According to the Washington Post (paywalled), the FBI is using mobile push notification data to unmask people suspected of serious crimes, such as pedophilia, terrorism, and murder. Gizmodo reports: The Post did a little digging into court records and found evidence of at least 130 search warrants filed by the feds for push notification data in cases spanning 14 states. In those cases, FBI officials asked tech companies like Google, Apple, and Facebook to fork over data related to a suspect's mobile notifications, then used the data to implicate the suspect in criminal behavior linked to a particular app, even though many of those apps were supposedly anonymous communication platforms, like Wickr.

How exactly is this possible? Push notifications, which are provided by a mobile operating system provider, include embedded metadata that can be examined to understand the use of the mobile apps on a particular phone. Apps come laced with a quiet identifier, a "push token," which is stored on the corporate servers of a company like Apple or another phone manufacturer after a user signs up to use a particular app. Those tokens can later be used to identify the person using the app, based on the information associated with the device on which the app was downloaded. Even turning off push notifications on your device doesn't necessarily disable this feature, experts contend. [...]

If finding new ways to catch pedophiles and terrorists doesn't seem like the worst thing in the world, the Post article highlights the voices of critics who fear that this kind of mobile data could be used to track people who have not committed serious crimes -- like political activists or women seeking abortions in states where the procedure has been restricted.

Almost 3 years after launching the first OnePlus Watch, the Chinese smartphone company is launching a successor -- this time powered by Wear OS 4. Utilizing a "hybrid interface," the OnePlus Watch 2 is able to offer 100 hours of battery life, or just over four full days of use. 9to5Google reports: To achieve that goal, the OnePlus Watch 2 actually runs two separate operating systems. Wear OS handles things like apps and watchfaces, while a RTOS powered by a secondary chipset handles more lightweight tasks. A "smart mode" on the watch allows the watch swap back and forth between its two operating systems and two chipsets. Wear OS is powered by the Snapdragon W5 Gen 1 and it is Wear OS 4. The RTOS is powered by a BES 2700 MCU Efficiency chipset.

Switching between the two OS's is something you're likely to not even notice, OnePlus claims: "The BES2700 Efficiency Chipset runs RTOS and handles background activity and simple tasks, while the Snapdragon W5 handles more demanding tasks, like running your favorite Google apps. This optimized approach, enabled by the Wear OS hybrid interface seamlessly managing the transition between chips, means users will experience a smartwatch that effortlessly does it all while extending the time between charges."

Powering the Watch 2 is a 500 mAh battery which features 7.5W charging with a special charger that connects to a typical USB-C cable. The charger is magnetic, of course, and OnePlus claims a full charge in 60 minutes or less. The 1.43-inch AMOLED display of the OnePlus Watch 2 is covered in a slightly curved sapphire glass, while the watch chassis is built from stainless steel. You'll have the choice of black or silver colors with either black or green bands, respectively. The whole package is also 5ATM water resistant. Rounding out the main specs you'll find 32GB of storage and 2GB of RAM. The OnePlus Watch 2 goes on sale today at $299.

An anonymous reader quotes a report from CNN Business: AT&T's network went down for many of its customers across the United States Thursday morning, leaving customers unable to place calls, text or access the internet. By a little after 3 pm ET, roughly 11 hours after reports of the outage first emerged, the company said that it had restored service to all impacted customers. "We have restored wireless service to all our affected customers. We sincerely apologize to them," AT&T said in a statement. The company added that it is "taking steps to ensure our customers do not experience this again in the future."

The Federal Communications Commission confirmed Thursday afternoon that it is investigating the outage. The White House says federal agencies are in touch with AT&T about network outages but that it doesn't have all the answers yet on what exactly led to the interruptions. Although Verizon and T-Mobile customers reported some network outages, too, they appeared far less widespread. T-Mobile and Verizon said their networks were unaffected by AT&T's service outage and customers reporting outages may have been unable to reach customers who use AT&T.

