Privacy

A Supreme Court Case This Week Could Change US Digital Privacy Standards 74

On November 29th, the U.S. Supreme Court will hear oral arguments in Carpenter v. US, a case essentially asking whether or not authorities need a warrant based on probable cause and signed by a judge to see your cellphone location data. For now, they do not. Given the fact that about 95% of Americans have cellphones, this case has major implications. Quartz reports: Mobile-service providers collect "cell site location information" (CSLI) for all phones, ostensibly to use for things like improving their networks. The U.S. government considers these data "routinely collected business records" rather than private information. That means it can demand the records without proving probable cause. That's what happened in the criminal case of Timothy Carpenter, accused of a series of Detroit, Michigan robberies. At Carpenter's trial, prosecutors presented evidence collected by private companies, obtained by the law without probable cause. They used 127 days-worth of cellphone-location data, amounting to almost 13,000 data points, to tell a circumstantial story of Carpenter comings and goings.

In its brief to the high court, filed in September, the justice department argued that when Carpenter signed onto his cell-phone provider's service, he agreed that his call records weren't private information belonging to him, but rather business records belonging to the company. Therefore, he should have "no reasonable expectation of privacy" when it comes to these records, government attorneys wrote. Carpenter argues that the location evidence was obtained illegally. The Sixth Circuit Court of Appeals denied that claim last year, basing their decision on Supreme Court cases from the 1970s: Smith v. Maryland and US v. Miller . The appeals court concluded that, under what's called the "third-party doctrine," Americans don't have a reasonable expectation of privacy in things like check deposit slips, similar banking records, and dialed telephone numbers.
Android

The Pixel 2's Dormant 'Visual Core' Chip Gets Activated In Latest Android Developer Preview (techcrunch.com) 32

The Google Pixel 2 and Pixel 2 XL both feature a custom Intel "Visual Core" co-processor, which is meant to improve speed and battery life when shooting photos with Google's HDR+ technology. The chip has been hanging out in the phone not really doing much of anything -- until now. TechCrunch reports of a new developer preview of Android 8.1 due out today that puts the chip to use. "The component is expected to further improve the handsets' cameras, which were already scoring good marks, production issues aside." From the report: According to the company, Pixel Visual Core has eight image processing unit (IPU) cores and 512 arithmetic logic units. Using machine learning, the company says it's able to speed things up by 5x, with one tenth of the energy. Access to the chip, combined with the Android Camera API means third-party photo apps will be able to take advantage of the system's speedy HDR+. Sounds swell, right? Of course, this is still just an early preview, only available to people who sign up for Google's Beta program. That means, among other things, dealing with potential bugs of an early build. Google wouldn't give us any more specific information with regards to when the feature will be unlocked for the public, but it's expected to arrive along with the 8.1 public beta in December.
Cellphones

White House Weighs Personal Mobile Phone Ban For Staff (bloomberg.com) 113

The White House is considering banning its employees from using personal mobile phones while at work. While President Trump has been vocal about press leaks since taking office, one official said the potential change is driven by cybersecurity concerns. Bloomberg reports: One official said that there are too many devices connected to the campus wireless network and that personal phones aren't as secure as those issued by the federal government. White House Chief of Staff John Kelly -- whose personal phone was found to be compromised by hackers earlier this year -- is leading the push for a ban, another official said. The White House already takes precautions with personal wireless devices, including by requiring officials to leave phones in cubbies outside of meeting rooms where sensitive or classified information is discussed. Top officials haven't yet decided whether or when to impose the ban, and if it would apply to all staff in the executive office of the president. While some lower-level officials support a ban, others worry it could result in a series of disruptive unintended consequences.
United States

Justices Ponder Need For Warrant For Cellphone Tower Data (apnews.com) 200

An anonymous reader shares a report: Like almost everyone else in America, thieves tend to carry their cellphones with them to work. When they use their phones on the job, police find it easier to do their jobs. They can get cellphone tower records that help place suspects in the vicinity of crimes, and they do so thousands of times a year. Activists across the political spectrum, media organizations and technology experts are among those arguing that it is altogether too easy for authorities to learn revealing details of Americans' lives merely by examining records kept by Verizon, T-Mobile and other cellphone service companies. On Wednesday, the Supreme Court hears its latest case about privacy in the digital age. At issue is whether police generally need a warrant to review the records. Justices on the left and right have recognized that technology has altered privacy concerns. The court will hear arguments in an appeal by federal prison inmate Timothy Carpenter. He is serving a 116-year sentence after a jury convicted him of armed robberies in the Detroit area and northwestern Ohio.
Cellphones

