Google to pay security researchers who find Android apps and Chrome extensions misusing user data

Google said it will pay security researchers who find “verifiably and unambiguous evidence” of data abuse using its platforms.

It’s part of the company’s efforts to catch those who misuse user data collected through Android apps or Chrome extensions — and to avoid its own version of a scandal like Cambridge Analytica, which saw millions of Facebook profiles scraped and used to identify undecided voters during the U.S. presidential election in 2016.

Google said anyone who identifies “situations where user data is being used or sold unexpectedly, or repurposed in an illegitimate way without user consent” is eligible for its expanded data abuse bug bounty.

“If data abuse is identified related to an app or Chrome extension, that app or extension will accordingly be removed from Google Play or Google Chrome Web Store,” read a blog post. “In the case of an app developer abusing access to Gmail restricted scopes, their API access will be removed.” The company said abuse of its developer APIs would also fall under the scope of the bug bounty.

Google said it isn’t providing a reward table yet but a single report of data misuse could net $50,000 in bounties.

News of the expanded bounty comes in the wake of the DataSpii scandal, which saw browser extensions scrape and share data from millions of users. These Chrome extensions uploaded web addresses and webpage titles of every site a user visited, exposing sensitive data like tax returns, patient data, and travel itineraries.

Google was forced to step in and suspend the offending Chrome extensions.

Instagram recently expanded its own bug bounty to include misused user data following a spate of data incidents,

After data incidents, Instagram expands its bug bounty

from Android – TechCrunch https://ift.tt/32ia3VT
via IFTTT

Apple will unveil the next iPhone September 10

Invites for the next big Apple event have just landed in press mailboxes everywhere, confirming the rumored September 10 date. Invites for the event, which is set for Steves Jobs Theater on the company’s shiny new Cupertino campus, note that the event is “by innovation only.” It is a small theater, after all.

The centerpiece of the event will, of course, be the iPhone 11, which is rumored to arrive in three different flavors: The standard 11 (replacing the budget XR) and two 11 Pro models, set to replace the XS and XS Max, respectively. The scheme would mark a kind of new approach for the company, which has struggled to grapple with declining smartphone sales along with the rest of the industry.

Developing…

from Apple – TechCrunch https://ift.tt/2HA6q5I

Apple expands access to official repair parts for third-party shops

Apple just announced a new program to make it easier to repair out-of-warranty iPhones. In addition to Apple Authorized Service Providers, independent third-party repair shops will be able to access official repair parts and tools.

There are currently three options when you break your screen or other parts of your iPhone. You can go to an Apple store and give your iPhone to Apple employees. You can go to an authorized store (such as Best Buy stores in the U.S.), which means your iPhone will be repaired by Apple-certified technicians. Or you can go to a normal repair shop.

Authorized Service Providers already have access to official parts and tools. If your iPhone is under warranty, you can get a free repair and Apple pays back the authorized repair shop directly.

But until today, if you were a non-authorized repair shop, you couldn’t get official parts. It could result in mixed experiences with parts that don’t perform as well as official parts.

Starting today, any repair shop in the U.S. can get a free online certification in order to access the new repair program. After that, you can buy genuine parts and tools. You can also access the same repair manuals and diagnostics as authorized repair shops.

Apple says that it’ll expand the new program to more countries in the future. The company is already testing the program with 20 shops in North America, Europe and Asia.

This is great news for customers as it should improve the overall quality of repairs. Apple is essentially lowering the entry barrier to qualify to official parts.

If you want to make sure that your device is repaired using genuine parts or if your device is still under warranty, you should still go to an authorized repair shop or an official Apple store. It’s going to be hard to tell if third-party repair shops are using genuine parts as nobody is forcing them to switch to the new program.

from Apple – TechCrunch https://ift.tt/2Ug5hoW

India liberalizes foreign investment rules in a win for Apple

India has further liberalized its foreign direct investment (FDI) rules for many sectors, opening new avenues for global investors and giants such as Apple as Asia’s third-largest economy attempts to jump-start its years-low economic growth.

