Tech With Viral

Friday, 10 May 2019

India is investigating Google over alleged Android abuse

More than 95 percent of the smartphones that ship in India run Android operating system, according to industry estimates. Now the Indian antitrust watchdog is convinced that the nation should investigate if Google is abusing the dominant position of its mobile operating system to hurt local rivals.

The Competition Commission of India (CCI), the local antimonopoly regulator, began looking at Google’s Android business in India last year after it received a complaint from unspecified people. In mid-April, the regulator decided that there was merit in the accusations and ordered its investigation unit to conduct a full-investigation, according to a report by Reuters, which cites unnamed sources.

In a statement to TechCrunch, a Google spokesperson said that it looks forward to working with the CCI on the probe. “Android has enabled millions of Indians to connect to the internet by making mobile devices more affordable. We look forward to working with the Competition Commission of India to demonstrate how Android has led to more competition and innovation, not less.”

The investigation, not the first of its kind, will take about a year to conclude and could see Google executives be asked to be summoned before the regulator, the news agency reported. The CCI has not publicly commented on the probe.

If found guilty, Google may be fined up to 10 percent of its local revenue or 300 percent of its net profits. Even as India has emerged as one of Google’s largest markets, the company makes relatively a tiny amount in the nation. It clocked $1.4 billion in revenue in India in the year that ended in March 2018, according to regulatory filings, compared to over $100 billion it generated globally in a comparable time period.

The specific accusations, as well as identity of those who filed the complaint, remains unclear.

With the launch of this investigation, India is joining the EU, which continues to look at several businesses of Google — including Android — to ensure that the company is not abusing its dominant position in the market. Earlier this year, the EU regulators concluded that Google had forced its OEM partners to prebundle a number of apps including Google Search, Chrome browser, and Google Play Store on their Android handsets.

Following the verdict, which Google has appealed, the Android maker announced it will give users more choices for browsers and search engines.

India’s regulator has previously investigated Google’s search business and Apple’s partnerships with local carriers for sale of iPhones. Apple’s iOS has tiny market share in India, where most people have annual income of less than $2,000.

from Android – TechCrunch https://tcrn.ch/2VgvcvF
via IFTTT

Apple CEO Tim Cook talks WWDC student program, coding initiatives and SAP

For the past few years, Apple has been inviting student developers to attend its WWDC conference, which centers on development topics and software. A few students from this year’s batch are getting some more personal attention from Apple as it tries to raise awareness of the program and coding literacy via its Swift Playgrounds and other resources for students and teachers.

Most of those students, though, won’t get a surprise personal visit from CEO Tim Cook, which is what happened this week when Lyman High School student Liam Rosenfeld got to the Millenia Mall Apple Store in Orlando, Florida. Liam was there to participate, he thought, in an interview with myself and a local journalist from the Orlando Sentinel about his admission to the program.

As a surprise, and fresh off an appearance at the SAP Sapphire conference to announce an expanded partnership, Cook came to visit the store to greet employees, and to spend some time with Liam and his teacher, Mary Acken.

I was on hand to spend some time of my own with Liam, to talk to him about his experiences coding in high school and shipping on a global App Store. I also spoke to Cook about coding literacy, the SAP partnership and some other interesting topics.

The confab was set for Wednesday afternoon, with the store making an ideal meeting place given its rough proximity to the conference and airport. Liam arrived earlier than expected and some interference had to be ran so that Cook’s appearance and the surprise, could be kept secret.

from Apple – TechCrunch https://tcrn.ch/2vRuQRK

Apple CEO Tim Cook talks WWDC student program, coding initiatives and SAP

from iPhone – TechCrunch https://tcrn.ch/2vRuQRK

Thursday, 9 May 2019

Smartphone shipments hit a five year low in North America

More dismal news from the smartphone number crunchers. New figures out of Canalys put the North American smartphone market at five year low for the first quarter of 2019. That’s…bad. But also, pretty inline with what we’ve been seeing globally. The market has stagnated, and while manufacturers aren’t in full on panic mode, there’s certainly cause for concern.

