A class-action lawsuit has been filed against DoorDash, alleging that the company uses deceptive and fraudulent practices to charge higher delivery fees to iPhone users compared to Android users. Ars Technica reports: The lawsuit (PDF), filed May 5 in the District of Maryland, came in hot. Plaintiff Ross Hecox, in addition to his two children and a presumptive class of similarly situated customers, briefly defines DoorDash as an online marketplace with 32 million users and billions of dollars in annual revenue. "Yet, DoorDash generates its revenues not only through heavy-handed tactics that take advantage of struggling merchants and a significant immigrant driver workforce, but also through deceptive, misleading, and fraudulent practices that illegally deprive consumers of millions, if not billions, of dollars annually," the suit adds. "This lawsuit details DoorDash's illegal pricing scheme and seeks to hold DoorDash accountable for its massive fraud on consumers, including one of the most vulnerable segments of society, minor children."

Specifically, the suit claims that DoorDash misleads and defrauds customers by

- Making its "Delivery Fee" seem related to distance or demand, even though none of it goes to the delivery person.
- Offering an "Express" option that implies faster delivery, but then changing the wording to "Priority" in billing so it is not held to delivery times.
- Charging an "Expanded Range Delivery" fee that seems based on distance but is really based on a restaurant's subscription level and demand.
- Adding an undisclosed 99 cent "marketing fee," paid by the customer rather than the restaurant, to promote menu items that customers add to their carts.
- Obscuring minimum order amounts attached to its "zero-fee" DashPass memberships and coupon offers.
- Generally manipulating DashPass subscriptions to appear like substantial savings, when the company is "engineering" fees to seem reduced.

One of the more interesting and provocative claims is that DoorDash's fees, based in part on "other factors," continually charge iPhone users of its app more than Android users placing the same orders. The plaintiffs and their law firm conducted a few tests of DoorDash's system, using different accounts to order the same food, from the same restaurant, at almost the same exact time, delivered to the same address, with the same account type, delivery speed, and tip. [...] The plaintiffs are asking for $1 billion in damages for those who "fell prey to DoorDash's illegal pricing" over the past four years. The suit also includes allegations that DoorDash improperly allows children to enter into contract with the company without proper vetting. "The claims put forward in the amended complaint are baseless and simply without merit," said a DoorDash spokesperson in a statement. "We ensure fees are disclosed throughout the customer experience, including on each restaurant storepage and before checkout. Building this trust is essential, and it's why the majority of delivery orders on our platform are placed by return customers. We will continue to strive to make our platform work even better for customers, and will vigorously fight these allegations."

CNN's chief medical correspondent spoke to psychology professor Jean Twenge from San Diego State University who in 2018 published a book which, even before lockdowns, warned that teenagers were missing crucial life experiences. Its title? "iGen: Why Today's Super-Connected Kids Are Growing Up Less Rebellious, More Tolerant, Less Happy — and Completely Unprepared for Adulthood — and What That Means for the Rest of Us."

From CNN's report: In her book, Twenge makes the case that Gen Z (or iGen, as she calls them) is growing up in a way that is fundamentally different from previous generations. She told me that some of the biggest behavioral changes ever recorded in human history coincided with the release of the smartphone.

Twelfth-graders now are more like eighth-graders from previous generations, waiting longer to take part in activities associated with independence and adulthood, according to Twenge. They are less likely to go out with friends, drive, go to prom or drink alcohol than Gen X 12th-graders were. They are more likely to lie on their beds and scroll through endless social media feeds. They may be physically safer, but the long-term effect on their mental and brain health is a big question mark.

Twenge told me that she "saw just a very, very sudden change, especially in mental health but also in optimism and expectations ... between millennials and iGen or Gen Z."
CNN's chief medical correspondent ultimately recommends parents talk to teenagers about how they're using social media. But the article also recommends: "don't catastrophize." In all likelihood, you'll find out your kids are on some type of screen or device more often than you would like, but — this is key — not everyone develops a problem. In other words, don't assume the worst about the impact that use of technology will have on your child's brain and development. Most people may not develop catastrophic problems, but it can be challenging to predict who is most vulnerable...

And lastly, in the words of author and science journalist Catherine Price, remember that life is what we pay attention to. Think about that for a moment; it is such a simple idea, but it is so true. I find it both deeply inspirational and empowering because it implies that we have it within our control to determine what our lives are like. The next time you go to pick up your phone, Price wants us to remember the three Ws: What for? Why now? What else?
Price also wrote a book — titled "How to Break Up With Your Phone: The 30-Day Plan to Take Back Your Life.". Here's how CNN ends their article: As Dr. Keneisha Sinclair-McBride, a clinical psychologist at Boston Children's Hospital and an assistant professor of psychology at Harvard Medical School, pointed out, we possess something very valuable that Big Tech companies want: our time and attention. We need to be judicious about how we allocate these precious resources — not just because they are important to TikTok, Snap or Instagram but because they are priceless for us, too.

SFGate reports: A proposed class-action lawsuit levels broad allegations that DoorDash, the San Francisco-headquartered food delivery giant, is engaging in fraudulent behavior — in part by charging iPhone users more than Android havers.

The complaint, a hefty 134-page airing of grievances about the fees and upsells faced while ordering on the app, filed by Maryland resident Ross Hecox and his children, contends that DoorDash conducts "price discrimination" by allegedly charging iPhone users an "expanded range fee" more often than their Android counterparts.

According to the suit, posted by Gizmodo, the fee — a markup to any deliveries outside of the user's immediate radius set by DoorDash — is arbitrarily applied without actually taking into account users' locations. At least seven tests with separate iPhone and Android devices were conducted by the plaintiffs to prove this point in the suit.

In one set of tests, an Android phone and an iPhone were used to place the same order — a breakfast sandwich with avocado and egg whites and a chocolate chip bagel from a nearby Panera Bread — to the same address simultaneously. In the first order, according to the suit, the iPhone was at the delivery location and the Android was 15 miles away; the iPhone user received the expanded range fee. In the second, the phones' locations were reversed, with the iPhone being used 15 miles away from the delivery site; the iPhone user, the suit alleges, was still charged the fee. In a third test involving Panera, the phones were both at the delivery location — the iPhone not only allegedly received the expanded range fee but was charged an additional dollar in delivery fees. Other tests allege that delivery fees on iPhone orders are "greatly" inflated.
DoorDash called the complaints "baseless and simply without merit," in a statement to Gizmodo.

An official ChatGPT app is now available for iOS, with an Android version coming "soon." It can be downloaded from the App Store here. The Verge reports: The app is free to use, syncs chat history with the web, and features voice input, supported by OpenAI's open-source speech recognition model Whisper. The app works on both iPhones and iPads and can be downloaded from the App Store. OpenAI says it's rolling out the app in the US first and will expand to other countries "in the coming weeks."

OpenAI didn't previously hint that a mobile app was coming, but it makes sense given the incredible popularity of ChatGPT. The AI chatbot launched last November but rocketed in use. Some outside estimates suggest the app attracted 100 million users by January this year, though OpenAI has never confirmed these figures.

Google mistakenly released a test version of its Personal Safety app that includes a new feature called "Dashcam" on select Android devices. As the name suggests, it allows users to record video and audio while driving in the event of an accident or unexpected situation, with automatic recording triggered when connecting to a specific Bluetooth device and videos automatically deleted after three days unless saved. 9to5Google reports: Once available, the feature can be launched through a new "Dashcam" shortcut in the "Be prepared" section of the home page. Here, you can begin recording manually or view your recent videos. While Dashcam is recording, your phone is still fully usable, including for navigating with Google Maps. Alternatively, you can save power by locking your screen, and the recording will continue. More importantly, Google has built this feature to work without you needing to think much about it. When setting up, you can choose to have recordings begin automatically when you connect to a particular Bluetooth device (e.g., your car stereo or infotainment system) and end when you disconnect.

To conserve storage space, your recordings are automatically deleted after three days unless you save them. Additionally, the app says that the videos themselves are compressed, averaging "30 MB per minute," with a maximum recording length of 24 hours. Overall, this feature seems to be impressively well thought out and looks essentially ready to launch. Using a smartphone as a dashcam also makes quite a bit of sense, as your phone probably has a better camera than some cheaper dashcams would offer. It's unclear if this feature will be available on other phones with Google's Personal Safety or exclusive to Pixel phones.

An anonymous reader quotes a report from Ars Technica: Researchers on Tuesday unveiled a major discovery -- malicious firmware that can wrangle a wide range of residential and small office routers into a network that stealthily relays traffic to command-and-control servers maintained by Chinese state-sponsored hackers. A firmware implant, revealed in a write-up from Check Point Research, contains a full-featured backdoor that allows attackers to establish communications and file transfers with infected devices, remotely issue commands, and upload, download, and delete files. The implant came in the form of firmware images for TP-Link routers. The well-written C++ code, however, took pains to implement its functionality in a "firmware-agnostic" manner, meaning it would be trivial to modify it to run on other router models.