Thursday morning, more than 74,000 AT&T customers reported outages on digital-service tracking site DownDetector, with service disruptions beginning around 4 am ET. That's not a comprehensive number: It tracks only self-reported outages. Reports had been rising steadily throughout the morning but leveled off in the 9 am ET hour. By 12:30 pm ET, the DownDetector data showed some 25,000 AT&T customers still reporting outages. By 2 pm ET, fewer than 5,000 customers were still reporting issues. Earlier Thursday, AT&T acknowledged that it had a widespread outage but did not provide a reason for the system failure. By late morning, AT&T said most of its network was back online, and it confirmed Thursday afternoon that service was fully restored. According to an anonymous industry source, the issue for the outage appears to be related to how cellular services hand off calls from one network to the next, a process known as peering. They said there's no indication that it was the result of a cyberattack or other malicious activity.

The FCC confirmed that it is investigating the incident. "We are aware of the reported wireless outages, and our Public Safety and Homeland Security Bureau is actively investigating," the FCC said in a statement posted on X. "We are in touch with AT&T and public safety authorities, including FirstNet, as well as other providers."

Apple has updated the iPhone 15's battery lifespan, noting the new handsets can retain 80 percent of their original charging capacity after 1,000 cycles -- double the company's previous estimate -- without any new hardware or software updates. From a report: Not so coincidentally, the change will arrive in time for upcoming EU regulations that will assign an energy grade for phones' battery longevity. Before today, Apple's online support documents quoted iPhone batteries as maintaining 80 percent of their original full charge after 500 cycles. But after the company retested long-term battery health in its 2023 smartphones -- iPhone 15, iPhone 15 Plus, iPhone 15 Pro and iPhone 15 Pro Max -- it found they can retain 80 percent capacity after at least 1,000 cycles. The company said its support documents will be updated on Tuesday to reflect the new estimate.

An anonymous reader shares a report: In a recent support document, Apple states that putting wet devices in a bag of rice could "allow small particles of rice to damage your iPhone," although it doesn't go into further detail. The company also recommended against using other well-known hacks, such as using an external heat source to dry the phone or sticking a cotton swab into the connector. The company's warning on rice coincides with those of other repair experts, who have found that the rice hack works slower than simply leaving your iPhone on a counter to dry. Time is crucial in these situations, as the most important thing is to prevent the water from damaging the electronics inside the phone.

Meizu is quitting the smartphone business. The company, owned by car maker Geely, said AI is the future and will invest "All in AI". From a report: According to a post on Weibo, the FlymeOS team will be restructured into working on new AI terminal devices that will use globally available LLM (large language model) such as Open AI. Meizu already laid the cornerstones of its multi-terminal experience when it announced Flyme Auto -- an infotainment system for Geely-made vehicles, including Polestar and Lotus, which connects seamlessly with FlymeOS 10 devices, such as the Meizu 20 and Meizu 21 flagships.

According to Shen Ziyu, Chairman and CEO of Xingji Meizu Group, smartphone users take longer to upgrade -- an average of 51 months, which is more than 4 years. The added companies now offer comparable performance in smoothness, photography, and software features. That's why there will be no Meizu 21 Pro, Meizu 22 and Meizu 23 series.

A few years ago, MIT researchers invented a cryptographic ID tag — but like traditional RFID tags, "a counterfeiter could peel the tag off a genuine item and reattach it to a fake," writes MIT News.

"The researchers have now surmounted this security vulnerability by leveraging terahertz waves to develop an antitampering ID tag that still offers the benefits of being tiny, cheap, and secure." They mix microscopic metal particles into the glue that sticks the tag to an object, and then use terahertz waves to detect the unique pattern those particles form on the item's surface. Akin to a fingerprint, this random glue pattern is used to authenticate the item, explains Eunseok Lee, an electrical engineering and computer science (EECS) graduate student and lead author of a paper on the antitampering tag. "These metal particles are essentially like mirrors for terahertz waves. If I spread a bunch of mirror pieces onto a surface and then shine light on that, depending on the orientation, size, and location of those mirrors, I would get a different reflected pattern. But if you peel the chip off and reattach it, you destroy that pattern," adds Ruonan Han, an associate professor in EECS, who leads the Terahertz Integrated Electronics Group in the Research Laboratory of Electronics.

The researchers produced a light-powered antitampering tag that is about 4 square millimeters in size. They also demonstrated a machine-learning model that helps detect tampering by identifying similar glue pattern fingerprints with more than 99 percent accuracy. Because the terahertz tag is so cheap to produce, it could be implemented throughout a massive supply chain. And its tiny size enables the tag to attach to items too small for traditional RFIDs, such as certain medical devices...

