The vulnerability, discovered by John Gordon, is easy to exploit: simply open the phone’s “Emergency Call” feature, type a few characters and the repeatedly copy-and-paste them. The pasted text becomes longer and longer — Gordon’s reaches over 160,000 characters — and, as such, harder for the phone to handle.
Next, open the camera app which causes the phone to ask for a password into which the 160,000 character string is pasted. After a few minutes the phone restarts, booting straight to the unlocked home screen.
But in lieu of the usual polite deflection, Federighi picked up an iPhone 6S and explained one of 3D Touch’s simpler challenges: “It starts with the idea that, on a device this thin, you want to detect force. I mean, you think you want to detect force, but really what you’re trying to do is sense intent. You’re trying to read minds. And yet you have a user who might be using his thumb, his finger, might be emotional at the moment, might be walking, might be laying on the couch. These things don’t affect intent, but they do affect what a sensor [inside the phone] sees. So there are a huge number of technical hurdles. We have to do sensor fusion with accelerometers to cancel out gravity—but when you turn [the device] a different way, we have to subtract out gravity. … Your thumb can read differently to the touch sensor than your finger would. That difference is important to understanding how to interpret the force. And so we’re fusing both what the force sensor is giving us with what the touch sensor is giving us about the nature of your interaction. So down at even just the lowest level of hardware and algorithms—I mean, this is just one basic thing. And if you don’t get it right, none of it works.”
Long but good read.
New Android ransomware locks out victims by changing lock screen PIN
Dubbed Android/Lockerpin.A, the app first tricks inexperienced users into granting it device administrator privileges. To achieve this, it overlays a bogus patch installation window on top of an activation notice. When targets click on the continue button, they really grant the malicious app elevated rights that allow it to make changes to the Android settings. From there, Lockerpin sets or resets the PIN that unlocks the screen lock, effectively requiring users to perform a factory reset to regain control over the device. By contrast, earlier forms of Android ransomware generally were thwarted, usually by deactivating administrator privileges and then uninstalling the app after the infected device is booted into safe mode.
“After clicking on the button, the user’s device is doomed,” Lukas Stefanko, a researcher with antivirus provider Eset, wrote in a blog post published Thursday. “The trojan app has obtained administrator rights silently and now can lock [the] device—and even worse, it set[s] a new PIN for the lock screen. Not long after, the user will be prompted to pay a $US500 ransom for allegedly viewing and harboring forbidden pornographic material.”
You can expect Apple’s proportion to grow. As analysts at Credit Suisse explained in a note last week, only about 30 percent of the world’s 400 million iPhone users have upgraded to the large-screen models Apple introduced last year. Apple is bound to reap more money as the majority of its users inevitably jump to big phones over the next few years. In other words, for the foreseeable future, Apple stands virtually alone: It may be the only company making any money selling phones.
What’s driving the iPhone’s escape from the trap of commodity hardware is that it is more than a hardware device. Instead, an iPhone is a tightly integrated mix of hardware, great software, and several pretty good services rolled into a single gadget.
Something for the Apple naysayers to ponder upon.
Microsoft is downloading Windows 10 to PCs, even if you don’t “reserve” a copy
According to The Inquirer, the situation was first reported by an anonymous reader who claimed to have discovered a hidden directory called $Windows.~BT on his computer, despite not opting in for a free upgrade to Windows 10. The directory weighed in at “3.5GB to 6GB,” according to the reader.
“I thought Microsoft [said] this ‘upgrade’ was optional. If so, why is it being pushed out to so many computers where it wasn’t reserved, and why does it try to install over and over again?” he told the outlet.
“Premium” Android is getting torn apart, piranha-style. Cheaper phones from Chinese companies such as Xiaomi, Huawei, OnePlus, and Oppo are taking away their high-end Chinese business. Slowdowns in developing countries (notably south America) are killing sales there.
And in the west, there isn’t the same appetite for continued upgrades that there was; people are upgraded out. Does the Galaxy S6 really offer anything special over the S4 or S5? If anything, Samsung has pared back on both the software and hardware features – it doesn’t have some of the weird things where you waved hands to scroll screens, nor the microSD card and removable battery that a number of previous Samsung buyers liked. As I said before, Samsung must know how many people actually use the removable battery. But maybe that’s like buying a car with airbags: you don’t expect to need them, you just want to know they’re there in an emergency.
[…]
I don’t think the crash in premium Android sales is a one-off. The competition from low- and mid-priced devices is fierce now, and yet these companies don’t seem to be putting any clear blue water between them; they’re not offering anything better than they did a year ago.
Case in point: Samsung’s Galaxy Note 5 has a smaller battery, also non-removable, than last year’s Note 4; and no SD card – which has pissed off some former Note buyers. How does that compete against the Xiaomis and Oppos and OnePlus phones of this world, which are much the same spec for less? Or even the iPhone 6 Plus, which has a better-adapted app store, and costs less?
Samsung is getting squeezed on both ends. Trying to be the premium Android brand isn’t and won’t work unless Samsung tries to be innovative instead of attempting to be an Apple clone.