Apple could introduce three devices with iPhone X design

A new report from Bloomberg confirms previous rumors and lines up with Ming-Chi Kuo’s original report from November 2017. It sounds likely that Apple is going to introduce three new phones in September — an updated iPhone X, a bigger phone and a successor to the iPhone 8 with the iPhone X design.

The updated iPhone X could be considered as an “S upgrade” with a better system-on-a-chip and better cameras. The phone itself could look exactly the same as the iPhone X you can buy today. But you can expect faster performance thanks to an updated A12 chip designed by Apple and manufactured by TSMC.

The bigger device could feature a gigantic 6.5-inch display. It should have exactly the same features as the updated iPhone X — stainless steel edges, two cameras on the back, an OLED display, etc. This model could have two SIM slots in some countries to make it easier to roam in other regions and countries.

More interestingly, Apple wants to replace the iPhone 8 with a device inspired by the iPhone X. It could cost around as much as the iPhone 8 today, but it should be a big upgrade for those who are focused on the entry-level model.

Of course, there will be some compromises. For instance, Apple will replace the stainless steel edges with aluminum edges. There should be a single camera on the back. And the display won’t be as sharp as it should be a 6.1-inch LCD display.

A previous rumor indicated that this new model could come in a wide range of colors including grey, white, blue, red and orange. Bloomberg confirms that the disparition of the home button means that this phone will get Face ID.

On the software side, it sounds like the bigger 6.5-inch iPhone could let you run two apps side-by-side, pretty much like opening two apps on the iPad. If Apple follows its usual pattern, the company should unveil these new devices in just a couple of weeks.

from Apple – TechCrunch https://ift.tt/2LvtAJt

Fortnite’s Android installer shipped with an Epic security flaw

Google has clapped back in tremendous fashion at Epic Games, which earlier this month decided to make the phenomenally popular Fortnite available for Android via its own website instead of Google’s Play Store. Unfortunately, the installer had a phenomenally dangerous security flaw in it that would allow a malicious actor to essentially install any software they wanted. Google wasted exactly zero time pointing out this egregious mistake.

By way of a short explanation why this was even happening, Epic explained when it announced its plan that it would be good to have “competition among software sources on Android,” and that the best would “succeed based on merit.” Everyone of course understood that what he meant was that Epic didn’t want to share the revenue from its cash cow with Google, which takes 30 percent of in-app purchases.

Many warned that this was a security risk for several reasons, for example that users would have to enable app installations from unknown sources — something most users have no reason to do. And the Play Store has other protections and features, visible and otherwise, that are useful for users.

Google, understandably, was not amused with Epic’s play, which no doubt played a part in the decision to scrutinize the download and installation process — though I’m sure the safety of its users was also a motivating factor. And wouldn’t you know it, they found a whopper right off the bat.

In a thread posted a week after the Fortnite downloader went live, a Google engineer by the name of Edward explained that the installer basically would allow an attacker to install anything they want using it.

The Fortnite installer basically downloads an APK (the package for Android apps), stores it locally, then launches it. But because it was stored on shared external storage, a bad guy could swap in a new file for it to launch, in what’s called a “man in the disk” attack.

And because the installer only checked that the name of the APK is right, as long as the attacker’s file is called “com.epicgames.fortnite,” it would be installed! Silently, and with lots of extra permissions too, if they want, because of how the unknown sources installation policies work. Not good!

Edward pointed out this could be fixed easily and in a magnificently low-key bit of shade-throwing helpfully linked to a page on the Android developer site outlining the basic feature Epic should have used.

To Epic’s credit, its engineers jumped on the problem immediately and had a fix in the works by that very afternoon and deployed by the next one. Epic InfoSec then requested Google to wait 90 days before publishing the information.

As you can see, Google was not feeling generous. One week later (that’s today) and the flaw has been published on the Google Issue Tracker site in all its… well, not glory exactly. Really, the opposite of glory. This seems to have been Google’s way of warning any would-be Play Store mutineers that they would not be given gentle handling.

Epic Games CEO Tim Sweeney was likewise unamused. In a comment provided to Android Central — which, by the way, predicted that this exact thing would happen — he took the company to task for its “irresponsible” decision to “endanger users.”

