Google denies Android breaks competition rules

Google has denied the way it handles its Android mobile operating system is anti-competitive.
 
Google has denied the way it handles its Android mobile operating system is anti-competitive.
 
In 2015, the European Commission said it would investigate whether Google “abused its dominant position” and “hindered the development” of rivals. Google argued Android was a “flexible” platform that had “expanded competition” rather than hurting it. The European Commission said it would carefully consider Google’s response before making a decision.
 
The Android operating system is open source, with a majority of the code available for device manufacturers to take, modify and use for free. Companies are free to take the code and develop it into their own operating system – shopping giant Amazon has done so with its Fire OS. However, manufacturers must negotiate with Google if they wish to add Google Mobile Services (GMS), which include the popular Google Play app store, Chrome web browser and Google Search app.
 
The European Commission is investigating whether Google: gave incentives to manufacturers to exclusively pre-install Google apps and services on devices, barred manufacturers from using modified or “forked” Android code if they wanted access to Google services on some of their devices, bundled apps and services with other Google products.
 
Google faces a fine and could be required to change its practices if it is found guilty.
 
The search giant has not denied offering phone-makers incentives to exclusively pre-install Google apps, or that it offers Search, Chrome and the Play app store as a bundle. But it argued: manufacturers were never “obliged to pre-load any Google apps on an Android phone”, while anybody could “fork” Android to make their own OS, its “voluntary compatibility agreements” helped reduce the spread of incompatible devices, bundling Search, Chrome and Play allowed it to offer its suite of apps for free as opposed to charging phone-makers a fee, reducing costs for consumers.
 
“We do offer manufacturers a suite of apps so that when you buy a new phone, you can access a familiar set of basic services,” the company said in a blog. “Android’s competitors – including Apple’s iPhone and Microsoft’s Windows phone – not only do the same, but they allow much less choice in the apps that come with their phones.”
 
In April, Ms Vestager indicated that she believed Google had broken antitrust rules. “Based on our investigation thus far, we believe that Google’s behaviour denies consumers a wider choice of mobile apps and services and stands in the way of innovation by other players,” she said.
 
FairSearch Europe – one of the organisations to have complained about Google’s behaviour – said the company’s response was “disingenuous”. “The European Commission’s case against Google is vital for consumers, because four out of five smartphones sold today run on Android,” it said in a statement.
 
The European Commission did not indicate how long it would take to reach a decision.
 
 

Yahoo hackers stole data from 500 million users

Yahoo says hackers stole information from about 500 million users in what appears to be the largest publicly disclosed cyber-breach in history.

 
Yahoo says hackers stole information from about 500 million users in what appears to be the largest publicly disclosed cyber-breach in history.
 
The breach included swathes of personal information, including names and emails, as well as “unencrypted security questions and answers”. The hack took place in 2014 but has only now been made public. Yahoo said it believed the attack was state-sponsored. The FBI has confirmed it is investigating. The data taken includes names, email addresses, telephone numbers, dates of birth and encrypted passwords, but not credit card data, Yahoo said.
 
News of a possible major attack on the technology firm emerged in August when a hacker known as “Peace” was apparently attempting to sell information on 200 million Yahoo accounts. On Thursday, Yahoo confirmed the breach was far bigger than first thought. Yahoo is recommending all users should change their passwords if they have not done so since 2014.

 
In July, Yahoo was sold to US telecoms giant Verizon for $4.8bn (£3.7bn). Verizon said it had learned of the hack “within the last two days” and said it had “limited information”. It added: “Until then, we are not in position to further comment.”
 
Yahoo said in a statement: “Online intrusions and thefts by state-sponsored actors have become increasingly common across the technology industry.”

 
Reuters reported three unnamed US intelligence officials as saying they believed the attack was state-sponsored because it was similar to previous hacks linked to Russian intelligence agencies. Nikki Parker, vice-president at security company Covata, said: “Yahoo is likely to come under intense scrutiny from regulators, the media and public and rightly so. Corporations can’t shy away from data breaches and they must hold their hands up and show that they are committed to resolving the problem.” She added: “Let’s hope the ink is dry on the contract with Verizon.”
 
