Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Security

Hamas 'Honey Trap' Dupes Israeli Soldiers (securityweek.com) 109

wiredmikey quotes Security Week: The smartphones of dozens of Israeli soldiers were hacked by Hamas militants pretending to be attractive young women online, an Israeli military official said Wednesday. Using fake profiles on Facebook with alluring photos, Hamas members contacted the soldiers via groups on the social network, luring them into long chats, the official told journalists on condition of anonymity.

Dozens of the predominantly lower-ranked soldiers were convinced enough by the honey trap to download fake applications which enabled Hamas to take control of their phones, according to the official.

Cellphones

Nokia Finally Returns To The Smartphone Market (In China) (mashable.com) 23

An anonymous reader quotes Mashable: To little fanfare, the Finnish technology company HMD Global Sunday unveiled the Nokia 6, a mid-range Android smartphone for the Chinese market. HMD owns the rights to use Nokia's brand on mobile phones. The Nokia 6, which runs the newest version of Google's mobile operating system, Android Nougat, sports a 5.5-inch full HD (1920x1080 pixels) display. With metal on the sides and a rounded rectangular fingerprint scanner housed on the front, the Nokia 6 seems reminiscent of the Samsung Galaxy S7.

The new Nokia smartphone is powered by a mid-range Qualcomm Snapdragon 430 processor and will compete with the likes of Samsung's Galaxy A series models and other mid-end smartphones... The smartphone is priced at 1,699 Chinese Yuan (roughly $250).

AI

Huawei Snubs Google, Ships An Android Phone With Alexa (reuters.com) 63

Huawei announced its flagship handset will gives users access to Amazon's Alexa assistant in the U.S., suggesting a new worry for Google, according to Reuters. An anonymous reader writes: "The adoption of Alexa by a prominent Android manufacturer indicates that Amazon may have opened up an early lead over Google as the companies race to present their digital assistants to as many people as possible, analysts said." Analyst Jan Dawson at Jackdaw Research even told Reuters that if Google's personal assistant lags in popularity when voice becomes the most popular interface, "that's a huge loss for Google in terms of data gathering, training its AI, and ultimately the ability to drive advertising revenue."

Tension may have started when Google decided to debut Google Assistant on their own Pixel smartphones. "While Google has expressed an interest in bringing its assistant to other Android smartphones, the decision to debut the feature on its own hardware may have strained relations with manufacturers, Dawson said. 'It highlights just what a strategic mistake it can be for services companies to make their own hardware and give it preferential access to new services.'"

Nvidia announced this week at CES that they'd be using Google Assistant for their Shield TVs, while Whirlpool and Ford both announced Alexa-enabled products. But this article argues Google Assistant has one thing that Alexa doesn't have: a search engine.
Android

LG Is Abandoning the Modular Smartphone Idea (theverge.com) 78

An anonymous reader quotes a report from The Verge: LG's modular phone accessory strategy that served as the primary differentiator for last year's G5 smartphone appears to be no more. The Wall Street Journal reports that the South Korean company is pivoting away from the plug-in "Friends" modules for the upcoming G6 device after lackluster sales for the G5. Per The Wall Street Journal, an LG spokesperson commented that consumers aren't interested in modular phones. The company instead is planning to focus on functionality and design aspects for the upcoming G6, which Chief Technologist Skott Ahn says will be released "in the very near future." According to the WSJ, the LG G6 will arrive "in the very near future," which suggests the phone will launch at Mobile World Congress next month.
Android

Some Pixels Have Problems (techtimes.com) 69

An anonymous reader quotes Tech Times: Pixel owners have so far reported on camera issues, audio issues, LTE band 4 connectivity problems and others, but the random freezing remains among the most persistent ones. While most previous issues have already received a fix, users have been complaining about the Google Pixel or Pixel XL randomly freezing since November and it seems Google has yet to get to the bottom of this. The official Pixel User Community forum has a long thread on the matter and the discussion started a good while back [in early November]...

[U]sers reporting on the Pixel Community Forum run different apps and they haven't found a common denominator just yet, and some don't have any third-party apps at all, further suggesting that the issue might not be caused by a third-party app. On the other hand, some Pixel owners got rid of this issue by uninstalling a third-party app called Live360 Family Locator, but others didn't even have the app installed and still experienced the issues.

