The $400 Android phone showdown!
Today’s flagship smartphones are so bombastic and feature-packed, it’s easy to forget that many cost upwards of $700. As I was recently reminded when a certain company announced pricing for a certain device I was planning to buy, that’s an awful lot of money. In 2016, you can get a lot of smartphone for less than half that – and the proof has been sitting in MrMobile’s studio for several months.
Join me as I take today’s top $400 Android smartphones for a test drive! From the strange innovation of Alcatel’s IDOL 4S to the build quality of ZTE’s Axon 7 to the sheer beauty of Huawei’s Honor 8, we’ll see what each phone brings to the table … and where each falls short. You may come away with some new additions to your holiday shopping list, or at least a revived appreciation for your $700 flagship.
Get social with MrMobile
- YouTube
- Le web
- Snapchat
Salesforce CEO says no to Twitter bid
It’s official. Salesforce CEO Marc Benioff told Financial Times that it will not be bidding on Twitter. On news that the CRM company was pulling out of the running, the social network’s stocks tumbled six percent.
During an Interview with FT, Benioff said, “in this case we’ve walked away. It wasn’t the right fit for us.” Salesforce was the last big name in the running to bid on Twitter. Google and Disney had already removed themselves from potentially buying the company.
Earlier this month Reuters reported that Twitter was pushing to have a sale decision by October 27th. An incredibly aggressive plan for any company, especially one that’s seen user growth nearly flatline and struggles to make a profit. Meanwhile, not everyone inside the blue bird is happy about a potential sale.
Internally, there’s a split over staying independent versus seeking a new owner. According to Bloomberg, CEO Jack Dorsey prefers for Twitter to keep plugging along on its own. Meanwhile co-founder and board member Ev Williams believes an acquisition would be ideal.
We have reached out to Twitter for comment on Benioff’s statements. It had not replied to our query as of the publication of this article.
Source: Financial Times
Yahoo revived email forwarding so you can finally leave
After Yahoo disabled automatic mail forwarding earlier this week, the internet company has flipped the feature back on for all users. The company told Engadget that the move was part of “previously planned maintenance to improve its functionality between a user’s various accounts” when it was turned off on Monday. In a blog post announcing the feature had returned, Yahoo apologized for the interruption users experienced over the last few days.
The company also recommends users connect any Yahoo accounts directly to their email client or provider of choice rather than relying on automatic forwarding to keep everything in one place. It also offered a reminder that it has multiple mailbox support for those who might be interested.
The last few weeks have been rough on the former internet giant. In September, Yahoo confirmed a 2014 security breach that affected 500 million users two months after Verizon announced a deal to buy the company. According to reports this week, that deal may very well be in jeopardy. Reports also surfaced this month that Yahoo gave the US government access to all of its users’ incoming email last year, allowing authorities to scan “hundreds of millions” accounts in compliance with a classified request. Even though the company says disabling forwarding as part of previously scheduled upgrades, the timing certainly seems interesting.
Source: Yahoo
White House encourages local governments to embrace chatbots
The Obama Administration receives thousands of emails, phone calls and letters every day. And, since August, American citizens have been able to contact the president through Facebook as well, thanks the the White House’s Messenger bot. Now, the administration is going a step forward and releasing the bot’s source code onto the internet for anyone to use.
This is done “with the hope that other governments and developers can build similar services…with significantly less upfront investment,” according to the White House Blog. Anyone who’s familiar with the Drupal 8 coding language will be able to take the administration’s boilerplate code and easily launch a bot of their own. Hopefully this will spur state and local governments to create their own Messenger bots and become just that little bit more accessible to the people that put them in office.
Source: WhiteHouse.gov
Germany urges Tesla owners to use extreme caution with Autopilot
Tesla’s “Autopilot” feature (a driver assistance tool rather than something that truly lets the car drive itself) has come under fire in recent months. Earlier this year, a car using Autopilot was involved in a fatal accident, causing a host of investigations into the safety of Tesla’s feature. Among the institutions concerned with the feature is the country of Germany — last week, Germany’s transportation ministry said the Model S Autopilot was a “considerable traffic hazard.” Now, Reuters reports that the country is reaching out directly to Tesla drivers, asking them to use caution.
The letter sent out reminds owners that Autopilot is strictly a driver assistance feature and still requires the driver’s full, undivided attention. That’s how Tesla says it describes the feature, but there’s concern that drivers aren’t staying completely alert while using Autopilot.