Epic genuinely appreciated Google’s effort to perform an in-depth security audit of Fortnite immediately following our release on Android, and share the results with Epic so we could speedily issue an update to fix the flaw they discovered.

However, it was irresponsible of Google to publicly disclose the technical details of the flaw so quickly, while many installations had not yet been updated and were still vulnerable.

An Epic security engineer, at my urging, requested Google delay public disclosure for the typical 90 days to allow time for the update to be more widely installed. Google refused. You can read it all at https://ift.tt/2PBk1Mg

Google’s security analysis efforts are appreciated and benefit the Android platform, however a company as powerful as Google should practice more responsible disclosure timing than this, and not endanger users in the course of its counter-PR efforts against Epic’s distribution of Fortnite outside of Google Play.

Indeed, companies really should try not to endanger their users for selfish reasons.

from Android – TechCrunch https://ift.tt/2oahhcm
via IFTTT

Epic Games just gave a perk for folks to turn on 2FA; every other big company should, too

Let’s talk a bit about security.

Most internet users around the world are pretty crap at it, but there are basic tools that companies have, and users can enable, to make their accounts, and lives, a little bit more hacker-proof.

One of these — two-factor authentication — just got a big boost from Epic Games, the maker of what is currently The Most Popular Game In The World: Fortnite.

Fortnite players can unlock a new emote if they enable two-factor authentication

Epic is already getting a ton of great press for what amounts to very little effort.

Son: Do you know what two-factor authentication is?
Me: Uh, yeah?
Son: I get a free dance on @Fortnitegame if I enable two factor. Can we do that?

Incentives matter.

— Dennis (@DennisF) August 23, 2018

The company is giving users a new emote (the victory dance you’ve seen emulated in airports, playgrounds and parks by kids and tweens around the world) to anyone who turns on two-factor authentication. It’s one small (dance) step for Epic, but one giant leap for securing their users’ accounts.

The thing is any big company could do this (looking at you Microsoft, Apple, Alphabet and any other company with a huge user base).

Apparently the perk of not getting hacked isn’t enough for most users, but if you give anyone the equivalent of a free dance, they’ll likely flock to turn on the feature.

It’s not that two-factor authentication is a panacea for all security woes, but it does make life harder for hackers. Two-factor authentication works on codes, basically tokens, that are either sent via text or through an over-the-air authenticator (OTA). Text messaging is a pretty crap way to secure things, because the codes can be intercepted, but OTAs — like Google Authenticator or Authy — are sent via https (pretty much bulletproof, but requiring an app to use).

So using SMS-based two-factor authentication is better than nothing, but it’s not Fort Knox (however, these days, even Fort Knox probably isn’t Fort Knox when it comes to security).

Still, anything that makes things harder for crimes of opportunity can help ease the security burden for companies large and small, and the consumers and customers that love them (or at least are forced to pay and use them).

I’m not sure what form the perk could or should take. Maybe it’s the promise of a free e-book or a free download or an opportunity to have a live chat with the celebrity, influencer or athlete of a user’s choice. Whatever it is, there’re clearly something that businesses could do to encourage greater adoption.

Self-preservation isn’t cutting it. Maybe an emote will do the trick.

from Apple – TechCrunch https://ift.tt/2wl59ZG

Apple moves forward with its adaption of Isaac Asimov’s ‘Foundation’

Apple has placed a series order for Foundation, an adaptation of Isaac Asimov’s classic series of science fiction stories and novels.

Deadline reported earlier this year that the show was in development, but this was just the latest of several attempts to adapt Foundation, including a version developed by Westworld‘s Jonathan Nolan for HBO.

Now, however, it looks like Foundation really will happen at Apple, with David S. Goyer and Josh Friedman as showrunners. (Like Nolan, Goyer was one of the writers on The Dark Knight and The Dark Knight Rises, while Friedman created Terminator: The Sarah Connor Chronicles.) The series will be produced by Skydance Television, and Asimov’s daughter Robyn will be one of the executive producers.

The Foundation series (initially a set of stories published in the 1940s, then collected into book form in the ’50s and followed up by long novels that Asimov wrote in the ’80s) focuses on the fall of a long-lived Galactic Empire, with a small group of scientists at the edge of the galaxy working to preserve knowledge and minimize the period of chaos.

