InterContinental confirms hotels affected by malware that steals card data

Why it matters to you

Hackers have hit yet another hotel chain so customers need to be vigilant about fraudulent transactions on their cards.

Malware struck the InterContinental Hotels Group (IHG) with 12 of its locations reporting a possible breach of payment card data from August to December, KrebsOnSecurityReports.

Servers for hotels in the U.S. were infected with malware that was trying to find track data from a card’s magnetic strip. This includes card numbers, names, expiration dates, and verification codes that had been gathered by the hotels’ restaurants and bars. Hotel front desk transactions were not affected.

The hotel group has not publicly stated if any data was in fact stolen and the number of breached cards has not been disclosed either. Customers can check this list for the details on when a hotel was infected and the time period involved. If you were a customer at one of the hotels, the company urges you to check for suspicious transactions and to contact authorities as necessary. The investigation is ongoing to see if more hotels have been affected.

More: 20 major hotels were hacked by malware, including some Marriott locations

“IHG has been working with the security firms to review IHG’s security measures, confirm that this issue has been remediated, and evaluate ways to enhance IHG’s security measures,” InterContinental said in a statement.

It added that it is working with law enforcement to investigate the breach and is in contact with banks to help make customers aware.

This isn’t the first time that InterContinental has been targeted by malicious actors. Hotels have become popular targets for hackers trying to steal payment card data given the volume of transactions that occur at hotels like InterContinental. In August, a hacker campaign dished out malware for Starwood, Marriott, and Hyatt hotels with malware allegedly scooping up payments data for over a year before it was detected.

Point-of-sale malware like this is regularly seen in the retail and hospitality sector like the infamous breaches at Target and Home Depot. The stolen data can be potentially sold on for a profit on illicit online marketplaces.

Apple iPhone 7S and 7S Plus rumors and news

The iPhone 7S may not be due out until later this year, but we are already hearing a number of rumors about Apple’s next flagships. The latest rumblings characterize the iPhone 7S and iPhone 7S Plus as the follow-ups to the iPhone 7 and iPhone 7 Plus, respectively. Rumors hint that these 7S models will be mid-range alternatives to a rumored top-of-the-line iPhone 8.

It’s unclear how the naming will work or if we will get three new iPhones instead of two. If you want to read about the rumored high-end OLED iPhone with a curved screen and other game-changing tech, check out our iPhone 8 news post.

More: iPhone 8 news and rumors

Here’s everything we know so far about the new iPhone 7S and 7S Plus models coming in September 2017.

Release date

We’ve long expected the iPhone 7s to show up at Apple’s normal mid-to-late September event, however, new reports suggest that perhaps we’ll see the device a little earlier. According to a research note from BlueFin research that was picked up by Barron’s, Apple is ramping up production of the next iPhone (which it refers to as the iPhone 8, but could instead be called the iPhone 7s) a little earlier than usual.

While the beginning of production is reportedly scheduled for June, which is a little earlier than usual, the report notes this doesn’t mean Apple will release the phone sooner.

Put down your pitchforks: Windows 10 Cloud may allow apps outside its Store

Late last week, a leaked build of Windows 10 Cloud appeared on a Russian file hosting service. Potential users could download and install the build using a valid Windows 10 key. This is a slightly controversial unannounced version of Windows 10 slated to arrive later this year to compete against Google’s Chrome OS platform installed on Chromebooks. Curious, we downloaded the ISO file and installed the build on a virtual machine to see what the fuss was all about.

For starters, this specific leaked build will install Windows 10 Starter, Windows 10 Cloud, Windows 10 Professional Single Language, Windows 10 Enterprise G, or Windows 10 Enterprise Eval. We obviously chose the Windows 10 Cloud option, which installed Build 15025.rs_prerelease.170127-1750. The build number located at the bottom-right corner of the screen listed the platform as Windows 10 Pro Insider Preview.

