• chevron_right

      Android 4.4 KitKat is truly dead, loses Play Services support

      news.movim.eu / ArsTechnica · Tuesday, 25 July, 2023 - 16:46 · 1 minute

    Android 4.4 KitKat is truly dead, loses Play Services support

    (credit: Google)

    The Android ecosystem rightfully gets a lot of slack for being unable to deliver operating system updates to everyone in a timely manner, but there's more to Android updates than just OS support. App updates can keep a phone chugging along even after the updates have stopped, and Google's do-it-all super app, Google Play Services, contains a ton of app APIs and features and enables the really important stuff like Play Store transactions and advertisements.

    Google just announced Play Services is dropping support for an old version of Android, and while OS development might stop at just three or four years, Play Services goes back way longer than that. Google announced Play Services is dropping support for Android 4.4 KitKat, which is now 10 years old. Support isn't really being artificially cut off, either. Google says KitKat's active device count is "below 1 percent," so there's not much reason to support it anymore.

    These devices will stop getting Play Services updates after July, and then it's anyone's guess as to how much longer they will work. At some point, Google will change something, and your device will become a brick. Old, unsupported Android devices can't log in to a Google account, which is a prerequisite for opening half of the apps that come with your phone. You'll be locked out of the Play Store, Gmail, Google Maps, and other Google products, with no way to see these old versions again. Luckily, someone saw all this coming and took screenshots of every old version.

    Read 1 remaining paragraphs | Comments

    • chevron_right

      Google’s Android and Chrome extensions are a very sad place. Here’s why

      news.movim.eu / ArsTechnica · Friday, 2 June, 2023 - 21:07

    Google’s Android and Chrome extensions are a very sad place. Here’s why

    Enlarge (credit: Photo Illustration by Miguel Candela/SOPA Images/LightRocket via Getty Images)

    No wonder Google is having trouble keeping up with policing its app store. Since Monday, researchers have reported that hundreds of Android apps and Chrome extensions with millions of installs from the company’s official marketplaces have included functions for snooping on user files, manipulating the contents of clipboards, and injecting deliberately unknown code into webpages.

    Google has removed many but not all of the malicious entries, the researchers said, but only after they were reported, and by then, they were on millions of devices—and possibly hundreds of millions. The researchers aren’t pleased.

    A very sad place

    “I’m not a fan of Google’s approach,” extension developer and researcher Wladimir Palant wrote in an email. In the days before Chrome, when Firefox had a bigger piece of the browser share, real people reviewed extensions before making them available in the Mozilla marketplace. Google took a different approach by using an automated review process, which Firefox then copied.

    Read 18 remaining paragraphs | Comments

    • chevron_right

      101 applications sur Google Play ont été infectées par un logiciel espion

      news.movim.eu / Numerama · Wednesday, 31 May, 2023 - 13:21

    Plus d'une centaine d'applications sur Google Play contiennent un logiciel espion, récupérant données et fichiers sur le smartphone de la victime. Ces applis ont été retirées, mais il convient toujours de les désinstaller. [Lire la suite]

    Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/

    • chevron_right

      App with 50,000 Google Play installs sent attackers mic recordings every 15 minutes

      news.movim.eu / ArsTechnica · Wednesday, 24 May, 2023 - 17:49 · 1 minute

    App with 50,000 Google Play installs sent attackers mic recordings every 15 minutes

    Enlarge (credit: Getty Images)

    An app that had more than 50,000 downloads from Google Play surreptitiously recorded nearby audio every 15 minutes and sent it to the app developer, a researcher from security firm ESET said.

    The app, titled iRecorder Screen Recorder, started life on Google Play in September 2021 as a benign app that allowed users to record the screens of their Android devices, ESET researcher Lukas Stefanko said in a post published on Tuesday. Eleven months later, the legitimate app was updated to add entirely new functionality. It included the ability to remotely turn on the device mic and record sound, connect to an attacker-controlled server, and upload the audio and other sensitive files that were stored on the device.

    Surreptitious recording every 15 minutes

    The secret espionage functions were implemented using code from AhMyth , an open source RAT—short for remote access trojan—that has been incorporated into several other Android apps in recent years. Once the RAT was added to iRecorder, all users of the previously benign app received updates that allowed their phones to record nearby audio and send it to a developer-designated server through an encrypted channel. As time went on, code taken from AhMyth was heavily modified, an indication that the developer became more adept with the open source RAT. ESET named the newly modified RAT in iRecorder AhRat.

    Read 15 remaining paragraphs | Comments

    • chevron_right

      Google Bans ‘Downloader’ App: TV Outfits Claim Browser Violates Injunction

      news.movim.eu / TorrentFreak · Tuesday, 23 May, 2023 - 11:34 · 7 minutes

    downloader-logo If the best ideas are always the simplest, in 2016 software developer Elias Saba hit the jackpot.