Despite the problems, "most Pixel owners thus far have been quite pleased with their device," notes BGR -- though Softpedia also reports on some users complaining about "static and distorted sounds when at the three highest volume levels."
Encryption

US Congressional Committee Concludes Encryption Backdoors Won't Work (betanews.com) 98

"Any measure that weakens encryption works against the national interest," reports a bipartisan committee in the U.S. Congress. Mark Wilson quotes Beta News: The Congressional Encryption Working Group (EWG) was set up in the wake of the Apple vs FBI case in which the FBI wanted to gain access to the encrypted contents of a shooter's iPhone. The group has just published its end-of-year report summarizing months of meetings, analysis and debate. The report makes four key observations, starting off with: "Any measure that weakens encryption works against the national interest".

This is certainly not a new argument against encryption backdoors for the likes of the FBI, but it is an important one... The group says: "Congress should not weaken this vital technology... Cryptography experts and information security professionals believe that it is exceedingly difficult and impractical, if not impossible, to devise and implement a system that gives law enforcement exceptional access to encrypted data without also compromising security against hackers, industrial spies, and other malicious actors...

The report recommends that instead, Congress "should foster cooperation between the law enforcement community and technology companies," adding "there is already substantial cooperation between the private sector and law enforcement." [PDF] It also suggests that analyzing the metadata from "our digital 'footprints'...could play a role in filling in the gap. The technology community leverages this information every day to improve services and target advertisements. There appears to be an opportunity for law enforcement to better leverage this information in criminal investigations."
AT&T

AT&T Is Adding a Spam Filter For Phone Calls (theverge.com) 66

An anonymous reader quotes a report from The Verge: Today, ATT introduced a new service for automated blocking of fraud or spam calls. Dubbed ATT Call Protect, the system identifies specific numbers believed to be sources of fraud, and will either deliver those calls with a warning or block them outright. Users can whitelist specific numbers, although temporary blocks require downloading a separate Call Protect app. The feature is only available on postpaid iOS and Android devices, and can be activated through the MyATT system. Phone companies have allowed for manual number blocking for years, and third-party apps like Whitepages and Privacystar use larger databases of untrustworthy numbers to preemptively block calls from the outside. But ATT's new system would build in those warnings at the network level, and give operators more comprehensive data when assembling suspected numbers. More broadly, marketing calls are subject to the national Do Not Call registry. Specific instances of fraud can still be reported through carriers or directly to police.
Electronic Frontier Foundation

EFF Begins Investigating Surveillance Technology Rumors At Standing Rock (eff.org) 147

Electronic Frontier Foundation has dispatched a team of technologists and lawyers to a protest site in Standing Rock, North Dakota, to investigate "several reports of potentially unlawful surveillance." An anonymous reader writes: The EFF has "collected anecdotal evidence from water protectors about suspicious cell phone behavior, including uncharacteristically fast battery drainage, applications freezing, and phones crashing completely," according to a recent report. "Some water protectors also saw suspicious login attempts to their Google accounts from IP addresses originating from North Dakota's Information & Technology Department. On social media, many reported Facebook posts and messenger threads disappearing, as well as Facebook Live uploads failing to upload or, once uploaded, disappearing completely."

The EFF reports "it's been very difficult to pinpoint the true cause or causes," but they've targeted over 20 law enforcement agencies with public records requests, noting that "Of the 15 local and state agencies that have responded, 13 deny having any record at all of cell site simulator use, and two agencies -- Morton County and the North Dakota State Highway Patrol (the two agencies most visible on the ground) -- claim that they can't release records in the interest of "public safety"...