Motorola Ad Mocks Samsung Ad Mocking Apple (bgr.com) 84

An anonymous reader quotes BGR: A few days after the iPhone X launched in stores, Samsung came out with an anti-iPhone campaign... I actually did not expect Samsung to pull off cheap tricks like that, but it sure looks like the iPhone X is a pretty scary device to fight against. But what probably nobody saw coming is Motorola trolling Samsung with an ad of its own... The "Up-upgrade to Motorola" ad offers the alternate ending to Samsung's ad, as Motorola explains on its Facebook page... Motorola doesn't even mention the iPhone X, so if you haven't seen Samsung's ad, you'd think it's just going after Galaxy handsets.
Elsewhere on Facebook, Motorola specifically referenced the attachable accessories available for their Moto Z when mocking the Galaxy Note 8.

"Why settle for edge-to-edge, when you could project your screen up to 70 inches?"
Iphone

10-Year-Old Boy Cracks the Face ID On Both Parents' IPhone X (wired.com) 300

An anonymous reader writes: A 10-year-old boy discovered he could unlock his father's phone just by looking at it. And his mother's phone too. Both parents had just purchased a new $999 iPhone X, and apparently its Face ID couldn't tell his face from theirs. The unlocking happened immediately after the mother told the son that "There's no way you're getting access to this phone."

Experiments suggest the iPhone X was confused by the indoor/nighttime lighting when the couple first registered their faces. Apple's only response was to point to their support page, which states that "the statistical probability is different...among children under the age of 13, because their distinct facial features may not have fully developed. If you're concerned about this, we recommend using a passcode to authenticate." The boy's father is now offering this advice to other parents. "You should probably try it with every member of your family and see who can access it."

And his son just "thought it was hilarious."

Iphone

Apple Fixes the iPhone X 'Unresponsive When It's Cold' Bug (arstechnica.com) 42

An anonymous reader quotes Ars Technica: Apple released iOS 11.1.2 for iPhones and iPads Thursday afternoon. It's a minor, bug-fix update that benefits iPhone X users who encountered issues after acquiring the new phone just under two weeks ago... The update fixes just two problems. The first is "an issue where the iPhone X screen becomes temporarily unresponsive to touch after a rapid temperature drop." Last week, some iPhone X owners began reporting on Reddit and elsewhere that their touchscreens became temporarily unresponsive when going outside into the cold... The update also "addresses an issue that could cause distortion in Live Photos and videos captured with iPhone X."
The article notes that the previous update "fixed a strange and widely mocked autocorrect bug that turned the letter 'i' into strange characters."

"To date, iOS 11's updates have largely been bug fixes."
Google

CNBC: Google's New 'Pixel Buds' Suck (yahoo.com) 100

Google's new Pixel Buds "are really bad" and "not worth buying," according to CNBC's technology products editor: The stand-out feature of Google Pixel Buds is that they're supposed to be able to translate spoken languages in near real-time. In my real-world tests, however, that wasn't the case at all. I took the Pixel Buds out on the streets of Manhattan, speaking to a Hungarian waiter in Little Italy, multiple vendors in Chinatown and more. If you press the right earbud and say "help me speak Chinese," for example, the buds will launch Google Translate, you can speak what you'd like to ask someone in another language, and a voice will read out the translated speech through your smartphone's speakers. Then, when someone replies, you'll hear that response through the Pixel Buds.

The microphone on the Pixel Buds is really bad, so it barely picked up my voice queries that I wanted to translate. I stood on the side of the road in Chinatown repeating myself at least 10 times trying to get the phone to pick up my speech in order to begin translation. It barely worked, even if I took the buds out and spoke directly into the microphone on the right earbud, and often only translated half of what I was trying to ask. In a quiet place, I was able to allow someone to respond to me, after which I'd hear the English translation through the headphones. That was neat, but it barely ever actually worked that way. To mitigate this, I found it was just easier to manually open the Google translate app, speak into my phone's microphone, and then let someone else also speak right into my phone. This executed the translation nearly perfectly, and meant that I didn't need the Pixel Buds at all.