More: An early build of Windows 10 Cloud has leaked, proving the new OS is no myth

The big stink regarding recent reports about Windows 10 Cloud is that it locks users to the Windows Store. That means users supposedly can’t install traditional (Win32) desktop programs like they would on a typical Windows 10 desktop or laptop. The reason for this “lock down” is to protect customers and devices from potentially harmful programs.

“The app you’re trying to run isn’t designed for this version of Windows,” a warning popup states when trying to install a desktop program on Windows 10 Cloud. “This version of Windows was made to help protect you and your device by exclusively running Windows Store apps.”

Not as restrictive as it seems?

Indeed, when we tried to install Steam on the Windows 10 Cloud virtual machine, that’s the error we received. But before everyone starts gathering in front of Microsoft’s front door with pitchforks and torches, there’s a little detail previous reports neglected to mention: Windows 10 Cloud is not locked to the Windows Store.

Here’s why. The Settings app in this build of Windows 10 is a little different than what we see on current Anniversary Update machines. It now includes new “Apps” and “Games” subcategories, the former of which contains settings that were originally listed in the “System” subcategory: Apps and features, Default apps, Offline maps, and Apps for websites.

Thus, when users go into Settings > Apps > Apps & features, the first setting they will see defines where users can purchase apps. There are two settings: Allow apps from the Store only, and Allow apps from anywhere. Did you catch that? Windows 10 Cloud will allow users to install apps from outside the Windows Store.

In this specific build, the option to install apps from outside the Windows Store wouldn’t “stick,” meaning no matter how many times we selected this option, Windows 10 Cloud kept us locked to the Windows Store. This may only be a temporary thing as Microsoft works to implement non-Windows Store support into Windows 10 Cloud.

Another previous report suggested that Windows Store apps that were converted from desktop programs wouldn’t run on Windows 10 Cloud due to their “Win32” desktop-based roots. That’s not entirely accurate, although running converted apps could be problematic for now.

For example, EdgeTile is an app offered in the Windows Store that was converted using Microsoft’s Desktop App Converter tool. The app was downloaded and installed, but Windows 10 threw up the rejection window when trying to run it. However, the app ran nonetheless, so it’s quite possible that Win32 programs, whether in desktop mode or app mode, will cause Windows 10 Cloud to activate the warning.

Ultimately, it’s clear there’s still some question as to how exactly Microsoft is going to treat applications outside of the Store. The rumored lock to the Store makes a certain amount of business sense, but could also cause a lot of ill-will and confusion. The leaked build suggests that Windows 10 Cloud will operate not all that differently from MacOS. It already warns users against apps from “unidentified” developers, but users can bypass that and install what they want.

This looks familiar

Outside the whole app lockdown issue, this build of Windows 10 doesn’t look all that different than Anniversary Update machines. The context menu is still present when right-clicking on the Start Button — a bit strange,  given this version of Windows 10 aims to be “lightweight.” In fact, we had a hard time finding any significant missing pieces.

The only change we saw with the context menu is that the Control Panel link was replaced with the Settings app, the Command Prompt was renamed to Windows PowerShell, and the Programs and Features link was replaced by an Apps and Features link taking users to the Settings app.

Again, the Settings app is slightly different, with two new categories. As promised, Microsoft has added the “Gaming” section for tweaking the settings for the Game Bar, Game DVR, Broadcasting, and Game Mode. This latter option is switched off by default, and according to Microsoft, this feature “ensures you play your games with the best possible experience.” This is not a Windows 10 Cloud exclusive feature, but rather an upcoming addition for all versions of Windows.