The main purpose of the malware appears to relay traffic between an infected target and the attackers' command and control servers in a way that obscures the origins and destinations of the communication. With further analysis, Check Point Research eventually discovered that the control infrastructure was operated by hackers tied to Mustang Panda, an advanced persistent threat actor that both the Avast and ESET security firms say works on behalf of the Chinese government.

The researchers discovered the implant while investigating a series of targeted attacks against European foreign affairs entities. The chief component is a backdoor with the internal name Horse Shell. The three main functions of Horse Shell are: a remote shell for executing commands on the infected device; file transfer for uploading and downloading files to and from the infected device; and the exchange of data between two devices using SOCKS5, a protocol for proxying TCP connections to an arbitrary IP address and providing a means for UDP packets to be forwarded. The SOCKS5 functionality seems to be the ultimate purpose of the implant. By creating a chain of infected devices that establish encrypted connections with only the closest two nodes (one in each direction), it's difficult for anyone who stumbles upon one of them to learn the origin or ultimate destination or the true purpose of the infection. As Check Point researchers wrote: "Learning from history, router implants are often installed on arbitrary devices with no particular interest, with the aim to create a chain of nodes between the main infections and real command and control," Check Point researchers wrote in a shorter write-up. "In other words, infecting a home router does not mean that the homeowner was specifically targeted, but rather that they are only a means to a goal."

An anonymous reader quotes a report from KrebsOnSecurity: Countless smartphones seized in arrests and searches by police forces across the United States are being auctioned online without first having the data on them erased, a practice that can lead to crime victims being re-victimized, a new study found (PDF). In response, the largest online marketplace for items seized in U.S. law enforcement investigations says it now ensures that all phones sold through its platform will be data-wiped prior to auction.

Researchers at the University of Maryland last year purchased 228 smartphones sold "as-is" from PropertyRoom.com, which bills itself as the largest auction house for police departments in the United States. Of phones they won at auction (at an average of $18 per phone), the researchers found 49 had no PIN or passcode; they were able to guess an additional 11 of the PINs by using the top-40 most popular PIN or swipe patterns. Phones may end up in police custody for any number of reasons -- such as its owner was involved in identity theft -- and in these cases the phone itself was used as a tool to commit the crime. "We initially expected that police would never auction these phones, as they would enable the buyer to recommit the same crimes as the previous owner," the researchers explained in a paper released this month. "Unfortunately, that expectation has proven false in practice."

Beyond what you would expect from unwiped second hand phones -- every text message, picture, email, browser history, location history, etc. -- the 61 phones they were able to access also contained significant amounts of data pertaining to crime -- including victims' data -- the researchers found. [...] Also, the researchers found that many of the phones clearly had personal information on them regarding previous or intended targets of crime: A dozen of the phones had photographs of government-issued IDs. Three of those were on phones that apparently belonged to sex workers; their phones contained communications with clients. "We informed [PropertyRoom] of our research in October 2022, and they responded that they would review our findings internally," said Dave Levin, an assistant professor of computer science at University of Maryland. "They stopped selling them for a while, but then it slowly came back, and then we made sure we won every auction. And all of the ones we got from that were indeed wiped, except there were four devices that had external SD [storage] cards in them that weren't wiped."

According to Agence France-Presse, France has opened an investigation into planned obsolescence of Apple products. From the report: The probe into purported misleading commercial practices and planned obsolescence has been under way since December, the Paris prosecutor's office said. It follows a complaint filed by the Halt Planned Obsolescence (HOP) association.

HOP said it hoped the investigation would demonstrate the iPhone maker was "associating the serial numbers of spare parts to those of a smartphone, including via microchips, giving the manufacturer the possibility of restricting repairs by non-approved repairers or to remotely degrade a smartphone repaired with generic parts." The association called on Apple "to guarantee the right to repair devices under the logic of real circular economy."

Apple today previewed a bundle of new features designed for cognitive, vision, hearing, and mobility accessibility. That includes a new Personal Voice feature for people who may lose their ability to speak, allowing them to create "a synthesized voice that sounds like them" to talk with friends or family members. From a report: According to Apple, users can create a Personal Voice by reading a set of text prompts aloud for a total of 15 minutes of audio on the iPhone or iPad. Since the feature integrates with Live Speech, users can then type what they want to say and have their Personal Voice read it to whomever they want to talk to. Apple says the feature uses "on-device machine learning to keep users' information private and secure."

Additionally, Apple is introducing streamlined versions of its core apps as part of a feature called Assistive Access meant to support users with cognitive disabilities. The feature is designed to "distill apps and experiences to their essential features in order to lighten cognitive load." That includes a combined version of Phone and FaceTime as well as modified versions of the Messages, Camera, Photos, and Music apps that feature high contrast buttons, large text labels, and additional accessibility tools.

One cellphone owner reports their Pixel 6 Pro "has recently been overheating and excessively draining its battery," reports Endgadget.

"They suspect the culprit is the Google app and an update that began rolling out on May 12th..." And they're not the only ones, judging by comments left in the Reddit and Google support forums. "It just started yesterday. Massive battery usage from Google app and to a lesser degree Android System Intelligence...." one Reddit user wrote. Beyond the battery not lasting the phone is getting really warm so I know it's harming the battery and potentially the CPU."

Those who have tried contacting Google report the company's support staff haven't been very helpful. Some users say rolling back to an older version of the Google app hasn't fixed the problem for them. "Actually ended up with an even older version from May 10, still draining the battery," writes one Redditor. The reader who contacted us suspects the problem may be server-side. "Google app keeps wrecking the battery regardless of version, and I've rolled all the way back to May 1st," they write. "I don't know how to see if the app is trying to call home or on a loop with something like that, but the symptoms remain the same."

Google did not immediately respond to Engadget's comment request.

"Deep in a pine forest in Wilcox County, Alabama, three workers dangled from the top of a 350-foot cellular tower," reports the New York Times. "They were there to rip out and replace Chinese equipment from the local wireless network..." As the United States and China battle for geopolitical and technological primacy, the fallout has reached rural Alabama and small wireless carriers in dozens of states. They are on the receiving end of the Biden administration's sweeping policies to suppress China's rise, which include trade restrictions, a $52 billion package to bolster domestic semiconductor manufacturing against China and the divestiture of the video app TikTok from its Chinese owner. What the wireless carriers must do, under a program known as "rip and replace," has become the starkest physical manifestation of the tech Cold War between the two superpowers. The program, which took effect in 2020, mandates that American companies tear out telecom equipment made by the Chinese companies Huawei and ZTE. U.S. officials have warned that gear from those companies could be used by Beijing for espionage and to steal commercial secrets.

Instead, U.S. carriers have to use equipment from non-Chinese companies. The Federal Communications Commission, which oversees the program, would then reimburse the carriers from a pot of $1.9 billion intended to cover their costs. Similar rip-and-replace efforts are taking place elsewhere. In Europe, where Huawei products have been a key part of telecom networks, carriers in Belgium, Britain, Denmark, the Netherlands and Sweden have also been swapping out the Chinese equipment because of security concerns, according to Strand Consult, a research firm that tracks the telecom industry. "Rip-and-replace was the first front in a bigger story about the U.S. and China's decoupling, and that story will continue into the next decade with a global race for A.I. and other technologies," said Blair Levin, a former F.C.C. chief of staff and a fellow at the Brookings Institution.

But cleansing U.S. networks of Chinese tech has not been easy. The costs have already ballooned above $5 billion, according to the F.C.C., more than double what Congress appropriated for reimbursements. Many carriers also face long supply chain delays for new equipment. The program's burden has fallen disproportionately on smaller carriers, which relied more on the cheaper gear from the Chinese firms than large companies like AT&T and Verizon. Given rip-and-replace's difficulties, some smaller wireless companies now say they may not be able to upgrade their networks and continue serving their communities, where they are often the only internet providers. "For many rural communities, they are faced with the disastrous choice of having to continue to use insecure networks that are ripe for surveillance or having to cut off their services," said Geoffrey Starks, a Democratic commissioner at the F.C.C.

Last month, Senator Deb Fischer, a Republican of Nebraska, introduced a bill to close the gap in rip-and-replace funding for carriers... In January, the F.C.C. said it had received 126 applications seeking funding beyond what it could reimburse. Lawmakers had underestimated the costs of shredding Huawei and ZTE equipment, and new equipment and labor costs have risen. The F.C.C. said it could cover only about 40 percent of the expenses. Some wireless carriers immediately paused their replacement efforts. "Until we have assurance of total project funding, this project will continue to be delayed as we await the necessary funding required to build and pay for the new network equipment," United Wireless of Dodge City, Kansas, wrote in a regulatory filing to the F.C.C. in January.