Elements of that plot description might make it sound like the ingredients for Apple’s version of Star Wars — and indeed, Asimov’s work is seen as a big influence on George Lucas’ films.

But in its print form, at least, Foundation is far from your typical space opera, focusing more on debate and political intrigue than action, and taking place over hundreds of years, with often interchangeable characters swapped out between stories. In other words, Goyer and Friedman will probably have to make some significant changes.

These are my favorite books by my favorite author, so I’m more excited about this than any of the other original shows that Apple’s planning (even the company’s other space opera, which is being developed by Battlestar Galactica‘s Ron Moore). I sure hope they don’t screw it up.

from Apple – TechCrunch https://ift.tt/2LqCNmw

Apple to launch a National Parks donation program via Apple Pay

Apple today announced a pair of initiatives that will allow its customers to support America’s National Parks. Starting tomorrow, August 24, and continuing through the 31st, Apple says it will donate $1 to the National Park Foundation for every purchase made using Apple Pay online at apple.com, or through the Apple Store app in the U.S. It’s also introducing a National Park-themed Apple Watch Activity Challenge to accompany the donation program.

Starting on September 1, Apple Watch users worldwide who either walk, run, or do a wheelchair workout of 50 minutes or more will earn an Activity app award and stickers that are inspired by national parks. The 50 minutes is a tribute to Redwood National Park’s 50th anniversary, which is this year.

Related to these efforts, the App Store will also feature a round-up of some of the best apps to use to explore the U.S. National Parks.

Apple says the proceeds from the donation program will support the National Park Foundation’s mission to protect national parks. This includes projects focused on habitat restoration, historic preservation, and the Open OutDoors for Kids program.

“America’s national parks are treasures everyone should experience, and we’re proud to support them again this month by donating a dollar for every purchase made with Apple Pay at one of our stores,” said Apple’s CEO Tim Cook, in a statement about the program. “These awe-inspiring places are our national inheritance, and Apple is doing our part to pass them on to future generations — just as extraordinary, beautiful and wild as we found them.”

The company also took the time today to highlight the success of a related initiative, saying it has protected and created enough sustainably managed forests to cover its current and future paper use. In partnership with The Conversation Fund, Apple has protected 36,000 acres of U.S. forests that are sustainably managed, it noted.

This is not the first time Apple has hosted such a challenge for the U.S. National Parks.

Last year, it ran the same event, making mention of the fact that Apple Pay was accepted at some national parks, like Yellowstone, Yosemite, the Grand Canyon and Muir Woods National Monument, for example. The event itself now has political undertones, given the current administration’s rethinking of national parks, and its interest in deregulating the oil and gas extraction on public lands.

from Apple – TechCrunch https://ift.tt/2o6z2sR

Apple removed Facebook’s Onavo from the App Store for gathering app data

If you were on the edge of your seat wondering what Facebook’s next major consumer privacy headache would be, the wait is over! The Wall Street Journal reports that Apple has deemed Facebook-owned app Onavo in violation of its App Store policies and will be giving it the boot shortly.

In a statement to TechCrunch, an Apple spokesperson explained the reasoning behind its decision to pull the app:

“We work hard to protect user privacy and data security throughout the Apple ecosystem. With the latest update to our guidelines, we made it explicitly clear that apps should not collect information about which other apps are installed on a user’s device for the purposes of analytics or advertising/marketing and must make it clear what user data will be collected and how it will be used.”

In some ways, it’s a wonder that Onavo has lasted this long.

Onavo, which Facebook bought back in 2013, does two things. As far as regular consumers are concerned, Onavo comports itself like a VPN, offering to “keep you and your data safe” and “blocking potentially harmful websites and securing your personal information.”

But Onavo’s real utility is pumping a ton of app usage data to its parent company, giving Facebook an invaluable bird’s eye view into mobile trends by observing what apps are gaining traction and which are fizzling out. That perspective is useful both from a product standpoint, allowing Facebook to get ahead of the competition (Snapchat is a fine example), and giving it an edge for considering which competitors to acquire.

That dual personality is likely part of the problem for Apple. In its descriptions, Onavo leans heavily on its promise to “protect your personal information” and the cover story of a fairly legitimate looking VPN.