New Delhi said Wednesday evening that it is easing sourcing norms for single-brand retailers like Apple. As part of the new proposal, which has been approved, the government said single-brand retail companies will be allowed to open online stores before they set up presence in the bricks-and-mortar market.

This would allow Apple, which has yet to set up retail stores in the country, to start selling a range of products through its own online store. Currently, Apple sells its products in India through partnered third-party offline retailers and e-commerce platforms such as Amazon India, Flipkart and Paytm Mall.

Over the years, Apple has requested the government numerous times to relax the local foreign direct investment (FDI) rules. Company executives have long expressed disappointment at Amazon India, Flipkart and Paytm Mall for offering heavy discounts on the iPhone and MacBook Air to boost their respective GMV metrics.

Even as this boosted the sales of iPhones in India, the discounts diluted the brand image of iPhones in the country, executives felt.

Apple will soon explore selling its products through its online store in India, a person familiar with the matter told TechCrunch. But the move is unlikely to materialize before next year, the person said, requesting anonymity.

Apple did not immediately respond to a request for comment.

New Delhi previously also forced companies like Apple to source 30% of their productions locally (PDF). Now the government says it is broadening the definition to include both materials sold in India and those exported in the local sourcing law.

“It has been decided that all procurements made from India by the single brand retail trade entity for that single brand shall be counted towards local sourcing, irrespective of whether the goods procured are sold in India or exported. Further, the current cap of considering exports for five years only is proposed to be removed, to give an impetus to exports,” Piyush Goyal, Commerce and Industry Minister, said in a press conference.

Apple had urged the government previously to ease this requirement, as well.

India has emerged as one of the world’s biggest battlegrounds for smartphone vendors. As sale of smartphones slow or decline in nearly every corner of the world, Indians are showing a growing appetite for handsets.

The local smartphone market, which is the fastest growing globally and also second largest, was once commanded by local smartphone manufacturers. But things have dramatically changed in recent years with Chinese phone makers such as Xiaomi, Vivo, OnePlus, Oppo and Realme and South Korean giant Samsung together controlling 90% of the market.

Apple continues to largely focus on users looking for a premium smartphone in India. Even as the iPhone maker’s market share in India stands below 2%, per research firms IDC, Counterpoint and Canalys, Apple CEO Tim Cook has said on a number of earnings calls that the company sees major opportunity in India.

With iOS 13, Apple delivers new features to court users in India

To boost sales in India, Apple has started to assemble several iPhone models locally and reached a stage where it can begin to export to overseas markets phones produced in India. Assembling phones in India allows Apple — as it does other phone makers — to enjoy some tax benefits that Narendra Modi’s government provides.

As part of today’s announcement, the government is now also allowing foreign investment in digital media to take up to 26% stakes in companies — a figure that now stands at 100% for the coal mining industry and associated infrastructure and sales of fuel.

“The extant FDI policy provides for 49% FDI under approval route in Up-linking of ‘News &Current Affairs’ TV Channels. It has been decided to permit 26% FDI under government route for uploading/ streaming of News & Current Affairs through Digital Media, on the lines of print media,” it said in a press release.

India’s move today comes as the nation grapples with a slowing of economic growth. The economic growth in the quarter that just ended stood at 5.8%, a five-year low in the nation.

from Apple – TechCrunch https://ift.tt/2L0pDQ4

Zhiyun’s Smooth-Q2 aims to be the most portable quality smartphone gimbal available

Zhiyun has been steadily rolling out new gimbals for smartphones and dedicated cameras for a few years now, and the company’s quality and feature set has improved dramatically over time. Now, it’s launching the Zhiyun Smooth-Q2 smartphone gimbal on Kickstarter, with the aim of delivering a “truly pocket-size” gimbal that has all the bells and whistles you could ever want or need.

