A company that acquires and sells zero-day exploits -- flaws in software that are unknown to the affected developer -- is now offering to pay researchers $20 million for hacking tools that would allow its customers to hack iPhones and Android devices. From a report: On Wednesday, Operation Zero announced on its Telegram accounts and on its official account on X, formerly Twitter, that it was increasing payments for zero-days in those platforms tenfold, from $200,000 to $20 million. "By increasing the premium and providing competitive plans and bonuses for contract works, we encourage the developer teams to work with our platform," the company wrote.

Operation Zero, which is based in Russia and launched in 2021, also added that "as always, the end user is a non-NATO country." On its official website, the company says that "our clients are Russian private and government organizations only." When asked why they only sell to non-NATO countries, Operation Zero CEO Sergey Zelenyuk declined to say. "No reasons other than obvious ones," he said. Zelenyuk also said that the bounties Operation Zero offer right now may be temporary, and a reflection of a particular time in the market, and the difficulty of hacking iOS and Android.

Google Podcasts is shutting down in 2024 after YouTube Music picks up full global availability of podcasts, which is expected before the end of 2023. As 9to5Google reports, YouTube Music "will be Google's one podcasting app and service going forward." From the report: The big advantage of Google Podcasts was its simplicity and wide availability on Android (through the Google Search app). A "simple migration tool" will move your existing subscriptions from Google Podcasts. Notably, there will be the ability in YouTube Music to add podcasts via RSS feeds, "including shows not currently hosted by YouTube." Google will also provide a non-YTM export option via "OPML file of their show subscriptions" that will work with other podcast players.

On the podcaster front, YouTube will allow for RSS uploads instead of requiring a video version. The next step over the coming weeks and months will see Google "gather feedback to make the migration process from Google Podcasts to YouTube Music as simple and easy as possible." "For now, nothing is changing and fans will continue to have access to YouTube, YouTube Music and Google Podcasts," says YouTube. "We're committed to being transparent in communicating future changes with our users and podcasters and will have more to share about this process in the coming months."

Some early adopters of Apple's iPhone 15 have taken to social media to complain about overheating issues. Digital Trends' Bryan Wolfe writes: Over the past few days, various user complaints have popped up online by iPhone 15 owners saying their new devices are overheating. Some, for example, have taken to the Apple discussion groups to express their dismay, while others have left messages on Reddit and elsewhere. New smartphones commonly heat up more than usual during setup and in the first 24 hours of use, even those not manufactured by Apple. The issues being reported may have occurred during these instances. Speaking from personal experience, Android Authority's Aamir Siddiqui said he, too, has noticed his iPhone 15 Pro Max running very hot, even after the initial 24 hours of setup and settling in.

Korean YouTuber BullsLab also captured high temperatures using a thermal camera.

Lenovo launched the first foldable laptop in 2020, but the first real era of foldable PCs is only starting to unfold now. From a report: Today, LG became the latest OEM to announce a foldable-screen laptop, right after HP announced its first attempt, the Spectre Foldable PC, earlier this month. LG only announced the Gram Fold in South Korea thus far. A Google translation of LG's Korean announcement said the laptop is 9.4-mm (0.37-inches) thick when unfolded and used like a 17-inch tablet. Alternatively, the OLED PC can be folded in half to use like an approximately 12.2-inch laptop. In the latter form, a virtual keyboard can appear on the bottom screen, and you can dock a Bluetooth keyboard to the bottom screen or pair a keyboard with the system wirelessly. The screen has 1920Ã--2560 pixels for a pixel density of 188.2 pixels per inch.

