An anonymous reader quotes a report from Bloomberg: Wireless customers are hanging on to their old phones longer than ever. That's the message from Verizon, which said its upgrade rate fell to a record low last quarter -- a harbinger of tough times ahead for the iPhone and other devices. Faced with $1,000 price tags on moderately improved phones, consumers may be waiting to hear more about new 5G networks before committing to new models. The faster, more advanced services won't roll out in earnest until 2020. "Incremental changes from one model the the next, hasn't been that great, and it hasn't been enough of an incentive," Verizon Chief Financial Officer Matt Ellis said in an interview Tuesday after the company reported fewer-than-expected new customers for the first quarter. He expects replacement rates to be down for the year.

Intel announced Tuesday afternoon that it will no longer be working on 5G chips for smartphones, leaving Apple with only one supplier for its iPhones, Qualcomm -- the same company that it was battling in court until midday Tuesday. CNET reports: Intel late Tuesday said it plans to exit the 5G smartphone modem business. It had been working on a processor for Apple, with the chip expected to be in iPhones in 2020. Lately there have been worries the chip wouldn't be ready until iPhones released in 2021. "The company will continue to meet current customer commitments for its existing 4G smartphone modem product line, but does not expect to launch 5G modem products in the smartphone space, including those originally planned for launches in 2020," Intel said in a press release. Its only customer in modems is Apple.

Intel added that it will "complete an assessment of the opportunities for 4G and 5G modems in PCs, internet of things devices and other data-centric devices." It also said it will "continue to invest in its 5G network infrastructure business." "We are very excited about the opportunity in 5G and the 'cloudification' of the network, but in the smartphone modem business it has become apparent that there is no clear path to profitability and positive returns," Intel CEO Bob Swan said in a statement. The announcement comes hours after Apple and Qualcomm announced that they had reached a settlement in their multi-year battling over licensing royalties.

"When law enforcement investigations get cold, there's a source authorities can turn to for location data that could produce new leads: Google."

An anonymous reader quotes CNET: Police have used information from the search giant's Sensorvault database to aid in criminal cases across the country, according to a report Saturday by The New York Times. The database has detailed location records from hundreds of millions of phones around the world, the report said. It's meant to collect information on the users of Google's products so the company can better target them with ads, and see how effective those ads are. But police have been tapping into the database to help find missing pieces in investigations.

Law enforcement can get "geofence" warrants seeking location data. Those kinds of requests have spiked in the last six months, and the company has received as many as 180 requests in one week, according to the report.... For geofence warrants, police carve out a specific area and time period, and Google can gather information from Sensorvault about the devices that were present during that window, according to the report. The information is anonymous, but police can analyze it and narrow it down to a few devices they think might be relevant to the investigation. Then Google reveals those users' names and other data, according to the Times...

[T]he AP reported last year that Google tracked people's location even after they'd turned off location-sharing on their phones.
Google's data dates back "nearly a decade," the Times reports -- though in a statement, Google's director of law enforcement and information security insisted "We vigorously protect the privacy of our users while supporting the important work of law enforcement." (The Times also interviewed a man who was arrested and jailed for a week last year based partly on Google's data -- before eventually being released after the police found a more likely suspect.)

"According to the Times, Google is the primary company that appears to be fulfilling the warrants," reports Gizmodo, adding that Apple "says it can't provide this information to authorities..."

"A thriving black market in location data has persisted despite promises from carriers to stop selling it to middlemen, who divert it from intended uses in marketing and other services."

After crunching data on 4.5 billion miles of driving, road-safety analytics company Zendrive concludes there's a new threat which just last year claimed the lives of 6,227 pedestrians: drivers "under the influence of a smartphone."

The study points out that drunk driving fatalities peak after midnight, while distracted driving happens all day, conluding that distracted driving is now a bigger threat than drunk driving. schwit1 shares this report from Axios: "Phone addicts are the new drunk drivers," Zendrive concludes bluntly in its annual distracted driving study. The big picture: The continued increase in unsafe driving comes despite stricter laws in many states, as well as years of massive ad campaigns from groups ranging from cell phone carriers to orthopedic surgeons. "They hide in plain sight, blatantly staring at their phones while driving down the road," Zendrive says in the study.