The Smooth-Q2 is indeed a portable powerhouse – the company sent me a pre-production unit to test, and though it’s not the final shipping hardware, it already works and feels like a polished, quality device. The first thing you’ll notice right away about the Smooth-Q2 is its size – it can indeed slip inside a coat or pant pocket, though you’ll need a fairly deep one to make that work. Even if you don’t necessarily have a compatible pocket, it’s hard to beat the Smooth-Q2 for sheer portability, and that’s bound to save you some packing space when you’re getting ready for your next trip.

There’s another recently released small-size smartphone gimbal on the market – the DJI Osmo Mobile 3. That has a clever method of folding down for easier packing, but the Smooth-Q2’s design, while similar in overall footprint, means it’s much easier to put in your actual pocket (or pack in a bag’s side pocket) than is the DJI version. And while both are incredibly easy to balance even if you’re a gimbal novice, I found the Zhiyun was actually the simpler of the two.

The Zhiyun Smooth-Q2 also feels more solidly constructed, though its simpler controls (it doesn’t have a trigger around or a zoom lever) may leave some creators wanting. There are some other advantages here, too, however – a quick release spring-loaded clip means you can detach your smartphone quickly for other uses without unbalancing the gimbal, and go right back to shooting when you’re done. Plus, you can connect via Bluetooth and control your smartphone’s native camera app directly, instead of relying on their ZP Play app – which you can still use for features like object tracking.

The Smooth-Q2 offers 16-hours of battery life, so you should easily make it through a day without requiring power, and it can do time lapses, with or without programmed motion, a vortex mode for capturing crazy rotational footage, and an aluminum body that should be able to withstand less-than careful stowage in your bag.

In terms of quality, the Smooth-Q2 really delivers in early testing with my iPhone XS Max, and I’ve included two quick sample clips so you can see for yourself. These are shot in the gimbal’s basic PF mode, in which the camera pans as you turn the gimbal side to side.

Zhiyun’s crowdfunding these but the company’s history and reputation mean that you can count on them to deliver. The entry-level price is set at $109 U.S. for backers, which is a $30 discount off the planned retail cost, and they should ship to backers in October according to the company.

from iPhone – TechCrunch https://ift.tt/2Zt3P7H

Apple is turning Siri audio clip review off by default and bringing it in house

The top line news is that Apple is making changes to the way that Siri audio review, or ‘grading’ works across all of its devices. First, it is making audio review an explicitly opt-in process in an upcoming software update. This will be applicable for every current and future user of Siri.

Second, only Apple employees, not contractors, will review any of this opt-in audio in an effort to bring any process that uses private data closer to the company’s core processes.

Apple has released a blog post outlining some Siri privacy details that may not have been common knowledge as they were previously described in security white papers.

Apple apologizes for the issue.

“As a result of our review, we realize we haven’t been fully living up to our high ideals, and for that we apologize. As we previously announced, we halted the Siri grading program. We plan to resume later this fall when software updates are released to our users — but only after making the following changes…”

It then outlines three changes being made to the way Siri grading works.

• First, by default, we will no longer retain audio recordings of Siri interactions. We will continue to use computer-generated transcripts to help Siri improve.
• Second, users will be able to opt in to help Siri improve by learning from the audio samples of their requests. We hope that many people will choose to help Siri get better, knowing that Apple respects their data and has strong privacy controls in place. Those who choose to participate will be able to opt out at any time.
• Third, when customers opt in, only Apple employees will be allowed to listen to audio samples of the Siri interactions. Our team will work to delete any recording which is determined to be an inadvertent trigger of Siri.

Apple is not implementing any of these changes, nor is it lifting the suspension on the Siri grading process that it halted until the software update becomes available for its operating systems that will allow users to opt in. Once people update to the new versions of its OS, they will have the chance to say yes to the grading process that uses audio recordings to help verify requests that users make of Siri. This effectively means that every user of Siri will be opted out of this process once the update goes live and is installed.

Apple says that it will continue using anonymized computer generated written transcripts of your request to feed its machine learning engines with data, in a fashion similar to other voice assistants. These transcripts may be subject to Apple employee review.

Amazon and Google had previous revelations that their assistants were being helped along by human review of audio, and they have begun putting opt-ins in place as well.

