(adsbygoogle = window.adsbygoogle || ).push();
Right on cue, Google has today released new Nexus factory images which contain the security patch fixes for February. The images will have build numbers of either MMB29Q, MMB29U or MMB29R, and are available to download for the usual suspects: the Nexus 6P, 5X, 6, 9, 5, 7 and Player. Naturally, the software version number stays at Android 6.0.1, but as for what is actually fixed in this release, Google says it’s resolved some Critical security flaws:
“The most severe of these issues is a Critical security vulnerability that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files. The Remote Code Execution Vulnerability in Broadcom’s Wi-Fi driver is also Critical severity as it could allow remote code execution on an affected device while connected to the same network as the attacker.”
To get the full, technical low-down, you can check out the rest of Google’s security bulletin here. And for those of you who want to flash the factory images to your device, you can get them from the Google Developers site. As always, make sure to back up your data before attempting this, otherwise sit tight and wait for the OTAs to start flowing.
What do you think about this month’s security patch? Let us know your thoughts in the comments below.
The post Nexus factory images with February security fixes are available today appeared first on AndroidSPIN.
Yahoo debuted a new Mail app back in the fall, and today the mobile software is getting a few new features. First, both the Android and iOS versions will allow you to customize your swipes. This means that when you’re looking at your inbox, you can opt to swipe right to archive or swipe left to mark as spam. Other actions include starring a message and marking it as read. When using a long press to select multiple messages, you can now star a group of emails or mark them as spam from the so-called multi-select toolbar in the app.
For the iOS version, Yahoo is looking to make hunting for the file you’re trying to attach easier. The app will display a collection of recently received photos and files alongside a search bar so that you can find exactly what you’re looking for quickly. The iOS version also allows you to create, delete and rename folders and subfolders with a long press. Android users can now move or star messages as soon as they arrive. Thanks to actionable notifications, you can deal with an email the moment it arrives on your device. Updates for both OSes are rolling out today.
When Lulu launched over two years ago, its approach to mobile dating raised more than a few eyebrows. Instead of connecting girls with eligible dudes nearby, the app let them share anonymous reviews of men they knew, complete with hashtags like “#LifeOfTheParty,” “#TallDarkAndHandsome” and “#PlaysDigeridoo.” Some loved it. Some were mortified. Still others wondered what the service could mean for the future of dating. The answer: apparently not much, because Lulu as we knew it is dead. A few days ago, the company quietly replaced its original app with a new version that cut out all of those juicy reviews in favor of a more generic — and very familiar — dating experience.
The updated software is live in both Apple’s App Store and the Google Play Store, but its existing website still refers to the old, review-heavy version. It’s only when you go to new.onlulu.com that you get a sense of the company’s new mission. And more importantly, users are pretty pissed off too:
No wonder they’re miffed. Say what you will about the value of anonymous reviews; Old Lulu was a platform based more on information than action. You went there to see if that guy you just met was a creep, not to strike up a conversation or send emoji (though you could if you really felt like it). The new, neutered Lulu pegs itself as a “fresh way to meet new people,” letting users see others they’ve crossed paths with while traipsing around in the real world. One thing becomes obvious after even the briefest moment spent poking around in either the app or the new Lulu website, though: they’re both carbon copies of UK dating app/site Badoo. In fact, Lulu didn’t even take the time to scrub the Badoo logos off the images plastered on their “new” site:
Now, before anyone cries foul (or copyright infringement), know that Badoo has a white-label program that allows other companies to build services on top of its sizeable social network, and those companies seem to be able to just swap out logos if they feel like it. Lulu isn’t alone, either. Consider Blendr, the app often referred to as Grindr’s counterpart for straight people. Total Badoo clone. And remember Hot or Not, one of the best/worst ways to waste time in the early 2000s? It’s goddamn Badoo again! We’ve reached out to both Lulu and Badoo in hopes of clearing up the exact nature of their relationship, but neither responded yet (and we’re pretty sure it’s a white-label deal anyway).