With no meaningful opt-in for users who want to use Onavo’s VPN services but might be hesitant about sharing data with Facebook, the app’s true intentions were buried deep in its description: “Onavo collects your mobile data traffic… Because we’re part of Facebook, we also use this info to improve Facebook products and services, gain insights into the products and services people value, and build better experiences.”

By February of this year, the Onavo app had been downloaded more than 33 million times across both iOS and Android. While the app is no longer showing up in searches within Apple’s App Store, it’s still alive and well Google’s considerably more free-wheeling app store, so Facebook will have to lean more heavily on its Android eyes and ears for now.

from Apple – TechCrunch https://ift.tt/2OWeoXS

The top 10 startups from Y Combinator’s Demo Day S’18 Day 2

59 startups took the stage at Y Combinator’s Demo Day 2  and among the highlights were a company that helps developers manage in-app subscriptions; a service that lets you create animojis from real photos; and a surplus medical equipment reselling platform. Oh… and there was also a company that’s developed an entirely new kind of life form using e coli bacteria. So yeah, that’s happening.

Based on some investor buzz and what caught TechCrunch’s eye, these are our picks from the second day of Y Combinator’s presentations.

You can find the full list of companies that presented on Day 1 here, and our top picks from Day 1 here. 

64-x

With a founding team including some of the leading luminaries in the field of biologically inspired engineering (including George Church, Pamela Silver, and Jeffrey Way from Harvard’s Wyss Institute) 64-x is engineering organisms to function in otherwise inaccessible environments. Chief executive Alexis Rovner, herself a post-doctoral fellow at the Wyss Institute, and chief operating officer Ryan Gallagher, a former BCG Consultant, are looking to commercialize research from the Institute around accelerating and expanding the ability to produce functionalized proteins and sequence-defined polymers with diverse chemistries. Basically they’ve engineered a new life form that they want to use for novel kinds of bio-manufacturing.

Why we liked it: These geniuses invented a new life form.

CB Therapeutics

Sher Butt, a former lab directory at Steep Hill, saw that cannabinoids were as close to a miracle cure for pain, epilepsy and other chronic conditions as medicine was going to get. But plant-based cannabinoids were costly and produced inconsistent results. Alongside Jacob Vogan, Butt realized that biosynthesizing cannabinoids would reduce production costs by a factor of ten and boost production 24 times current yields. With a deep experience commercializing drugs for Novartis and as the founder of the cannabis testing company, SB Labs, Butt and his technical co-founder are uniquely positioned to bring this new therapy to market.

Why we liked it: Using manufacturing processes to make industrial quantities of what looks like nature’s best painkiller at scale is not a bad idea.

RevenueCat

RevenueCat helps developers manage their in-app subscriptions. It offers an API that developers can use to support in-app subscriptions on iOS and Android, which means they don’t have to worry about all the nuances, bugs and updates on each platform.

The API also allows developers to bring all the data about their subscription business together in one place. It might be on to something, though it isn’t clear how big that something is quite yet. The nine-month-old company says it’s currently seeing $350,000 in transaction volume every month; it’s making some undisclosed percentage of money off that amount.

Read more about RevenueCat here.

Why we liked it: Write code. Release app. Use RevenueCat. Get paid. That sounds like a good formula for a pretty compelling business.

 

Ajaib

Indonesia is a country in a transition, with a growing class of individuals with assets to invest yet who, financially, don’t meet the bar set by many wealth managers. Enter Ajaib, a newly minted startup with the very bold ambition of becoming the “Ant Financial of wealth management for Indonesia.” Why the comparison? Because China was in the same boat not long ago — a  country whose middle class had little access to wealth management advice. With the founding of Ant Financial nearly four years ago, that changed. In fact, Ant now boasts more than 400 million users.

China is home to nearly 1.4 billion, compared with Indonesia, whose population of 261 million is tiny in comparison. Still, if its plans work out to charge 1.4 percent for every dollar managed, with an estimated $370 billion in savings in the country to chase after, it could be facing a meaningful opportunity in its backyard if it gains some momentum.

Why we liked it: If Ajaib’s wealth management plans (to charge 1.4 percent for every dollar it manages) work out — and with a total market of $370 billion in savings in Indonesia — the company could be facing a meaningful opportunity in its backyard.