"These responses are impossible to duplicate, as long as the glue interface is destroyed by a counterfeiter," Han says. A vendor would take an initial reading of the antitampering tag once it was stuck onto an item, and then store those data in the cloud, using them later for verification."
Seems like the only way to thwart that would be carving out the part of the surface where the tag was affixed — and then pasting the tag, glue, and what it adheres to all together onto some other surface. But more importantly, Han says they'd wanted to demonstrate "that the application of the terahertz spectrum can go well beyond broadband wireless."

In this case, you can use terahertz for ID, security, and authentication. There are a lot of possibilities out there."

Mark Tyson reports via Tom's Hardware: A serial burglar in Edina, Minnesota is suspected of using a Wi-Fi jammer to knock out connected security cameras before stealing and making off with the victim's prized possessions. [...] Edina police suspect that nine burglaries in the last six months have been undertaken with Wi-Fi jammer(s) deployed to ensure incriminating video evidence wasnâ(TM)t available to investigators. The modus operandi of the thief or thieves is thought to be something like this:

- Homes in affluent areas are found - Burglars carefully watch the homes - The burglars avoid confrontation, so appear to wait until homes are empty - Seizing the opportunity of an empty home, the burglars will deploy Wi-Fi jammer(s) - "Safes, jewelry, and other high-end designer items," are usually taken

A security expert interviewed by the source publication, KARE11, explained that the jammers simply confused wireless devices rather than blocking signals. They usually work by overloading wireless traffic âoeso that real traffic cannot get through,â the news site was told. [...] Worryingly, Wi-Fi jamming is almost a trivial activity for potential thieves in 2024. KARE11 notes that it could buy jammers online very easily and cheaply, with prices ranging from $40 to $1,000. Jammers are not legal to use in the U.S. but they are very easy to buy online.

An anonymous reader quotes a report from The Verge: The US government has committed $42 million to further the development of the 5G Open RAN (O-RAN) standard that would allow wireless providers to mix and match cellular hardware and software, opening up a bigger market for third-party equipment that's cheaper and interoperable. The National Telecommunications and Information Administration (NTIA) grant would establish a Dallas O-RAN testing center to prove the standard's viability as a way to head off Huawei's steady cruise toward a global cellular network hardware monopoly.

Verizon global network and technology president Joe Russo promoted the funding as a way to achieve "faster innovation in an open environment." To achieve the standard's goals, AT&T vice president of RAN technology Robert Soni says that AT&T and Verizon have formed the Acceleration of Compatibility and Commercialization for Open RAN Deployments Consortium (ACCoRD), which includes a grab bag of wireless technology companies like Ericsson, Nokia, Samsung, Dell, Intel, Broadcom, and Rakuten. Japanese wireless carrier Rakuten formed as the first O-RAN network in 2020. The company's then CEO, Tareq Amin, told The Verge's Nilay Patel in 2022 that Open RAN would enable low-cost network build-outs using smaller equipment rather than massive towers -- which has long been part of the promise of 5G.

But O-RAN is about more than that; establishing interoperability means companies like Verizon and AT&T wouldn't be forced to buy all of their hardware from a single company to create a functional network. For the rest of us, that means faster build-outs and "more agile networks," according to Rakuten. In the US, Dish has been working on its own O-RAN network, under the name Project Genesis. The 5G network was creaky and unreliable when former Verge staffer Mitchell Clarke tried it out in Las Vegas in 2022, but the company said in June last year that it had made its goal of covering 70 percent of the US population. Dish has struggled to become the next big cell provider in the US, though -- leading satellite communications company EchoStar, which spun off from Dish in 2008, to purchase the company in January. The Washington Post writes that O-RAN "is Washington's anointed champion to try to unseat the Chinese tech giant Huawei Technologies" as the world's biggest supplier of cellular infrastructure gear.

According to the Post, Biden has emphasized the importance of O-RAN in conversations with international leaders over the past few years. Additionally, it notes that Congress along with the NTIA have dedicated approximately $2 billion to support the development of this standard.