And it's a growing problem. Over just the past year, Zendrive, which analyzes driver behavior for fleets and insurers, said the number of hardcore phone addicts doubled, now accounting for one in 12 drivers. If the current trend continues, that number will be one in five by 2022.
The report concludes drivers are 10 percent more distracted this year than last -- and that phone addicts have their eyes off the road for 28% of their drive. Yet when asked to describe their driving, 93% of phone addicts said they believed they were "safe" -- or "extremely safe" -- drivers.

One even insisted that they never texted while driving, "but I like to FaceTime my friends while driving since it makes time go by faster."

"While lawmakers debate what to do about the roboscourge, engineers have cooked up some clever ways to make bots work for us, not against us," writes the Washington Post, taking a look at apps like the $4-per-month RoboKiller -- which offers malicious "answer bots": They're voicemail messages that try to keep robots and human telemarketers on the line, listening to nonsense. Answer bot options range from Trump impersonators and extended coughing sessions to someone doing vocal exercises. Even better, RoboKiller will send you an often-hilarious recording of the interaction. (It only uses these recordings when it's very sure it's a spam call.)

Another service, called Jolly Roger, doesn't sell itself as a robocall blocker but takes this auto-generated annoyance idea a step further by actively trying to game the spammers' systems, such as when to press 1 to speak to a human. It calls this tech "artificial stupidity." It costs $11.88 per year.

It's possible you're better off not engaging with a robocall in the hopes the dialer with decide the line is dead. And it's also not clear how much these actually cost the people placing robocalls. But any time robocallers spend with your bot might be minutes they're not calling someone else, so you can think of it as community service.
I'm also not sure this does any good -- but the Post's article also includes a run-down of other robocall-blocking services available from both wireless carriers and independent companies. It recommends starting with the free YouMail app, which collates data from 10 million registered users to determine which calls to block -- and in addition, "tries to trick known robocallers into taking you off their lists by playing them the beep-beep-beep sound of a dead line."

If you live in America, you can also add your phone number to the Federal government's official "Do not call" registry. "It won't help much," writes the Post, "but it only takes 30 seconds so why not?"

An anonymous reader quotes the Associated Press: Federal legislation proposed Thursday would give state prison officials the ability they have long sought to jam the signals of cellphones smuggled to inmates within their walls... The legislation could help provide a solution to a problem prison officials have said represents the top security threat to their institutions.

Corrections chiefs across the country have long argued for the ability to jam the signals, saying the phones -- smuggled into their institutions by the thousands, by visitors, errant employees, and even delivered by drone -- are dangerous because inmates use them to carry out crimes and plot violence both inside and outside prison.

Friday CNN reported on "what you can do right now to stop robocalls."

"Short of throwing your phone in the garbage, there's no way to avoid them altogether. But wireless providers and smartphone developers offer tools to filter out at least some unwanted calls." - Verizon's Call Filter app is free to download on iPhones and Android devices. The company announced Thursday the app will offer some free features -- including auto-blocking calls from known fraudsters, showing warning banners for suspicious calls, and a spam reporting tool. For $2.99 a month per line, the Call Filter app can use a phonebook feature to look up the names of unknown callers, and it can show a "risk meter" for spam calls.

- AT&T's Call Protect has similar free features and add-ons with a $3.99 per month subscription. (iOS and Android)

- T-Mobile phones come loaded with Scam ID, which warns customers about suspicious phone numbers. It's also free to activate Scam Block, which automatically rejects calls from those numbers. An additional app called Name ID offers premium caller identification for $4 per line monthly. (iOS and Android)

- Sprint's Premium Caller ID , which comes pre-installed, looks up unknown numbers and filters and blocks robocalls for $2.99 per line.

- Google's Pixel phones also give you the option to have your voice assistant answer suspicious calls for you. The phone can transcribe the conversation and lets you decide whether to answer.

Tesla vehicles sent to the junk yard after a crash carry much more data than you'd think. According to CNBC, citing two security researchers, "Computers on Tesla vehicles keep everything that drivers have voluntarily stored on their cars, plus tons of other information generated by the vehicles including video, location and navigational data showing exactly what happened leading up to a crash." From the report: One researcher, who calls himself GreenTheOnly, describes himself as a "white hat hacker" and a Tesla enthusiast who drives a Model X. He has extracted this kind of data from the computers in a salvaged Tesla Model S, Model X and two Model 3 vehicles, while also making tens of thousands of dollars cashing in on Tesla bug bounties in recent years. Many other cars download and store data from users, particularly information from paired cellphones, such as contact information.