The article ends by answering the question, Should you buy them? "Nope. There's nothing I recommend about the Pixel Buds.

"They're cheap-feeling and uncomfortable, and you're better off using the Google Translate app on a phone instead of trying to fumble with the headphones while trying to translate a conversation. The idea is neat, but it just doesn't work well enough to recommend to anyone on any level."
Bug

iPhone X Owners Experience 'Crackling' or 'Buzzing' Sounds From Earpiece Speaker (macrumors.com) 104

MacRumors reports: A limited but increasing number of iPhone X owners claim to be experiencing so-called "crackling" or "buzzing" sounds emanating from the device's front-facing earpiece speaker at high or max volumes. Over two dozen users have said they are affected in a MacRumors discussion topic about the matter, while similar reports have surfaced on Twitter and Reddit since the iPhone X launched just over a week ago. On affected devices, the crackling sounds occur with any kind of audio playback, including phone calls, music, videos with sound, alarms, and ringtones. The issue doesn't appear to be limited to any specific iPhone X configuration or iOS version.
"The speakerphone for an $1100 phone should be at least as good as it was on the iPhone 6 and 7," complained one user, "but instead, it's crackly, edgy and buzzy."

"I believe we all knew the iPhone X would be highly scrutinized," writes Slashdot reader sqorbit, "but the reported problems appear to be stacking up."
Cellphones

New Samsung Video Demos Linux on Galaxy Smartphones (liliputing.com) 100

Slashdot reader boudie2 tipped us off to some Linux news. Liliputing reports: Samsung's DeX dock lets you connect one of the company's recent phones to an external display, mouse, and keyboard to use your phone like a desktop PC... assuming you're comfortable with a desktop PC that runs Android. But soon you may also be able to use your Android phone as a Linux PC [and] the company has released a brief video that provides more details. One of those details? At least one of the Linux environments in question seems to be Ubuntu 16.04... While that's the only option shown, the fact that it does seem to be an option suggests you may be able to run different Linux environments as well.

Once Ubuntu is loaded, the video shows a user opening Eclipse, an integrated development environment that's used to create Java (and Android apps). In other words, you can develop apps for Android phones with ARM-based processors on an Android phone with an ARM-based processor.

Samsung promised in October that its Linux on Galaxy app will ultimately let users "run their preferred Linux distribution on their smartphones utilizing the same Linux kernel that powers the Android OS."
Bug

The iPhone X Becomes Unresponsive When It Gets Cold (zdnet.com) 196

sqorbit writes: Apple is working on a fix for the newly release iPhone X. It appears that the touch screen can become unresponsive when the iPhone is subjected to cold weather. Users are reporting that locking and unlocking the phone resolves the issue. Apple stated that it is aware of the issue and it will be addressed in a future update.
Android

CopperheadOS Fights Unlicensed Installations On Nexus Phones (xda-developers.com) 97

An anonymous reader writes: Earlier this week security-hardened Android build CopperheadOS temporarily blocked Nexus updates on its servers after finding out that other companies have been flashing the ROM onto Nexus phones and selling them commercially in violation of the CopperheadOS licensing terms. The incident highlights an inherent problem in getting open source to be used by the masses: the difficulty of organizations being able to build and monetize a successful, long-term open source business model...
"We've enabled over-the-air updates again," CopperheadOS tweeted Saturday, "to avoid impacting our remaining customers on Nexus devices and other legitimate users. However, downloads on the site will no longer be available and we'll be making changes to the update client for Nexus devices."

In an earlier series of tweets, they explained it's an ongoing issue. "It's not okay to disrespect our non-commercial licensing terms for those official builds by flashing and selling it on hundreds of phones... This is why we've been unable to sell access to Pixel images. There are people that are going to buy those and flash + sell devices in direct competition with us in violation of the licensing terms. Needing to deal with so many people acting in bad faith makes this difficult.