Trend Micro researchers at Black Hat Asia are warning that millions of Android devices worldwide come pre-infected with malicious firmware before the devices leave their factories. "This hardware is mainly cheapo Android mobile devices, though smartwatches, TVs, and other things are caught up in it," reports The Register. From the report: This insertion of malware began as the price of mobile phone firmware dropped, we're told. Competition between firmware distributors became so furious that eventually the providers could not charge money for their product. "But of course there's no free stuff," said [Trend Micro researcher Fyodor Yarochkin], who explained that, as a result of this cut-throat situation, firmware started to come with an undesirable feature -- silent plugins. The team analyzed dozens of firmware images looking for malicious software. They found over 80 different plugins, although many of those were not widely distributed. The plugins that were the most impactful were those that had a business model built around them, were sold on the underground, and marketed in the open on places like Facebook, blogs, and YouTube.

The objective of the malware is to steal info or make money from information collected or delivered. The malware turns the devices into proxies which are used to steal and sell SMS messages, take over social media and online messaging accounts, and used as monetization opportunities via adverts and click fraud. One type of plugin, proxy plugins, allow the criminal to rent out devices for up to around five minutes at a time. For example, those renting the control of the device could acquire data on keystrokes, geographical location, IP address and more. "The user of the proxy will be able to use someone else's phone for a period of 1200 seconds as an exit node," said Yarochkin. He also said the team found a Facebook cookie plugin that was used to harvest activity from the Facebook app.

Through telemetry data, the researchers estimated that at least millions of infected devices exist globally, but are centralized in Southeast Asia and Eastern Europe. A statistic self-reported by the criminals themselves, said the researchers, was around 8.9 million. As for where the threats are coming from, the duo wouldn't say specifically, although the word "China" showed up multiple times in the presentation, including in an origin story related to the development of the dodgy firmware. Yarochkin said the audience should consider where most of the world's OEMs are located and make their own deductions.

The team confirmed the malware was found in the phones of at least 10 vendors, but that there was possibly around 40 more affected. For those seeking to avoid infected mobile phones, they could go some way of protecting themselves by going high end. That is to say, you'll find this sort of bad firmware in the cheaper end of the Android ecosystem, and sticking to bigger brands is a good idea though not necessarily a guarantee of safety. "Big brands like Samsung, like Google took care of their supply chain security relatively well, but for threat actors, this is still a very lucrative market," said Yarochkin.

An anonymous reader quotes a report from Ars Technica: After the release of Apple's AirTags, Google suddenly has interest in the Bluetooth tracker market. The company has already quietly rolled out what must be the world's largest Bluetooth tracking network via Android's 3 billion active devices, and now trackers are starting to plug in to that network. Google is taking the ecosystem approach and letting various companies plug in to the Android Bluetooth tracking network, which has the very derivative name of "Find My Device." While these Bluetooth trackers are great for finding your lost car keys on a messy desk, they can also work as worldwide GPS trackers and locate items much farther away, even though they don't have GPS. The IDs of Bluetooth devices are public, so Tile started this whole idea of crowdsourced Bluetooth tracker location, called the "Tile Network." Every phone with the Tile app installed scans Bluetooth devices in the background and, using the phone GPS, uploads their last seen location to the cloud. This location data is only available to the person who owns the Tile, but every Tile user works to scan the environment and upload any Tiles the app can see. [...]

Now, third-party Bluetooth trackers for Android's network are starting to arrive. The two companies that have announced products are Chipolo and Pebblebee, both of which seem to be cloning the Tile line of products. Both offer normal keychain tracker tags and slim credit card format trackers. The worst habits of Tile include making completely disposable products because the batteries can't be changed, but it looks like our clones have mostly avoided that. All of Pebblebee's Find My Device products are rechargeable, which is great, while the Chipolo keychain tracker has a replaceable CR2032 battery. Only the Chipolo wallet tracker is disposable (boo!). All these tags will show up in the Find My Device app, right alongside your Android phones, headphones, and whatever else you have that plugs in to the network. They also have a speaker, like normal, so you can make them ring when you're near them. Both sets of products are up for preorder now.

At Google I/O on Wednesday, VP of Engineering at Android David Burke new customization features coming to Android 14 later this year. Engadget reports: The tools build on the Material You design system Google introduced in 2021 by allowing users to create a custom wallpaper by picking a few of their favorite emojis. One of the new tools allows you to add up to 14 emojis to a single wallpaper. You can then pick a pattern and a color to bring everything together. Once the wallpaper is on your home screen, the characters will react when you tap on them. If you want something more sentimental, there's a separate option to create "Cinematic" wallpapers. The feature uses on-device neural networks to animate your favorite photos. Once the photo is on your home screen, tilting your device will cause it to move, giving the image more depth and life than it would have had you not used the new feature. Burke said both cinematic and emoji wallpapers would arrive on Pixel devices next month.

Come the fall, Google will also introduce a built-in AI image generator within Android's customization menu. You can use the tool to create wallpapers you can't find online. It comes with pre-populated prompts you can tweak to make the process of guiding the AI easier. Once you add an AI wallpaper to your home screen, Android's Material You system will automatically color-match all the user interface elements, including any app icons, so they don't clash with one another. Android 14 will further augment those tools with the addition of new clocks and shortcuts you can add to your lock screen. And if colors aren't your thing, Google also plans to add a new monochromatic theme for those who prefer a more understated look. At I/O, Burke also previewed Magic Compose, a Messages feature that will use Google's generative AI technology to write texts for you. The tool comes with multiple style settings you can use to give your messages a different flair. Google plans to beta test Magic Compose this summer. Separately, Google said after the keynote that Android 14 will add support for Ultra HDR, allowing for photos that feature more vivid colors and detailed shadows.

An anonymous reader shares an excerpt from a collaborative investigation between Motherboard, lavialibera, and IrpiMedia: Mafioso Bartolo Bruzzaniti needed everyone to do their job just right. First, the Colombian suppliers would hide a massive amount of cocaine inside bananas at the port city of Turbo, Colombia. That shipping container would then be transported across the ocean to Catania, in Sicily, Italy. A corrupt port worker on the mafia's payroll would wave the shipment through and had advised the group how to package the drugs. This was so the cocaine could remain undetected even if the worker was forced to scan the shipment. Another group of on-the-ground mafiosos would then unload the cocaine outside of the port.

In March 2021, Bruzzaniti, an alleged member of the infamous 'Ndrangheta mafia group and who says Milan belongs to him "by right," asked his brother Antonio to go fetch something else crucial to the traffickers' success. "Go right now," Bruzzaniti wrote in a text message later produced in court records. "It's needed urgently." Investigators know what Bruzzaniti said because European authorities had penetrated an encrypted phone network called Sky and harvested around a billion of the users' messages. These phones are the technological backbone of organized crime around the world.

The thing Antonio needed to urgently fetch was a phone from a different encrypted phone network, one that the authorities appear to have not compromised and which the mafia have been using as part of their operations. To that phone, a contact sent one half of the shipping container's serial number. A reporting collaboration between Motherboard, lavialibera, and IrpiMedia has identified that encrypted phone as being run by a company called No. 1 Business Communication (No. 1 BC). The investigation has found members of the mafia and other organized crime groups turning to No. 1 BC as authorities cracked down on other platforms. The collaboration has identified multiple key players in No. 1 BC's development, sales, and legal structure. "Take the bc1 right away," Bruzzaniti wrote in another text, referring to the No. 1 BC phone.

Google has launched the Pixel 7a for $499, featuring a 6.1-inch OLED display at 90Hz, Tensor G2 chip with 8GB RAM, and 64MP main camera. The Pixel 7a nearly matches the flagship Pixel 7 on specs but starts at a lower price. GSMArena.com reports: Yes, the 7a marks several firsts for the Pixel a series. For starters, its 6.1" OLED display now runs at 90Hz, the same refresh rate as the Pixel 7 (though that one has a slightly larger 6.3" display). The resolution is FHD+ and you get Gorilla Glass 3 protection. Speaking of protection, the phone is rated IP67 for dust and water resistance. It has a metal frame and a plastic back -- Google notes that it used recycled aluminum, glass and plastic to build the phone. For example, the visor is 100% recycled aluminum. Available colors are Charcoal, Sea and Snow.

Another major upgrade is the switch to the Tensor G2 chipset, which is now paired with 8GB of LPDDR RAM (up from 6GB on the 6a) and 128GB UFS 3.1 storage. This is the same configuration as the Pixel 7, so the a-phone will be just as fast at the various computational tasks. Also, note that Google is promising 5 years of security updates. Among them is the Super Res Zoom (up to 8x), which is enabled by the new 64MP camera (up from 12MP). The ultra wide camera has a 13MP sensor and a f/2.2 lens that is blessed with Dual Pixel autofocus. The front-facing camera was also bumped up to 13MP with a fixed-focus lens (f/2.2). The rear camera can record 5K video at up to 60fps, the front one tops out at 4K at 30fps.