But the researchers' findings highlight how Tesla is full of contradictions on privacy and cybersecurity. On one hand, Tesla holds car-generated data closely, and has fought customers in court to refrain from giving up vehicle data. Owners must purchase $995 cables and download a software kit from Tesla to get limited information out of their cars via "event data recorders" there, should they need this for legal, insurance or other reasons. At the same time, crashed Teslas that are sent to salvage can yield unencrypted and personally revealing data to anyone who takes possession of the car's computer and knows how to extract it. The contrast raises questions about whether Tesla has clearly defined goals for data security, and who its existing rules are meant to protect. A Tesla spokesperson said in a statement to CNBC: "Tesla already offers options that customers can use to protect personal data stored on their car, including a factory reset option for deleting personal data and restoring customized settings to factory defaults, and a Valet Mode for hiding personal data (among other functions) when giving their keys to a valet. That said, we are always committed to finding and improving upon the right balance between technical vehicle needs and the privacy of our customers."

The report serves as a reminder for Tesla owners to factory reset their cars before handing them off to a junk yard or other reseller because that other party may not reset your car for you. "Tesla sometimes uses an automotive auction company called Manheim to inspect, recondition and sell used cars," reports CNBC. "A former Manheim employee, who asked to remain anonymous, confirmed that employees do not wipe the cars' computers with a factory reset."

The researchers were able to obtain phonebooks "worth of contact information from drivers or passengers who had paired their devices, and calendar entries with descriptions of planned appointments, and e-mail addresses of those invited." The data also showed the drivers' last 73 navigation locations, as well as crash-related information. The Model 3 that one of the researchers bought for research purposes contained a video showing the car speeding out of the right lane into the trees off the left side of a dark two-lane route. "GPS and other vehicle data reveals that the accident happened in Orleans, Massachusetts, on Namequoit Road, at 11:15 pm on Aug 11, and was severe enough that airbags deployed," the report adds.

An anonymous reader quotes a report from ZDNet: A group of academics from South Korea have identified 36 new vulnerabilities in the Long-Term Evolution (LTE) standard used by thousands of mobile networks and hundreds of millions of users across the world. The vulnerabilities allow attackers to disrupt mobile base stations, block incoming calls to a device, disconnect users from a mobile network, send spoofed SMS messages, and eavesdrop and manipulate user data traffic. They were discovered by a four-person research team from the Korea Advanced Institute of Science and Technology Constitution (KAIST), and documented in a research paper they intend to present at the IEEE Symposium on Security and Privacy in late May 2019.

The Korean researchers said they found 51 LTE vulnerabilities, of which 36 are new, and 15 have been first identified by other research groups in the past. They discovered this sheer number of flaws by using a technique known as fuzzing --a code testing method that inputs a large quantity of random data into an application and analyzes the output for abnormalities, which, in turn, give developers a hint about the presence of possible bugs. The resulting vulnerabilities, see image below or this Google Docs sheet, were located in both the design and implementation of the LTE standard among the different carriers and device vendors. The KAIST team said it notified both the 3GPP (industry body behind LTE standard) and the GSMA (industry body that represents mobile operators), but also the corresponding baseband chipset vendors and network equipment vendors on whose hardware they performed the LTEFuzz tests.

Xiaomi is teasing a new 100W quick-charging solution for mobile phones that can fully charge a large 4,000mAh battery in just 17 minutes. Ars Technica reports: The video shows a charging race between two phones, Xiaomi's unnamed "100W" prototype and a phone with "50W" charging from "Brand O," which looks like it's an Oppo RX17 Pro. I put both of these wattage ratings in quotations because neither phone actually hits its rated charging speed. Xiaomi's video shows a live, in-line power reading, and the "100W" charging shows a sustained ~80W (18V / 4.5A) from about 5-30 percent, with a peak of 88W. The competing 50W Oppo quick-charge solution caps out at around 40W.