At the very least, New Lulu/Badoo pays a little lip service to the idea of dating intelligence by showing off a ratio of how many times a person has been liked versus disliked. Still, the snarky, valuable and sometimes upsetting original has been replaced with a toothless impostor that mashes up features from rival services.
It’s not clear why Lulu took such a drastic leap, but we can hazard a few guesses. The one-sided nature of Old Lulu meant mostly women extracted value from the service; they’d get juicy tips on all the little things that did or didn’t make a guy dateable. Naturally, being a guy on the other end could be tricky, especially if you got tagged with a string of less-than-stellar reviews.
This experiential disconnect led to plenty of debates — often about how the app could transform the conventions of modern dating — that didn’t make the process of building a functional business any easier. The revamp equals the playing field in that both men and women can use the service, but man — if Lulu was looking for a competitive advantage, literally turning their product into a carbon copy of multiple others was not the way to do it.
If you’ve wanted websites to push notifications whenever there’s a big update, you’ve typically had to use a browser like Chrome or Safari. As of today, though, there’s a third option: Mozilla has released Firefox 44, which brings push notifications to all desktop users. Grant a site permission and you’ll get a heads-up whenever there’s an important story or alert, whether or not a given site is open. It’s arguably an overdue feature, but it’s hard to knock having more choice.
This update isn’t just a one-trick pony. On the desktop, it’ll let you play H.264 video (Mozilla’s once-hated nemesis) if your system has a native decoder. It also ditches older, less secure web certificates. And don’t worry, Android is getting some updates too — you can finally choose a home page to display on startup, get search history suggestions and use Android’s native services for cloud printing. Whichever platform you use, you can grab the Firefox update today.
[Image credit: Josep Lago/AFP/Getty Images]
Source: Mozilla Blog
(adsbygoogle = window.adsbygoogle || ).push();
Most of the time, software updates don’t get spotted until they are officially released by manufacturers. If we’re really lucky, a test build will leak out a few weeks early. However, what Samsung has been experiencing over the last few weeks is a bit unprecedented, with test builds being pushed via its OTA system to users who aren’t expecting the update. One of the earliest cases of this was the Galaxy Note 4 getting a sneak peek at Android 6.0, and the latest stuff-up (intentional or unintentional) has seen the Samsung Galaxy S5 Android 6.0.1 update pushed to a device in France.
The information from the build indicates that the software is based on Android 6.0.1 and it includes the January security update which has so far only been made available to Nexus devices. While it is impossible to determine how close this software build is to final, the general concensus is that these screenshots are pretty legitimate and we’re looking at an almost-finished, if not finished, version of software that will be pushed out in the very near future. Exactly how near is anybody’s guess, however.
What do you think about the Samsung Galaxy S5 Android 6.0.1 update being released prematurely? Let us know your thoughts in the comments below.
The post Samsung Galaxy S5 Android 6.0.1 update is sent out prematurely appeared first on AndroidSPIN.
Have you ever wondered what code would look like if it were dictated by a presidential candidate’s grandiose statements rather than such radical concepts as accuracy and logic? No? Well, you’re going to find out regardless. Rice University students Chris Brown and Sam Shadwell have created TrumpScript, a Python-based programming language that takes Donald Trump’s philosophy a little too literally. For a start, it won’t deal with either floating point numbers or any number smaller than 1 million — America doesn’t do anything halfway or deal with the small stuff, you see. It also won’t allow users from China or Mexico (you can’t even use import statements), insists on ending programs with “America is great” and refuses to admit to most of its failures.
You can tinker with the TrumpScript code right now, although the creators warn that it might not work properly. That’s not surprising given that it was whipped up in less than 20 hours as part of a hackathon. However, the presence of source code lets you not only fix flaws yourself, but add your own features — you don’t have to wait to slip Trump’s latest audacious soundbite into your syntax. Whatever you think of the man, it’s clear that Arnold Schwarzenegger isn’t the only well-known political figure with his own computer code.
