Updated itself over night...
Google has released its November security update for Android, addressing a bag of security holes. You should install them as soon as they are available for your phone, tablet and other gadgets. Depending on your mobile carrier and device manufacturer, they may arrive immediately, soon, late or never. Among the holes covered …
... more like every six months. No matter the price point (well, almost). And installing a mod doesn't help - these are not backported patches but completely new OS versions, not so much resource hungry but rather resource addicted. I don't like dumping stuff that is still working! (the hardware is!)
Nope, if getting patches promptly is high on your list of requirements, you have been able to purchase android phones that deliver this for years. Unfortunately too many cretins are blinded by other features and patches are an afterthought.
Monthly patching doesn't come cheap, expecting a sub £200 phone to deliver it is laughable, the only problem is some popular brands of premium phone don't either, but that is the consumers fault for continuing to buy them
Unfortunately too many cretins are blinded by other features and patches are an afterthought.
Other features like removable battery, SD card, dual SIM, and reasonable after-sales service or a phone which is a reasonable price and doesn't click like Flipper or have a screen which burns?
You're pontificating as if Nexus or Pixel were perfect.
Google has stopped updating some Nexus models and others are due to be EOL'd shortly. So much for the updates, they could have at least tried to support devices like Apple does.
have good lineageOS support so I can get firmware updates weekly instead of on the 25th of never.
Huawei bragged about how great they were going to be with firmware updates, last update for the honor 5x I have was 14 months ago - bastards - lesson learnt.
Ah, I had the 2015 Moto X Pure. A minimal OS phone that promised rapid updates, except that software and hardware support was immediately terminated. No VoLTE and no warranty service. ZTE also went the extra mile by also promising parallel Cyanogen development but instead disabled bootloader unlocking and published non-functional kernel code.
Some companies like class action lawsuits more than repeat customers, I guess.
"Huawei bragged about how great they were going to be with firmware updates"
My other half has been stung by this. Never going near them again. Oneplus are the polar opposite. I get an update nearly every month. Running my OP3 for well over a year now - on android 8 with September security.
I got my daughter a Wileyfox that was promptly bricked by the first update it installed. Replaced it, same thing happened. Wileyfox's oh-so-helpful suggestion was that I send it back to Amazon for a refund. Shame, really, as it was a nice phone when it worked, but I won't be buying from them again.
Hm, I have an original Wileyfox Swift, and although things looked promising after they switched from CyanogenOS to Nougat, it is now stuck on the 1 May 2017 security patch level. I'll be contacting them in a few days if there is no sign of the KRACK-related security updates from them.
On the other hand, I also have a Sony Xperia running SailfishOS. That one was patched for KRACK (and BlueBorne) over a week ago.
I also have a Swift and latest update is 1 Sept for security patch and it's on Android 7.1.2. Kernel 3.10.49 dated 14 Sept '17. I'm sure you know to check Settings > About Phone > System Updates to make it check.
Fox support just seem to to be totally useless tho - send it back seems to be their only response, but won't even give a rough guess as to how long they'll take to even look at it never mind fix it. And I'm guessing there'll be a charge too.
"so clearly this is not a Android problem, it's a Samsung"
No it was an Android fuck up that it relied on 3rd parties to roll up patches, repackage them with their own carrier software and them push them out. If they had not made it to be such a PoS design, this would not be an issue.
MS rolled out patches regardless of make of phone.
""Fandroids with Nexus and Pixel devices will be able to get the November Android update directly from Google. ®""
well there the thing only the Nexus 6P and 5X will get these security updates (not sure if the samsung S5 i have will get it) all there other phones are now ignored (need to unlock and flash your own if they are still working) the Nexus 6 and 5 Might get the update as they only went EOL last month (October 2017) but they dont have to
https://support.google.com/nexus/answer/4457705 (this page should be persistent for all future google phones so probably should bookmark it)
"Pixel and nexus get monthly security updates from Google, so clearly this is not a Android problem, it's a Samsung (or whatever you own) problem"
No it's a Google problem. Wtf have OS updates got to do with your device manufacturers? They should be responsible for patching baseband firmware only. That's how it works on Windows Phone.
Google is to pay $90 million to settle a class-action lawsuit with US developers over alleged anti-competitive behavior regarding the Google Play Store.
Eligible for a share in the $90 million fund are US developers who earned two million dollars or less in annual revenue through Google Play between 2016 and 2021. "A vast majority of US developers who earned revenue through Google Play will be eligible to receive money from this fund," said Google.
Law firm Hagens Berman announced the settlement this morning, having been one of the first to file a class case. The legal firm was one of four that secured a $100 million settlement from Apple in 2021 for US iOS developers.
Spyware developed by Italian firm RCS Labs was used to target cellphones in Italy and Kazakhstan — in some cases with an assist from the victims' cellular network providers, according to Google's Threat Analysis Group (TAG).
RCS Labs customers include law-enforcement agencies worldwide, according to the vendor's website. It's one of more than 30 outfits Google researchers are tracking that sell exploits or surveillance capabilities to government-backed groups. And we're told this particular spyware runs on both iOS and Android phones.