Questions are being asked about the length of time it took Yahoo to fully acknowledge the breach. “It is really worrying that a breach from 2014 can have gone undetected for so long,” said Prof Alan Woodward from the University of Surrey. It is also surprising the public statement took so long to appear. I would have thought most companies had learned by now that early disclosure is better, even if you have to revise and update as you learn more. I can understand a few days delay to confirm the breach is genuine as fake data dumps are increasingly common, but six weeks seems rather too long.”
 

The scale of the hack eclipses other recent, major tech breaches – such as MySpace (359 million), LinkedIn (164 million) and Adobe (152 million). Yahoo was founded in 1994 by Jerry Yang and David Filo. In its first decade it was a pioneer of internet services. Once the most popular website in the US, it was worth about $125bn, but Yahoo lost ground towards the end of the first decade of the century, leading to its purchase by Verizon.
 
Verizon’s motivation for purchasing the struggling Yahoo was to simply gain its massive user base. More than a billion people visit a Yahoo-owned site every month, and Verizon was hoping to use that to sell targeted advertising.
 
 

 
 

Windows 10 software condemned by Which?

Microsoft has been criticised over its Windows 10 software by consumer rights group Which?.

 
Microsoft has been criticised over its Windows 10 software by consumer rights group Which?.
 
The body said it had received hundreds of complaints about the upgrade, including lost files, emails no longer syncing and broken wi-fi and printing. In some cases, it said, users had had to pay for their computer to be repaired.
 
Microsoft defended its software and highlighted that it provided help online and by phone. “The Windows 10 upgrade is a choice designed to help people take advantage of the most secure and most productive Windows,” said a spokesman. “Customers have distinct options. Should a customer need help with the upgrade experience, we have numerous options including free customer support.”
 
Which? surveyed more than 5,500 of its members in June, and said that 12% of the 2,500 who had upgraded to Windows 10 had later reverted to an earlier version.
 
The charity said users had complained of feeling “nagged” by regular alerts prompting them to upgrade their system, and, despite declining the notifications, had said Windows 10 had installed itself regardless. “Once installed, people reported various problems, including printers, wi-fi cards and speakers no longer working with their PC; instances of lost files and email accounts no longer syncing; and, most significantly, their computer encountering such problems that they had to pay someone to repair it,” Which? said.
 
“There have also been complaints about poor customer service from Microsoft when users contacted the company about the problems they are having.” Alex Neill, Which? director of campaigns and policy, added: “We rely heavily on our computers to carry out daily activities, so, when they stop working, it is frustrating and stressful. “Many people are having issues with Windows 10, and we believe Microsoft should be doing more to fix the problem.”
 
Windows 10 was released in July 2015 as a free upgrade for one year, and was designed to run across laptops, desktop computers, smartphones and Microsoft’s augmented reality headset HoloLens. Last month, millions of webcams were rendered useless after an update to Windows 10.

 
A Microsoft camera engineer who responded to complaints on the support thread at the time acknowledged the company had done “a poor job” of letting people know about the change. In July, the French data authority said Windows 10 gathered an “excessive” amount of personal data about users. By default, the software collects information on how it is used – including installed apps and how much time is spent using them.
 
“[Microsoft] is collecting excessive data, as these data are not necessary for the operation of the service,” said the National Data Protection Commission.
 
Stuart Miles, founder of gadget news site Pocket-lint, said: “With a rollout of this size, it is always likely there will be issues and problems experienced by some users. On the whole, Windows 10 has been received well, and was a notable step up from the previous Windows 8, which did not go down well with many users.”
 
 

Apple fixes ‘bricking’ update flaw

Apple says it has fixed a problem that was “bricking” people’s devices while updating to the latest operating system.
  