"It's not permitted for our official Nexus builds and yet that's what's happening. We do all of the development, testing, release engineering and we provide the infrastructure, and then competitors sell far more devices than us in violation of our licensing terms. Ridiculous."
IOS

iOS 11 Passes 50 Percent Adoption In Under 2 Months (venturebeat.com) 133

An anonymous reader quotes a report from VentureBeat: After a longer wait than usual, Apple today finally released the first official numbers for iOS 11. The various figures and estimates released by marketing and research firms are no longer relevant, as we now know for certain that iOS 11 has passed the 50 percent mark in less than two months. In other words, the latest version of the company's mobile operating system is now on one in every two of its mobile devices. iOS 11 was released on September 13, meaning it took less than seven weeks to reach the majority of users that Apple tracks. While this is certainly impressive, keep in mind that iOS 10 took less than a month and iOS 9 took less than a week to hit the same adoption milestone. Sure, the number of iOS devices is growing, but Apple also cuts down the number allowed to get the latest updates.
Cellphones

Razer Unveils Gaming Smartphone With 120Hz UltraMotion Display, 8GB RAM and No Headphone Jack (cnet.com) 168

Computer hardware company Razer has unveiled its first smartphone. While the design doesn't appear to be up to par with the competition, it does pack some impressive specifications under the hood. The Razer Phone features a 5.7-inch, 2,560x1,440-resolution display, Snapdragon 835 chipset with 8GB of RAM, 12-megapixel dual camera with a wide-angle lens and 2x optical zoom, 4,000mAh battery, dual front-facing stereo speakers, and Android 7.1.1 Nougat running out of the box. While there is a microSD card slot for expandable storage, there is no headphone jack, no waterproofing, and no wireless charging. The device also won't support CDMA carriers like Verizon or Sprint. CNET reports: [W]here most new flagship phones are shiny rounded rectangles with curved screens, the Razer Phone is unabashedly a big black brick. It flaunts sharp 90-degree corners instead of curved edges. You can even stand the phone on end. The 5.7-inch, 2,560x1,440-resolution screen is flat as a pancake, and you'll find giant bezels above and below that screen, too -- just when we thought bezels were going out of style. When the Razer Phone ships Nov. 17 for $699 or £699 -- no plans for Australia at launch -- the company says it'll be the first phone with a display that refreshes 120 times per second, like a high-end PC gaming monitor or Apple's iPad Pro. And combined with a dynamic refresh technique Razer's calling Ultramotion (think Nvidia G-Sync), it can mean beautiful, butter-smooth scrolling down websites and apps, and glossy mobile gameplay.
Security

Researchers Devise 2FA System That Relies On Taking Photos of Ordinary Objects (bleepingcomputer.com) 138

An anonymous reader quotes Bleeping Computer: Scientists from Florida International University and Bloomberg have created a custom two-factor authentication (2FA) system that relies on users taking a photo of a personal object. The act of taking the photo comes to replace the cumbersome process of using crypto-based hardware security keys (e.g., YubiKey devices) or entering verification codes received via SMS or voice call. The new system is named Pixie, and researchers argue it is more secure than the aforementioned solutions.

Pixie works by requiring users to choose an object as their 2FA key. When they set up the Pixie 2FA protection, they take an initial photo of the object that will be used for reference. Every time users try to log into their account again, they re-take a photo of the same object, and an app installed on their phone compares the two photos... In automated tests, Pixie achieved a false accept rate below 0.09% in a brute force attack with 14.3 million authentication attempts. An Android app is available for testing here.

Social Networks

TechCrunch Argues Social Media News Feeds 'Need to Die' (techcrunch.com) 154

"Feeds need to die because they distort our views and disconnect us from other human beings around us," argues TechCrunch's Romain Dillet: At first, I thought I was missing out on some Very Important Content. I felt disconnected. I fought against my own FOMO. But now, I don't feel anything. What's going on on Instagram? I don't care. Facebook is now the worst internet forum you can find. Twitter is filled with horrible, abusive people. Instagram has become a tiny Facebook now that it has discouraged all the weird, funny accounts from posting with its broken algorithm. LinkedIn's feed is pure spam.

And here's what I realized after forgetting about all those "social" networks. First, they're tricking you and pushing the right buttons to make you check your feed just one more time. They all use thirsty notifications, promote contrarian posts that get a lot of engagement and play with your emotions. Posting has been gamified and you want to check one more time if you got more likes on your last Instagram photo. Everything is now a story so that you pay more attention to your phone and you get bored less quickly -- moving pictures with sound tend to attract your eyes... [F]inally, I realized that I was missing out by constantly checking all my feeds. By putting my phone on 'Do Not Disturb' for days, I discovered new places, started conversations and noticed tiny little things that made me smile.

He concludes that technology has improved the way we learn, communicate, and share information, "But it has gone too far...