The Pixel 7a supports sub-6GHz and mmWave flavors of 5G, though only models for select regions will have mmWave enabled. This is a dual-SIM device with one physical nano-SIM and one eSIM. The 7a is powered by a 4,385mAh battery that supports up to 18W wired charging and for the first time on an a-phone wireless charging is available too -- also at 18W. Note that the port on the bottom is USB-C 3.2 Gen 2, but the retail box comes only with a USB C-to-C cable with USB 2.0 wiring (and you have to supply your own charger). You can order the Pixel 7a via the Google Store.

Apple reported stronger-than-anticipated iPhones sales in its second-fiscal quarter earnings report today.

"The highlight of Apple's report was iPhone sales, which grew from the year-ago quarter even as the broader smartphone industry contracted nearly 15% during the same time," reports CNBC, citing an IDC estimate. "IPhone revenue grew 2% during the quarter, suggesting that parts shortages and supply chain issues that had hampered the product for the last few years, including an iPhone factory shutdown late last year, had finally abated." From the report: Here's how the company did versus Wall Street expectations per Refinitiv consensus expectations:

EPS: $1.52 vs. $1.43 expected
Revenue: $94.84 billion vs. $92.96 billion expected
Gross margin: 44.3% vs. 44.1% expected

Apple reported $24.16 billion in net income during the quarter versus $25.01 billion last year. Overall revenue was down 3% from last year's $97.28 billion in sales.

Here's how Apple's individual product lines did versus StreetAccount consensus expectations:

iPhone revenue: $51.33 billion vs. $48.84 billion expected
Mac revenue: $7.17 billion vs. $7.80 billion expected
iPad revenue: $6.67 billion vs. $6.69 billion expected
Other Products revenue: $8.76 billion vs. $8.43 billion expected
Services revenue: $20.91 billion vs. $20.97 billion expected

Apple promised faster turnaround times for security patches with iOS 16 and macOS Ventura, and it's now delivering on that claim. From a report: The company has released its first Rapid Security Response updates for devices running iOS 16.4.1, iPadOS 16.4.1 and macOS 13.3.1. They're available through Software Update as usual, but are small downloads that don't require much time to install. MacRumors says the fix is deploying over the course of 48 hours, so don't be surprised if you have to wait a short while.

The Washington Post's "Tech Friend" newsletter suggests some "tech fears you can stop worrying about." And it starts by reasuring readers, "You're fine using the WiFi in a coffee shop, hotel or airport. "Yes, it is safe," said Chester Wisniewski, a digital security specialist with the firm Sophos. Five or 10 years ago, it wasn't secure to use the shared WiFi in a coffee shop or another place outside your home. But now, most websites and apps scramble whatever you do online. That makes it tough for crooks to snoop on you when you're connected to public WiFi. It's not impossible, but criminals have easier targets.

Even Wisniewski, whose job involves sensitive information, said he connected to the WiFi at the airport and hotel on a recent business trip. He plans to use the WiFi at a conference in Las Vegas attended by the world's best computer hackers. Wisniewski generally does not use an extra layer of security called a VPN, although your company might require it. He avoids using WiFi in China.

You should be wary of public WiFi if you know you're a target of government surveillance or other snooping. But you are probably not Edward Snowden or Brad Pitt... For nearly all of us and nearly all of the time, you can use public WiFi without stress.
The newsletter also suggests we stop worrying about public phone chargers. ("Security experts told me that 'juice jacking' is extremely unlikely... Don't worry about the phone chargers unless you know you're being targeted by criminals or spies.")

Beyond that, "Focus your energy on digital security measures that really matter" — things like using strong and unique passwords for online accounts. ("This is a pain. Do it anyway.") And it calls two-factor authentication possibly the single best thing you can do to protect yourself online.

An anonymous reader quotes a report from The Register: Tokyo has five million Wi-Fi access points -- and that's 20 times what the city needs, because they're reserved for private use, according to NTT. The Japanese tech giant proposes sharing the fleet to cope with increased demand for wireless comms without adding more hardware. NTT says it's successfully tested network sharing with a scheme that starts by asking operators of Wi-Fi access points or other connections if they're open to sharing their bandwidth and allowing random netizens to connect. In return they get a share of revenue from those connections.

Under the scheme, netizens search for available networks and, as they connect, a contract would be executed allowing a link to be made. That contract would use Ethereum Proof of Authority to verify identities and initiate the back-end billing arrangements before allowing signed-up users and devices to join private networks. The operator of the Wi-Fi access point gets paid, the punter gets a connection, and everything's on a blockchain so the results can be read for eternity. [...] If this all scales, NTT estimates Tokyo won't need to add any more Wi-Fi access points or private 5G cells, even as demand for connectivity increases. The company also suggests it can enable networks to scale without requiring commensurate increases in energy consumption, and that spectrum will also be freed for other uses.

The Lenovo ThinkPhone by Motorola is being launched today in the U.S. for $699. It's the first co-branded phone from Motorola that arrives nine years after Lenovo purchased the Motorola brand for $2.91 billion. According to The Verge, the smartphone offers "a suite of productivity features designed to work with ThinkPad laptops." From the report: The ThinkPhone has a lot of the same stuff as a mainstream flagship phone, even though it's priced just below the likes of the $799 Samsung Galaxy S23. It comes with a big 6.6-inch 1080p OLED with up to 144Hz refresh rate. Build quality is quite sturdy with an aluminum frame, Gorilla Glass on the front panel, and Lenovo's signature textured aramid fiber back panel for a softer touch. The whole device is IP68 rated for strong dust and water resistance, and it's also MIL-STD-810H compliant to protect against falls and more extreme conditions.

In addition to the ThinkPad-like look and feel, there's a red key on the side of the phone in a nod to Lenovo's classic keyboard nub. You can customize it to a degree: a double-press can be assigned one of the phone's ThinkPad integration features, while a single-press can act as an app shortcut. Some apps will even let you launch certain features -- mapping it to the "Pay" screen of the Starbucks app could save you a lot of embarrassing fumbling at the register, for example. The ThinkPhone is available first to enterprise customers, with general availability on April 28th via Motorola.com.

Satellite manufacturer AST SpaceMobile partnered with AT&T to make the first two-way audio call using satellites with a standard smartphone. "The initial call was placed using AT&T's networks in Midland, Texas, to mobile carrier Ratuken in Japan on an unmodified Samsung Galaxy S22 smartphone using AST SpaceMobile's BlueWalker 3 satellite," reports Engadget. AST SpaceMobile claims to be building "the first and only space-based cellular broadband network." From the report: AT&T aims to use satellites to provide global cellular broadband from 2G to 5G. "Achieving what many once considered impossible, we have reached the most significant milestone to date in our quest to deliver global cellular broadband from space," Abel Avellan, CEO and chairman of AST SpaceMobile, said in a release. "While we take a moment to celebrate this tremendous accomplishment, we remain focused on the path ahead and pivotal next steps that get us closer to our goal of transforming the way the world connects."

It's unclear whether satellite access would come at an extra cost. In AT&T's original AST SpaceMobile partnership announcement, the company couldn't say whether existing plans would include satellite coverage. [...] While satellite offerings aren't available for consumers yet, this successful test brings widespread access one step closer to becoming a reality.

Google Fi, Google's cellular service, is getting its third rebrand in eight years. Ars Technica reports: First it was Project Fi, then Google Fi, and now it's "Google Fi Wireless." It also has its third logo, and this one's kind of clever: It's an "F" styled to look like sideways signal bars and in Google's trademark rainbow colors. There is also now a free trial mode. Google is harnessing the power of remotely configurable eSIMs to give anyone with an eSIM-compatible phone a seven-day/10GB free trial of Google Fi. That makes it easy to run around and test coverage.

Google Fi is a mobile virtual network operator (MVNO) -- a cellular reseller -- of T-Mobile's network, so whatever your T-Mobile coverage is like, that's what Fi is like. Google says that during the trial, "We'll give you a new Fi number to try out on your phone, but your current number will still work. During the trial, you can choose between Fi or your current network whenever you're calling, texting, or using mobile data." You'll need to enter a credit card for the trial, and after seven days, you'll be automatically billed on a $50 "Simply Unlimited" plan. Google notes you can cancel immediately (this is just one or two taps inside the app) and will still get the seven-day trial.

At Google I/O on May 10th, Google will launch its first foldable smartphone, "challenging Samsung's market-leading foldable phone business," reports CNBC. From the report: The Pixel Fold, known internally by the codename "Felix," will have the "most durable hinge on a foldable" phone, according to the documents. It will cost upward of $1,700 and compete with Samsung's $1,799 Galaxy Z Fold 4. Google plans to market the Pixel Fold as water-resistant and pocket-sized, with an outside screen that measures 5.8 inches across, according to the documents. Photos viewed by CNBC show that the phone will open like a book to reveal a small tablet-sized 7.6-inch screen, the same size as the display on Samsung's competitor. It weighs 10oz, slightly heavier than the Samsung Galaxy Z Fold 4, but it has a larger battery that Google says will last for 24 hours, or up to 72 hours in a low power mode.

