Skip to content

Archive for

23
Dec

These are the smartwatches that will get updated to Android Wear 2.0


moto-360-2015-pair.jpg?itok=7w9xUuY8

Will my smartwatch get Android Wear 2.0?

Now that we know Google will debut two new Android Wear-based smartwatches in early 2017, we also know which existing products will be updated to the new version.

Android Wear smartwatches that will be updated to AW 2.0

  • Huawei Watch
  • Huawei Watch for ladies
  • Moto 360 (2015)
  • Moto 360 Sport
  • LG Watch Urbane 2nd Edition LTE
  • LG Watch Urbane
  • LG G Watch R
  • Polar M600
  • Casio Smart Outdoor Watch
  • Nixon Mission
  • Tag Heuer Connected
  • Asus ZenWatch 2
  • Asus ZenWatch 3
  • Fossil Q Wander
  • Fossil Q Marshal
  • Fossil Q Founder
  • Michael Kors Access Bradshaw Smartwatch
  • Michael Kors Access Dylan Smartwatch

That leaves out much of the original generation of 2014 Android Wear devices, namely the Moto 360, LG G Watch, Samsung Gear Live and Asus ZenWatch. It’s been a good ride, but we can look forward to bigger and better things with Android Wear 2.0.

More: Google’s two “Nexus” smartwatches will debut early next year

23
Dec

Barnes & Noble removes malware from $50 Nook tablet, but you still shouldn’t buy it


50-dollar-nook.jpg?itok=xDhMg25p

The update may remove the part where your data goes back to China, but everything else is bad and unchanged.

About that $50 Barnes & Noble tablet. You might have heard that researchers working with Linux Journal found that the BNTV450 shipped from the factory with the same malware that phones from Blu and other companies that use a MediaTek processor had. It’s called ADUPS and it was configured to literally harvest your personal data and send it back to a server in China.

Sometimes, data really does get sent back to China. This was one of those times.

Anyway, there’s an update in the wild that “fixes” things. At least this one thing. Maybe.

The update brings a new version of ADUPS to the tablet. Supposedly, the “bad stuff” the ADUPS malware does is no longer present in versions newer than 5.5. The shipping version — 5.2.0.2.002 — was filled with data stealing goodness, but the version in the update file we received last night is 6.0. The worst part is that most of us can’t check for this ourselves, as the ADUPS application needs to be completely decompiled to see the version number in the app manifest. To make a long story short, unless the folks behind ADUPS are doing something else that’s shady, the update from B&N squares the malware issue away.

The “Maybe” part? Plenty of people consider any device with any version of the ADUPS software to be compromised and not fit for storing your personal information on. Personally, I’m with them but it’s your $50.

But there are plenty of reasons to still not buy this tablet. Beginning with the fact that it’s still 100% vulnerable to CVE-2015-6616. In human language, that means the Stagefright exploit. The Android version (6.0 in this case) should be at least partially patched, but there are security updates for the processor which have not been applied.

Don’t buy this tablet. I’m telling you to not buy this tablet and our own Modern Dad looked at this one so you didn’t have to.

Here’s what he has to say about the update:

So it had malware in the program that serves ads. An update is removing the malware from the program that serves the ads. It’s still not worth $50. Suck it up and buy an iPad or a Kindle Fire HD.

You know what tablet doesn’t have malware, performs way better, and also costs $50? The Amazon Fire Tablet 7.

See at Amazon

23
Dec

Russian Hackers used Android malware to track Ukrainian artillery


More proof that you need to be extra careful downloading apps online.

Android software is everywhere these days, even finding use on modern battlefields. And just like the apps on your smartphone, downloading potentially compromised .APKs from unofficial sources can lead to unforeseen consequences.

Android-security-bulletin.jpg?itok=HZJoV

A new report from American cybersecurity technology company CrowdStrike found that a hacker group known as Fancy Bear embedded a malware implant known as X-Agent into an Android app used by the Ukranian military. The group is thought to have ties to Russian authorities who supported rebel forces in Ukraine, and had previously been linked to the DNC email leaks in another report published by CrowdStrike.

From the CrowdStrike blog:

Late in the summer of 2016, CrowdStrike Intelligence analysts began investigating a curious Android Package (APK) named ‘Попр-Д30.apk’ (MD5: 6f7523d3019fa190499f327211e01fcb) which contained a number of Russian language artifacts that were military in nature. Initial research identified that the filename suggested a relationship to the D-30 122mm towed howitzer, an artillery weapon first manufactured in the Soviet Union in the 1960s but still in use today. In-depth reverse engineering revealed the APK contained an Android variant of X-Agent, the command and control protocol was closely linked to observed Windows variants of X-Agent, and utilized a cryptographic algorithm called RC4 with a very similar 50 byte base key.

