Security company G Data has identified more than 20 mobile phones that have malware installed despite being marketed as new, according to a research report. And it doesn’t appear the infection is occurring during manufacturing.
“Somebody is unlocking the phone and putting the malware on there and relocking the phone,” said Andy Hayter, security evangelist for G Data.
Many of the suspect phones are sold in Asia and Europe through third parties or middlemen and aren’t coming directly from the manufacturers, Hayter said.
Brands of affected phones include Xiaomi, Huawei, Lenovo, Alps, ConCorde, DJC, Sesonn and Xido.
G Data has contacted some manufacturers, including Lenovo, whose S860 Android smartphone in one instance was found to have the malware.
Ray Gorman, Lenovo’s executive director of external communications, wrote in an email that the device G Data analyzed came from a third-party marketplace. The malware was installed by middlemen, he wrote.
“This is the only such occurrence we have been made aware of,” Gorman wrote. “We always recommend customers transact with authorized distribution channels and only accept merchandise that comes in an official box with original factory seals.”
The malware is embedded in a legitimate app, such as Facebook, which is sometimes preinstalled on phones, Hayter said. It can read and send text messages, install other apps, collect and change call data, grab location information, record phone calls or send premium SMSes, according to G Data’s report.
It’s impossible for consumers to remove since it resides inside the phone’s firmware.
“You can’t take it off there unless you unlock the phone,” Hayter said.
G Data was alerted to the problem after receiving support calls from users who said a file had been quarantined but that it couldn’t be removed.
The problem has been around for a while. In June 2014, G Data said it found malware in the firmware of a relatively inexpensive Android device made by the Chinese manufacturer Star.
Xiaomi is the latest big phone manufacturer trying to make its own SoCs to differentiate itself from the fearsome competition.
China’s biggest smartphone manufacturer is working on its own SoC that is scheduled to appear in 2016. Details are thin on the ground but it would appear that the company is working on its own ARM based chip. This will help company to compete with Apple, Samsung and Huawei. These three already have an inhouse SoC.
Apple started making its own SoC a while ago with the original iPhone and Samsung has joined in a few years later. This is going to become more common in the phone industry.
Samsung caught everyone by surprise when it announced that its flagship Galaxy S6 and the latest Galaxy 6 Note and edge ended up with a 14nm based 7240 . Before this, they used Qualcomm chips for their high end devices.
HTC ended up using Qualcomm Snapdragon 810 while LG G4 flagship phone chose the Snapdragon 808 which was a slightly slower version of the chip.
Huawei has acquired HiSIlicon SoC manufacturer a few years ago and the company makes its own SoC branded Kirin. The company is doing a decent job with its latest Kirin 930. This “four plus four” A53 chip with one cluster with 2.0 GHz and another with 1.5Ghz seems like a decent chip. It even has Cat 6 modem to compete better.
The future Kirin 950 will have A72 cores and even Cat 10 modems but this is something we will see in course of 2016.
If Xiaomi becomes successful in its SoC plans, it will put Qualcomm and MediaTek in a tough position. The company is using Snapdragon 810 in its MI Note Pro, and Snapdragon 615 in Mi 4i phone.
Redmi Note 2 is using the quite popular MediaTek SoC Helio X10 SoC that ended up in quite a few phones coming from the Far East.
Xiaomi has already developed LC1860 processor for its low end Redmi 2A, which was a sub $100 phone. This was developed by the Xiaomi-owned Pine Cone Electronics working with Chinese chip maker Leadcore Technology. The LC 1860 was significantly less expensive that similar spec Qualcomm chip.
LG has been working on its own SoC codenamed Odin and we still haven’t seen a single device with it. Making SoC chips with an integrated LTE is hard and it costs Qualcomm and MediaTek billions of dollars to refresh the latest offering at least once a year. This was why Nvidia and Texas Instruments have dropped out of this game as it was too hard to compete.
Acer Inc founder Stan Shih said he would welcome a takeover of the struggling Taiwanese computer manufacturer after a drastic decline in its stock price, while warning any potential buyer would have to pay a heavy amount.
“Welcome,” Shih told reporters in response to a question about whether Acer would be open to a takeover. He added however that any buyer would get an “empty shell” and would pay dearly.