As for the new Apps subcategory in the Settings app, here is what users will find:

Apps & features
Default apps
Offline maps
Apps for websites
Choose the app source
Set app defaults
Download maps
Associate specific apps with websites
Uninstall or move an app
Contact support
Offline map storage location
Contact support
Contact support
Provide feedback
Switch metered connection on or off
Provide feedback
Access the Programs and Features panel

Automatic map updates

Provide feedback

Contact support

Provide feedback

Additionally, the “System” subcategory includes a Shared Experiences section. The description states that users can “open apps on other devices, send messages between them, and invite others to use apps with me.” Users can also access the Control Panel by going through Cortana, or through the Programs and Features link inside the Settings app.

One other small feature we noticed was that File Explorer was removed from the Start Menu side bar. This may simply be a Creators Update thing, and eliminates an unnecessary shortcut given that Windows 10 already supplies one on the Task Bar.

Minor changes make sense

The bottom line here is that, based on this specific build, Windows 10 Cloud doesn’t look much different than Windows 10 Pro. That doesn’t mean it won’t change, of course. This is a leaked build, so there’s all manner of possible complications. Perhaps this is what Windows 10 Cloud will look like — or perhaps Microsoft will remove features later in development.

Having said that, we speculate the final version of Windows 10 Cloud won’t look all that different. Why? Developing an OS takes a lot of work, and Microsoft doesn’t make a lot of money from Windows 10 on consumer devices. We don’t think it’d make sense for the company to develop a substantially different version for low-cost systems. A slight re-arranging of what’s already in Windows 10 makes more sense, and that’s exactly what we see in this leaked copy of Windows 10 Cloud.

Ultimately, Windows 10 Cloud may be similar to Microsoft’s former Windows 8 with Bing program, which was a full version of Windows 8 that has Bing set as the default search engine. It was free for OEMs to install on their devices, and users could simply change the default setting if they wanted to use Google or Yahoo.

Still, the Win32 error popup is curious, and something we will have to watch over the coming months. Windows 10 Cloud is expected to arrive later this year, and will probably make an appearance during the company’s BUILD conference in May.

Best Battery Cases for Google Pixel

Keep your Pixel’s battery topped up with these battery cases.

The Google Pixel has been out for a while now, and you might be finding its 2,770mAh battery struggling to make it through a full day of usage without needing a charge.

Battery cases are one option to consider, if you’re alright with the added bulk. Unfortunately, there isn’t much diversity in style or price, as your main decision here is besides the brand name on the packaging. Popular charging case brands such as Mophie, Tylt and Incipio don’t yet have an option for the Pixel, so you’re left with slim options to choose from.

Regardless, let’s take a look.

BEAOK Google Pixel Battery Case

This BEAOK case offers 4,000mAh of juice to provide power your Pixel through a heavy usage day, providing more than a full recharge for your phone for an added 13 hours of web browsing. Installing is rather easy — simply slide your phone into the bottom half of the case then pop on the top and you’re good to go. Pressing the button on the back of the case will light up the LEDs on the front and indicate that your phone is being charged.

All the important features such as the fingerprint scanner and camera are accessible and protected while only adding less than half an inch of bulk to your phone. The only issue here is that charging times are not going to be as fast as with the quick charging adapter that comes with your phone. This case regularly sells for $100, but you can get it for $60 from Amazon.

See at Amazon

ALCLAP Portable Charger Case

This case also features a 4,000mAh lithium-ion battery to power your Pixel, with a look and feel that’s essentially identical to the BEAOK case. ALCLAP offers dual charging capabilities, meaning you’ll be able to plug your case in at night and wake up to a full battery on your phone and the case.

Simply press the button on the back of the case to start the charging and you’ll get many hours of extra usage from your phone when you’d otherwise be stuck plugging into a wall. This case also adds about a half-inch of bulk, but will also keep your phone protected from drops, and also accommodates a screen protector for full protection. This case regularly sells for $100 but you can get it for $60 from Amazon.

See at Amazon

ICONic Pixel Battery Case

Another battery case, another nearly identical design and functionality. This case also features a 4,000mAh lithium-ion battery that will boost your pixel or charge up to 80% according to the manufacturer, which is not as much as claimed by the other cases on this list.