The fatal crash, which took place in May, isn’t the only Autopilot-related incident — a second, non-fatal accident took place in July, but it’s not clear yet that Autopilot was at fault. Another crash took place in China in August, and the cumulative effect of these incidents has led to questioning on how exactly the company messages Autopilot to its customers. Indeed, the name itself makes it sound as if the car can drive itself — but that is definitively not the case.
Source: Reuters
Samsung introduces a gilded, more powerful Galaxy TabPro S
While your smartphone is headed back to meet its maker, Samsung is rolling out a flashier Gold Edition of its already svelte Galaxy TabPro S tablet. It’s been less than a year since the PC replacement debuted, and Samsung is already jumping on the gold finish trend and bumping up the specs with 8GB of RAM, a 256GB solid state hard drive and a battery that should be good for 10.5 hours of video playback.
Aside from the RAM boost and that gold finish on the magnesium alloy body, there’s not much else new here. You’re still getting the same 12-inch Super AMOLED Full HD display, a 2.2 Ghz Intel M3 processor, and five-megapixel front- and rear-facing cameras as the earlier model. The Gold Edition TabPro S still clocks in at an airy 1.53 pounds without the keyboard, and you still get one USB-A for peripherals and one USB-C port for charging. There is one other difference though: the whole package will set you back a cool $999.99 when it goes on sale at Best Buy and Samsung.com today. On the other hand, if you’re not a fan of the gold look — or can get by with half the RAM and half the storage — the earlier model is currently going for $799.99 on Samsung’s site.
Source: Samsung News
US bans Samsung Galaxy Note 7 on all flights
In the wake of Samsung’s global recall of the Galaxy Note 7, the US has now banned the device on all aircraft, even if they’re turned off. Previously, the Federal Aviation Administration (FAA) only issued a warning to have passengers keep the phones powered down during flights. But now, Bloomberg reports, you can’t bring it on the plane at all. This follows recent news that Samsung has ended the production and sales of the Note 7 entirely due to smoke and fire incidents, which happened even to replacement handsets. It’s not entirely clear when the phone would be taken away from you — whether it’d be during the security screening or when you’re onboard the plane — but if you haven’t already returned it, you should at least do so before your next flight.
Update: The Department of Transportation has issued a statement regarding the ban, clarifying that the ban is effective this Saturday, October 15, 2016, at noon ET. As reported, the Galaxy Note 7 is not allowed on their person, in carry-on or in checked baggage, or even shipped as air cargo.
“We recognize that banning these phones from airlines will inconvenience some passengers, but the safety of all those aboard an aircraft must take priority,” said Transportation Secretary Anthony Foxx in the statement. “We are taking this additional step because even one fire incident inflight poses a high risk of severe personal injury and puts many lives at risk.”
Update 2: Samsung has released a statement of its own:
“Samsung, together with carriers, is working to communicate the U.S. Department of Transportation’s new order to ban all Galaxy Note7 devices in carry-on and checked baggage on flights. We have encouraged airlines to issue similar communications directly to their passengers. Any Galaxy Note7 owner should visit their carrier and retail store to participate in the U.S. Note7 Refund and Exchange Program now. We realize this is an inconvenience but your safety has to remain our top priority.”
Source: Bloomberg
‘Secure’ apps in Google’s Play Store are a crapshoot
Infosec Apple fanboys are not known for their empathy — either for those who can’t afford their holy high fetish of phone security (iPhone) or for those who simply can’t stomach the ecosystem’s mounting hypocrisies.
But there’s one thing on their side. Apple’s App Store at least tries to curate product security, while Google’s Play Store is like playing appsec Russian roulette.
Nowhere has that been made more clear than in a post by researcher Jon Sawyer, called Password Storage in Sensitive Apps. Sawyer does freelance contract work “breaking and/or fixing Android phones and related software” — he hacks everything Android. For a recent gig, he was contacted by a forensic specialist for a law enforcement agency.
The law enforcement contact told Sawyer they had a phone with information on it “that could make or break a very sensitive case.” They had been trying to access the phone’s files and get data off the device with commercial mobile forensic tools but weren’t having any luck.
Sawyer verified their identity and purpose and got to the task at hand. “Using a backdoor … and some trickery we were able to fully extract all data off the device,” he explained. “This had me thinking, what next? What if this criminal was using another layer of security? What if they had a “secure storage” app, what if their photos, videos and whatnot were encrypted in an additional layer of security?”
Sawyer searched Google’s app store for “Secure Photo” and grabbed the first result. He doesn’t say which app this is. But in my search, the top result was Hide Pictures Keep Safe Vault, listed as a Play Store “Editors’ Choice” by a “Top Developer,” with 4.6 stars and between 10 million and 50 million downloads.