"Forget about your phone for a minute, look around and talk with people next to you."
Encryption

FBI Couldn't Access Nearly 7,000 Devices Because of Encryption (foxbusiness.com) 299

Michael Balsamo, writing for Associated Press: The FBI hasn't been able to retrieve data from more than half of the mobile devices it tried to access in less than a year, FBI Director Christopher Wray said Sunday, turning up the heat on a debate between technology companies and law enforcement officials trying to recover encrypted communications. In the first 11 months of the fiscal year, federal agents were unable to access the content of more than 6,900 mobile devices, Wray said in a speech at the International Association of Chiefs of Police conference in Philadelphia. "To put it mildly, this is a huge, huge problem," Wray said. "It impacts investigations across the board -- narcotics, human trafficking, counterterrorism, counterintelligence, gangs, organized crime, child exploitation." The FBI and other law enforcement officials have long complained about being unable to unlock and recover evidence from cellphones and other devices seized from suspects even if they have a warrant, while technology companies have insisted they must protect customers' digital privacy.
Cellphones

Essential Announces $200 (29%) Discount on Phones -- Price Dropped To $499 (cnet.com) 106

An anonymous reader quote CNET: The heavily hyped, Andy Rubin-backed Essential phone launched late in August. Now, two months later, its price has been cut from $699 to $499. The news was announced in a Sunday blog post by company president Niccolo de Masi. He said the price cut comes in lieu of the company spending money on an expensive marketing campaign. "We could have created a massive TV campaign to capture your attention," Masi wrote, "but we think making it easier for people to get their hands on our first products is a better way to get to know us." A spokesperson added to this, telling CNET, "We've heard from many people that once they got their hands on an Essential Phone they were hooked by the device's unique look and feel... it was a strategic decision to invest in bold pricing to get our products into more hands instead of traditional marketing such as TV to generate awareness and word of mouth."
"There is really no other way to read the move except as a signal that it wasn't selling well at $699," counters the Verge, "especially given that the only U.S. carrier stores it's available in have 'Sprint' above the door. It certainly doesn't help that it now has to face the Pixel 2 and Pixel 2 XL head-to-head."

"To help salve the burn that customers who paid the full price might be feeling, the company is offering a $200 Essential Store 'friends & family code' to be used towards the purchase of another phone or a module."
Security

With Rising Database Breaches, Two-Factor Authentication Also At Risk (hackaday.com) 84

Two-factor authentication "protects from an attacker listening in right now," writes Slashdot reader szczys, "but in many case a database breach will negate the protections of two-factor." Hackaday reports: To fake an app-based 2FA query, someone has to know your TOTP password. That's all, and that's relatively easy. And in the event that the TOTP-key database gets compromised, the bad hackers will know everyone's TOTP keys.

How did this come to pass? In the old days, there was a physical dongle made by RSA that generated pseudorandom numbers in hardware. The secret key was stored in the dongle's flash memory, and the device was shipped with it installed. This was pretty plausibly "something you had" even though it was based on a secret number embedded in silicon. (More like "something you don't know?") The app authenticators are doing something very similar, even though it's all on your computer and the secret is stored somewhere on your hard drive or in your cell phone. The ease of finding this secret pushes it across the plausibility border into "something I know", at least for me.
The original submission calls two-factor authentication "an enhancement to password security, but good password practices are far and away still the most important of security protocols." (Meaning complex and frequently-changed passwords.)
Advertising

For Under $1,000, Mobile Ads Can Track Your Location (mashable.com) 52

"Researchers were able to use GPS data from an ad network to track a user to their actual location, and trace movements through town," writes phantomfive. Mashable reports: The idea is straightforward: Associate a series of ads with a specific individual as well as predetermined GPS coordinates. When those ads are served to a smartphone app, you know where that individual has been... It's a surprisingly simple technique, and the researchers say you can pull it off for "$1,000 or less." The relatively low cost means that digitally tracking a target in this manner isn't just for corporations, governments, or criminal enterprises. Rather, the stalker next door can have a go at it as well... Refusing to click on the popups isn't enough, as the person being surveilled doesn't need to do so for this to work -- simply being served the advertisements is all it takes.
It's "an industry-wide issue," according to the researchers, while Mashable labels it "digital surveillance, made available to any and all with money on hand, brought to the masses by your friendly neighborhood Silicon Valley disrupters."

Slashdot Top Deals