In terms of style, it’s nearly identical to every other case on this list, with 0.42 inches of thickness, clear access provided to the fingerprint scanner, and decent protection offered to the phone itself.

This case regularly sells for $80, but you can get it for $60 from amazon.

See at Amazon

iAlegant Google Pixel Charger Case

Last but certainly not least — because it’s pretty much identical to the other cases on this list — is this charging case from iAlegant. It, too, provides a 4,000mAh lithium-ion battery while also providing good protection for your phone from physical damage along with short circuit and overcharge protection. There’s also pass-through syncing so you’ll be able to plug the case into your computer and your phone will be connected.

This case is regularly priced at $90, but is available on Amazon for $60.

See at Amazon

Google Pixel + Pixel XL

• Google Pixel and Pixel XL review
• Google Pixel XL review: A U.S. perspective
• Google Pixel FAQ: Should you upgrade?
• Pixel + Pixel XL specs
• Understanding Android 7.1 Nougat
• Join the discussion in the forums!

Google Store
Verizon

All about Android’s new, safer way of logging into apps

Android can now read 2FA codes over NFC and Bluetooth.

Google added support for wireless U2F cards in a developer version of Google Authenticator back in December. There was an unofficial demo at the Github website that showed how it would work (but it didn’t actually work) and the folks at Fidesmo, a company that sells U2F cards, found the APIs buried in the Google Authenticator app. We knew that something would be happening and we just needed to wait for it.

The authentication itself is done in the Google Authenticator app so it’s easier on developers who want to use the feature.

Well, such support has now been expanded, and you can use a wireless security key as a two-factor token when you add your Google account to a phone and U2F works in the Chrome browser independently even without the Google Authenticator app installed. This is a pretty cool thing!

And the way Google is handling it all is pretty cool, too, especially for developers. Rather than have a set of APIs that developers need to use to let users log into their apps and services with a wireless key, the routine is an intent built into the Google Authenticator app. All a developer needs to do is ask for the two-factor token and the Android system takes care of the rest. That means there is no waiting for developers to support anything and it will just work. It doesn’t look like the APIs to use the wireless signal for authentication have been opened up for other developers just yet, but we hope that’s in the works so apps like Authy will be able to support the feature, too.

What are you talking about?

These. A U2F key is a USB device that can be used as an authentication token. The name stands for Universal Two Factor because it’s a standard that anyone making the keys and anyone making a thing that can use them to authenticate is able to incorporate so everything works everywhere. They are a secondary authentication method for people who use two-factor authentication on their accounts.

Read: Two-factor authentication: What you need to know

You should already have two-factor authentication set up on accounts that have the option. It’s the easiest way to make sure that someone can’t get in and use services in your name without your password and another thing that proves they are you, like a time-sensitive code sent to an app on your phone. A lot of services use two-factor authentication, and setting it up on your accounts will be slightly different for each service. But in the end, it means that when you want to login to something the first time from a new place or a new phone or computer, you need to provide something in addition to your password.

How to set up two-factor authentication on your Google account

Using a security key can be your main way to authenticate, but even if you would rather use an app or SMS it makes for a great backup in case you lose your phone and need to log in on a computer you’ve never used to change your password. Adding a security key to a Google account that uses two-factor authentication is easy.

Adding a USB security key to your Google account is easy — and here’s how to do it

Once you have added a security key to your account, it works on Android as long as it is NFC or Bluetooth capable. We’re not sure if there are any plans to enable U2F over the USB port, but at the time this was written that didn’t seem to be supported. There are several different manufacturers of USB security keys that have a wireless option and they all should work the same as long as they use the U2F standard. The one we like and recommend is the YubiKey NEO.

It works as described here with U2F for your accounts, and it can also support OTP (One Time Password) for services that use it, like LastPass. And you can support both U2F and OTP at the same time by using a utility from YubiKey and these instructions.