Apple says it has fixed a problem that was “bricking” people’s devices while updating to the latest operating system.
 
Complaints from iPhone and iPad users updating to iOS 10 flooded social media after the software was rolled out on Tuesday. Discussion around the issue was trending on social media – but Apple said it was limited to a “small number of users”.
 
Bricking is a term used to describe devices that have been rendered unusable due to a software or hardware fault – as in, the device is now as useful to you as a brick. The firm apologised to affected customers.
 
“We experienced a brief issue with the software update process, affecting a small number of users during the first hour of availability,” an Apple spokeswoman said in an emailed statement. “The problem was quickly resolved and we apologise to those customers. Anyone who was affected should connect to iTunes to complete the update or contact AppleCare for help.”
 
The roll out of iOS 10 comes a week before the iPhone 7 goes on sale. In the mean time, existing owners of Apple devices vented their frustration at the problem. “Currently sitting here with a bricked iPhone full of photos with a recent family visit,” wrote Courtney Guertin on Twitter.
 
It is not the first time Apple has had teething problems in rolling out major updates. When users tried to update to iOS 5 in 2011, high demand appeared to be behind users getting multiple error messages when trying to update. More recently, in February this year, Apple faced criticism after an update started bricking devices if they had been repaired by a company other than Apple.
 
Apple apologised for the problem and issued a software update to fix the issue. It said Error 53, as it became known, was in fact security measure designed to make sure the fingerprint sensor on the device had not been tampered with.
 
 

Windows 10 update stops webcams working

A Windows 10 update has stopped many popular webcams from working. The update, released earlier this month, stops many cameras being used for Skype or to broadcast and stream footage.
 
A Windows 10 update has stopped many popular webcams from working. The update, released earlier this month, stops many cameras being used for Skype or to broadcast and stream footage.
 
The cause seems to be a change in the way Windows 10 handles video so it can be used by more than one program at a time. Microsoft said it was working on a fix but has not given any date for when the patch will be available.
 
Soon after Windows Update 1607 was distributed in early August, many people started reporting webcam problems to Microsoft via its support site. The trouble affected both webcams connected via USB cables or on the same network and meant either that footage could not be streamed, or that images froze after a while. The problems even affected webcams working with Skype and Lync – both companies owned by Microsoft.
 
Comments on the support thread suggest millions of people have been inconvenienced by the bug. Some companies said customers who used webcams for internet banking had complained because they could no longer verify transactions.
 
Analysis put the blame on changes to the video encoding systems with which Windows 10 works. The update ends support for two widely used encoding systems so it became possible for more than one application to use video as it is being shot. Prior to the update Windows 10 only allowed one application access to a stream.
 
A Microsoft camera engineer who responded to complaints on the support thread said the company had done “a poor job” of letting people know about the change. “We dropped the ball on that front, so I’d like to offer my apologies to you all,” he said.
 
He added that Microsoft was working on a way to fix the problem and get webcams working again. The fix is likely to be released in September. Microsoft has yet to officially comment on the problem.
 
Changes to the way Microsoft handles updates also seem to have made the problem harder to fix. Prior to update 1607, Windows 10 users could roll-back to a previous version within 30 days of it being installed. The update cut that to 10 days giving people little chance to switch back to the earlier version of Windows 10 under which their webcams worked.
 
 
 

Android 7.0 Nougat released by Google

Google has released Android 7.0, codenamed Nougat.
 
Google has released Android 7.0, codenamed Nougat.
 
The new version of its mobile operating system allows two apps to be run on the same screen at once, and makes it possible for devices to handle more complex 3D graphics. For now, only Nexus-branded handsets and tablets can get the update.
 
Google says a forthcoming phone from LG will also have the software pre-installed. But other device owners will have to wait for manufacturers to carry out their own checks before they make it possible to install the code. The situation poses a challenge to Google, which wants as many users as possible to upgrade. According to the firm’s own figures, only 15% of Android devices in use got the previous version of Android.
 