The filename ‘Попр-Д30.apk’ was linked to a legitimate application which was initially developed domestically within Ukraine by an officer of the 55th Artillery Brigade named Yaroslav Sherstuk. In media interviews Mr. Sherstuk claims that the application, which had some 9000 users, reduced the time to fire the D-30 from minutes to seconds. No evidence of the application has been observed on the Android app store, making it unlikely that the app was distributed via that platform.

The report goes on to say that if the X-Agent malware was successfully deployed within the application, it would have allowed for accurate reconnaissance for rebel troops on the location of Ukrainian artillery positions. CrowdStrike found through open source reporting that “Ukrainian artillery forces have lost over 50% of their weapons in the 2 years of conflict and over 80% of D-30 howitzers, the highest percentage of loss of any other artillery pieces in Ukraine’s arsenal.” You can read the full report from CrowdStrike here.

This case is obviously a fairly extreme example of the damage hacked apps can do, but let this serve as a stern reminder to all of us about just how easy it can be to download malicious Android apps from the internet.

23
Dec

Pokemon Go for Apple Watch now out, lets you play from your wrist


You can now catch ’em all from your wrist. Sort of.

Developer Niantic has finally launched the Apple Watch version of Pokemon Go, three months after unveiling the edition during an Apple event. Keep in mind this isn’t the full game. Instead, it complements the mobile version, allowing you to do certain things without having to touch your phone. You won’t actually be able to catch Pokemon, but you can collect items at Pokestops.

You can also find nearby Pokemon, as the watch app will serve up notifications. You’ll also receive notifications on your wrist when eggs hatch and medals are awarded, and you’ll be able to count distance toward hatching Pokemon eggs and receiving candy. The entire experience is focused on fitness, too, since Apple Watch is positioned as a fitness device just as much as it is a smartwatch.

Niantic is letting users log each play session as a workout, for instance. Check out Pocket-lint’s guide on Pokemon Go for Apple Watch to learn more about the game, including how to play and why it’s perfect for the wrist. 

Pokemon Go for Apple Watch is bundled with the latest update – version 1.21.2, which is rolling out on the App Store – to Pokemon Go app for iPhone and iPad. 

  • Apple will release iOS 10 update for iPhones and iPads on 13 September
  • Apple made these wireless AirPods and Lightning EarPods for iPhone 7
  • Apple Watch Nike Plus is designed to be your perfect running partner
  • Finally! Apple shows off new Apple Watch Series 2 models
  • Apple iPhone 7 and 7 Plus are official
  • How to watch iPhone 7 and 7 Plus launch
  • Mario coming to iOS with Super Mario Run
  • Pokemon Go is coming to Apple Watch by end of 2016
  • Super Mario Run for iPhone: How to play and when can you get it?
23
Dec

‘Pokémon Go’ is available right now on the Apple Watch


Pokémon Go has made its way to the Apple Watch, enabling trainers to receive notifications right on their wrists about nearby Pokémon, PokéStops, eggs and medals. Players are even able to collect goodies from PokéStops directly via the Apple Watch. This latest version of Pokémon Go also lets users log each gameplay session as a workout that counts toward their Apple Watch Activity rings, and it displays the distance traveled toward hatching an egg and receiving Candy for Buddy Pokémon.

One thing the Pokémon Go Apple Watch app can’t do is actually catch Pokémon. The Apple Watch activates if there’s a Pokémon nearby, but players need to pull out their iPhones to actually capture the creatures.

Niantic revealed the Apple Watch version of Pokémon Go back in September. That’s before the Pokémon Go Plus bracelet came out — it’s the $35 wearable that functions like a low-tech version of the Apple Watch app, alerting players when they’re near Pokémon and allowing them to collect items from PokéStops. The Plus accessory does have one advantage over the Apple Watch: It lets players attempt to catch Pokémon directly from the bracelet, though the device doesn’t say which type or level the creature is and you’re only given one shot with a standard Poké Ball.

Niantic recently added new Pokémon from the Gold and Silver games to Pokémon Go, plus it threw in a Santa-hat-wearing Pikachu that’s only available to find and catch through December 29th.

23
Dec

A French town just installed the world’s first ‘solar road’


The tiny town of Tourouvre-au-Perche in Normandy, France no longer has to worry about how it will power its street lights. The Sun will handle that.

FRANCE-ENERGY/

French Ecology Minister Ségolène Royal (above) officially opened the kilometer-long road on Wednesday. It took five years to develop and cost $5.2 million to produce and install the 30,000 square feet of solar panels. They’re coated with a clear silicon resin that enables them to withstand the impact of passing traffic.