    Two years after Amazon launched its first generation Fire TV, there was still no easy way to transfer files to the device. Released on the Amazon Appstore in November 2016, Saba’s ‘Downloader’ app offered users just two things; an empty URL field and a download button. It was basic yet functional, and in time, extraordinarily successful.

    The Amazon Appstore and Google Play currently account for more than 50 million installs of Downloader, underpinned by Saba’s decision not to charge a single penny for the software. downloader-amazon reviews At the time of writing, Downloader has 664,605 customer ratings on Amazon, averaging 4.3 stars out of a possible five. For several TV companies from Israel, Saba’s work, success and generosity are of no consequence; Downloader is in their way and has to go.

    Google Kicks Downloader Out of the Play Store

    In a notification sent to Sabas yesterday, Google informs the developer that “after a recent review,” Downloader was found to contain content that “doesn’t comply with the Unauthorized Use of Copyrighted Content policy” operated on the Play Store.

    The review was prompted by a copyright complaint from Israel-based TV companies HOT Communications Systems Ltd, DBS Satellite Services (1998) Ltd, United King Distribution Videos (1990) Ltd, and Charlton Ltd.

    “We have received an infringement notice that your app contains copyrighted content,” Google’s notice explains. “Your app has been suspended and removed due to alleged copyright infringement (according to the terms of the Digital Millennium Copyright Act).”

    Notices like this can be terminal app-suspended

    Google’s notification reveals that the TV companies supplied no details of specific original content or details of content allegedly infringed. As a DMCA takedown notice, it arguably fails at the very first hurdle. Instead, the notice draws Google’s attention to a feature added to Downloader more than six years ago.

    The companies claim that this feature violates an injunction the TV companies obtained from a New York court in 2022. Neither the injunction, nor the process that led to its issuance, have anything to do with Saba or his software.

    Since the TV companies claim otherwise, a little background may help.

    Users Demand More, Get More

    Within weeks of its launch, Downloader’s users were already requesting new features. For Saba, a former Fire TV Product Manager at Amazon, that didn’t come as a surprise. As a developer, it wasn’t a problem either.

    “I added basic file management and a web browser to Downloader in February 2017 because users complained that it was too tedious to enter long URLs using a remote control and the on-screen keyboard,” Saba informs TorrentFreak.

    The addition of a web browser didn’t just consign long URLs to history; for Downloader and its users, a little history was being made. While Downloader users happily searched Google and navigated to files displayed on a TV , bigger players in the software market were still playing catch up.

    TV Surfing Pioneer Taken Offline on a Whim

    When Downloader fueled free, accessible web browsing via TV sets, Saba says that filling another gap in the market was an accident, an “unintended side-effect” of the new feature.

    “My app predated nearly all stand-alone web browsers on streaming devices, including Amazon’s own Silk browser and Firefox, which arrived on TV streaming devices six months after my app gained a web browser,” Saba recalls.

    While popular in its own right, Downloader was about to get a huge boost. Popular open source media player Kodi was previously available from Amazon’s Appstore but after the company removed it , only unofficial installation methods remained.

    In an April 2017 tweet , the people behind Kodi described Downloader as ‘The only correct way of installing Kodi on Amazon devices.” Over the years, millions of people followed that advice.

    Saba estimates that over 45 million Fire TV users installed Downloader at some point. At the time of writing, Downloader has at least five million active installs on Android TV devices through Google Play. Downloader is free and the nearest thing it has to an advert is Saba’s blog, AFTVNews.com , loading as the browser’s default homepage.

    Downloader’s browser feature is the start, middle and end of the TV companies’ complaint to Google.

    Browser Can Access a Pirate Streaming Site

    The bones of the complaint fit neatly into a single paragraph. Sent to Google by Eran Presenti, a partner at M. Firon & Co., one of Israel’s largest law firms, it reads as follows:

    “[T]his app which can be downloaded to any Android based device including smart TV – allows users to view the infamous copyright infringing website known as SDAROT (www.sdarot.tw) against which the are 2 Isareli court and a NY Federal court judgments issuing permanent injunction against the saus website [sic].”

    Google Chrome, an app that arrives pre-installed on millions of Android devices, also allows users to view the infamous Sdarot. The same is true for Safari, Edge and Firefox. All of them show an image similar to the one below in response to input featuring Sdarot’s URL.

    Evidence that Downloader’s browser displays websites in response to user input is reportedly contained in eight screenshots listed by Google. Saba actually received eight filenames ending in .jpg, but no actual images.

    A link to a website in the notice claims to provide a copy of an ‘Amended Default Judgment & Injunction’ dated July 6, 2022. The link was supposed to lead to sdarot.tv, a domain previously owned by Sdarot but later seized by the TV companies. A copy of the injunction isn’t available because the domain itself is completely broken.

    Despite acting as the evidence behind Downloader’s removal from Google Play, Saba informs us that the screenshots and injunction remain a mystery to him. Fortunately, we know all about the underlying case and injunction; more interestingly, Google knows all about it too.