One draw of foldable PCs is supposed to be portability. The Gram Fold weighs 2.76 pounds (1,250g), which is even lighter than LG's latest Gram clamshell laptop (2.9 pounds). According to Android Authority, LG's laptop will have an Intel Core i5-1335U, which has 8 Efficient cores (E-cores) at up to 3.4 GHz, two Performance cores (P-cores) at up to 4.6 GHz, 12 threads, and 12MB of cache. The PC is also supposed to have 16GB of RAM, a 512GB NVMe SSD, a 72 Wh battery, Wi-Fi 6E, and two USB-C ports. LG is claiming 99.5 percent DCI-P3 color coverage with the laptop.

[...] It's also possible we'll see similar designs from other laptop brands, as panel supplier LG Display announced today that it will start mass production of 17-inch foldable OLED laptop panels. The foldable OLED is made with what LG Display calls a Tandem OLED structure, using two-stack OLED technology, "which adds an extra organic emitting layer to deliver brighter screens while effectively dispersing energy across OLED components for optimal stability and longer lifespans," LG Display's announcement said. LG Display first entered mass production of foldable (13.3-inch) laptop panels in 2020. However, foldable PCs didn't immediately take off then, despite the panel being used in Lenovo's 2020 ThinkPad X1 Fold. Foldable PCs lacked the software support that Windows 11 now affords with its Snap windows layouts that make organizing windows across dual or folded screens more intuitive.

ChatGPT has learned to talk. OpenAI, the San Francisco artificial intelligence start-up, released a version of its popular chatbot on Monday that can interact with people using spoken words. As with Amazon's Alexa, Apple's Siri, and other digital assistants, users can talk to ChatGPT and it will talk back. From a report: For the first time, ChatGPT can also respond to images. People can, for example, upload a photo of the inside of their refrigerator, and the chatbot can give them a list of dishes they could cook with the ingredients they have. "We're looking to make ChatGPT easier to use -- and more helpful," said Peter Deng, OpenAI's vice president of consumer and enterprise product. OpenAI has accelerated the release of its A.I tools in recent weeks. This month, it unveiled a version of its DALL-E image generator and folded the tool into ChatGPT.

ChatGPT attracted hundreds of millions of users after it was introduced in November, and several other companies soon released similar services. With the new version of the bot, OpenAI is pushing beyond rival chatbots like Google Bard, while also competing with older technologies like Alexa and Siri. Alexa and Siri have long provided ways of interacting with smartphones, laptops and other devices through spoken words. But chatbots like ChatGPT and Google Bard have more powerful language skills and are able to instantly write emails, poetry and term papers, and riff on almost any topic tossed their way.

OpenAI has essentially combined the two communication methods. The company sees talking as a more natural way of interacting with its chatbot. It argues that ChatGPT's synthetic voices -- people can choose from five different options, including male and females voices -- are more convincing than others used with popular digital assistants. Over the next two weeks, the company said, the new version of the chatbot would start rolling out to everyone who subscribes to ChatGPT Plus, a service that costs $20 a month. But the bot can respond with voice only when used on iPhones, iPads and Android devices. The bot's synthetic voices are more natural than many others on the market, though they still can sound robotic.

Esper: Starting in Android 14, it may not be necessary to use a third-party app to turn your smartphone into a webcam for your PC, as that functionality is getting baked into the Android OS itself -- though there's a catch.

When you plug an Android phone into a PC, you have the option to change the USB mode between file transfer/Android Auto (MTP), USB tethering (NCM), MIDI, or PTP. In Android 14, however, a new option can appear in USB Preferences: USB webcam. Selecting this option switches the USB mode to UVC (USB Video Class), provided the device supports it, turning your Android device into a standard USB webcam that other devices will recognize, including Windows, macOS, and Linux PCs, and possibly even other Android devices.

Webcam support in Android 14 is not enabled out of the box, however. In order to enable it, four things are required: a Linux kernel config needs to be enabled, the UVC device needs to be configured, the USB HAL needs to be updated, and a new system app needs to be preloaded.