Being the first of its kind, the panels are still prohibitively expensive to produce en masse (they’re also less efficient than conventional panels because they’re laid flat rather than angled). But should Colas, the road’s manufacturer, figure out how to get costs down and efficiency up, France may install them along another 1,000 kilometers of its roads.

Source: The Guardian

23
Dec

Congress claims Snowden has been in contact with Russian intelligence


Edward Snowden, the NSA contractor who released a trove of confidential documents detailing the massive scope of US surveillance programs, has been accused by Congress of giving information to Russian intelligence agencies. A new report from the US House of Representatives Permanent Select Committee on Intelligence (HPSCI) claims that Snowden “has had, and continues to have, contact with Russian intelligence services” since seeking asylum in Russia in 2013. The 33-page report, which was just declassified today, contains a section called “foreign influence” in which the deputy chairman of the Russian parliament’s defense and security committee claims that “Snowden did share intelligence” with the Russian government.

That section of the document (along with many others) is heavily redacted, so it’s hard to know the substance of these claims. It’s logical that a high-profile asylum seeker would be in touch with Russian officials, but the nature of that relationship is unclear. And given the recent claims from the US government intelligence that Russia was being the DNC hacks and possibly influenced the outcome of this year’s presidential election, Snowden seems like a natural target.

Naturally, Snowden has denied much of the content of today’s report. “Unsurprising that HPSCI’s report is rifled with obvious falsehoods,” he said on Twitter. “After three years of investigation and millions of dollars, they can present no evidence of harmful intent, foreign influence, or harm.” Specifically regarding his potential collaboration with Russian intelligence, he said that “an indicator of HPSCI’s slant is the knowing omission of my strident, well-documented criticisms of Russian policy. Despite this, they claim without evidence I’m in cahoots with Russian intel.”

Despite this, they claim without evidence I’m in cahoots with Russian intel. Everyone knows this is false, but let’s examine their basis:

— Edward Snowden (@Snowden) December 22, 2016

The report goes far beyond just detailing Snowden’s potential ties to Russian intelligence. At a high level, it claims that many of the documents Snowden stole do not pertain to to programs that impact civil liberties; most of them instead detail military, defense and intelligence programs that don’t affect the public. The report also definitively states Snowden is not a whistleblower (because he didn’t use the standard channels for communicating his concerns and that he “was, and remains, a serial exaggerator and fabricator.”

To that, Snowden says: “bottom line: this report’s core claims are made without evidence, and are often contrary to both common sense and the public record.” Of course, the government will make its claims and Snowden will mount his defense, but without further proof from either side, it comes down to who you trust more.

Via: CNN

Source: US House of Representatives

23
Dec

Faraday Future could be out of business by February


Last we heard, Faraday Future was going through a rough patch in regards to building its manufacturing facility in Nevada. Now, it appears the electric vehicle company’s troubles are worse than anticipated. The key theme, across report from Buzzfeed News, Jalopnik and The Verge is money. Specifically, a lack thereof. Faraday has a heap of unpaid bills, lawsuits from vendors and a landlord in addition to losing senior employees. Owed cash is in the hundreds of millions, and it looks like if the company can’t secure more funding after CES next month, Faraday Future will be done for by February.

CES is where the company is expected to finally show off its production vehicle. One of Buzzfeed News’ sources says that the company hopes to show off five prototypes, while others say that showing off a “fully polished, driving production vehicle” would be a challenge.

Then there’s the ambiguous link between Faraday Future and Chinese tech juggernaut LeEco. Technically they’re two separate companies, both producing EVs. LeEco is Faraday future’s beleaguered principal backer, and is owned by Jia Yueting. Faraday employees were pulled off their own project to design LeEco’s first car, according to Jalopnik. And to add insult to injury, Faraday workers say that their company was never paid for that work.

One former employee described Faraday’s relationship with Yueting as “indentured servitude” to The Verge.

More than that, it appears that Faraday doesn’t own its intellectual property. Instead, the IP is owned by FF Cayman Global and is based out of the Cayman Islands — something that apparently makes it very difficult to court new money. “If you’re an investor, you’re fucked,” a former executive told The Verge. Another former employee disagreed, saying that the deal was instead bad for suppliers who are out millions of dollars in unpaid invoices.

Regardless of how all this all shakes out, next month in Las Vegas may very well be the make or break point for the company. But even if it successfully courts investors, how long before that cash dries up? Given the apparent mismanagement of funds to date, probably not long. We’ve reached out to Faraday for more information and will update this post should it arrive.