Shipments dropped from 44.4 million down to 36.4 million, marking an an 18 percent drop year over year for the first quarter. Canalys says it’s the steepest drop it’s recorded for the category, chalking some of the issues up to “a lackluster performance by Apple and the absence of ZTE.”

Apple is still the top of the heap, commanding 40 percent of the North American market with help from the sale of older discounted units. But Samsung managed to to tighten the gap on the back of a successful Galaxy S10 launch. The company grew by three percent for the year, up to 29.3 percent of the market.

LG, Lenovo and TCL rounded out the top five, with the latter two making pretty solid marketshare strides. The remainder of the market took a massive hit, however, with a 65 percent drop off in shipments. Analysts seem confident that 5G imminent arrival will help give the market a boost in coming quarters, but it’s going to be hard for manufacturers to maintain that momentum.

from Apple – TechCrunch https://tcrn.ch/2DXoSTQ

Google and Qualcomm launch a dev kit for building Assistant-enabled headphones

Qualcomm today announced that it has partnered with Google to create a reference design and development kit for building Assistant-enabled Bluetooth headphones. Traditionally, building these headphones wasn’t exactly straightforward and involved building a lot of the hardware and software stack, something top-tier manufacturers could afford to do, but that kept second- or third-tier headphone developers from adding voice assistant capabilities to their devices.

“As wireless Bluetooth devices like headphones and earbuds become more popular, we need to make it easier to have the same great Assistant experience across many headsets,” Google’s Tomer Amarilio writes in today’s announcement.

The aptly named “Qualcomm Smart Headset Development Kit” is powered by a Qualcomm QCC5100-series Bluetooth audio chip and provides a full reference board for developing new headsets and interacting with the Assistant. What’s interesting — and somewhat unusual for Qualcomm — is that the company also built its own Bluetooth earbuds as a full reference design. These feature the ability to hold down a button to start an Assistant session, for example, as well as volume buttons. They are definitely not stylish headphones you’d want to use on your commute, given that they are bulky enough to feature a USB port. But they are meant to provide manufacturers with a design they can then use to build their own devices.

In addition to making it easier for developers to integrate the Assistant, the reference design also supports Google’s Fast Pair technology that makes connecting a new headset to an Android Phone without the usual hassle that comes with connecting a headset for the first time.

“Demand for voice control and assistance on-the-go is rapidly gaining traction across the consumer landscape,” said Chris Havell, senior director, product marketing, voice and music at Qualcomm. “Combined with our Smart Headset Platform, this reference design offers flexibility for manufacturers wanting to deliver highly differentiated user experiences that take advantage of the power and popularity of Google cloud-based services.”

from Android – TechCrunch https://tcrn.ch/2YdOuna
via IFTTT

Wednesday, 8 May 2019

Google Play is changing how app ratings work

Two years ago, Apple changed the way its app store ratings worked by allowing developers to decide whether or not their ratings would be reset with their latest app update — a feature that Apple suggests should be used sparingly. Today, Google announced it’s making a change to how its Play Store app ratings work, too. But instead of giving developers the choice of when ratings will reset, it will begin to weight app ratings to favor those from more recent releases.

“You told us you wanted a rating based on what your app is today, not what it was years ago, and we agree,” said Milena Nikolic, an Engineering Director leading Google Play Console, who detailed the changes at the Google I/O Developer conference today.

She explained that, soon, the average rating calculation for apps will be updated for all Android apps on Google Play. Instead of a lifetime cumulative value, the app’s average rating will be recalculated to “give more weight” to the most recent users ratings.

With this update, users will be able to better see, at a glance, the current state of the app — meaning, any fixes and changes that made it a better experience over the years will now be taken into account when determining the rating.

“It will better reflect all your hard work and improvements,” touted Nikolic, of the updated ratings.

On the flip side, however, this change also means that once high-quality apps which have since failed to release new updates and bug fixes will now have a rating that reflects their current state of decline.