An anonymous reader shares a report: Google has been trying to publicly pressure Apple into adopting the GSMA's RCS (Rich Communications Service) messaging protocol for a long time now, with nothing to show for it. As a matter of fact, Apple CEO Tim Cook seemed to completely dismiss the idea when he answered a question on the subject by saying that consumers should buy their moms an iPhone. Google and its Android platform aren't giving up that easily and they've just released a snarky ad to continue criticizing Apple's preferred messaging platform.

The ad's called "iPager" and mimics Apple's marketing language to reveal a retro-styled beeper, indicating that Apple's behind the curve with its chosen messaging platform. The spot states that the iPager uses "outdated messaging tech" to "text with Android," citing many of the perceived disadvantages of sticking with SMS technology when communicating with Android phones. Google didn't invent this comparison whole-cloth, as the 30-year-old SMS tech actually dates back to old-school pagers.

Google Bard is getting support for Extensions today, incorporating essential apps like Google Maps, YouTube, Hotels, and Flights to simplify data retrieval and accelerate the creative process. Android Police reports: This integration ensures that users can seamlessly amalgamate data from myriad sources, thereby accelerating your creative process or just making it easier to accomplish basic tasks across the board. These tools were originally teased at I/O before their wider release today. The company posted an excellent explainer of how this works on its YouTube channel.

With today's update, you can now sync Bard with your Gmail, Docs, and Drive. This capability ensures that the AI collaborates with your personal content, making data retrieval and summarization more fluid. With the enhancement of the Google It button, Bard's responses can be cross-checked with Google Search, instilling greater trust in AI-generated data. Additionally, conversations initiated by others via Bard can be continued in your account, emphasizing collaborative creativity. You can learn more about Google Bard Extensions here.

The Justice Department sought on Wednesday to show how Google did all it could to get people to use its search engine and build itself into a $1 trillion search and advertising giant on the second day of a once-in-a-generation antitrust trial. From a report: First out of the gate, the government questioned a former Google executive, Chris Barton, about billion-dollar deals with mobile carriers and others that helped make Google the default search engine. Barton, who was at Google from 2004 to 2011, said the number of Google executives working to win default status with mobile carriers grew dramatically when he was with the company, recognizing the potential growth of handheld devices and early versions of smartphones.

Google's clout in search, the government argues, has helped Google build monopolies in some aspects of online search advertising. Since search is free, Google makes money through advertising. The government says the Alphabet unit paid $10 billion annually to wireless companies like AT&T, device makers like Apple and browser makers like Mozilla to fend off rivals and keep its search engine market share near 90%. In revenue-sharing deals with mobile carriers and Android smartphone makers, Google pressed for its search to be the default and exclusive. If Microsoft's search engine Bing was the default on an Android phone, Barton said, then users would have a "difficult time finding or changing to Google."

Barton said on his LinkedIn profile that he was responsible for leading Google's partnerships with mobile carriers like Verizon and AT&T, estimating that the deals "drive hundreds of millions in revenue." Hal Varian, Google's chief economist, told the court that scale, or the number of search queries Google received, was important, but pushed back during questioning on how important. He also acknowledged giving a speech in which he said certain search queries, for instance for a tennis racquet, were important in effectively advertising to the person who made the query and to subsequent ad revenues.

Sony is rolling out a big new PS5 update today, just over a month after it first started testing the changes in a beta. From a report: The update adds Dolby Atmos, lets you mute that annoying bootup beep, and even supports pairing a second controller as an assist one to let you help friends or family complete a game. Sony is also expanding its PS Remote Play app to Google's Chromecast with Google TV (4K), allowing you to stream games from a PS5 or PS4 to Android TV OS 12 devices. The Dolby Atmos support comes in the form of Sony's 3D Audio implementation (Tempest 3D AudioTech). It's compatible with Dolby Atmos devices like sound bars, TVs, or home theater systems. Media apps like Netflix can also update their apps on PS5 soon to support Dolby Atmos audio.