“U.S. and European management teams usually are concerned about money, their CEOs only work for money. But Taiwanese are more concerned about a sense of mission and emotional factors,” he said.
His remarks were first reported by Taiwanese media on Thursday and were confirmed by a company spokesman.
Acer has reported steep on-year sales falls in recent months, including a 33 percent drop in July.
It suffered a T$2.89 billion ($90 million) loss in the first six months of 2015, versus a slight profit in the same period last year. It booked losses for all of 2011, 2012 and 2013 amid cratering PC sales.
Its stock price has fallen by nearly half since early April.
IBM security research has found that people are using the so-called dark net to launch cyber attacks, force ransomware demands on punters and make distributed denial-of-service (DoS) attacks.
The dark net, accessed via Tor, is often tagged as a threat. The IBM X-Force Threat Intelligence Quarterly 3Q 2015 report identifies a spike in bad traffic and leads with a warning.
The report introduces Tor as the network that takes people to the dark net. We might start calling it the ferryman and the passage across the river Styx, but things are complicated enough.
IBM said that Tor is used by “non-malicious government officials, journalists, law enforcement officials” and bad people alike. It is the latter that should concern us.
“This latest report reveals that more than 150,000 malicious events have originated from Tor in the US alone thus far in 2015,” the report said.
“Tor has also played a role in the growing ransomware attack trend. Attackers have evolved the use of encryption to hold data hostage and demand payment/ransom for the decryption code.”
We have been here before, and ransomware has been a feature of many a security alert this year already. We heard, courtesy of Bitdefender, that ransomware charges start at £320, and are a real pain to deal with. We also heard that it is Android mobile users in the UK who get the worst of the hackers’ grabbing-for-money treatment.
Back at the IBM report, and we find IBM X-Force on the issue. X-Force, which is nothing like X-Men, said that hackers push internet users who are easily fooled by flashy online advertisements into installing the new cyber nightmare. Ransomware, it warns, will separate you from your cash.
“A surprising number of users are fooled by fake/rogue antivirus [AV] messages that are nothing more than animated web ads that look like actual products. The fake AV scam tricks users into installing or updating an AV product they may never have had,” it explains, adding that in some cases people pay the money without thinking.
“Afterward, the fake AV keeps popping up fake malware detection notices until the user pays some amount of money, typically something in the range of what an AV product would cost.”
This establishes the subject as a mark, and the hackers will exploit the opportunity. “Do not assume that if you are infected with encryption-based ransomware you can simply pay the ransom and reliably get your data back,” said IBM.
“The best way to avoid loss is to back up your data. Regardless of whether your backup is local or cloud-based, you must ensure that you have at least one copy that is not directly mapped visibly as a drive on your computer.”
Tor nodes in the US spewed out the most bad traffic in the first half of this year, according to the report, adding up to about 180,000 attacks. The Netherlands is second with around 150,000, and Romania is third with about 80,000.
The bulk of this negative attention lands at technology and communications companies. You might have assumed the financial markets, but you were wrong. IBM said that ICT gets over 300,000 Tor thwacks every six months, manufacturing gets about 245,000, and finance gets about 170,000.
IBM said that the old enemy, SQL injection attacks, is the most common Tor-led threat to come at its customers. Vulnerability scanning attacks are also a problem, and IBM said that the use of the network as a means for distributed DoS attacks should “Come as no surprise”. It doesn’t.
“These attacks combine Tor-commanded botnets with a sheaf of Tor exit nodes. In particular, some of the US-based exit nodes provide huge bandwidth,” explained the report.
“Employing a handful of the exit nodes in a distributed DoS orchestrated by the botnet controller and originating at dozens or hundreds of bot hosts can impose a large burden on the targeted system with a small outlay of attacker resources, and generally effective anonymity.”
There is a lot more. The bottom line is that bad things happen on the dark net and that they come to people and businesses through Tor. IBM said that concerned outfits should just block it and move on, which is along the lines of something that Akamai said recently.
“Corporate networks really have little choice but to block communications to these stealthy networks. The networks contain significant amounts of illegal and malicious activity,” said Akamai.
“Allowing access between corporate networks and stealth networks can open the corporation to the risk of theft or compromise, and to legal liability in some cases and jurisdictions.”
That sounds fine to us, but won’t someone give a thought to those non-malicious government officials out there?