Update: Faraday has responded to our request for comment, saying, “Regarding you question on finances, as a private company, we do not comment on financial matters.”

Source: The Verge, Buzzfeed News, Jalopnik

23
Dec

Android Wear 2.0 will launch on a pair of flagship smartwatches


The market for smartwatches is drying up, but Google seems intent on shaking it up. We already knew that Android Wear 2.0 would arrive in early 2017, but Android Wear product manager Jeff Chang recently confirmed to The Verge that the updated platform would launch on two new, flagship smartwatches. Make no mistake, though: these aren’t Google watches, strictly speaking. While the search giant will no doubt promote them like crazy, Chang noted in the interview that the watches will bear the brand of their manufacturer rather than Google.

In other words, Pixel watches these ain’t.

Chang apparently referred to the deal Google has with this mystery manufacturer as akin to the long-running Nexus program, in which Google provided the software for hardware makers who could build the kind of phone Google desired. Chang’s characterization is curious, though, because Google has more-or-less backed away from the Nexus program with the launch of its Pixel phones, devices that Google developed entirely on its own. To date, the company’s bet seems to have paid off: the Pixels have enjoyed strong critical acclaim, and not even Google could correctly gauge demand for the devices, leading to delayed delivery of pre-ordered phones. Hell, check out the Google Store right now: at time of writing, at least one version of the Pixel XL is still sold out.

It’s not hard to jump to the conclusion that a Google-branded smartwatch could have done well, if maybe not to the same extent. Rumors of in-house Google smartwatches have been swirling for months now, too, so what gives? While some (including your author) hoped Google would lead the Android Wear 2.0 charged with some watches of its own, it makes complete sense that Google decided not to.

For one, it minimizes the reputational risk that comes with a potential failure. Think about it: people don’t seem to want smartwatches as much as they used to, and a big whiff on Google’s part could shake perceptions that smartwatches are worth the hassle. That’s no bueno for a company with a vested interest in spreading Android Wear far and wide. With that said, it also makes sense that Google would on some level want to give the actual manufacturer of the smartwatch the attention. With any luck, that attention drives sales, which spurs competition, which ultimately makes Android Wear a more palatable platform for everyone involved. A pair of Pixel watches might still be in the offing, but the timing doesn’t seem right yet. Better the rising tide of Android Wear 2.0 lift the sales of all manufacturers, rather than just directly benefit Google.

Oh, by the way: Chang let slip other juicy details, like that these two watches would be the first of many in 2017, Android Pay would be enabled on all of them and that those mobile payments would work with iOS devices. That last bit could be big for Google as it continues trying to prove Android Wear’s value — smartwatches from Apple and Samsung already have elegant, built-in payment solutions. In other words, the two major companies still trying to make smartwatches a thing are enjoying a healthy lead, while Google works to enable support across the many watches to come.

Source: The Verge

23
Dec

Obama dismantles registry used to track Muslims and Arabs


The Obama administration is formally tearing apart a national registry which was used to keep tabs on visitors from countries with terrorist groups, the Department of Homeland Security announced today. The National Security Entry-Exit Registration System (Nseers) was developed after 9/11 and was widely criticized as a way to unjustly track of Muslims and Arabs in the US. It was, in many ways, a relic of the former Bush administration’s “War on Terror.” The DHS stopped using the NSEERS registry in 2011 because it was “redundant, inefficient and provided no increase in security,” DHS spokesperson Neema Hakin told the New York Times.

With today’s announcement, the Obama administration is making sure that Donald Trump won’t be able to use the existing program as the basis for his so-called “Muslim registry.” That won’t stop Trump’s ambitions entirely, but it’ll make his anti-immigration promises much harder to fulfill. Over 80,000 people from 25 countries were pushed onto the NSEERS program, which required them to be fingerprinted, photographed and forced to attend periodic DHS interviews.

The news comes after tech workers from the likes of Google and Microsoft pledged that they would never build a Muslim registry for Trump. Yesterday, we also learned that Palantir, a data mining firm co-founded by Trump’s lone tech adviser Peter Thiel, is also helping the US Customs and Border Protection agency to track illegal immigrants (with a bit of help from NSEERS).

“Since the implementation of NSEERS in 2002, DHS has increasingly moved away from the NSEERS model and instead focused on a targeted, intelligence-driven border security model that identifies current and emerging threats in real time,” the DHS wrote in a memo today. “For these reasons, DHS has concluded that NSEERS is obsolete and inefficient; that its implementation would be counterproductive to the Department’s comprehensive security measures; and that the regulatory authority for NSEERS should thus be rescinded.”

Source: New York Times, DHS

« Older Entries
Newer Entries »