You can now mute the PS5 beep sound that chirps when you turn the console on or off, or even when it goes into rest mode after being idle. If you just want to adjust the volume of the beep there's now an option for that, too. One of the most useful additions is the ability to use a second DualSense controller for assistance. "You can now assign a second controller to one account as an assist controller, and use two controllers to operate your PS5 console as if you were using a single controller," explains Hideaki Nishino, senior vice president of platform experience at Sony Interactive Entertainment. "This feature introduces a new way for you to enjoy games collaboratively with others or help a friend or child navigate a particularly challenging section of a game."

A WhatsApp for Android beta update (version 2.23.19.8) that came out today contains a new screen called Third-party chats, reports WABetaInfo. The Verge: For now, the screen is neither functional nor accessible by users, according to WABetaInfo. But its title is a strong clue that this is likely the first step to opening Meta's encrypted messages app to cross-platform compatibility. The beta comes just days after the European Commission confirmed that WhatsApp owner Meta meets the definition of a "gatekeeper" under the EU's Digital Markets Act (DMA), which requires communication software like WhatsApp to interoperate with third-party messaging apps by March 2024.

Microsoft is done supporting the original Surface Duo, three years after it first launched on September 10. From a report: The company has stated from the very start that the Surface Duo would receive just three years of OS updates, meaning today is the last day that Microsoft has to stay true to its word. Going forward, Microsoft will no longer ship new OS updates or security patches for the original Surface Duo, meaning Android 12L is the last version of the OS it will ever officially receive. Surface Duo only ever got two major OS updates, one shy of the average three that most high-end flagship Android devices get these days.

Sundar Pichai said Google's longstanding relationship with chipmaker Nvidia isn't going to change any time soon -- in fact, he expects it to continue over the next 10 years. From a report: In an interview Wired published Monday, the Google CEO said the company worked "deeply" with Nvidia on Android and other initiatives for over a decade, adding that Nvidia has a "strong track record" with AI innovation. "Look, the semiconductor industry is a very dynamic, cooperative industry," Pichai said. "It's an industry that needs deep, long-term R&D and investments. I feel comfortable about our relationship with Nvidia and that we are going to be working closely with them 10 years from now."

According to Android specialist Mishaal Rahman, Android miscalculates the storage space taken up by system components, leading to inflated system storage utilization and potentially misleading users. Chandraveer Mathur writes via Android Police. From the report: We usually rely on Android's storage utilization utility to find apps and files eating up storage space, so we can uninstall or delete them if required. However, Android specialist Mishaal Rahman discovered that Google's calculation of the space consumed by Android system components is flawed. He executed shell commands to create a 3GB file in the /data/media/0 storage directory, which isn't a file path used for Android system files. However, the phone's storage breakdown showed a marked 3GB increase under the System heading, suggesting the OS suddenly became bigger.

This happens because Android calculates system storage as the space used up by anything other than what's covered by other categories in the storage breakdown, including audios, videos, images, documents, trash, and games. This means the System heading in the break doesn't just include Android system files. Android 14 also uses this dangerously flawed logic for calculating storage usage. Moreover, the Files app by Google also shows similar storage utilization by Android system components, perhaps because it uses the same incredulous attribution logic. By association, all other Android skins use flawed calculation of used storage space, but Samsung reportedly fixed this issue with the One UI 6 update. After running similar ADB commands as in the previous experiment, Rahman could confirm the increased utilization showed up under the Other files heading in the storage breakdown, instead of the System heading.

An anonymous reader quotes a report from Gizmodo: Google's Privacy Sandbox, a controversial set of tools and settings meant to replace third-party cookies, is now on almost every single Chrome browser, according to a company blog post published Thursday. Google says Privacy Sandbox is now available to around 97% of Chrome users, and that number will reach 100% in the next few months. The news comes on the heels of the browser's 15th anniversary, which Google is celebrating by redesigning Chrome to make it look and feel more closely aligned with the design paradigm of Android and the rest of the Google suite. The final step in this process comes in 2024, when Google will disable third-party cookies in Chrome for good, marking the end of their decades-long reign of privacy-violating terror.