When he started hacking the app and looking at the supposedly safe and secure files, Sawyer found that “sure enough the files stored were encrypted.” But then he discovered that “the PIN was stored in plaintext as a shared preference” — making the app neither safe nor secure should you want to keep your files from the prying eyes of hackers or law enforcement.
Apparently, for Sawyer, this was so easy it was no fun. He moved on to installing and hacking the next result in his search, Private Photo Vault. That one had a 4.1-star rating, 17,000 starred reviews, and over one million downloads.
“The #1 iOS Private Photo App is now available on Android! Private Photo Vault is a photo safe that keeps all of your private pictures and videos hidden behind a password.”
The researcher was hopeful. “The initial results were more promising than the first app, no plaintext PIN stored in the shared preferences.” But, he wrote, “the promise didn’t last long.” When Sawyer found (by testing it on himself) that unmasking any Vault user’s PIN code was easy, he “stopped analysis at this point, the app was already beyond broken.
“These companies are selling products that claim to securely store your most intimate pieces of data, yet are at most snake oil. You would have near equal protection just by changing the file extension and renaming the photos.”
If you want to know what happens when a hacker visits the Google Play Store trying to find an app that can’t be cracked … well, it’s not pretty. And that’s where Apple’s App Store has some advantage, even though iOS apps aren’t as secure as users want to believe. Yet while the App Store is hypocritically censored to hell and back, treats developers like crap and has its share of garbage on offer, app security has always been its strong suit.
Although there was that one time scientists at Georgia Tech got an app named Jekyll into the App Store in 2013. Jekyll bypassed every security measure put in place by Apple to protect its users and could stealthily tweet, take photos, steal device identity information, send email and SMS and much more. “Our method allows attackers to reliably hide malicious behavior that would otherwise get their app rejected by the Apple review process,” the researchers wrote in their paper, Jekyll on iOS: When Benign Apps Become Evil.
The app was pulled before anyone downloaded it, but the point was made: Nothing is as secure as any company promises. And in typical Apple PR fashion, it still remains unclear whether the vulnerabilities exploited by Jekyll were completely fixed.
With Google’s new Pixel phone, an attack like this is at least less likely. Similar to its Nexus phones on Google’s Project Fi program, the Pixel will mainline operating system updates and security refreshes (one of many reasons I’ll be excited to get my hands on one, app store sketchiness notwithstanding). But, as Jon Sawyer found out after his recent law enforcement project, there’s a lot of false advertising in the Play Store under the guise of “secure” apps.
As I mentioned, I’m an Android phone user and fan, so I obviously don’t believe it’s all snake oil in the Google Play Store. I just think it’s wise to make our downloading decisions with the scrutiny afforded by the death of security-by-way-of-wishful-thinking.
Lawmakers demand answers from White House over Yahoo emails
Four dozen members of the US House of Representatives, acting as a bipartisan bloc, have requested that the Obama Administration brief them on allegations that Yahoo improperly scanned user emails at the behest of the Foreign Intelligence Surveillance Court.
Those scans were reportedly looking for a single piece of digital ID linked to a foreign government labeled as a “state sponsor of terrorism,” Reuters reports. That means they were hunting for emails from Iran, Syria or Sudan.
“As legislators, it is our responsibility to have accurate information about the intelligence activities conducted by the federal government,” according to the congressional letter. “Accordingly, we request information and a briefing as soon as possible for all members of Congress to resolve the issues raised by these reports.”
This letter comes amid increasing scrutiny for Yahoo and the US Intelligence community regarding the practice. Legal experts have expressed concerns about whether these scans constitute a violation of the 4th Amendment (the one protecting against unreasonable search and seizure). The debacle has also caused Verizon to slash a billion dollars off of its offer for the company, if it doesn’t sink the deal altogether.
Don’t panic: Spotify is having problems, but it’s looking into it
As if this long, dark week couldn’t get any worse, Spotify is dealing with some stability issues. Some people are still able to stream music, but plenty of people on Twitter are saying the service is totally down for them. On my end, I can get songs to play, but a lot of the desktop app’s navigation and interface is totally blank, which makes it hard to actually find songs to play.
We’re aware of some issues right now and are checking them out! We’ll keep you posted.
— Spotify Status (@SpotifyStatus) October 14, 2016
Fortunately, Spotify’s support Twitter account says they’re aware of the problem and working on a fix. Hopefully that’ll be pushed out before your evening dance party starts, but that doesn’t do the tail end of your workday any good. Let us know in the comments if you’re having trouble and to what degree — are you one of the lucky ones who can still browse and play things from your saved albums and songs, or are you totally shut out right now?
AIVAnet 