Facebook Inc is testing a personal digital assistant called “M” within its Messenger service that is capable of answering questions with live human help and performing tasks such as buying gifts online and making restaurant reservations.
M is “powered by artificial intelligence that’s trained and supervised by people,” David Marcus, vice president of Messaging products, wrote on his Facebook page on Wednesday.
Rival services like Apple Inc’s Siri, Google Inc’s Google Now and Microsoft Corp’s Cortana rely entirely on technology to answer questions.
M is a hybrid backed by a team of Facebook employees with customer service backgrounds, called M trainers, who can also make travel arrangements and appointments, Marcus wrote.
Facebook has introduced several functions inside Messenger, which boasts more than 700 million users, to transform it into a standalone platform. Earlier this year, it rolled out games exclusively on Messenger and launched products for businesses to directly connect with consumers.
By Sept. 4, the Apple Watch will be available in 900 Best Buy stores, and it will appear in the retailer’s remaining locations by the end of the month, CEO Hubert Joly said.
Best Buy began selling the wearable in 100 stores as well as online on Aug. 7. The company had planned to expand availability to 200 additional stores by the Christmas shopping season.
However, “early momentum” from the Apple Watch “triggered” Best Buy to expand and accelerate the rollout, Joly said during a conference call to discuss the company’s second-quarter earnings.
Joly didn’t say how many Apple Watches the chain has sold so far. Apple hasn’t shared watch sales data either.
During Apple’s third-quarter earnings conference call, CEO Tim Cook said customers would have more ways to purchase the smartwatch because the company expects it to be a popular Christmas gift. A few days later, Best Buy said it would carry the wearable.
Best Buy is the only major retailer to stock the Apple Watch. The device can also be purchased from Apple’s retail and online stores and from a few high-end clothing and department stores.
Joly also discussed plans to expand Best Buy’s relationship with Apple.
The Apple shop-in-a-shop sections of 740 Best Buy stores are getting a makeover, with new fixtures and larger display tables to show Apple hardware, he said. So far, Best Buy has remodeled 350 of those departments and will revamp another 170 by the holiday shopping season.
The online retailer is expanding Prime Now, its one- and two-hour service, to Seattle, where the company is headquartered, and offering alcohol deliveries there.
Amazon Prime, the company’s $99 per year shopping membership program, offers free two-day delivery on millions of items. It is a key testing ground for the retailer’s new services, ranging from TV and on-demand video to fast delivery.
Amazon has said it has “tens of millions” of Prime subscribers. Analysts estimate the program to have around 40 million users worldwide.
The company has steadily expanded Prime Now since it launched the service in New York City last year. It facilitates integration of the retailer’s grocery delivery service, Amazon Fresh, which has been slower to expand to new markets.
On-demand grocery delivery is a growing and competitive market in the United States. Instacart, a grocery delivery company, announced on Tuesday that it had expanded to Indianapolis, its 17th city. Other startups, like Postmates, which focuses on meal delivery, also deliver personal care goods and alcohol for customers using a network of couriers.
Prime Now customers can order using an app available on both iOS and Android devices. Orders are shipped from smaller warehouses, or hubs. An Amazon spokeswoman said the company opened two facilities in Seattle and Kirkland, Washington, to handle Prime Now deliveries.
Even if the tablet market is in stuck in a rut, vendors aren’t giving up on the product category. LG Electronics will debut the best model of its G Pad tablet series at the IFA trade show in Berlin next week.
LG’s latest tablet, the G Pad II 10.1, is more powerful and has a better screen than its predecessor, but it also has a slightly smaller battery.
A quad-core 2.26 GHz Snapdragon 800 processor powers the G Pad II and its 10.1-inch screen has a 1200 x 1920 pixel resolution. That’s a big step up from the original G Pad 10.1, which had a Snapdragon 400 processor and an 800 x 1280 pixel screen.
The G Pad II also has 2GB of RAM and 16GB of integrated storage that can be expanded using the tablet’s microSD card slot. There is a 5-megapixel camera on the back and a 2-megapixel camera at the front.
Features that could turn out to be useful include a Reader Mode, which makes reading e-books more comfortable by reducing the blue light of the display backlight, according to LG. On the software side, the tablet comes preloaded with Microsoft Office and an additional 100GB of free OneDrive storage for two years.