See the YubiKey NEO at Amazon

Using an NFC or Bluetooth security key as your sole 2FA device on Android isn’t recommended. It can be done, but there is no reason to not use authenticator tokens through an app, too. But it is a secondary way to have access to all of your 2FA protected accounts and it looks like it’s going to be well supported on Android going forward.

How to setup and use Kodi on your Android device

Getting Kodi set up on Android might take some time initially, but it’s worth it in the long run.

Kodi is a powerful open source media center, which is available across a multitude of operating systems, but its rise to prominence is mostly thanks to its Android version. This is due to the rise in popularity of Kodi boxes — essentially cheap Android TV boxes sold with the Kodi app pre-installed. This has garnered Kodi a lot of press and attention lately, because its open source add-on feature can be used for media piracy purposes.

But it’s an unfair situation because the piracy add-ons are unofficial, unsupported, and the Kodi box industry is unwelcome, according to the Kodi developers. The base app is perfectly legal, and what you do get is one of the best experiences for organizing and streaming media onto any device — even your phone. Bring your own content like you would with Plex — or even link to your Plex server within Kodi if you’ve already got one set up.

It’s entirely customizable, so let’s walk you through the basic setup.

Kodi is optimized for Android

Previously, when you downloaded Kodi on your Android device, you would be required to go into the Appearance setting and swap over to a more touchscreen-friendly skin. With the latest update for Android, the developers have swapped over to a much more user-friendly skin by default, so you’ll be able to just load it up and go.

Download Kodi from the Google Play Store

Once you’ve loaded Kodi up, you’ll find the navigation menu on the lefthand side with categories for Movies, TV Shows, Music, Pictures, Add-ons, and more.

Importing your media files

With Kodi, you can keep all your media organized and accessible in one place — from pictures and music to videos, sorted by movies and TV shows. It’s quick and easy to import your media into Kodi and simply a matter of setting a source for the media from your phone’s internal storage or a microSD card if your phone supports expandable storage.

Tap the type of media you wish to add. We’ll use Pictures for this example.

Tap Add pictures….

Tap Browse.
Find the folder containing the media you wish to add then tap OK.

Now when you tap the category from the main screen, you’ll find your source available with all your photos, music, or videos organized. If you’ve ripped your favorite TV box sets onto your computer and transferred them to a microSD card, they will be organized by season within Kodi.

Diving into Add-ons

Beyond your own media, you can also install a variety of handy add-ons from the built-in add-on browser or by adding them from remote add-on repositories. For now, we’ll look at what’s available from right within Kodi.

When you tap the Add-ons menu from the main menu of Kodi, you may find that all your Android apps have been automatically linked and displayed within Kodi. While it’s somewhat convenient to be able to jump right into another app from within Kodi, I’ve found it to be somewhat buggy and it’s caused Kodi to crash on more than one occasion.

You want to get to the add-on menu with all the different add-on types listed along the left side of the screen. There you’ll be able to tap the button to browse through the available add-ons.

You can find video add-ons for over 100 different TV channels’ online streaming catalogues and media sharing websites such as YouTube and Reddit, along with many international options. To install an add-on and see what it has to offer, simply select it and tap Install.

Along with the add-ons found within the included Add-ons browser, you can go into the add-on settings and install from an online repository. Since those are often hosting add-ons that promote piracy, you’re on your own if you choose to go that route.

The Chromecast workaround

Watching Kodi on a tablet or phone when you’re on the go is alright, but the best part is the way you can switch over to your Chromecast-enabled TV when you get home. Kodi doesn’t support Chromecast directly, but you can cast your phone’s screen to the TV.

It’s a pretty good workaround if you’ve got an older Android phone or tablet sitting around collecting dust. If it also happens to feature a microSD slot, it’ll be that much easier to load it full of your favorite media. I used a secondary phone for my bedroom TV, which allowed me to cast my favorite shows to the Chromecast while keeping the full touch controls over everything right on hand.