‘Dalek’ commands can hijack smartphones

Researchers have demonstrated how garbled speech commands hidden in radio or video broadcasts could be used to control a smartphone. 
 
Researchers have demonstrated how garbled speech commands hidden in radio or video broadcasts could be used to control a smartphone. The clips, which sound like the Daleks from Doctor Who, can be difficult for humans to understand but still trigger a phone’s voice control functionality.
 
The commands could make a smartphone share its location data, make calls and access compromised websites.
 
One security expert said users could switch off automatic voice recognition. The researchers – from the University of California, Berkeley and Georgetown University – explored whether audio commands “unintelligible to human listeners” were still interpreted by smartphones as voice commands.
 
They took a series of voice commands, such as: “OK Google, call 911,” which would activate an Android phone’s voice control if enabled, and heavily distorted the audio so that it was difficult for human listeners to understand. The low-pitched speech could be hidden among background noise and still trigger smartphone features.
 
“Our research was mostly geared towards answering the scientific question: can one leverage the differences in how computers and humans understand speech to produce commands that could be understood by the former and not by the latter?” said Micah Sherr, one of the researchers from Georgetown University. “We found that the answer to this question is yes – but there’s certainly a lot more work to be done to investigate what it would take to make these attacks more practically deployable. While the attack should be considered seriously – especially given the growing popularity of voice-only interfaces such as Amazon Echo, Apple Watch and Android Wear – we aren’t trying to make the case that these attacks are easy to conduct.”
 
The researchers have uploaded a sample of their garbled voices commands to YouTube, but have pointed out that the online clips may not activate a smartphone.
 
“The hidden voice commands are quite fragile. We tried to produce audio files that sit right on the intersection between what a human cannot understand and what a computer can understand,” said Mr Sherr. “Depending on the setup in your room, the quality of your loudspeaker, and the distance between the speaker and the smartphone, the audio might have been sufficiently ‘pushed’ in a direction that prevents computer understanding. Apple’s Siri seems to be much more conservative as to what it accepts as human speech. Our attacks worked best against Google’s app.”
 
The team also highlighted that people found it easier to understand the garbled speech once they were aware of what was being said. Although such an attack is unlikely to be deployed in the wild, Ken Munro from cybersecurity company Pen Test Partners said changing a smartphone’s settings remained a good idea.
 
“It’s a really interesting attack and serves to reinforce why it’s so important to disable voice recognition without authentication,” he said. “It may be possible to broadcast obfuscated speech to get a mobile browser to visit a rogue web site, or dial a premium rate phone number that the hacker owns, creating large-scale fraud. It is easy to set up a phone to require authentication such as a fingerprint before the device will recognise voice commands. Do that, then the problem is fixed.”
 
The researchers will present their paper at the Usenix Security Symposium in August.
 

Apple launches iOS 10 beta version to the public

Apple has released a beta version of its latest mobile and desktop software, iOS 10 and macOS Sierra. Billed by the company as “the biggest iOS release ever”, the new software for iPhone, iPad and iPod Touch features a revamped lock screen, including the removal of “Swipe to unlock”, customisable widgets, and playful additions to iMessage.
 
Apple has released a beta version of its latest mobile and desktop software, iOS 10 and macOS Sierra. Billed by the company as “the biggest iOS release ever”, the new software for iPhone, iPad and iPod Touch features a revamped lock screen, including the removal of “Swipe to unlock”, customisable widgets, and playful additions to iMessage. 

 
Although Apple is expected to release the update in September alongside the iPhone 7, users can download an early version of the software with their Apple ID. The company encourages users of the beta to report any bugs or errors they may find in the iOS, which is not the finalised version and will be updated throughout the testing period ahead of its general release.
 
To download the iOS 10 beta software you’ll need to sign up to Apple’s Beta Software Program using your Apple ID. Once you’ve signed up you can register the device you’d like to upgrade to iOS 10 or macOS Sierra and be able to download it.   
 