LG didn’t reveal when the G Pad II 10.1 will go on sale, but said it will be available in North America, Europe and Asia. Pricing for the LTE and Wi-Fi models will be announced locally at the time of launch, the company said.
Relevant tweets will appear in desktop results for queries performed in English. The search doesn’t need to include the term “twitter” or twitter hashtags — if there are tweets that Google thinks are relevant, it will surface them anyway.
Last Friday, for instance, a search for “President Obama” returned recent tweets from Obama’s Twitter account near the top of the page, below a few news articles.
The tweets that appear will include photos and links that may have been contained in the tweet.
Google has provided links to tweets in its search results for a long time, but showing the actual tweets could potentially give a boost to Twitter at a time when it’s struggling to add new users.
Google noted the expansion on Friday in an update to its earlier announcement around the mobile rollout.
The company has said it will make the feature available in other languages besides English.
Samsung is working on a huge Android-based tablet that could be used in living rooms, offices, or schools, presumably as a coffee table.
According to Sam Mobile the SM-T670, codenamed ‘Tahoe’, is an Android 5.1 Lollipop-based tablet with an 18.4-inch display.
It will have a TFT LCD screen with a resolution of 1920 x 1080 pixels and be powered by an octa-core 64-bit 1.6GHz Exynos 7580 processor. It will have a rather low 2GB RAM, 32GB internal storage, a microSD card slot and a 5,700 mAh battery. Face it though a tablet this big is not going to spend a lot of time being carried about or needing a battery.
Apparently it will have an 8-megapixel primary camera and a 2.1-megapixel secondary camera. It will be 451.8 mm wide, 275.8 mm tall, and 11.9 mm thick. Strangely no one has mentioned the things weight.
Samsung is also said to be working on a Windows 10-based tablet with a high-resolution 12-inch display, a 13nm Intel Core M chipset, 4GB RAM, and an S Pen.
The Biel, Switzerland-based company is competing with Apple and other watchmakers in the budding smartwatch market.
“Our product is called Touch Zero One and that gives enough room for Zero Five, Zero Nine,” Nick Hayek was quoted as saying by Switzerland’s Tages-Anzeiger newspaper. “The Touch Zero One is not the end of the progression.”
Hayek told the paper Swatch would launch Touch Zero Two at next year’s Olympic Games in Rio de Janeiro.
The Swiss company’s strategy appears primarily to revolve around including individual tech features in different models rather than going head to head with Apple to create all-in-one smartwatches combining many functions.
On top of its Touch Zero One, which can track the distance the wearer travels and help beach volleyball players measure the power of their hits, Swatch is planning to launch watches with an embedded “near field communication” chip this year.
The early returns on Edge not only hint at Microsoft’s failure to get the earliest adopters to rely on the new browser, but also question Mozilla’s contention that Windows 10′s setup will result in defections from its own Firefox, or by association, other non-Microsoft browsers.
During July, Edge accounted for just 0.14% of all browsers tracked by California-based Net Applications. With Windows 10′s user share standing at 0.39% for July — and because Edge works only on Windows 10 — the browser was run by about 36% of its potential users (0.14% divided by 0.39%).
Net Applications measures user share using visitor tallies to its customers’ websites. The result is a rough estimate of the percentage of the world’s online users who run a specific browser.
Data from StatCounter, an Irish metrics vendor, also showed that Edge was far from the universal browser of choice among people who have upgraded to Windows 10.
Over the first 16 days of August, Edge’s global average daily usage share was 0.7%, far below the 4.4% average daily share of Windows 10. In other words, StatCounter pegged Edge as accounting for about 16% of the online activity of all Windows 10 owners.
The low percentages of Windows 10 users currently running Edge signaled that Microsoft has not made its case for the new browser, at least among those who have jumped on the OS and its free upgrade. That’s troubling, since Microsoft has positioned Edge as its browser of the future, and put in considerable effort to making it more compliant with standards, while relegating Internet Explorer (IE) in general, IE11 specifically, to a legacy support position.
The company plans to test the device in the U.S., according to several messages posted on Twitter by the Project Ara team. Neither the exact location nor precise timing of the tests was given.
“We are looking at a few locations in the U.S.,” one tweet said.