It did take some tweaking, including going into the audio settings and adjusting the volume and audio offset, but once it was set up, it was pretty great. The updated layout that’s been optimized for touchscreen controls only makes things easier to navigate

Of course, there’s nothing stopping you from [adding Kodi to an NVIDIA Shield] or downloading Kodi for your PC or Mac and streaming your content that way from home. Simply put, Kodi gives you all the customization tools for Android to make it fit into TV setups around your home.

Questions?

Let me know in the comments below!

PiQ puts AI to work in the ‘world’s first’ smart ski

Baseball bats and tennis rackets aren’t the only pieces of sports equipment that are getting smarter these days. Ski maker Rossignol and consumer electronics company PIQ announced on Monday that they have created the world’s first “connected” ski. Behold, the Hero Master.

This prototype ski integrates a PIQ nano-computer and LED readout in front of the bindings. The computer is running PIQ’s GAIA AI system, which autonomously collects and analyzes a swath of performance metrics. The system tracks everything from speed and turn angle to G-forces and lateral momentum. The AI system then analyzes this data, down to “microscopic variations in skiing movements” according to the company’s press release, and displays it on the ski’s LED screen. This presumably gives the skier immediate, actionable feedback which they can use to improve their technique. Unfortunately, the Hero Master is currently a one-off prototype and there are no immediate plans to put it into production.

Google project turns your daily routine into custom clothing

Most fashion isn’t truly personal unless you design it yourself, and most people aren’t about to fire up a sewing machine to make that happen. However, you might only need your phone to get a custom look in the future. Google and H&M’s Ivyrevel label are working on a Coded Couture app that uses Android’s passive sensing abilities (the Awareness API) to design a dress around your activities. Grant the app permission and it’ll generate business, gala and party dresses based on your favorite places, your fitness routine and even the typical weather — in a sense, you really are wearing your heart on your sleeve. The only requirement is that you keep your phone with you.

And this isn’t just an experiment. The “Coded Couture” app is in closed alpha testing right now, but you can sign up for a shot at a pre-release trial ahead of a public launch sometime in the fall. There’s no word on how much a typical dress will cost, or whether or not other apparel is coming (custom shirts, please!), but it might be worth a small premium to have a truly one-of-a-kind outfit.

Source: Android Developers Blog

Google Maps now offers easy access to important info

Google Maps’ Marcus Lowe has announced a tweak to the service that makes it significantly more useful for Android users. Nestled at the bottom of the home screen will be a new section containing real-time information for busy travelers. Simply swipe up and you’ll be presented with three tabs offering data that’ll ensure you never need to consult a third-party app again. At least, that’s Google’s plan.

The three tabs are labeled Places, Driving and Transit, the former connecting you to a curated list of nearby eateries grouped under various lists like “cheap eats” or “business dining.” Driving, unsurprisingly, will calculate your route home as well as any potential delays on your journey. Finally, transit will provide ETAs for the next public transport service to get you home or direct you to a local bus or train station. None of this is new, of course, but further bundling them into the Maps app ensures that you’ll have even less reason to use a third-party alternative.

Source: Google

Korean watchdog backs Samsung’s findings on faulty Note 7 batteries

Although Samsung has already revealed what caused its Note 7 smartphones to catch fire, an independent government firm is now confirming the tech giant’s findings. The Korean Agency for Technology and Standards, which analyzes and enforces product safety, corroborated that Samsung’s flagship device burst into flames because of two distinct battery flaws. One overheating issue was a result of small external casings putting too much pressure on the batteries, while the other happened due to the lack of insulation tape around the battery’s structure.

The safety agency didn’t announce any penalties for Samsung, presumably because the company was honest about its own research on the matter. It’s rumored that Samsung will be switching to LG-made batteries for future devices, so it’ll be interesting to see if that’s the case for the upcoming Galaxy S8.

Source: The Wall Street Journal