Apple is making changes to the grading process itself as well, noting that, for example, “the names of the devices and rooms you setup in the Home app will only be accessible by the reviewer if the request being graded involves controlling devices in the home.”

A story in The Guardian in early August outlined how Siri audio samples were sent to contractors Apple had hired to evaluate the quality of responses and transcription that Siri produced for its machine learning engines to work on. The practice is not unprecedented, but it certainly was not made as clear as it should have been in Apple’s privacy policies that humans were involved in the process. There was also the matter that contractors, rather than employees, were being used to evaluate these samples. One contractor described as containing sensitive and private information that, in some cases, may have been able to be tied to a user, even with Apple’s anonymizing processes in place.

In response, Apple halted the grading process worldwide while it reviewed the process. This post and updates to its process are the result of that review.

Apple says that around 0.2% of all Siri requests got this audio treatment in the first place, but given that there are 15B requests per month, the quick maths tell us that though it is statistically insignificant, the raw numbers could be quite high.

The move away from contractors was signaled by Apple releasing employees in Europe, as noted by Alex Hearn earlier on Wednesday.

Apple is also publishing an FAQ on how Siri’s privacy controls fit in with its grading process, you can read that in full here.

The blog post from Apple and the FAQ provide some details to consumers about how Apple handles the grading process, how it is minimizing the data given to data reviewers in the grading process and how Siri privacy is preserved.

Apple’s work with Siri from the beginning has focused enormously on on-device processing whenever possible. This has led a lot of experts to say that Apple was trading raw capability for privacy by eschewing the data-center heavy processes of assistants from companies like Amazon or Google in favor of keeping a ‘personal cloud’ of data on device. Sadly, the lack of transparency on human review processes and the use of contractors undercut all of this foundational work Apple has been doing from the beginning. So it’s good that Apple is cranking all the way back to past industry standard on its privacy policies regarding grading and improvement. That is where it needs to be.

The fact is that no other assistant product is nearly as privacy focused as Siri — as I said above, some would say to the point of hampering its ability to advance as quickly. Hopefully this episode leads to better transparency on the part of Apple when humans get involved in processes that are presumed to be fully automated.

Most people assume that ‘AI’ or ‘machine learning’ mean computers only, but the sad fact is that most of those processes are intensely human driven still because AI (which doesn’t really exist) and ML are still pretty crap. Humans will be involved in making them seem smarter for a very long time yet.

Love watching people realize that "AI" is really just a people-sized rat king. https://t.co/Zfx7NzYAO3

— Matthew Panzarino (@panzer) August 13, 2019

from Apple – TechCrunch https://ift.tt/346eZid

Fitbit’s CEO discusses the company’s subscription future

At a small event in Manhattan this week, Fitbit laid out its future for the press. Tellingly, the event was far more focus on the company’s software play, with the big hardware announcement feeling almost rushed at the end.

Along with an increased focus on health care providers and enterprise, much of its revenue strategy will be tied up in Fitbit Premium, a $10 a month subscription service. The offering marks a major shift for a company whose identity has been so closely tied to hardware for its first decade of existence.

Fitbit’s Versa 2 smartwatch features Alexa and a better battery

The announcement comes a year and a half after the release of Versa. The smartwatch has helped the company begin to right the ship after several quarters’ worth of financial struggle. And while last quarter found Fitbit’s valuation stumbling a bit on the heels of a disappointing performance by the Versa Lite, the company says it continues to be committed to its core hardware offering.

Following the announcement of Fitbit Premium and the Versa 2 smartwatch, we sat down with CEO and co-founder James Park to discuss the company’s path and what the future holds for Fitbit.

The state of Fitbit

Brian Heater: The flow of today’s briefing was different. In previous years, the company’s always led with hardware.

James Park: You noticed that it was pretty conscious, and I think it’s just to reinforce the fact that what we’re working on is not just about hardware anymore. But it’s equally important that the services component is an important part of our strategy, and also an important part of an overall solution, again, people healthier.

from Apple – TechCrunch https://ift.tt/30HAaVx