The Pixel Fold is powered by Google's Tensor G2 chip, according to the documents. That's the same processor that launched in the Pixel 7 and Pixel 7 Pro phones last year.

Israeli spyware maker NSO Group deployed at least three new "zero-click" hacks against iPhones last year, finding ways to penetrate some of Apple's latest software, researchers at Citizen Lab have discovered. From a report: The attacks struck phones with iOS 15 and early versions of iOS 16 operating software, Citizen Lab said in a report Tuesday. The lab, based at the University of Toronto, shared its results with Apple, which has now fixed the flaws that NSO had been exploiting. It's the latest sign of NSO's ongoing efforts to create spyware that penetrates iPhones without users taking any actions that allow it in. Citizen Lab has detected multiple NSO hacking methods in past years while examining the phones of likely targets, including human rights workers and journalists.

While it is unsettling to civil rights groups that NSO was able to come up with multiple new means of attack, it did not surprise them. "It is their core business," said Bill Marczak, a senior researcher at Citizen Lab. "Despite Apple notifying targets, and the Commerce Department putting NSO on a blacklist, and the Israeli ministry cracking down on export licenses -- which are all good steps and raising costs -- NSO for the moment is absorbing those costs," Marczak said. Given the financial and legal fights NSO is involved in, Marczak said it was an open question how long NSO could keep finding or buying new exploits that are effective.

An anonymous reader shares a report from KrebsOnSecurity: KrebsOnSecurity received a nice bump in traffic this week thanks to tweets from the Federal Bureau of Investigation (FBI) and the Federal Communications Commission (FCC) about "juice jacking," a term first coined here in 2011 to describe a potential threat of data theft when one plugs their mobile device into a public charging kiosk. It remains unclear what may have prompted the alerts, but the good news is that there are some fairly basic things you can do to avoid having to worry about juice jacking.

The term juice jacking crept into the collective paranoia of gadget geeks in the summer of 2011, thanks to the headline for a story here about researchers at the DEFCON hacker convention in Vegas who'd set up a mobile charging station designed to educate the unwary to the reality that many mobile devices were set up to connect to a computer and immediately sync data by default. Since then, Apple, Google and other mobile device makers have changed the way their hardware and software works so that their devices no longer automatically sync data when one plugs them into a computer with a USB charging cable. Instead, users are presented with a prompt asking if they wish to trust a connected computer before any data transfer can take place. On the other hand, the technology needed to conduct a sneaky juice jacking attack has become far more miniaturized, accessible and cheap. And there are now several products anyone can buy that are custom-built to enable juice jacking attacks. [...]

How seriously should we take the recent FBI warning? An investigation by the myth-busting site Snopes suggests the FBI tweet was just a public service announcement based on a dated advisory. Snopes reached out to both the FBI and the FCC to request data about how widespread the threat of juice jacking is in 2023. "The FBI replied that its tweet was a 'standard PSA-type post' that stemmed from the FCC warning," Snopes reported. "An FCC spokesperson told Snopes that the commission wanted to make sure that their advisory on "juice-jacking," first issued in 2019 and later updated in 2021, was up-to-date so as to ensure 'the consumers have the most up-to-date information.' The official, who requested anonymity, added that they had not seen any rise in instances of consumer complaints about juice-jacking." The best way to protect yourself from juice jacking is by using your own gear to charge and transfer data from your device(s) to another.

"Juice jacking isn't possible if a device is charged via a trusted AC adapter, battery backup device, or through a USB cable with only power wires and no data wires present," says security researcher Brian Krebs. "If you lack these things in a bind and still need to use a public charging kiosk or random computer, at least power your device off before plugging it in."

Andrew Cunningham writes via Ars Technica: Microsoft is aware of the problems running Windows on the Steam Deck and other similar handheld Windows PCs, and at least some developers inside the company have spent time thinking of ways to address them. That's the thrust of a leaked presentation (posted in two parts by Twitter user _h0x0d_) about a new "Handheld Mode" for Windows, developed as part of an internal Microsoft hackathon in September 2022.

As presented, Handheld Mode includes several components: a new first-time setup screen that simplifies driver installation and setup; an improved touchscreen keyboard that fits better on a 7-inch screen and can be controlled Xbox-style with the built-in buttons and joysticks; a simplified Nintendo Switch-esque game launcher; and improved OS-wide controller support thanks to the open source Steamdeck Windows Controller Driver (SWICD) project. The presentation also calls for other changes to Windows' default behaviors, like always opening apps in full-screen mode when in Handheld Mode, better UI scaling for small screens, and "mapping of controls to common Windows functions."

A siren will go off on nearly every smartphone in the UK on Sunday 23 April, the government has announced. From a report: The 10 seconds of sound and vibration at 15:00 BST will test a new emergency alerts system. The test had originally been planned for the early evening but was moved to avoid clashing with an FA Cup semi-final, which kicks off at 16:30. The government was also keen to avoid a clash with the London Marathon, which starts at 09:30 on that Sunday. The alert system will be used to warn of extreme weather events, such as flash floods or wildfires. It could also be used during terror incidents or civil defence emergencies if the UK was under attack. The minister in charge of the system, Oliver Dowden, said it would be used only in situations where there was an immediate risk to life. In most cases it will be targeted at very specific areas, rather than the entire country and, according to officials, may not be used for months or years.

An anonymous reader shares a report from the New York Post: A supposed glitch in the popular "Find My iPhone" app has been directing random strangers to the home of an unsuspecting Texas dad at all hours of the day, falsely accusing him of stealing their electronic devices.

[Software engineer] Scott Schuster told the local news station KTRK that he's been visited by close to a dozen irate people over the past few years, telling him that their missing phone had last pinged at his address. "[I] had to wake up and go answer the door and explain to them that I didn't have their device, and people don't tend to believe you," the dad of two told the outlet.
The Texas resident tells KTRK that his biggest concern was "someone coming to the house potentially with a weapon."

And the same station reports that local sheriff Eric Fagan "said he was so shocked and concerned that he informed his patrol units and dispatchers, just in case anyone called about the address." "Apple needs to do more about this," Fagan said. "Please come out and check on this. This is your expertise. Mine is criminal and keeping our public safe here in Fort Bend County." Fagan added that Apple doing nothing puts a family's safety in jeopardy. "I would ask them to come out and see what they can do. It should be taken seriously. You are putting innocent lives at risk," he said....

There have been other high-profile device pinging errors elsewhere in the country, with at least one that brought armored vehicles to a neighborhood. In 2021, body camera footage captured a Denver police SWAT team raiding the home of a 77-year-old woman in Colorado over a false ping on the app. Denver officers believed she had stolen guns connected to a car theft after tracking a stolen iPhone to her address using the Find My app. That woman later sued the lead detective.

ABC13 has tried contacting the software giant since Tuesday. Someone called back, so we know they are aware of the incident. Still, no one has said if they are going to fix the issue, or at the very least, look into the matter.

The Free Software Foundation certifies products that meet their standards in regard to users' freedom, control over the product, and privacy. And they put out a new "Respects Your Freedom" certification on Thursday for ThinkPenguin's free software gigabit mini VPN router, the TPE-R1400.

From the FSF's announcement: This is ThinkPenguin's first device to receive RYF certification in 2023, adding to their vast catalogue of certified devices from previous years. As with previous routers from ThinkPenguin, the Free Software Gigabit Mini VPN Router ships with an FSF-endorsed fully free embedded GNU/Linux distribution called libreCMC. It also comes with a custom flavor of the U-Boot boot loader, assembled by Robert Call, the maintainer of libreCMC and a former FSF intern.

The router enables users to run their network connection through a VPN service, helping to simplify the process of keeping their communications secure and private. While ThinkPenguin offers a VPN service, users are not required to purchase a subscription to their service in order to use the router, and the device comes with detailed instructions on how to use the router with a wide variety of VPN providers.

"We're pleased to see ThinkPenguin continue with their commitment to bringing out devices that put software freedom as their first priority under the RYF program. The release of this router shows that ThinkPenguin is committed to the privacy and freedom of their users," said the FSF's executive director, Zoë Kooyman....

"The latest version of ThinkPenguin's VPN router lets its users take advantage of gigabit per second Internet connections while protecting their rights and privacy," said FSF's copyright and licensing associate, Craig Topham.