Apple advises customers to backup any device they’re using for the beta, and stresses that as the software is still being tested it may feature glitches and bugs. Backup your device in Settings using iCloud or by connecting it to a computer. For users that have more than one Apple device the iPhone maker says its better to download the beta on a secondary one.  Once you’ve backed up the device you’d like to update, go to Settings -> General -> Software Update 

 
The iOS 10 is the most radical change Apple has released for the software in a few years. Namely, it has changed the way users open their phones. Picking up a device running iOS 10 automatically lights up the screen and shows notifications, calendar appointments, weather information and news updates.
 
From there, Apple has removed the “Swipe to unlock” feature that has been a staple since the first iPhone, meaning that pressing the home button is the only action required to open your phone. 
 
Other useful changes include customisable widgets, the ability to delete default apps, and voicemail transcriptions. iMessage has also been opened to developers who can now create apps within it, meaning users can now order food, shop or send money within messages. 
 
The biggest change in macOS Sierra is integration with Siri, which also now works with third party apps. The computer software also includes updates to the Photos app, Apple Music and tabs for every app. 

 

Google’s new Android name divides opinion

Google has announced that the next version of Android, codenamed “N”, will be called Nougat, bitterly dividing opinion among its fans. 

 
Google has announced that the next version of Android, codenamed “N”, will be called Nougat, bitterly dividing opinion among its fans. 

 

Nougat, which has been in developer and early-adopter preview for the last few months since being announced at Google’s I/O developer conference in May, will be the 14th distinct iteration of Android, labeled Android 7.0.

 
Google announced Android 7 simply as “N” and put out a call for suggestions of names starting with N. Most previous versions of Android have come with a confectionary or sweet-based code name.
 
The third version of the operating system – Android 1.5 – was called Cupcake followed by Donut, Eclair, Froyo, Gingerbread, Honeycomb, Ice Cream Sandwich, Jelly Bean, KikKat, Lollipop and most recently Android 6 Marshmallow.
 
However, the reaction to the name has been a mixed bag.
 
After Google had agreed with Nestle to use the KitKat name for Android 4.4, Nutella had become a fan favourite.

 
 

Apple reveals unencrypted heart of iOS 10 code

Apple is letting developers peer into the core of its mobile operating system for the first time – a move that could have major implications for security.

 
Apple is letting developers peer into the core of its mobile operating system for the first time – a move that could have major implications for security.
 

Last week the tech firm released a preview version of iOS 10. Its kernel – the central component that controls how software is processed by a device’s hardware – was unencrypted. The move should make it easier for researchers to flag flaws that could otherwise be exploited by hackers.

 
However, it is understood that was not Apple’s motivation for making the change. Even so, experts say it could make it harder for organisations to keep secret techniques they have used to overcome privacy measures on iPhones and iPads.
 
In a recent high-profile case, the FBI refused to share an exploit it had used to to crack an iPhone used by a gunman who had killed several people in San Bernardino, California.
 
“In general, transparency is good for security,” commented Dr Steven Murdoch from University College London. “Well-resourced attackers like government intelligence agencies have always been able to find vulnerabilities. And while Apple’s move will make that job easier, it will also make it easier for less well-resourced security researchers to find the vulnerabilities and get them fixed.”
 
Apple has not commented on the matter, and it was a report by MIT Technology Review that made it public.
 
It noted that the move could also be used by “jailbreakers” – people who release code that removes an operating system’s restrictions to allow a wider range of software to be used.
 
Unlike many tech firms, Apple does not currently run a bug bounty programme that pays researchers to alert it to flaws.
 
One researcher suggested that it might now be a good idea to introduce one. “If Apple has deliberately opened up its code, then it needs to make sure it is very thoroughly reviewed by the community and the firm must then be very responsive in fixing stuff that is found,” said Ken Munro from Pen Test Partners. “A bug bounty would get everyone interested, meaning the security community would be working for Apple for a comparatively low cost.”