"Law enforcement agencies should not be allowed to sidestep public inquiry into the surveillance technologies they're using," EFF writes, "especially when citizens' constitutional rights are at stake... It is past time for the Department of Justice to investigate the scope of law enforcement's digital surveillance at Standing Rock and its consequences for civil liberties and freedoms in the digital world."
Transportation

Uber Asks Everyone To Stop Making It The New Tinder (sfgate.com) 150

Ride-sharers have been using Uber and Lyft "carpool" apps to meet dates -- and now Uber's trying to stop it. An anonymous reader quotes SFGate: This week Uber updated their community guidelines to discourage passengers from using the ride-sharing app as a hook-up opportunity. Some Uber and Lyft riders have been using the car-pooling option as a way to meet or hook up with others. But Uber is not pleased and has advised users to not flirt or touch passengers. "It's OK to chat with other people in the car. But please don't comment on someone's appearance or ask whether they are single," Uber's guidelines state.
Their new policy now specifically states that "Uber has a no sex rule. That's no sexual conduct between drivers and riders, no matter what."
Government

Virginia Police Spent $500K For An Ineffective Cellphone Surveillance System (muckrock.com) 36

Cell-site simulators can intercept phone calls and even provide locations (using GPS data). But Virginia's state police force just revealed details about their actual use of the device -- and it's not pretty. Long-time Slashdot reader v3rgEz writes: In 2014, the Virginia State Police spent $585,265 on a specially modified Suburban outfitted with the latest and greatest in cell phone surveillance: the DRT 1183C, affectionately known as the DRTbox. But according to logs uncovered by public records website MuckRock, the pricey ride was only used 12 times — and only worked seven of those times.
According to Virginia's ACLU director, "each of the 12 uses cost almost $50,000, and only 4 of them resulted in an arrest [raising] a significant question whether the more than half million dollars spent on the device and the vehicle...was a wise investment of public funds."
Businesses

Yesterday Saw $3.3 Billion In Online Purchases (cmo.com) 66

Friday humanity set a new record for the most money ever spent online in a single day -- and the most ever purchased on mobile devices. An anonymous reader writes: Online sales reached $3.34 billion yesterday, up 11.3% from the same day last year, according to a new report from Adobe Digital Insights. And most of that traffic came from mobile devices. In fact, yesterday became "the first day to ever generate over a billion dollars in online sales from mobile devices," according to their report. Although 64% of online sales came from desktop computers, 55% of the traffic to shopping sites still came from mobile devices -- 45% from smartphones, and 10% from tablets. (Just three years ago, only 20% of Black Friday sales came from mobile devices.)

The top-grossing products appeared to be iPads and Macbooks, Microsoft's Xbox, and Samsung and LG TVs, while the top-grossing toys were electric scooters, drones, Nerf guns and LEGO sets. The products mostly likely to be "out of stock" yesterday included the new NES Classic and the Nintendo 3DS XL Solgaleo Lunala (black edition), the Playstation VR bundle (and the PS4 "Call of Duty: Black Ops" bundle), and the Xbox One S bundle for Madden NFL 17.

The day after Black Friday is now being touted as "Small Business Saturday," a tradition started in 2010 when American Express partnered with the non-profit National Trust for Historic Preservation (and some civic-minded groups in Boston) to encourage people to shop in their local brick-and-mortar stores. American Express reported a $1.7 billion increase in sales on Small Business Saturday in 2015, "with 95 million customers reporting shopping small at local retailers, salons, restaurants and more."
Canada

Google Opens Real-World 'Google Shops' in Canada (digitaltrends.com) 43

Streetlight writes: Google is moving towards a physical presence in Best Buy stores...mimicking what Samsung has done. Hopefully the "stores" are staffed with competent professionals that know what they're selling and maybe provide some help to those who have purchased Google's hardware and software.
Google "is launching a store-within-a-store debuting in North America at select Best Buy locations in Canada," reports TechCrunch, adding that recently "Google also revealed that it would be creating a pop-up Experience Store for users to check out its new wares in New York City."
Google

Google Bans Hundreds Of Pixel Phone Resellers From Their Google Accounts (theguardian.com) 171

Hundreds of Google users lost their access to their emails, photos, documents, "and anything else linked to their Google identity," wrote the Guardian last week, reporting on "hundreds of people who took advantage of a loophole in US sales tax to make a small profit on Pixel phones" -- and got all of the Google accounts suspended. Long-time Slashdot reader RockDoctor writes: "The Google customers had all bought the phones from the company's Project Fi mobile carrier, and had them shipped directly to a reseller in New Hampshire, a US state with no sales tax. In return, the reseller split the profit with the customers," the Guardian adds.