An anonymous reader quotes a report from MacRumors: An Apple Store at the Alderwood Mall was burgled last weekend, with thieves infiltrating the location through a nearby coffee shop. According to Seattle's King 5 News, thieves broke into Seattle Coffee Gear, went into the bathroom, and cut a hole in the wall to get to the Apple Store backroom. The burglars were able to bypass the Apple Store's security system by using the adjacent coffee shop, stealing a total of 436 iPhones that were worth around $500,000.

According to Seattle Coffee Gear manager Eric Marks, the coffee shop is not noticeably adjacent to the Apple Store because of the way that the store is laid out. "I would have never suspected we were adjacent to the Apple Store, how it wraps around I mean," Marks told King 5 News. "So, someone really had to think it out and have access to the mall layout." Police were able to obtain surveillance footage of the theft, but as it is part of an active investigation, it has not yet been released. Nothing was stolen from the coffee shop, but it will cost $1,500 to replace locks and repair the bathroom wall.

Apple will expand ProMotion to the standard iPhone models in two years, according to Ross Young, CEO of Display Supply Chain Consultants. ProMotion was first introduced on the iPhone 13 Pro models in 2021 and remains exclusive to Pro models for now. MacRumors reports: In a tweet today, Young provided a roadmap outlining various display-related technologies coming to future iPhones. Notably, the roadmap indicates that low-power LTPO display technology will be expanded to the standard iPhones in 2025, which Young said will enable ProMotion on these devices, allowing the display to ramp up to a 120Hz refresh rate for smoother scrolling and video content when necessary.

ProMotion would also allow the display to ramp down to a more power-efficient refresh rate. iPhone 13 Pro models can ramp down to 10Hz, while iPhone 14 Pro models can go as low as 1Hz, allowing for an always-on display that can show the Lock Screen's clock, widgets, notifications, and wallpaper even when the device is locked. All in all, the roadmap suggests that the so-called "iPhone 17" and "iPhone 17 Plus" will feature ProMotion, and likely an always-on display too. Young also claimed the "iPhone 17 Pro" will be the first iPhone to feature under-panel Face ID technology.

Dumb phones may be falling out of fashion on a global scale, but it's a different story in the U.S. From a report: Companies like HMD Global, the maker of Nokia phones, continue to sell millions of mobile devices similar to those used in the early 2000s. This includes what's known as "feature phones" -- traditional flip or slide phones that have additional features like GPS or a hotspot. "I think you can see it with certain Gen Z populations -- they're tired of the screens," said Jose Briones, dumb phone influencer and moderator of the subreddit, "r/dumbphones." "They don't know what is going on with mental health and they're trying to make cutbacks."

In the U.S., feature flip phone sales were up in 2022 for HMD Global, with tens of thousands sold each month. At the same time, HMD's global feature phone sales were down, according to the company. In 2022, almost 80% of feature phone sales in 2022 came from the Middle East, Africa and India, according to Counterpoint Research. But some see that number shifting, as a contingency of young people in the U.S. revert back to dumb or minimalist phones. "In North America, the market for dumb phones is pretty much flatlined," said Moorhead. "But I could see it getting up to 5% increase in the next five years if nothing else, based on the public health concerns that are out there."

France announced Friday it is banning the "recreational" use of TikTok, Twitter, Instagram and other apps on government employees' phones because of concern about insufficient data security measures. Reuters reports: The French Minister for Transformation and Public Administration, Stanislas Guerini, said in a statement that ''recreational" apps aren't secure enough to be used in state administrative services and "could present a risk for the protection of data." The ban will be monitored by France's cybersecurity agency. The statement did not specify which apps are banned but noted that the decision came after other governments took measures targeting TikTok.

Guerini's office said in a message to The Associated Press that the ban also will include Twitter, Instagram, Netflix, gaming apps like Candy Crush and dating apps. Exceptions will be allowed. If an official wants to use a banned app for professional purposes, like public communication, they can request permission to do so. Case in point: Guerini posted the announcement of the ban on Twitter.

During its State of Unreal keynote at GDC 2023, the company showed off new animation tools that make it possible to create realistic facial animations using only video captured from an iPhone. The Verge reports: Epic showed this off with a live demonstration featuring the actor behind the upcoming game Senua's Saga: Hellblade II. It was a short clip, with the actor speaking directly into the camera, but it appeared to be rendered both quickly and accurately. Even more impressive, the company then showed off the same animations captured onstage used to bring another MetaHuman character to life. The animator is launching this summer. Epic's MetaHuman Creator was announced in early 2021 to streamline the process of making more realistic human faces, body movements, and facial animations.

The European Commission has adopted a new set of right to repair rules (PDF) that, among other things, will add electronic devices like smartphones and tablets to a list of goods that must be built with repairability in mind. The Register reports: The new rules will need to be need to be negotiated between the European Parliament and member states before they can be turned into law. If they are, a lot more than just repairability requirements will change. One provision will require companies selling consumer goods in the EU to offer repairs (as opposed to just replacing a damaged device) free of charge within a legal guarantee period unless it would be cheaper to replace a damaged item. Beyond that, the directive also adds a set of rights for device repairability outside of legal guarantee periods that the EC said will help make repair a better option than simply tossing a damaged product away.

Under the new post-guarantee period rule, companies that produce goods the EU defines as subject to repairability requirements (eg, appliances, commercial computer hardware, and soon cellphones and tablets) are obliged to repair such items for five to 10 years after purchase if a customer demands so, and the repair is possible. OEMs will also need to inform consumers about which products they are liable to repair, and consumers will be able to request a new Repair Information Form from anyone doing a repair that makes pricing and fees more transparent. The post-guarantee period repair rule also establishes the creation of an online "repair matchmaking platform" for EU consumers, and calls for the creation of a European repair standard that will "help consumers identify repairers who commit to a higher quality."

"Repair is key to ending the model of 'take, make, break, and throw away' that is so harmful to our planet, our health and our economy," said Frans Timmermans, EVP for the European Green Deal, which aims to make the whole of EU carbon neutral by 2050. On that note, the EC proposed a set of anti-greenwashing laws alongside passing its right to repair rule yesterday that would make it illegal to make any green claims about a product without evidence. Citing the fact that 94 percent of Europeans believe protecting the environment is important, the EC said its proposal covers any explicit, voluntarily-made claims "which relate to the environmental impact, aspect, or performance of a product or the trader itself." Any such claims, like a laptop being made from recycled plastic, would need to be independently verified and proven with scientific evidence, the EC said.

The FCC has officially proposed, and voted unanimously to move forward with, a framework under which satellites can communicate directly with smartphones in a structured and useful way. From a report: The Notice of Proposed Rulemaking, circulated earlier this month and formally voted on today, is essentially a complete first public draft of what the FCC hopes to accomplish by establishing rules and guidelines around this emerging area of communication. Apple already made the news with a dramatic rescue made possible by its new emergency satellite feature, and companies like Lynk and AST SpaceMobile are working on providing universally accessible two-way data anywhere in the world.

Qualcomm and Iridium are integrating the capability at the chipset level. T-Mobile and SpaceX have said they plan to test their own Starlink-based system this year, and plenty of others are looking to enter the fray. There's still the matter of how this space-based connectivity would integrate with existing systems. Our mobile networks run on very carefully defined frequencies so that phones and towers don't interfere with one another, including satellites, which have totally different frequencies and signal powers.

An anonymous reader quotes a report from Ars Technica: The Federal Communications Commission today finalized rules requiring mobile carriers to block robotext messages that are likely to be illegal. The FCC described the rules as the agency's "first regulations specifically targeting the increasing problem of scam text messages sent to consumers." Carriers will be required to block text messages that come from "invalid, unallocated, or unused numbers." Carriers must also block texts from "numbers that the subscriber to the number has self-identified as never sending text messages, and numbers that government agencies and other well-known entities identify as not used for texting," the FCC said. Carriers will have to establish a point of contact for text senders so the senders can inquire about blocked texts. The FCC already requires similar blocking of voice calls from these types of numbers. The order will take effect 30 days after it is published in the Federal Register, according to a draft of the order released before the meeting.

More robotext rules may be on the way because today's "action also seeks public comment on further proposals to require providers to block texts from entities the FCC has cited as illegal robotexters," the FCC said. For example, the FCC proposes to clarify that Do Not Call Registry protections apply to text messaging. The FCC said it's further proposing to close the "lead generator loophole" that "allows companies to use a single consumer consent to deliver robocalls and text messages from multiple -- perhaps thousands -- of marketers on subjects that may not be what the consumer had in mind." The FCC "will also take further public comment on text authentication measures and other proposals to continue to fight illegal scam robotexts." The FCC separately voted today to close another gap in its Caller ID authentication rules that target illegal robocalls. The rules already required phone companies to implement the caller ID authentication technologies known as STIR and SHAKEN. But the rules don't apply in every possible scenario, so the FCC has periodically strengthened them. In June 2022, for example, the FCC required carriers with 100,000 or fewer customers to comply a year earlier than these small carriers were originally required to. The FCC said in a statement: "The new rules will require intermediate providers that receive unauthenticated IP calls directly from domestic originating providers to use STIR/SHAKEN to authenticate those calls. Although STIR/SHAKEN has been widely implemented under FCC rules, some originating providers are not capable of using the framework. In other cases, unscrupulous originating providers may deliberately fail to authenticate calls. By requiring the next provider in the call path to authenticate those calls, the FCC closes a gap in the caller ID authentication regime and facilitates government and industry efforts to identify and block illegal robocalls."