 

Grin

The scooter craze is hitting Latin America and Grin is greasing the wheels. The Mexico City-based company was launched by co-founder Sergio Romo after he and his partner realized they weren’t going to be able to get a cut of the big “birds” on the scooter block in the U.S. (as Axios reported). Romo and his co-founder have already lined up a slew of investors for what may be the hottest new deal in Latin America. Backers include Sinai Ventures, Liquid2 Ventures, 500 Startups, Monashees and Base10 Partners.

Why we liked it: Scooters are so 2018. But there’s a lot of money to be made in mobility, and as the challenge from Bird and Lime to Uber and Lyft in hyperlocal transit has revealed, there’s no dominant player that’s taken over the market… yet.

Emojer

Creating animated emojis made from real photos, Emojer just might be the most fun you can have with a camera. The company’s software uses deep learning algorithms to detect body parts and guides users in creating their own avatars with just a simple photo take from a mobile phone. It’s replacing deep Photoshop expertise and animation skills with a super simple interface. The avatars look very similar to Elf Yourself, a popular site that let you paste your friends’ faces on dancing Christmas elves that went viral every year at Christmastime. Founders have PhDs in machine learning and computer vision.

Why we liked it: As the company’s chief executive said, Snap was for sexting, and Facebook was hot or not, so who says the next big consumer platform couldn’t be the trojan horse of easily generated selfiemojis (akin to Elf Yourself)?

Osh’s Affordable Pharmaceuticals

Osh’s Affordable Pharmaceuticals is a public benefit corporation connecting doctors and patients with sources of low-cost, compounded pharmaceuticals. The company is looking to decrease barriers to entry for drugs for rare diseases. Three weeks ago the company introduced a drug to treat Wilson’s Disease. There was no access to the drug that treats the disease before in Brazil India or Canada. It slashes the cost of drugs from $30,000 a month to $120 per month. The company estimates it has a total addressable market of $17 billion. “Generic drug pricing is a crisis, people are dying because they can’t get access to the medicine they need,” says chief executive Alex Oshmyansky. Osh’s might have a solution.

Why we liked it: Selling lower-cost medications for rare diseases in countries that previously hadn’t had access to them is a good business that’s good for the world.

Medinas Health

Tackling a $75 billion problem of healthcare waste Medinas Health is giving hospitals an easy way to resell their used and a and supplies. The company has already raised $1 million for its marketplace to help healthcare organizations buy and sell equipment. With a seed round led by Ashton Kutcher and Guy Oseary’s Sound Ventures, and General Catalyst’s Rough Draft Ventures fund, the company is also working to lower costs for cash-strapped rural health care centers.

Why we liked it: tktk

And Comfort

Plus-size women have limited clothing options even at the largest retailers like Nordstrom and Macy’s. While a majority of American women fall into the plus-size clothing category, 100 million women are constrained to shopping for a very small percentage of options. And Comfort wants to solve the supply problem. To do this, the founders, two former Harvard classmates, are building a direct-to-consumer fashion brand with stylish, minimalist offerings for plus-size women, including tunic shirts and an apron dress. It’s very early days for the brand, but since launching in recent weeks, they’ve seen $25,000 in sales.

Why we liked it: This direct-to-consumer fashion brand is bringing higher quality, better-designed clothing options to a market that’s underserved and growing quickly. What’s not to like?

 

ShopWith

Influencers of the world are uniting on mobile app, ShopWith, which allows shoppers to browse virtual storefronts and aisles alongside their favorite fashion and beauty creators and YouTubers. Users can see exactly what products those influencers have featured and can buy them without ever leaving the app. It’s a free download and hours of commercially consumptive fun.

It’s like the QVC model, but for GenZ shoppers whose buying habits are influenced by social video content on YouTube, Instagram and Snapchat. The company revealed that one beauty influencer made $10,000 within five hours, using the ShopWith platform. The founders are former product managers with experience building social commerce products at Facebook and Amazon.

Why we liked it: The QVC for GenZ not only has a nice ring to it, it’s a recipe for making cash registers hum. A mobile-first, influencer-based shopping company is something that we’d definitely not call an impulse purchase.

from Android – TechCrunch https://ift.tt/2P0sest
via IFTTT