An anonymous reader quotes a report from TechCrunch: Pakistan has temporarily suspended mobile phone network and internet services across the country to combat any "possible threats," a top ministry said, as the South Asian nation commences its national election. In a statement, Pakistan's interior ministry said the move was prompted by recent incidents of terrorism in the country. The internet was accessible through wired broadband connections, local journalists posted on X earlier Thursday. But NetBlocks, an independent service that tracks outages, said later that Pakistan had started to block internet services as well. The polls have opened in the nation and will close at 5 p.m. The interior ministry didn't say when it will switch back on the mobile services.

Apple is building prototypes of at least two iPhones that fold widthwise like a clamshell, The Information reported Wednesday. From the report: If Apple ends up launching a foldable iPhone, it would be one of the biggest hardware design changes in the product's history. The foldable iPhones are in early development and aren't on the company's mass production plans for 2024 or 2025, the person said. Apple recently approached at least one manufacturer in Asia for components related to two foldable iPhones of different sizes, they said. The products could be canceled if they don't meet Apple's standards, they said.

Government hackers last year exploited three unknown vulnerabilities in Apple's iPhone operating system to target victims with spyware developed by a European startup, according to Google. TechCrunch: On Tuesday, Google's Threat Analysis Group, the company's team that investigates nation-backed hacking, published a report analyzing several government campaigns conducted with hacking tools developed by several spyware and exploit sellers, including Barcelona-based startup Variston. In one of the campaigns, according to Google, government hackers took advantage of three iPhone "zero-days," which are vulnerabilities not known to Apple at the time they were exploited. In this case, the hacking tools were developed by Variston, a surveillance and hacking technology startup whose malware has already been analyzed twice by Google in 2022 and 2023.

Google said it discovered the unknown Variston customer using these zero-days in March 2023 to target iPhones in Indonesia. The hackers delivered an SMS text message containing a malicious link that infected the target's phone with spyware, and then redirected the victim to a news article by the Indonesian newspaper Pikiran Rakyat. Google did not say who was Variston's government customer in this case.

AT&T is applying to end its obligation to service landlines in certain areas of California. "The application is pending under the California Public Utilities Commission, but the end of a landline means the end of communication for some people," reports CBS News. From the report: The company said in a statement to CBS13: "Our application seeks approval from the CPUC to remove outdated regulations in California and to help the limited remaining landline consumers transition to modern, alternative services to replace their current outdated ones. All AT&T California customers will continue to receive their traditional landline services until an alternative service becomes available by AT&T or another provider." The CPUC will be holding four public hearings on the matter through March.

How does Samsung defend itself against the notion that its phone cameras are spitting out fake AI photos of not only the Moon, but most anything else you'd care to aim them at these days? For starters, the company's head of product is saying that every photo is fake. The Verge: Samsung EVP Patrick Chomet told TechRadar recently: "There was a very nice video by Marques Brownlee last year on the moon picture. Everyone was like, 'Is it fake? Is it not fake?' There was a debate around what constitutes a real picture. And actually, there is no such thing as a real picture. As soon as you have sensors to capture something, you reproduce [what you're seeing], and it doesn't mean anything. There is no real picture. You can try to define a real picture by saying, 'I took that picture,' but if you used AI to optimize the zoom, the autofocus, the scene -- is it real? Or is it all filters? There is no real picture, full stop."

"My goal is to have a firewall that I trust," writes Slashdot reader eggegick, "not a firewall that comes from the manufacture that might have back doors." I'm looking for a cheap mini PC I can turn into a headless Linux-based wireless and Ethernet router. The setup would be a cable modem on the Comcast side, Ethernet out from the modem to the router and Ethernet, and WiFi out to the home network.
Two long-time Slashdot readers had suggestions. johnnys believes "any old desktop or even a laptop will work.... as long as you have a way to get a couple of (fast or Gigabit) Ethernet ports and a good WiFi adapter... " Cable or any consumer-grade broadband doesn't need exotic levels of throughput: Gigabit Ethernet will not be saturated by any such connection...

You can also look at putting FOSS firewall software like DD-WRT or OpenWrt on consumer-grade "routers". Such hardware is usually set up with the right hardware and capabilities you are looking for. Note however that newer hardware may not work with such firmwares as the FCC rules about controlling RF have caused many manufacturers to lock down firmware images.