    TV Companies Fight a War They Can’t Win

    HOT Communications, DBS Satellite, United King and Charlton Ltd are on a mission to destroy Sdarot, Israel’s largest pirate site. The subscription streaming platform has been targeted in at least three lawsuits, all of them decided in favor of the plaintiffs, yet still refuses to die.

    In May 2022, we broke the news that the companies had obtained an injunction from a New York court that required every ISP in the United States to block Sdarot and two other pirate sites.

    What happened next remains shrouded in mystery but the record shows that after winning the injunction, the TV companies decided they didn’t want U.S. ISPs to block the sites after all.

    The scope of the injunction remained a concern. It began with consumer ISPs but also prohibited any webhost, CDN provider, DNS provider, domain company, advertising service, financial institution, or payment processor from doing business with the sites’ operators moving forward. Cloudflare, Google, EFF, and industry group CCIA felt strongly enough to intervene in the lawsuit.

    With no means to protect itself from an injunction that failed to narrowly target specific, identified defendants and their agents, and/or third parties in active concert or participation with them, Cloudflare refused to comply with its terms and the TV companies’ “blatant attempt at a power grab.”

    The TV companies unwisely moved to hold Cloudflare in contempt but in the weeks that followed, the injunction was amended and the TV companies went after Sdarot instead.

    Sdarot Remains Online, Downloader Targeted

    For reasons that currently make little sense, the TV companies seem to have cited an injunction that appears to have nothing to do with Saba or Downloader, to convince Google that displaying the Sdarot website, after someone keys Sdarot.tw into Downloader’s browser, is a breach of its terms.

    Since Saba’s initial appeal to Google was rejected, he’s since filed a DMCA counternotice to have Downloader reinstated. That’s currently listed as pending but at least in theory, Google should reinstate the software unless the TV companies file a lawsuit against Saba.

    Thus far, however, legal action against intermediaries has failed to achieve its primary goal. A review of the position on the ground today suggests a situation that’s arguably worse than before.

    Sdarot now operates from a Taiwan .tw domain which present its own legal challenges. As for the site’s hosting, Sdarot now spreads its infrastructure across several countries including Moldova and Russia, utilizing a number of hosts that are well-known for filing DMCA complaints in the cabinet marked ‘TRASH’.

    From: TF , for the latest news on copyright battles, piracy and more.

    • chevron_right

      On espère que vous aimez les jeux vidéo sur Netflix, puisque 40 titres arrivent

      news.movim.eu / Numerama · Tuesday, 21 March, 2023 - 09:29

    Pour diversifier ses sources de revenus, Netflix mise sur les jeux vidéo. Deux ans après le lancement de ses premiers titres sur mobile, le géant du streaming s’approche doucement de la centaine. [Lire la suite]

    Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/

    • chevron_right

      Wish est de retour sur le web français après un an d’exclusion

      news.movim.eu / Numerama · Tuesday, 14 March, 2023 - 11:44


    Après un an de bannissement, Wish revient sur les moteurs de recherche et les boutiques d'applications en France. [Lire la suite]

    Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/

    • chevron_right

      Quelles sont les meilleures apps pour aller au ski ?

      news.movim.eu / Numerama · Tuesday, 7 February, 2023 - 16:57

    Les bronzés font du ski

    Les applications dédiées au ski et au snowboard sont aujourd'hui très nombreuses et couvrent toutes sortes de besoins. En faire l'inventaire complet serait vain, alors voici une sélection des applications de ski que vous devriez utiliser avant de partir à la montagne. [Lire la suite]

    Abonnez-vous aux newsletters Numerama pour recevoir l’essentiel de l’actualité https://www.numerama.com/newsletter/

    • chevron_right

      Pig-butchering scam apps sneak into Apple’s App Store and Google Play

      news.movim.eu / ArsTechnica · Wednesday, 1 February, 2023 - 11:00 · 1 minute

    artist rendition of a piggbank with an Apple App Store logo on it about to explode

    Enlarge (credit: Aurich Lawson | Getty Images)

    In the past year, a new term has arisen to describe an online scam raking in millions , if not billions , of dollars per year. It’s called "pig butchering," and now even Apple is getting fooled into participating.

    Researchers from security firm Sophos said on Wednesday that they uncovered two apps available in the App Store that were part of an elaborate network of tools used to dupe people into putting large sums of money into fake investment scams. At least one of those apps also made it into Google Play, but that market is notorious for the number of malicious apps that bypass Google vetting. Sophos said this was the first it had seen such apps in the App Store and that a previous app identified in these types of scams was a legitimate one that was later exploited by bad actors

    Pig butchering relies on a rich combination of apps, websites, web hosts, and humans—in some cases human trafficking victims —to build trust with a mark over a period of weeks or months, often under the guise of a romantic interest, financial advisor, or successful investor. Eventually, the online discussion will turn to investments, usually involving cryptocurrency, that the scammer claims to have earned huge sums of money from. The scammer then invites the victim to participate.

    Read 20 remaining paragraphs | Comments