who jailbreak or root their phones are violating federal law.
Under the Magnuson-Moss Warranty Act of 1975, manufacturers cannot legally void your hardware warranty simply because you altered the software of an electronic device. In order to void the warranty without violating federal law, the manufacturer must prove that the modifications you made directly led to a hardware malfunction.
"They have to show that the jailbreak caused the failure. If yes, they can void your claim (not your whole warranty—just the things which flowed from your mod)," Steve Lehto, a lemon law attorney in Michigan, wrote in an email. "If not, then they can't."

An anonymous reader writes: Chip maker Intel has entered an unlikely partnership with British semiconductor firm ARM in an effort to boost opportunities for its foundry business. The licensing agreement, which was confirmed at the Intel Development Forum in San Francisco, means that from 2017 Intel's Custom Foundry will manufacture ARM chips -- used by smartphone giants such as Apple, Qualcomm and Samsung. On the announcement of its latest earnings report, Intel was clear to highlight a shift in focus, away from the traditional PC market, to emerging areas such as the Internet of Things and mobile -- a sector dominated by one-time arch rival ARM. It seems that Intel has now decided to surrender to the latter's prominence in the field.

An anonymous reader writes from a report via Softpedia: "Researcher Jerry Decime revealed details about a security vulnerability that allows an attacker to gain a Man-in-the-Middle position and intercept HTTPS traffic thanks to flaws in the implementation of proxy authentication procedures in various products," reports Softpedia. The flaw can be used to collect user credentials by tricking victims into re-authenticating, sending data to a third-party. Multiple software vendors deploy applications that can handle proxy connections. Until now, Apple, Microsoft, Oracle, and Opera have acknowledged their products are affected. Lenovo said this bug does not impact its software. Other software vendors that are still evaluating the FalseCONNECT bug and may be affected include multiple Linux distros, Cisco, Google, HP, IBM, Juniper, Mozilla, Nokia, OpenBSD, SAP, Sony, and others.

An anonymous reader writes from InformationWeek: In a wide-ranging interview with The Washington Post, Apple's CEO Tim Cook talks iPhones, AI, privacy, civil rights, missteps, China, taxes, and Steve Jobs -- all without addressing rumors about the company's Project Titan electric car. One of the biggest concerns Tim Cook has is with user privacy. Earlier this year, Apple was in the news for refusing a request from the U.S. Department of Justice to unlock a suspected terrorist's iPhone because Apple argued it would affect millions of other iPhones, it was unconstitutional, and that it would weaken security for everyone. Cook told the Washington Post: "The lightbulb went off, and it became clear what was right: Could we create a tool to unlock the phone? After a few days, we had determined yes, we could. Then the question was, ethically, should we? We thought, you know, that depends on whether we could contain it or not. Other people were involved in this, too -- deep security experts and so forth, and it was apparent from those discussions that we couldn't be assured. The risk of what happens if it got out, could be incredibly terrible for public safety." Cook suggest that customers rely on companies like Apple to set up privacy and security protections for them. "In this case, it was unbelievably uncomfortable and not something that we wished for, wanted -- we didn't even think it was right. Honestly? I was shocked that [the FBI] would even ask for this," explained Cook. "That was the thing that was so disappointing that I think everybody lost. There are 200-plus other countries in the world. Zero of them had ever asked [Apple to do] this." Privacy is a right to be protected, believes Cook: "In my point of view, [privacy] is a civil liberty that our Founding Fathers thought of a long time ago and concluded it was an essential part of what it was to be an American. Sort of on the level, if you will, with freedom of speech, freedom of the press."