We understand this particular campaign of espionage involving RCS's spyware was documented last week by Lookout, which dubbed the toolkit "Hermit." We're told it is potentially capable of spying on the victims' chat apps, camera and microphone, contacts book and calendars, browser, and clipboard, and beam that info back to base. It's said that Italian authorities have used this tool in tackling corruption cases, and the Kazakh government has had its hands on it, too.
Qualcomm knows that if it wants developers to build and optimize AI applications across its portfolio of silicon, the Snapdragon giant needs to make the experience simpler and, ideally, better than what its rivals have been cooking up in the software stack department.
That's why on Wednesday the fabless chip designer introduced what it's calling the Qualcomm AI Stack, which aims to, among other things, let developers take AI models they've developed for one device type, let's say smartphones, and easily adapt them for another, like PCs. This stack is only for devices powered by Qualcomm's system-on-chips, be they in laptops, cellphones, car entertainment, or something else.
While Qualcomm is best known for its mobile Arm-based Snapdragon chips that power many Android phones, the chip house is hoping to grow into other markets, such as personal computers, the Internet of Things, and automotive. This expansion means Qualcomm is competing with the likes of Apple, Intel, Nvidia, AMD, and others, on a much larger battlefield.
Google is winding down its messaging app Hangouts before it officially shuts in November, the web giant announced on Monday.
Users of the mobile app will see a pop-up asking them to move their conversations onto Google Chat, which is yet another one of its online services. It can be accessed via Gmail as well as its own standalone application. Next month, conversations in the web version of Hangouts will be ported over to Chat in Gmail.
Updated Another kicking has been leveled at American tech giants by EU regulators as Italy's data protection authority ruled against transfers of data to the US using Google Analytics.
The ruling by the Garante was made yesterday as regulators took a close look at a website operator who was using Google Analytics. The regulators found that the site collected all manner of information.
So far, so normal. Google Analytics is commonly used by websites to analyze traffic. Others exist, but Google's is very much the big beast. It also performs its analysis in the USA, which is what EU regulators have taken exception to. The place is, after all, "a country without an adequate level of data protection," according to the regulator.
Interview In June, Purism began shipping a privacy-focused smartphone called Librem 5 USA that runs on a version of Linux called PureOS rather than Android or iOS. As the name suggests, it's made in America – all the electronics are assembled in its Carlsbad, California facility, using as many US-fabricated parts as possible.
While past privacy-focused phones, such as Silent Circle's Android-based Blackphone failed to win much market share, the political situation is different now than it was seven years ago.
Supply-chain provenance has become more important in recent years, thanks to concerns about the national security implications of foreign-made tech gear. The Librem 5 USA comes at a cost, starting at $1,999, though there are now US government agencies willing to pay that price for homegrown hardware they can trust – and evidently tech enthusiasts, too.
After offering free G Suite apps for more than a decade, Google next week plans to discontinue its legacy service – which hasn't been offered to new customers since 2012 – and force business users to transition to a paid subscription for the service's successor, Google Workspace.
"For businesses, the G Suite legacy free edition will no longer be available after June 27, 2022," Google explains in its support document. "Your account will be automatically transitioned to a paid Google Workspace subscription where we continue to deliver new capabilities to help businesses transform the way they work."
Small business owners who have relied on the G Suite legacy free edition aren't thrilled that they will have to pay for Workspace or migrate to a rival like Microsoft, which happens to be actively encouraging defectors. As noted by The New York Times on Monday, the approaching deadline has elicited complaints from small firms that bet on Google's cloud productivity apps in the 2006-2012 period and have enjoyed the lack of billing since then.
Interview 2023 is shaping up to become a big year for Arm-based server chips, and a significant part of this drive will come from Nvidia, which appears steadfast in its belief in the future of Arm, even if it can't own the company.
Several system vendors are expected to push out servers next year that will use Nvidia's new Arm-based chips. These consist of the Grace Superchip, which combines two of Nvidia's Grace CPUs, and the Grace-Hopper Superchip, which brings together one Grace CPU with one Hopper GPU.
The vendors lining up servers include American companies like Dell Technologies, HPE and Supermicro, as well Lenovo in Hong Kong, Inspur in China, plus ASUS, Foxconn, Gigabyte, and Wiwynn in Taiwan are also on board. The servers will target application areas where high performance is key: AI training and inference, high-performance computing, digital twins, and cloud gaming and graphics.
Google has added API security tools and Workspace (formerly G-Suite) admin alerts about potentially risky configuration changes such as super admin passwords resets.
The API capabilities – aptly named "Advanced API Security" – are built on top of Apigee, the API management platform that the web giant bought for $625 million six years ago.
As API data makes up an increasing amount of internet traffic – Cloudflare says more than 50 percent of all of the traffic it processes is API based, and it's growing twice as fast as traditional web traffic – API security becomes more important to enterprises. Malicious actors can use API calls to bypass network security measures and connect directly to backend systems or launch DDoS attacks.
Siemens and Nvidia don’t want manufacturers to imagine what the future will hold – they want to build a fancy digital twin that helps them to make predictions about whatever comes next.
During a press conference this week, Siemens CEO Roland Busch painted a picture of a future in which manufacturers are besieged with productivity, labor, and supply chain disruptions.
"The answer to all of these challenges is technology and digitalization," he said. "The point is, we have to make the digital twin as realistic as possible and bring it as close as possible to the real world."
Biting the hand that feeds IT © 1998–2022