And you don't necessarily need to roll your own with iptables: There are several BSD or Linux-based FOSS distributions that do good firewall functionality. PFSense is very good and user-friendly, and there are others. OpenBSD provides an exceptionally capable enterprise-level firewall on a secure platform, but it's not designed to be user-friendly.
Long-time Slashdot reader Spazmania agrees the "best bet" is "one of those generic home wifi routers that are supported by DD-WRT or OpenWrt." It's not uncommon to find something used for $10-$20. And then install one or the other, giving a Linux box with full control. Add a USB stick so you have enough space for all the utilities.

I just went through the search for mini-PCs for a project at work. The main problem is that almost all of them cool poorly, and that significantly impairs their life span.I finally found a few at the $100 price point that cooled acceptably... and they disappeared from the market shortly after I bought the test units, replaced with newer models in the $250 ballpark.
Share your own thoughts and experiences in the comments.

Can you roll your own home router?

Jess Weatherbed reports via The Verge: Bullitt Group, the UK-based smartphone manufacturer behind the rugged handsets of Cat, Land Rover, and Motorola, has seemingly shut down. On Monday, Mobile World Live spotted several Bullitt Group employees on LinkedIn saying that the company folded on January 26th after a "critical planned restructuring" failed. The Telegraph reported earlier this month that the company was on the brink of insolvency. Bullitt Group has yet to issue an official statement confirming the closure. The manufacturer previously told The Telegraph that it planned to transfer its satellite connectivity business and all 100 of its employees to a new company owned by its creditors, though one former employee now claims the entire workforce has been laid off.

Founded in 2009, Bullitt found its niche producing mobile devices and accessories for other companies. The most notable are the hardy, rugged handsets like the Land Rover Explore and Motorola Defy series, though it also made more traditional smartphones like the Kodak Ektra. In recent years, the company placed greater focus on satellite connectivity projects like the Motorola Defy Satellite Link as it struggled to compete against larger phone providers like Apple and Samsung.

T-Mobile has tweaked its terms of service for its home broadband users to add a new clause: If you are a heavy internet user that passes 1.2TB of data in a monthly billing cycle, you may have your speeds slowed in "times of congestion" or when there is a lot of pressure on the network. CNET: As spotted by The Mobile Report, the change went into effect on Jan. 18. In its updated terms, the carrier says that these users "will be prioritized last on the network" in congestion situations, which could mean painfully slow speeds for however long the congestion persists. T-Mobile does note that since its Home Internet service is available only in "limited areas" and intended to be used in a "stationary" setting, as opposed to a phone that could be in a busy place like a packed stadium, "these customers should be less likely to notice congestion in general."

"Would you pay $15 a month so Android doesn't track you and send all of that data back to Google?" asks Stuff South Africa: A new Swiss-based privacy company thinks $15 is a fair fee for that peace of mind. "A person's data is the original digital currency," argues Apostrophy, which has created its own operating system, called Apostrophy OS.

It's based on Android — don't panic — but the version that has already been stripped of Google's intrusiveness by another privacy project called GrapheneOS, which used to be known as CopperheadOS. Launched in 2014, it which was briefly known as the Android Hardening project, before being rebranded as GrapheneOS in 2019. Apostrophy OS is "focused on empowering our users, not leveraging them," it says and is "purposely Swiss-based, so we can be champions of data sovereignty".

What it does, they say, is separate the apps from the underlying architecture of the operating system and therefore prevent apps from accessing miscellaneous personal data, especially the all-important location data so beloved of surveillance capitalism... Apostrophy OS has its own app store, but also cleverly allows users to access the Google Play Store. If you think that is defeating the point, Apostrophy argues that those apps can't get to the vitals of your digital life. Apostrophy OS has "partitioned segments prioritising application integrity and personal data privacy".
The service is free for one year with the purchase of the new MC02 phone from Swiss manufacturer Punkt, according to PC Magazine. "The phone costs $749 and is available for preorder now. It will ship at the end of January." Additional features include a built-in VPN called Digital Nomad based on the open-source Wireguard framework to secure your activity against outside snooping, which includes "exit addresses" in the US, Germany, and Japan with the base subscription.