Britain is to ban the Chinese-owned video-sharing app TikTok from ministers' and civil servants' mobile phones, bringing the UK in line with the US and the European Commission and reflecting deteriorating relations with Beijing. From a report: The decision marks a sharp U-turn from the UK's previous position and came a few hours after TikTok said its owner, ByteDance, had been told by Washington to sell the app or face a possible ban in the country. The UK government's announcement was made on Thursday by Oliver Dowden, the Cabinet Office minister, in the Commons. He said the ban was taking place "with immediate effect."

The decision follows a review of TikTok by government cybersecurity experts at the National Cyber Security Centre, and will cover ministers' and civil servants' work phones, but not their personal phones. "This is a proportionate move based on a specific risk with government devices," Dowden added. At least two cabinet ministers use TikTok. Michelle Donelan, the science and technology secretary, and Grant Shapps, the energy security and net zero secretary have an account on the app, which is used by millions of young people and many celebrities and influencers.

T-Mobile is buying Mint Mobile, the budget-friendly mobile carrier that's partially owned by Ryan Reynolds. The Verge reports: In a post published on Wednesday, T-Mobile announced that the deal's valued at up to $1.35 billion and comes as T-Mobile looks to build out its prepaid phone offering. The acquisition should close later this year and involves a 39 percent cash and 61 percent stock purchase of Mint's parent company, Ka'ena Corporation. The price could change, however, as it depends on Mint's performance.

Once the deal closes, Mint founders David Glickman and Rizwan Kassim will join T-Mobile to continue managing the brand, which T-Mobile says "will generally operate as a separate business unit." Meanwhile, Reynolds will also remain a part of Mint's branding, as T-Mobile says he will "continue on in his creative role on behalf of Mint." "I never dreamt I'd own a wireless company and I certainly never dreamt I'd sell it to T-Mobile," Reynolds said in a tweet. "Life is strange and I'm incredibly proud and grateful."

As noted by T-Mobile CEO Mike Sievert in a YouTube video posted on Wednesday, T-Mobile will retain the price of Mint's cheapest phone plan at $15 per month. The deal also includes Ka'ena's other companies, including Ultra Mobile, a prepaid carrier that offers international calling, and Plum, a wholesale wireless solutions provider. [...] By purchasing Mint, T-Mobile may be looking to claw back the customers it lost when it sold Boost Mobile to Dish as part of its merger with Sprint.

An anonymous reader shares a report: The Google Pixel Fold could be available as soon as the second week in June, according to WinFuture's Roland Quandt. The reliable leaker tweeted on Tuesday that the phone will come with 256GB base storage and that you'll be able to get it in either a black / dark gray color or white. The foldable has been rumored for a long time, and there have been whispers that it would be announced sometime in the next few months. However, a January report from The Elec threw some cold water on that idea, saying that the screen wasn't even set to go into production until July or August.

Last summer, Elon Musk and T-Mobile CEO Mike Sievert announced "Coverage Above and Beyond," a joint initiative that aimed to bring Starlink satellite coverage compatible T-Mobile devices. Now, SpaceX is getting ready to begin testing its satellite-to-cellular service. Engadget reports: During a panel at the Satellite Conference and Exhibition 2023, SpaceX VP of Starlink enterprise sales Jonathan Hofeller said the company had plans to "start getting into testing" its satellite-to-cell service this year. "We're going to learn a lot by doing -- not necessarily by overanalyzing -- and getting out there, working with the telcos."

Hofeller didn't specifically say which Telco SpaceX was working with, but the timeline certainly lines up with Musk's original vision for the T-Mobile partnership. [...] Either way, the panel seemed optimistic about the future of sat-to-cell technology. Lynk Global CEO Charles Miller said that satellite cellular service has the potential to be the "biggest category in satellite," and Iridium CEO Matt Desch sees cellular satellite service as just the beginning. "Satellite should connect everything everywhere," he said at the event, imagining the technology connecting to computers, vehicles and more.

Samsung's Galaxy smartphones now offer "Space Zoom," writes Apple Insider, a feature augmenting 3x and 10x telephoto cameras with digital zoom "aided by Samsung's AI Super Resolution technology."

But the resulting 100X zoom levels "appear to be more a feat of AI trickery than anything else," they conclude, citing an investigation by a Reddit user: That so-called Space Zoom could potentially allow users to photograph the moon, and many do. However, it may be the case that the level of detail in the moon shots may only be higher due to software shenanigans....

The user tested the effect by downloading a high-resolution image of the moon, then downsized it to a 170 by 170-resolution image, and then applied a gaussian blur to obliterate any final details of its surface. They then showed the low-res blurry moon at full screen on their monitor, walked to the other end of their room, zoomed in on the fake celestial body, and took a photograph. After some processing, an image of the moon was produced by the smartphone, but the surface had considerably more detail for the surface than the doctored source. The user reckons Samsung "is leveraging an AI model to put craters and other details on places which were just a blurry mess."

They go further to stress that while super resolution processing uses multiple images to recover otherwise-lost detail, this seems to be something different. It is proposed that this is a case "where you have a specific AI model trained on a set of moon images, in order to recognize the moon and slap on the moon texture on it."
The Reddit user has now posted an update: I photoshopped one moon next to another (to see if one moon would get the AI treatment, while another would not), and managed to coax the AI to do exactly that.... [O]ne moon got the "AI enhancement", while the other one shows what was actually visible to the sensor — a blurry mess....

It's literally adding in detail that weren't there. It's not deconvolution, it's not sharpening, it's not super resolution, it's not "multiple frames or exposures". It's generating data.

Here's an interesting bit of news out of Mobile World Congress: Qualcomm says the Snapdragon 8 Gen 2 has been certified as the "world's first commercially deployable iSIM (Integrated SIM)." ArsTechnica: What the heck is an iSIM? Didn't we just go through a SIM card transition with eSIM? We did, but iSIM is better than eSIM. We'll explain, but the short answer is that iSIM is the next step in the continual march to reduce the size of SIM cards. [...] eSIMs are still a chip taking up space on your motherboard, and that's not ideal if you want to squeeze every square millimeter of space out of a phone. The next shrinking step is iSIM -- an Integrated Subscriber Identity Module. Rather than a chip on the motherboard, iSIMs are integrated directly onto the SoC. SoC (system on a chip) integration is the technology that makes smartphones possible. Instead of a thousand little chips for things like the CPU, GPU, RAM, modem, and a bunch of other things, everything gets packed into one single do-everything piece of silicon.

Individual chips require more space and power thanks to having to make motherboard traces to connect everything and having to deal with chip packages. Building everything in one chip, with the tiniest transistors you can muster, is the cheapest and most space-efficient and power-efficient way to do things, and now SIM cards are going to disappear into that big block of stuff. iSIMs will be measured in fractions of a millimeter, and as part of the SoC, they will continually shrink every year as chip process nodes hit ever-smaller nm measurements. It sounds like this is the endgame for SIM technology, and besides helping out phones, will be great for evermore space-constrained devices like smartwatches.

Google has begun the process of bringing Chrome's full Blink browser engine to iOS against current App Store rules, and now we have our first look at the test browser in action. 9to5Google reports: In the weeks since the project was announced, Google (and Igalia, a major open source consultancy and frequent Chromium contributor) have been hard at work getting a simplified "content_shell" browser up and running in iOS and fixing issues along the way. As part of that bug fixing process, some developers have even shared screenshots of the minimal Blink-based browser running on an iPhone 12. In the images, we can see a few examples of Google Search working as expected, with no glaringly obvious issues in the site's appearance. Above the page contents, you can see a simple blue bar containing the address bar and typical browser controls like back, forward, and refresh.

With a significant bit of effort, we were able to build the prototype browser for ourselves and show other sites including 9to5Google running in Blink for iOS, through the Xcode Simulator. As an extra touch of detail, we now know what the three-dots button next to the address bar is for. It opens a menu with a "Begin tracing" button, to aid performance testing. From these work-in-progress screenshots, it seems clear that the Blink for iOS project is already making significant progress, but it's clearly a prototype not meant to be used like a full web browser. The next biggest step that Google has laid out is to ensure this version of Blink/Chromium for iOS passes all of the many tests that ensure all aspects of a browser are working correctly.