[Image credit: Ethan Miller/Getty Images]
Hyundai began teasing Apple’s CarPlay software for its vehicles way back in 2014, but failed to deliver it as promised in the 2015 Sonata. Now, the automaker will finally make Cupertino’s in-car system available during the first quarter of 2016. What’s more, it won’t be a free upgrade. Hyundai says that Sonata owners will need to purchase an SD card in order to employ CarPlay inside their vehicles. Originally, the company said the software would be available for free in 2015 and 2015 Sonata models outfitted the requisite infotainment setup. What’s more, Hyundai already offers Android Auto to its customers free of charge. When CarPlay arrives for Sonata owners, the Hyundai will join the likes of Chevrolet and Honda that already offer the software inside vehicles.
Source: USA Today
It’s no secret that North Korea has its own Linux distribution, Red Star OS, that limits you to a government-approved view of the world. However, researchers have just taken an in-depth look into how Red Star works — and it’s clear that software is as authoritarian as the country that created it. Besides its known tendency to watermark files on USB sticks (to track people shuttling contraband material), Red Star is paranoid about modifications. It not only has extra safeguards around key system files, but will immediately reboot the PC if it detects changes to those files.
It’s also evident that North Korea is determined to keep as much technology in-house as it can. The included antivirus software and web browser point to internal servers, and even the encryption is custom-developed (possibly to prevent foreign agencies from inserting back doors). You’re not going to run Red Star just for kicks, folks.
While there are some security benefits to Red Star, the researchers ultimately believe that the software is about keeping North Koreans isolated. You don’t dare modify the system to get around censorship, lest officials track you down. In that sense, the OS is a friendly reminder that open source software isn’t automatically a guarantee of freedom — it has to be written in a spirit of freedom, too.
[Image credit: Liu Xingzhe/ChinaFotoPress via Getty Images]
Source: Chaos Communication Congress
Washington’s Department of Corrections has been forced to admit that around three percent of the prison population has been released early since 2002. The issue, which was admitted yesterday by Governor Jay Inslee, surrounds a software glitch that’s been incorrectly calculating the duration of inmates sentences. According to the Seattle Times, a Supreme Court ruling mandated that good time credits should be used to reduce prison terms. When the DoC’s computer systems were amended to take that into consideration, however, there was an inaccurate calculation of how long a good time credit was. Unfortunately, it wasn’t until 2012 when the family of a victim raised the issue of a prisoner’s release, that the department became aware.
Administrators believe that the error was responsible for upwards of 3,200 inmates being released ahead of time. In addition, a further 3,100 who were on course for early release have had their sentences corrected before they could get out. According to Nicholas Brown, Inslee’s general counsel, there shouldn’t be much for local Washingtonians to get concerned about. The errors mostly knocked 100 days or so off sentences, and, so far, it doesn’t look as if anyone too dangerous was released too early. Still, it’s not going to be a fun couple of months for whoever committed the software error in the first place — a formal investigation headed by two former federal prosecutors kicks off in the near future.
[Image Credit: AP Photo/Elaine Thompson]
Via: ABC News
Oracle’s Java software is known for creating its share of headaches, but security is arguably the biggest. For one thing, upgrading to the latest version of Java Standard Edition didn’t always remove every old version — up until last year, it’d leave ancient copies that exposed your PC to attack. And now, Oracle is paying the price. It’s settling FTC charges that it “deceived” customers by failing to warn about the security risks behind its Java SE upgrade process. Larry Ellison and crew will have to both warn users about those risks and create tools to remove those older, more vulnerable copies.
Given that the issue was effectively tackled earlier, the FTC deal is something of a formality. Nonetheless, it could do a lot to keep both Oracle and other software developers on their toes. Ideally, they’ll think twice about sloppy uninstalls that leave insecure code behind — the FTC may not be so gentle the next time around.
[Image credit: Shutterstock]
Via: Business Insider