It’s unclear how much the change will more broadly impact Google Play Store SEO, where today app search results are returned based on a combination of factors, including app names, descriptions, keywords, downloads, reviews and ratings, among other factors.

The updated app ratings was one of numerous Google Play changes announced today, along with the public launch of dynamic delivery features, new APIs, refreshed Google Play Console data, custom listings, and even “suggested replies” — like those found in Gmail, but for responding to Play Store user reviews.

End users of the Google Play Store won’t see the new, recalculated rating until August, but developers can preview their new rating today in their Play Store Console.

from Android – TechCrunch https://tcrn.ch/2Haez0M
via IFTTT

Samsung spilled SmartThings app source code and secret keys

A development lab used by Samsung engineers was leaking highly sensitive source code, credentials and secret keys for several internal projects — including its SmartThings platform, a security researcher found.

The electronics giant left dozens of internal coding projects on a GitLab instance hosted on a Samsung-owned domain, Vandev Lab. The instance, used by staff to share and contribute code to various Samsung apps, services and projects, was spilling data because the projects were set to “public” and not properly protected with a password, allowing anyone to look inside at each project, access, and download the source code.

Mossab Hussein, a security researcher at Dubai-based cybersecurity firm SpiderSilk who discovered the exposed files, said one project contained credentials that allowed access to the entire AWS account that was being used, including over a hundred S3 storage buckets that contained logs and analytics data.

Many of the folders, he said, contained logs and analytics data for Samsung’s SmartThings and Bixby services, but also several employees’ exposed private GitLab tokens stored in plaintext, which allowed him to gain additional access from 42 public projects to 135 projects, including many private projects.

Samsung told him some of the files were for testing but Hussein challenged the claim, saying source code found in the GitLab repository contained the same code as the Android app, published in Google Play on April 10.

The app, which has since been updated, has more than 100 million installs to date.

“I had the private token of a user who had full access to all 135 projects on that GitLab,” he said, which could have allowed him to make code changes using a staffer’s own account.

Hussein shared several screenshots and a video of his findings for TechCrunch to examine and verify.

The exposed GitLab instance also contained private certificates for Samsung’s SmartThings’ iOS and Android apps.

Hussein also found several internal documents and slideshows among the exposed files.

“The real threat lies in the possibility of someone acquiring this level of access to the application source code, and injecting it with malicious code without the company knowing,” he said.

Through exposed private keys and tokens, Hussein documented a vast amount of access that if obtained by a malicious actor could have been “disastrous,” he said.

A screenshot of the exposed AWS credentials, allowing access to buckets with GitLab private tokens. (Image: supplied).

Hussein, a white-hat hacker and data breach discoverer, reported the findings to Samsung on April 10. In the days following, Samsung began revoking the AWS credentials but it’s not known if the remaining secret keys and certificates were revoked.

Samsung still hasn’t closed the case on Hussein’s vulnerability report, close to a month after he first disclosed the issue.

“Recently, an individual security researcher reported a vulnerability through our security rewards program regarding one of our testing platforms,” Samsung spokesperson Zach Dugan told TechCrunch when reached prior to publication. “We quickly revoked all keys and certificates for the reported testing platform and while we have yet to find evidence that any external access occurred, we are currently investigating this further.”

Hussein said Samsung took until April 30 to revoke the GitLab private keys. Samsung also declined to answer specific questions we had and provided no evidence that the Samsung-owned development environment was for testing.

Hussein is no stranger to reporting security vulnerabilities. He recently disclosed a vulnerable back-end database at Blind, an anonymous social networking site popular among Silicon Valley employees — and found a server leaking a rolling list of user passwords for scientific journal giant Elsevier.

Samsung’s data leak, he said, was his biggest find to date.

“I haven’t seen a company this big handle their infrastructure using weird practices like that,” he said.

Read more:

from Android – TechCrunch https://tcrn.ch/2DV8xPv
via IFTTT