The Project Ara smartphone is designed to let users easily swap out its components.
The idea is that users purchase the hardware modules, like processors and sensors, themselves and snap them together to create a customized smartphone. In so doing, users could improve their device on their own terms, rather than buying a new phone outright.
Google had planned to commence initial testing in Puerto Rico this year, though those plans were scrapped as part of a ”recalculation,” announced last week.
The hastag #Yeswearelate was affixed to one of the tweets on Monday.
Google did not immediately respond to comment further.
Oracle has added more allegations to its court filing against Google, claiming that it has “destroyed” the market for Java.
The case stems from the use of Java libraries in the original Android operating system design. While these are open source, a clueless judge ruled that the APIs allowing third parties to use the libraries are subject to copyright and it is those libraries which Google is accused of infringing.
As regular readers will know, we have labelled this what in journalistic circles we like to refer to as ‘a heap of old horse shit’ that sets a dangerous precedent for the whole industry. However, Oracle is continuing to glove-slap for satisfaction.
The latest papers filed, which Google is yet to contest the addition of, work best if dictated with a single violin playing somberly in the background.
“Although all of these new Android versions are dependent upon the infringing Java code, applications written for these new Android versions are not compatible with the Java platform, because they do not run on the Java platform or on devices implementing the Java platform,” the filing said.
“Similarly, applications written for the Java platform do not run on the versions of Android made available since October 2010. Accordingly, given the widespread dominance Android has achieved with its continued unauthorized use of the 37 Java API packages over the past few years, Android has now irreversibly destroyed Java’s fundamental value proposition as a potential mobile device operating system by breaking the ‘write once, run anywhere’ principle on which Java was built.
“Google’s increasing domination of the mobile device market with Android, and its continuing failure and refusal to make Android compatible with the Java platform, has destroyed the potential value of a licensed derivative version of the Java platform in the mobile device market.”
Cutting to the chase, what Oracle is basically saying is that Google used them, then spat them out, leaving them unappealing to others, which makes them sound like a fallen woman in a Thomas Hardy novel.
The defense is likely to be that Java is an ageing, exploit-ridden system that has to be regularly patched up, and that forking from it was the best thing to do for customers. But, as ever with these epic battles, it’s going to be down to who has the best lawyers. Or the biggest yacht.
Oracle argues that the meteoric rise of the Android platform, and its market dominance, based on thousands of lines of Java code and yielding billions in ad revenues, means that the Ellison yachting fund is due a top-up.
Google has consistently claimed that, even if the APIs are copyright-able, ‘fair use’ is at play. Twice the court has sided with Google, and twice the decision has been overturned on appeal by old men who probably smoke cigars but think that the World Wide Web gives you cancer.
By default, people who access Yammer via their web browser will be taken to a new “Discovery” feed on the service’s home page that is supposed to better show them relevant content from their groups along with other public teams across their company’s network. It’s supposed to help keep people in closer touch with important discussions they may be missing on Yammer.
After users finish reviewing new content in one group, Yammer will display a pop up banner with a link to the next group they’re subscribed to that has new content. Yammer’s mobile apps will get similar functionality through a new Group Updates feed that lets users see a list of different conversations in various groups all on one screen. That way, they won’t have to look through individual groups to get the same information. That feature will begin rolling out on Android first before making it to Yammer’s iOS app.
In addition, Yammer is also tweaking the design of individual groups’ pages. Now, each group will have a full-width banner at the top of its page, and discussions within the group can now take up a wider space on the page to aid in lengthier discussions. The whole page has also been redesigned to focus users’ attention on important content.
Icons in the left-hand sidebar will show the users that are active in groups they are a part of, so they can stay up-to-date on where conversations are happening in real time. It’s a move that could make Yammer more competitive with popular chat solutions like Slack, which has been growing incredibly rapidly and was recently valued at $2.8 billion.
Yammer’s mobile app also gained support for attaching files from external storage services like OneDrive and Dropbox, inviting coworkers to a user’s network by email and mentioning people in comments.
There’s even more up Yammer’s sleeve on top of all these updates. The social network’s iPhone app will soon have a companion version for the Apple Watch that will let people interact with content from their coworkers.
The updates come at a time when Microsoft is putting more effort into improving its workplace collaboration tools.