People might ask, in a hurt tone of voice, "why are you doing this to me?" To which the obvious answer is "because we can, and you agreed to these (link to 3000 pages of text) terms and conditions, including our ability to do this"... The only question has been "When?", never "If?"

Update: Google "has reviewed banned users' appeals and re-enabled their accounts," reports The Guardian.
Security

Second Chinese Firm In a Week Found Hiding a Backdoor In Android Firmware (bleepingcomputer.com) 108

An anonymous reader quotes Bleeping Computer: Security researchers have discovered that third-party firmware included with over 2.8 million low-end Android smartphones allows attackers to compromise Over-the-Air (OTA) update operations and execute commands on the target's phone with root privileges. This is the second issue of its kind that came to light this week after researchers from Kryptowire discovered a similar secret backdoor in the firmware of Chinese firm Shanghai Adups Technology Co. Ltd.. This time around, the problem affected Android firmware created by another Chinese company named Ragentek Group.
It apparently affects more than 55 low-end/burner phones from BLU, Infinix Mobility, DOOGEE, LEAGOO, IKU Mobile, Beeline, and XOLO. According to the article, the binary performing the insecure updates "also includes code to hide its presence from the Android OS, along with two other binaries and their processes... Without SSL protection, this OTA system is an open backdoor for anyone looking to take control of it." Even worse, three domains were hard-coded into the binaries, two of which were unregistered, according to the researchers. "If an adversary had noticed this, and registered these two domains, they would've instantly had access to perform arbitrary attacks on almost 3,000,000 devices without the need to perform a Man-in-the-Middle attack."
China

Chinese Consumer Group Has Asked Apple To Investigate 'a Considerable Number' of iPhone Shutdowns (businessinsider.com) 73

An anonymous reader writes:The China Consumers Association (CCA) has asked Apple to investigate "a considerable number" of reports by users of iPhone 6 and 6s phones that the devices have been shutting off and cannot be turned back on again, it said on Tuesday. The reported problems specifically involve users seeing their iPhones automatically shut off despite 50-60 percent battery levels, and the involuntary shutting off in room temperature or colder environments, as well as the inability to turn the cellphone back on despite continuous battery charging, the statement said. "In view that Apple iPhone 6 and iPhone 6s series cellphones in China have a considerable number of users, and the number of people who've reported this problem is rather many, China Consumer Association has already made a query with Apple," the association said in a statement on its website.
Wireless Networking

Smartphone WiFi Signals Can Leak Your Keystrokes, Passwords, and PINs (bleepingcomputer.com) 46

Bleeping Computer warns that "The way users move fingers across a phone's touchscreen alters the WiFi signals transmitted by a mobile phone, causing interruptions that an attacker can intercept, analyze, and reverse engineer to accurately guess what the user has typed...when the attacker controls a rogue WiFi access point." The new WindTalker attack leverages the "channel state information" in WiFi signals. An anonymous reader quotes their article: Because the user's finger moves across the smartphone when he types text, his hand alters CSI properties for the phone's outgoing WiFi signals, which the attacker can collect and log on the rogue access point... By performing basic signal analysis and signal processing, an attacker can separate desired portions of the CSI signal and guess with an average accuracy of 68.3% the characters a user has typed... but it can be improved the more the user types and the more data the attacker collects.
The new attack is described in a research paper titled "When CSI Meets Public WiFi: Inferring Your Mobile Phone Password via WiFi Signals."
Cellphones

Browser Use On Mobile Devices Exceeds PC Browsing Worldwide: StatCounter (cnet.com) 34