Branding aside, what matters is the actual charging speed, and Xiaomi's ability to fully charge a phone battery in 17 minutes is impressive. The test stops when the Xiaomi phone fills up, leaving the Oppo battery stuck at a mere 65 percent. Considering that Xiaomi was charging a 4000mAh battery and that Oppo only had a 3700mAh battery, Xiaomi's solution is about 1.6 times faster than Oppo's quick charge, which is currently the fastest charging scheme on the market. Unfortunately, Xiaomi didn't offer any specifics on how its charging solution works.

An anonymous reader quotes a report from Ars Technica: Huawei officially announced the Huawei P30 Pro smartphone today. While it has a new Huawei-made SoC, an in-screen optical fingerprint reader, and lots of other high-end features, the highlight is definitely the camera's optical zoom, which is up to a whopping 5x. Not digital zoom. Real, optical zoom. Space, of course, is at a premium in smartphones. Imagine a smartphone sitting face down, and you would have to fit a vertical stack of the display, the CMOS sensor, and the lens all in about an 8mm height. There is just not a lot of room. But what if we didn't have to stack all the components vertically? The trick to Huawei's 5x optical zoom is that it uses a periscope design.

From the outside, it looks like a normal camera setup, albeit with a funky square camera opening. Internally, though, the components make a 90-degree right turn after the lens cover, and the zoom lens components and CMOS sensor are arranged horizontally. Now instead of having to cram a bunch of lenses and the CMOS chip into 8mm of vertical phone space, we have acres of horizontal phone space to play with. We've seen prototypes of periscope cameras from Oppo, but as far as commercial devices go, the Huawei P30 Pro is the first. While the optical zoom is the big new camera feature, there are four total cameras on the back of the P30 Pro. A 40MP main camera, a 20MP wide angle, the 8MP 5X telephoto, and a Time of Flight depth-sensing camera. The main 40MP camera uses a 1/1.7 inch-type sensor that, when measured diagonally, would make it 32 percent larger than the 1/2.55 inch-type sensors in the Galaxy S10 or iPhone XS. The P30 Pro also has a new "RYYB" pixel layout, which swaps out the two green pixels in most CMOS "RGGB" sensors for yellow pixels. "Huawei claims it can capture 40 percent more light, as the yellow filter captures green and red light," Ars Technica reports. "Of course, this will make the color wonky, but Huawei claims it can correct for that in software."

Other specifications include a Kirin 980 octa-core processor with 6GB or 8GB RAM, up to 512GB storage, IP68 water and dust resistance, NFC, wireless charging, 40W wired charging, and a 4,200mAh battery. It starts at a price of $1,125.

Google's Play Store made a bad mistake on Tuesday, long-time Slashdot reader sombragris writes: KDE Connect, a project designed to enable seamless communcation and control between a desktop computer and a mobile phone, was suddenly removed from Android's Google Play store. According to a Twitter thread by Albert Vaca, KDE Connect's maintainer, the removal was allegedly because the app was in breach of Google's new SMS policy.

There's an exemption which applies to KDE Connect, but the maintainer was unable to contact anyone at Google to provide support. "There is simply no way to talk to a human being at @Google", he said.
Cintora also announced on Twitter that while trying to comply with the Play Store's new policy, he'd initially been stopped again by technical problems. "The @GooglePlay console gives me an internal error, so I can't upload the version without SMS support."

But on Thursday Cintora tweeted that KDE Connect "finally got approved, and SMS support is back in version 1.12.4, both on the Play Store and F-Droid!" Cintora credits this resolution partly to his Twitter thread, which got over half a million impressions.

Its last tweet now features a picture of a celebrating parrot.

"The fight against robocalls can even bring telecom rivals together," reports USA Today: AT&T and Comcast said Wednesday that they can authenticate calls made between the two different phone providers' networks, a potential industry first and the latest in the long-running battle against spam calls... The system, which uses a method developed in recent years, verifies that a legitimate call is being made instead of one that has been spoofed by spammers, scammers or robocallers with a "digital signature." The recipient network then confirms the signature on its side. The companies said consumers will get a notification that a call is verified, but exactly what that will look like is not yet known.