Back in 2019, Google said the cookie era was coming to a close. In place of third-party cookies, Privacy Sandbox will implement a long list of new tools for the ad industry. Google, after all, makes all of its money by spying on you and turning the insights into ads, so it's not about to put itself out of business. In fairness, this new system is really more private, though it's private on Google's terms. The biggest change is "Ad Topics," a.k.a. the Topics API if you're a huge nerd who's been following this stuff for years. With Topics, Chrome will keep track of all the websites you're looking at and sort you into a variety of categories. This tracking happens in your browser and the data stays on your device. Neither Google nor anyone else gets to see your browsing history or learn anything about you as an individual throughout this process. Websites and advertising companies will know there's a person interested in a certain Topic, but they won't be able to tell who you are specifically.

There's also an extremely complicated technique websites can use to tag you with subjects they want you to see ads about, called "Site Suggested Ads." Google is also rolling out a tool called "Ad Measurement," which helps companies keep track of how well their ads are working through metrics such as the time of day you saw an ad and whether you clicked on it. Google gives users some control over how these tools are implemented. With the rollout of Privacy Sandbox comes new settings listed as "Ad privacy controls," which you can adjust in Chrome's preferences. Further reading: Chrome is About To Look a Bit Different

Google is killing off the last vestiges of Google Play Movies & TV, a service that sold premium Hollywood films and TV shows as part of Google's once-cohesive string of Google Play content stores. From a report: The company emailed users of Android TV to say that the "Google Play Movies & TV app will no longer be available on your Android TV device from 05 October 2023. You can continue to buy or rent movies directly through the Shop tab on your Android TV." Play Movies has been going through a slow death as Google shuffles around its media content. The smartphone Play Movies app became "Google TV" in 2022, and that same year, the Play Store app was stripped of movie and TV sales.

On third-party smart TVs (this is a different category than today's Android TV announcement) the app was killed in 2021. On Android TV, the new "Shop" tab seems to just be an OS-integrated Google TV content store. If you think this sounds confusing, you're not alone. Google's support page reflects the ridiculous state of Google's video apps, instructing users that "in Your Library, you can find content that you bought from: Google Play Movies & TV, YouTube, Android TV, Google TV." How any normal person is supposed to understand that pile of Google media brands, and how it works across phones, the web, and various smart TV OSes, is beyond me.

An anonymous reader quotes a report from Ars Technica: Russia's military intelligence unit has been targeting Ukrainian Android devices with "Infamous Chisel," the tracking name for new malware that's designed to backdoor devices and steal critical information, Western intelligence agencies said on Thursday. "Infamous Chisel is a collection of components which enable persistent access to an infected Android device over the Tor network, and which periodically collates and exfiltrates victim information from compromised devices," intelligence officials from the UK, US, Canada, Australia, and New Zealand wrote (PDF). "The information exfiltrated is a combination of system device information, commercial application information and applications specific to the Ukrainian military."

Infamous Chisel gains persistence by replacing the legitimate system component known as netd with a malicious version. Besides allowing Infamous Chisel to run each time a device is restarted, the malicious netd is also the main engine for the malware. It uses shell scripts and commands to collate and collect device information and also searches directories for files that have a predefined set of extensions. Depending on where on the infected device a collected file is located, netd sends it to Russian servers either immediately or once a day. When exfiltrating files of interest, Infamous Chisel uses the TLS protocol and a hard-coded IP and port. Use of the local IP address is likely a mechanism to relay the network traffic over a VPN or other secure channel configured on the infected device. This would allow the exfiltration traffic to blend in with expected encrypted network traffic. In the event a connection to the local IP and port fails, the malware falls back to a hard-coded domain that's resolved using a request to dns.google.