An anonymous reader quotes a report from Bloomberg: Apple partner Foxconn Technology Group plans to invest about $700 million on a new plant in India to ramp up local production, people familiar with the matter said, underscoring an accelerating shift of manufacturing away from China as Washington-Beijing tensions grow. The Taiwanese company, also known for its flagship unit Hon Hai Precision Industry Co., plans to build the plant to make iPhone parts on a 300-acre site close to the airport in Bengaluru, the capital of the southern Indian state of Karnataka [...]. The factory may also assemble Apple's handsets [...], and Foxconn may also use the site to produce some parts for its nascent electric vehicle business.

The investment is one of Foxconn's biggest single outlays to date in India and underscores how China's at risk of losing its status as the world's largest producer of consumer electronics. Apple and other US brands are leaning on their Chinese-based suppliers to explore alternative locations such as India and Vietnam. It's a rethink of the global supply chain that's accelerated during the pandemic and the war in Ukraine and could reshape the way global electronics are made. The new production site in India is expected to create about 100,000 jobs, the people said. The company's sprawling iPhone assembly complex in the Chinese city of Zhengzhou employs some 200,000 at the moment, although that number surges during peak production season.

At Mobile World Congress (MWC) this week in Barcelona, OnePlus showcased a concept smartphone with liquid cooling technology, dubbed "Active CryoFlux." While the headset may never see the light of day, at least in its current form, it serves to show how serious OnePlus hopes to get about mobile gaming. From a report: A 0.2 square centimeter piezoelectric ceramic micropump moves the coolant up and down a pipeline near the rear of the device and around the massive camera array. The rear of the device is covered in a transparent material, showcasing the process as a kind of light show. It's a cool effect, and one that invariably shares comparisons to Phone (1), released by OnePlus co-founder Carl Pei's Nothing last year. "A lot of young people like playing games," said OnePlus President and COO Kinder Liu. "Gaming plays an important role in their digital life, and in the future, we will continuously improve their gaming experience. Currently, we definitely engage with our users about gaming development. We are talking about how to improve the gaming experience, and in the future, we believe we will have more time to talk to them."

At Mobile World Congress in Barcelona, Lenovo demoed a laptop and smartphone with rollable screens that "can gradually expand to offer more screen real-estate, rather than needing to be completely unfolded like books," writes Jon Porter from The Verge. These are early proof of concept devices that don't have any public release dates as of yet. From the report: Before we get into the concept laptop's signature feature, it's worth pointing out just how unassuming the device looks before its screen unrolls. Lenovo had the device sitting alongside its other laptops in a conference suite, and not a single one of the dozen-or-so journalists in attendance clocked that it was anything other than a standard ThinkPad. In its unextended form, it's got a regular looking 12.7-inch display with a 4:3 aspect ratio. That all changes with a flip of a small switch on the right of the chassis, at which point you can hear some motors whirring and the screen extends upwards. That switch causes a couple of motors in the laptop to spring into action, pulling the screen out from underneath the laptop's keyboard to hoist it up more or less vertically in front of you. It's an admittedly slow process on this concept device (from our footage it seems to take a little over ten seconds to fully extend) but eventually you're left with an almost square 15.3-inch display with an 8:9 aspect ratio. The device brings to mind LG's fancy (and eye-wateringly expensive) rollable TV that's designed to roll away when you're not using it. Only in Lenovo's case the screen is rolling down into the laptop's keyboard rather than a small box, and it also can't roll away entirely. Once fully extended, Lenovo's laptop screen has a small crease where its screen originally bent underneath the keyboard. But again -- it's a prototype.

Lenovo's other rollable device it's demoing at MWC is a Motorola smartphone. We've seen numerous companies including Samsung Display, Oppo, TCL, and even LG (RIP) show off rollable concept devices in various stages of development over the years, but we're yet to see the technology break through in a consumer device. Like a foldable, the idea is that a rollable smartphone can be small when you need it to be portable, and big when you need more screen to get the job at hand done. Lenovo's phone -- which it's calling the Motorola rollable smartphone concept -- is all about taking a small square of a display and making it longer. It's almost like a foldable flip phone, but without a secondary cover display because it's the same screen the entire time. When all neatly rolled up, Lenovo's Motorola rollable offers a 5-inch display with a 15:9 aspect ratio. Then, with a small double tap of a side button, the screen unfurls to give you a remarkably tall 6.5-inch display with a 22:9 aspect ratio. [...] "In 2019, it seemed like foldable phones were about to become the next big thing in the world of smartphones," writes Porter, in closing. "But four years later, it feels like we're still waiting for this future to become a mainstream reality. Lenovo would be the first to admit that its rollable concept devices are far from ready for prime time, but they offer a compelling argument for an alternative, rollable future."

Since the earliest versions of the iPhone, "The ability to dynamically execute code was nearly completely removed," write security researchers at Trellix, "creating a powerful barrier for exploits which would need to find a way around these mitigations to run a malicious program. As macOS has continually adopted more features of iOS it has also come to enforce code signing more strictly.

"The Trellix Advanced Research Center vulnerability team has discovered a large new class of bugs that allow bypassing code signing to execute arbitrary code in the context of several platform applications, leading to escalation of privileges and sandbox escape on both macOS and iOS.... The vulnerabilities range from medium to high severity with CVSS scores between 5.1 and 7.1. These issues could be used by malicious applications and exploits to gain access to sensitive information such as a user's messages, location data, call history, and photos."

Computer Weekly explains that the vulnerability bypasses strengthened code-signing mitigations put in place by Apple on its developer tool NSPredicate after the infamous ForcedEntry exploit used by Israeli spyware manufacturer NSO Group: So far, the team has found multiple vulnerabilities within the new class of bugs, the first and most significant of which exists in a process designed to catalogue data about behaviour on Apple devices. If an attacker has achieved code execution capability in a process with the right entitlements, they could then use NSPredicate to execute code with the process's full privilege, gaining access to the victim's data.

Emmitt and his team also found other issues that could enable attackers with appropriate privileges to install arbitrary applications on a victim's device, access and read sensitive information, and even wipe a victim's device. Ultimately, all of the new bugs carry a similar level of impact to ForcedEntry.

Senior vulnerability researcher Austin Emmitt said the vulnerabilities constituted a "significant breach" of the macOS and iOS security models, which rely on individual applications having fine-grain access to the subset of resources needed, and querying services with more privileges to get anything else.
"The key thing here is the vulnerabilities break Apple's security model at a fundamental level," Trellix's director of vulnerability research told Wired — though there's some additional context: Apple has fixed the bugs the company found, and there is no evidence they were exploited.... Crucially, any attacker trying to exploit these bugs would require an initial foothold into someone's device. They would need to have found a way in before being able to abuse the NSPredicate system. (The existence of a vulnerability doesn't mean that it has been exploited.)

Apple patched the NSPredicate vulnerabilities Trellix found in its macOS 13.2 and iOS 16.3 software updates, which were released in January. Apple has also issued CVEs for the vulnerabilities that were discovered: CVE-2023-23530 and CVE-2023-23531. Since Apple addressed these vulnerabilities, it has also released newer versions of macOS and iOS. These included security fixes for a bug that was being exploited on people's devices.
TechCrunch explores its severity: While Trellix has seen no evidence to suggest that these vulnerabilities have been actively exploited, the cybersecurity company tells TechCrunch that its research shows that iOS and macOS are "not inherently more secure" than other operating systems....

Will Strafach, a security researcher and founder of the Guardian firewall app, described the vulnerabilities as "pretty clever," but warned that there is little the average user can do about these threats, "besides staying vigilant about installing security updates." And iOS and macOS security researcher Wojciech ReguÅa told TechCrunch that while the vulnerabilities could be significant, in the absence of exploits, more details are needed to determine how big this attack surface is.

Jamf's Michael Covington said that Apple's code-signing measures were "never intended to be a silver bullet or a lone solution" for protecting device data. "The vulnerabilities, though noteworthy, show how layered defenses are so critical to maintaining good security posture," Covington said.

An anonymous reader quotes the Guardian: Nokia has announced one of the first budget Android smartphones designed to be repaired at home allowing users to swap out the battery in under five minutes in partnership with iFixit.

Launched before Mobile World Congress in Barcelona on Saturday, the Nokia G22 has a removable back and internal design that allows components to be easily unscrewed and swapped out including the battery, screen and charging port. Nokia phones manufacturer HMD Global will make "quick fix" repair guides and genuine parts available for five years via specialists iFixit, in addition to affordable professional repair options.

"People value long-lasting, quality devices and they shouldn't have to compromise on price to get them. The new Nokia G22 is purposefully built with a repairable design so you can keep it even longer," said Adam Ferguson, head of product marketing for HMD Global.

The G22 is partially made of recycled plastic and has a 6.53in screen, large-capacity battery, 50-megapixel camera and a fingerprint scanner. It runs Android 12 and will be supported for three years of monthly security updates and two major Android version upgrades.