"The ambient light sensors present in most mobile devices can be accessed by software without any special permissions, unlike permissions required for accessing the microphone or the cameras," writes longtime Slashdot reader BishopBerkeley. "When properly interrogated, the data from the light sensor can reveal much about the user." IEEE Spectrum reports: While that may not seem to provide much detailed information, researchers have already shown these sensors can detect light intensity changes that can be used to infer what kind of TV programs someone is watching, what websites they are browsing or even keypad entries on a touchscreen. Now, [Yang Liu, a PhD student at MIT] and colleagues have shown in a paper in Science Advances that by cross-referencing data from the ambient light sensor on a tablet with specially tailored videos displayed on the tablet's screen, it's possible to generate images of a user's hands as they interact with the tablet. While the images are low-resolution and currently take impractically long to capture, he says this kind of approach could allow a determined attacker to infer how someone is using the touchscreen on their device. [...]

"The acquisition time in minutes is too cumbersome to launch simple and general privacy attacks on a mass scale," says Lukasz Olejnik, an independent security researcher and consultant who has previously highlighted the security risks posed by ambient light sensors. "However, I would not rule out the significance of targeted collections for tailored operations against chosen targets." But he also points out that, following his earlier research, the World Wide Web Consortium issued a new standard that limited access to the light sensor API, which has already been adopted by browser vendors.

Liu notes, however, that there are still no blanket restrictions for Android apps. In addition, the researchers discovered that some devices directly log data from the light sensor in a system file that is easily accessible, bypassing the need to go through an API. The team also found that lowering the resolution of the images could bring the acquisition times within practical limits while still maintaining enough detail for basic recognition tasks. Nonetheless, Liu agrees that the approach is too complicated for widespread attacks. And one saving grace is that it is unlikely to ever work on a smartphone as the displays are simply too small. But Liu says their results demonstrate how seemingly harmless combinations of components in mobile devices can lead to surprising security risks.

Samsung announced its new flagship Galaxy S24 smartphone lineup today, with loads of new artificial intelligence features. CNBC reports: For Samsung's top-tier S24 Ultra, which is the company's biggest of the three devices and comes with punchier specs and features, Samsung is using a version of Qualcomm's latest Snapdragon Series 8 Gen 3 optimized for Galaxy. The company is using a mix of Qualcomm systems-on-chips (SoCs) and its own Exynos chipset for its S24 and S24+ models. [...] The Samsung Galaxy S24 Ultra is the main event for most tech gadget enthusiasts -- and, for the most part, it isn't a whole lot different to the Galaxy S23 Ultra looks-wise. That's because Samsung isn't changing an awful lot with the hardware. It still comes in the same size as its predecessor -- the display is 6.8 inches, measured diagonally, though the phone is flatter this time round. The S23 Ultra had more curvature to it. The big upgrade to the external hardware with this model is that it's cased in titanium, so it's a lot sturdier than the S23 Ultra.

The main difference this time round is what's inside: Samsung is going big on artificial intelligence. A key focus for Samsung, like other smartphone makers, now is on "on-demand" AI -- or, the ability to carry out AI workloads directly on a device, rather than over the cloud. Samsung said its new Galaxy S24 Ultra will come with a bunch of new AI features, a lot of which is being powered by Qualcomm's Snapdragon 8 Gen 3 chipset for mobile, which is tailored for AI devices. One feature Samsung's loading into the Galaxy S24 range is the ability to circle locations or items a user is directing their camera at, or on a picture they've taken, and then look up results on what those things are. So, for instance, if you see a landmark or a shoe you want to buy, you can make a circle around that object and then the AI shows you appropriate results on Google.

Another feature Samsung touted is the ability to use AI to edit photos. So users can edit reflections out of pictures they've taken, for instance if you took a picture of yourself in front of a window. Or you can move a person from one side of the room to another by dragging them from left to right. Samsung also showcased live transcription features with its latest smartphones. When calling someone who's speaking in French, for instance, a user can pull up a transcription that's being fed through to them in real time. You can also record a conversation between two people and get it transcribed, while the AI assigns a label to each person speaking, similar to transcription products like Otter AI. Samsung is also incorporating AI watermarking into these features, helping to combat misinformation and copyright infringement. "So when a Galaxy S24 user uses AI to modify a photo, Samsung will keep a log of what was changed with AI and store it in the metadata," reports CNBC. "It'll also have an icon in the bottom left corner to show that the image has been edited using AI, kind of like a watermark."