Infamous Chisel also installs a version of the Dropbear SSH client that can be used to remotely access a device. The version installed has authentication mechanisms that have been modified from the original version to change the way users log in to an SSH session. [...] The report didn't say how the malware gets installed. In the advisory Ukraine's security service issued earlier this month (PDF), officials said that Russian personnel had "captured Ukrainian tablets on the battlefield, pursuing the aim to spread malware and abuse available access to penetrate the system." It's unclear if this was the vector.

Researchers say they have found fake apps in Google Play that masqueraded as legitimate ones for the Signal and Telegram messaging platforms. The malicious apps could pull messages or other sensitive information from legitimate accounts when users took certain actions. ArsTechnica: An app with the name Signal Plus Messenger was available on Play for nine months and had been downloaded from Play roughly 100 times before Google took it down last April after being tipped off by security firm ESET. It was also available in the Samsung app store and on signalplus[.]org, a dedicated website mimicking the official Signal.org. An app calling itself FlyGram, meanwhile, was created by the same threat actor and was available through the same three channels. Google removed it from Play in 2021. Both apps remain available in the Samsung store.

Both apps were built on open source code available from Signal and Telegram. Interwoven into that code was an espionage tool tracked as BadBazaar. The Trojan has been linked to a China-aligned hacking group tracked as GREF. BadBazaar has been used previously to target Uyghurs and other Turkic ethnic minorities. The FlyGram malware was also shared in a Uyghur Telegram group, further aligning it to previous targeting by the BadBazaar malware family. Signal Plus could monitor sent and received messages and contacts if people connected their infected device to their legitimate Signal number, as is normal when someone first installs Signal on their device. Doing so caused the malicious app to send a host of private information to the attacker, including the device IMEI number, phone number, MAC address, operator details, location data, Wi-Fi information, emails for Google accounts, contact list, and a PIN used to transfer texts in the event one was set up by the user.

According to a report from Technews Taiwan, ASUS has shut down its Zenfone division responsible for making some of the best compact Android flagships on the market. The reason is due to "internal restructuring." Employees in the Zenfone division are being moved over to the ROG Phone team and other parts of the business. Android Authority reports: The report further asserts that the Zenfone 10 will be the last phone in the Zenfone series. Since the team no longer exists, there is unlikely to be a successor to this phone. The report follows other incidents around Zenfone. Earlier in the month, ASUS stopped allowing bootloader unlocks for Zenfone owners. The company maintained that they are not stopping the possibility of unlocking, just that the tool is currently unavailable.

A few weeks ago, community members also spotted that ASUS had removed older Zenfone firmwares from its website. Community moderators responded that ASUS no longer provides previous firmware versions or downgrade packages to ensure users remain on up-to-date firmware. Both of these incidents do not directly point to the shutdown of the Zenfone division. But they add the value of hindsight to the report, and we can't help but wonder if the writing was on the wall all this time.

An advertising watchdog has recommended that YouTube TV, Google's growing pay-TV streaming service, drops an ad claim that the service is "$600 less than cable." The recommendation from the National Advertising Division (NAD) stems from a complaint lodged by Charter Communications. From a report: NAD, which used an expedited process for single-issue advertising cases in making this decision, found that YouTube TV's pricing claim, which identifies "comparable standalone cable" as the basis of comparison, doesn't hold up. NAD noted that the price calculation underlying the challenged claim includes the cost of two set-top boxes per household for "standalone cable" services," but argued that such a comparison isn't a good fit because operators such as Charter offer pay-TV streaming options that may not require a set-top box. In Charter's case, its Spectrum TV app, billed as a platform that can "stream outside the cable box," is compatible with iOS and Android mobile devices along with several retail streaming devices and/or integrated connected TVs from companies such as Apple, Roku, Google and Samsung. "In the context of the 'cable' comparison, NAD found the claim reasonably conveys the cost of YouTube TV is compared to all cable services," the organization explained.