Google is only expected to push the mobile web further now that there are 2 billion active Chrome installs. At the Chrome Dev Summit, Google's vice president of Chrome engineering and the conference's opening speaker said, "We have over 2 billion Chrome instances that are active," which makes Chrome a platform with immense power. The company is expected to reveal how the platform's unbeatable reach earns Chrome and browsers in general a place on the big stage. CNET reports: That power is essential to making Google's vision a reality. If it succeeds, that browser icon might be the one you reach for on your home screen a lot more often. Success on that front also could help restore the fortunes of the web, the closest the computing industry has come to freeing us from software that works only on one device or another, like a Windows laptop but not an iPhone. In an era when tech giants wield tremendous power, the web levels the playing field and makes it easier for new competitors to join the game. It's no wonder Google is pushing the mobile web. This month, browser usage on tablets and phones for the first time surpassed usage on PCs, analytics firm StatCounter said. In October, global mobile and tablet browsing accounted for 51.3% compared to the desktop's 48.7%. However, in other parts of the world the desktop is still king. For example, in the UK the desktop accounts for 55.6% of browsing, 58% in the U.S. and 55.1% in Australia. StatCounter CEO Aodhan Cullen said: "This should be a wake up call especially for small businesses, sole traders and professionals to make sure that their websites are mobile friendly. Many older websites are not. Mobile compatibility is increasingly important not just because of growing traffic but because Google favors mobile-friendly websites for its mobile search results."
Security

Fake Fingerprint Stickers Let You Access a Protected Phone While Wearing Gloves (gizmodo.com) 74

A new Kickstarter campaign aims to sell you fingerprint stickers that, when applied to a pair of gloves, allow you to unlock a mobile device that's protected with a fingerprint scanner. The sticker is powered by Nanotips and is "made with an extremely adhesive conductive material that can be applied to any surface for touch capability." Gizmodo reports: You can of course still access a fingerprint-secured smartphone using regular touchscreen-friendly gloves by simply punching in your passcode on-screen, but why should we have to give up the convenience of a feature like Touch ID for months on end just because it's cold outside? We shouldn't, and these Taps stickers will allow you to use your mobile device's touchscreen and fingerprint reader, for unlocking your phone or making a purchase, even while your actual fingers (and fingerprints) are being kept warm and toasty inside a glove. After applying a textured stick to the tip of your glove, you just have to register it as an approved fingerprint using your smartphone's security settings. You might assume this would mean that anyone with a Taps sticker on their gloves could access anyone else's protected phone. But according to its creators, using nanoparticle technology every single Taps sticker has an individual and unique artificial print ensuring that only your gloves can access your device. That being said, there is still the risk of someone stealing your gloves, which is easier than stealing your fingerprints, so you'll have to weigh the security risks introduced versus the added convenience these offer.
Microsoft

Steve Ballmer Says Smartphones Came Between Him and Bill Gates (fortune.com) 114

Steve Ballmer once said Apple's iPhone would flop because it cost too much -- though he now admits that he failed to anticipate carriers subsidizing the cost of the phone. But that was only the beginning. An anonymous reader quotes Fortune: The former CEO of Microsoft says he and Gates drifted apart over Microsoft's move into the hardware business in the early 2010s, according to Bloomberg. Ballmer says he was the one who pushed for Microsoft to design smartphones and tablets at a time when Apple was already well established. He says Gates and the board seemed reluctant to do so. "There was a fundamental disagreement about how important it was to be in the hardware business," Ballmer told Bloomberg. "I had pushed Surface. The board had been a little -- little reluctant in supporting it. And then things came to a climax around what to do about the phone business."
Microsoft eventually took a $900 million write down for its first tablet, the Surface RT -- plus most of the value of their $9.5 billion acquisition of Nokia Oyj's handset unit as Microsoft pushed into hardware. "Ballmer's only regret: not doing it sooner," Bloomberg reports, adding that Surface is now profitable and this year will generate more than $4 billion in sales.
Security

A Powerful New Android Spyware Targets Business Executives (helpnetsecurity.com) 18

Orome1 quotes HelpNetSecurity: "Researchers from mobile security outfit Skycure have recently analyzed a malicious app they found on an Android 6.0.1 device owned by a vice president at a global technology company. The name of the malicious package is 'com.android.protect', and it comes disguised as a Google Play Services app. It disables Samsung's SPCM service in order to keep running, installs itself as a system package to prevent removal by the user (if it can get root access), and also hides itself from the launcher." The spyware is able to collect chats and messages sent and received via SMS, MMS, and popular email and IM apps; record audio and telephone calls; collect pictures and take screenshots; collect contacts, browser histories, the contents of the calendar, and so on.
According to the article, "chances are someone took advantage of the physical access they had to the device to do the dirty deed."

Slashdot Top Deals