Both AT&T and Comcast will roll out the system to home phone users later this year at no extra charge. AT&T also said it will introduce the feature to its mobile users this year... Other major wireless and traditional home voice providers have pledged support for the verification method, including Verizon, T-Mobile, Sprint, Charter, Cox and Vonage, with several announcing plans to roll out or test the feature in 2019.
The day Comcast and AT&T made their announcement, AT&T's CEO was giving a live interview that was interrupted by a robocall.

A new study finds that states with bans on texting while driving saw an average 4% reduction in emergency department visits after motor vehicle crashes, an equivalent of 1,632 traffic-related emergency department visits per year. CNN reports: Researchers examined emergency department data across 16 US states between 2007 and 2014. The states were picked based on the availability of information regarding motor vehicle accident injuries for which emergency department treatment was needed. In the United States, 47 out of 50 states currently have laws restricting texting while driving. Of the 16 states researchers looked at in the study, all but one (Arizona) had one of these laws.

The states that had texting bans, regardless of the type or who it applied to, saw a 4% average reduction in emergency department visits, according to the results published Thursday in the American Journal of Public Health. The states that chose to implement primary bans on all drivers saw an 8% reduction in crash-related injuries. Drivers of all ages, even those older 65, who are typically not known for texting while driving, saw reductions in the number of injuries following crashes.

A recent experiment by Josh Frantz, a senior security consultant at Rapid7, suggests that users are taking few if any steps to protect their private information before releasing their used devices back out into the wild. From a report: For around six months, he collected used desktop, hard disks, cellphones and more from pawn shops near his home in Wisconsin. It turned out they contain a wealth of private data belonging to their former owners, including a ton of personally identifiable information (PII) -- the bread and butter of identity theft. Frantz amassed a respectable stockpile of refurbished, donated, and used hardware: 41 desktops and laptops, 27 pieces of removable media (memory cards and flash drives), 11 hard disks, and six cellphones. The total cost of the experiment was a lot less than you'd imagine. "I visited a total of 31 businesses and bought whatever I could get my hands on for a grand total of around $600," he said.

Frantz used a Python-based optical character recognition (OCR) tool to scan for Social Security numbers, dates of birth, credit card information, and other sensitive data. And the result was, as you might expect, not good. The pile of junk turned out to contain 41 Social Security numbers, 50 dates of birth, 611 email accounts, 19 credit card numbers, two passport numbers, and six driver's license numbers. Additionally, more than 200,000 images were contained on the devices and over 3,400 documents. He also extracted nearly 150,000 emails.

An anonymous reader quotes the Associated Press: Most states ban texting behind the wheel, but a legislative proposal could make Nevada one of the first states to allow police to use a contentious technology to find out if a person was using a cellphone during a car crash... If the Nevada measure passes, it would allow police to use a device known as the "textalyzer," which connects to a cellphone and looks for user activity, such as opening a Facebook messenger call screen. It is made by Israel-based company Cellebrite, which says the technology does not access or store personal content. It has not been tested in the field and is not being used by any law enforcement agencies. The company said the device could be tested in the field if the Nevada legislation passes...

Opponents air concerns that the measure violates the Fourth Amendment, which protects against unreasonable search and seizure. Jay Stanley, a senior policy analyst at the American Civil Liberties Union, also raised questions over how the software will work and if it will be open sourced so the public can ensure it doesn't access personal content...

Law enforcement officials argue that distracted driving is underreported and that weak punishments do little to stop drivers from texting, scrolling or otherwise using their phones. Adding to the problem, they say there is no consistent police practice that holds those drivers accountable for traffic crashes, unlike drunken driving.

"When your phone rings, there's about a 50 percent chance it's a spam robo-call," reports the Washington Post. Now a computer science professor who's researched robo-call technologies reveals the economics behind automatically dialing phone numbers "either randomly, or from massive databases compiled from automated Web searches, leaked databases of personal information and marketing data." It doesn't matter whether you've signed up with the federal Do Not Call Registry, although companies that call numbers on the list are supposed to be subject to large fines. The robo-callers ignore the list, and evade penalties because they can mask the true origins of their calls.... Each call costs a fraction of a cent -- and a successful robo-call scam can net millions of dollars. That more than pays for all the calls people ignored or hung up on, and provides cash for the next round. Casting an enormous net at low cost lets these scammers find a few gullible victims who can fund the whole operation...

Partly that's because their costs are low. Most phone calls are made and connected via the Internet, so robo-call companies can make tens of thousands, or even millions, of calls very cheaply. Many of the illegal robo-calls targeting the United States probably come from overseas -- which used to be extremely expensive but now is far cheaper...

Meanwhile, the Federal Communications Commission has been asking U.S. phone companies to filter calls and police their own systems to keep out robo-calls. It hasn't worked, mainly because it's too costly and technically difficult for phone companies to do that. It's hard to detect fake Caller ID information, and wrongly blocking a legitimate call could cause them legal problems.
The professor's article suggests guarding your phone number like you guard your credit card numbers. "Don't give your phone number to strangers, businesses or websites unless it's absolutely necessary."

"Of course, your phone number may already be widely known and available, either from telephone directories or websites, or just because you've had it for many years. In that case, you probably can't stop getting robo-calls."

Huawei has built its own operating system for phones, tablets and computers in case tensions between Huawei and the U.S. escalate even further than they already are. "The OS has been rumored for years, but Huawei confirmed its viability with the South China Morning Post, saying it could be used if the company were cut off from Android or Windows," reports Engadget. "It's seen as a last resort, but given the current discord between the U.S. and Huawei, it's not entirely surprising that the company has a plan B." From the report: Huawei began building the OS in 2012, after the U.S. banned Chinese telecom equipment maker ZTE from using American products and services. This was reportedly seen as a way to prepare for "worst-case scenarios." Now, with Huawei suing the U.S. government and the U.S. saying it might punish Germany if the country works with Huawei on its 5G networks, those worst-case scenarios might not be too far-fetched. At the moment, this doesn't change much. Android and Windows are still the company's first-choice. "We fully support our partners' operating systems -- we love them and our customers love them," a company spokesperson told South China Morning Post. Still, given the state of the U.S.-Huawei relationship, this contingency plan could be significant.

According to a report from Yonhap News Agency, Samsung's vice president of its display R&D group, Yang Byung-duk, said the company is working on making the entire front of its phones a screen, with no need for bezels or a camera cutout of any kind. He said that "though it wouldn't be possible to make (a full-screen smartphone) in the next 1-2 years, the technology can move forward to the point where the camera hole will be invisible, while not affecting the camera's function in any way." The Verge reports: The comments come less than a month after Samsung announced its latest flagship, the Galaxy S10, which is the company's first phone to have a "hole-punch" cut out from its display for the selfie camera. Yang called the S10's Infinity-O display a "milestone" for the company, but suggested that Samsung eventually plans to place the selfie camera under the display itself, removing the need for any cut out or pop-up mechanism.

Google's latest speech recognition works entirely offline, eliminating the delay that many other voice assistants have to return your query. "The delay occurs because your voice, or some data derived from it anyway, has to travel from your phone to the servers of whoever operates the service, where it is analyzed and sent back a short time later," reports TechCrunch. "This can take anywhere from a handful of milliseconds to multiple entire seconds (what a nightmare!), or longer if your packets get lost in the ether." The only major downside with Google's new system is its limited availability. As of right now, it's only available to people with a Pixel smartphone. From the report: Why not just do the voice recognition on the device? There's nothing these companies would like more, but turning voice into text on the order of milliseconds takes quite a bit of computing power. It's not just about hearing a sound and writing a word -- understanding what someone is saying word by word involves a whole lot of context about language and intention. Your phone could do it, for sure, but it wouldn't be much faster than sending it off to the cloud, and it would eat up your battery. But steady advancements in the field have made it plausible to do so, and Google's latest product makes it available to anyone with a Pixel.

Google's work on the topic, documented in a paper here, built on previous advances to create a model small and efficient enough to fit on a phone (it's 80 megabytes, if you're curious), but capable of hearing and transcribing speech as you say it. No need to wait until you've finished a sentence to think whether you meant "their" or "there" -- it figures it out on the fly. So what's the catch? Well, it only works in Gboard, Google's keyboard app, and it only works on Pixels, and it only works in American English. So in a way this is just kind of a stress test for the real thing. "Given the trends in the industry, with the convergence of specialized hardware and algorithmic improvements, we are hopeful that the techniques presented here can soon be adopted in more languages and across broader domains of application," writes Google in their blog post.