iPhone

Apple disables Walkie Talkie app due to vulnerability that could allow iPhone eavesdropping

Posted by | Apple, apple inc, apple store, Apple Watch, Companies, FaceTime, iOS, iOS 10, iPhone, Mobile, privacy, Security, TC, technology, vulnerability | No Comments

Apple has disabled the Apple Watch Walkie Talkie app due to an unspecified vulnerability that could allow a person to listen to another customer’s iPhone without consent, the company told TechCrunch this evening.

Apple has apologized for the bug and for the inconvenience of being unable to use the feature while a fix is made.

The Walkie Talkie app on Apple Watch allows two users who have accepted an invite from each other to receive audio chats via a “push to talk” interface reminiscent of the PTT buttons on older cell phones.

A statement from Apple reads:

We were just made aware of a vulnerability related to the Walkie-Talkie app on the Apple Watch and have disabled the function as we quickly fix the issue. We apologize to our customers for the inconvenience and will restore the functionality as soon as possible. Although we are not aware of any use of the vulnerability against a customer and specific conditions and sequences of events are required to exploit it, we take the security and privacy of our customers extremely seriously. We concluded that disabling the app was the right course of action as this bug could allow someone to listen through another customer’s iPhone without consent.  We apologize again for this issue and the inconvenience.

Apple was alerted to the bug via its report a vulnerability portal directly and says there is no current evidence that it was exploited in the wild.

The company is temporarily disabling the feature entirely until a fix can be made and rolled out to devices. The Walkie Talkie App will remain installed on devices, but will not function until it has been updated with the fix.

Earlier this year a bug was discovered in the group calling feature of FaceTime that allowed people to listen in before a call was accepted. It turned out that the teen who discovered the bug, Grant Thompson, had attempted to contact Apple about the issue but was unable to get a response. Apple fixed the bug and eventually rewarded Thompson a bug bounty. This time around, Apple appears to be listening more closely to the reports that come in via its vulnerability tips line and has disabled the feature.

Earlier today, Apple quietly pushed a Mac update to remove a feature of the Zoom conference app that allowed it to work around Mac restrictions to provide a smoother call initiation experience — but that also allowed emails and websites to add a user to an active video call without their permission.

Powered by WPeMatico

Week-in-Review: Alexa’s indefinite memory and NASA’s otherworldly plans for GPS

Posted by | 4th of July, AI assistant, alex wong, Amazon, Andrew Kortina, Android, andy rubin, appeals court, Apple, apple inc, artificial intelligence, Assistant, China, enterprise software, Getty-Images, gps, here, iPhone, machine learning, Online Music Stores, operating systems, Sam Lessin, social media, Speech Recognition, TC, Tim Cook, Twitter, United States, Venmo, voice assistant | No Comments

Hello, weekenders. This is Week-in-Review, where I give a heavy amount of analysis and/or rambling thoughts on one story while scouring the rest of the hundreds of stories that emerged on TechCrunch this week to surface my favorites for your reading pleasure.

Last week, I talked about the cult of Ive and the degradation of Apple design. On Sunday night, The Wall Street Journal published a report on how Ive had been moving away from the company, to the dismay of many on the design team. Tim Cook didn’t like the report very much. Our EIC gave a little breakdown on the whole saga in a nice piece.

Apple sans Ive


Amazon Buys Whole Foods For Over 13 Billion

The big story

This week was a tad restrained in its eventfulness; seems like the newsmakers went on 4th of July vacations a little early. Amazon made a bit of news this week when the company confirmed that Alexa request logs are kept indefinitely.

Last week, an Amazon public policy exec answered some questions about Alexa in a letter sent to U.S. Senator Coons. His office published the letter on its site a few days ago and most of the details aren’t all that surprising, but the first answer really sets the tone for how Amazon sees Alexa activity:

Q: How long does Amazon store the transcripts of user voice recordings?

A: We retain customers’ voice recordings and transcripts until the customer chooses to delete them.

What’s interesting about this isn’t that we’re only now getting this level of straightforward dialogue from Amazon on how long data is kept if not specifically deleted, but it makes one wonder why it is useful or feasible for them to keep it indefinitely. (This assumes that they actually are keeping it indefinitely; it seems likely that most of it isn’t, and that by saying this they’re protecting themselves legally, but I’m just going off the letter.)

After several years of “Hey Alexa,” the company doesn’t seem all that close to figuring out what it is.

Alexa seems to be a shit solution for commerce, so why does Amazon have 10,000 people working on it, according to a report this week in The Information? All signs are pointing to the voice assistant experiment being a short-term failure in terms of the short-term ambitions, though AI advances will push the utility.

Training data is a big deal across AI teams looking to educate models on data sets of relevant information. The company seems to say as much. “Our speech recognition and natural language understanding systems use machine learning to adapt to customers’ speech patterns and vocabulary, informed by the way customers use Alexa in the real world. To work well, machine learning systems need to be trained using real world data.”

The company says it doesn’t anonymize any of this data because it has to stay associated with a user’s account in order for them to delete it. I’d feel a lot better if Amazon just effectively anonymized the data in the first place and used on-device processing the build a profile on my voice. What I’m more afraid of is Amazon having such a detailed voiceprint of everyone who has ever used an Alexa device.

If effortless voice-based e-commerce isn’t really the product anymore, what is? The answer is always us, but I don’t like the idea of indefinitely leaving Amazon with my data until they figure out the answer.

Send me feedback
on Twitter @lucasmtny or email
lucas@techcrunch.com

On to the rest of the week’s news.

Trends of the week

Here are a few big news items from big companies, with green links to all the sweet, sweet added context:

  • NASA’s GPS moonshot
    The U.S. government really did us a solid inventing GPS, but NASA has some bigger ideas on the table for the positioning platform, namely, taking it to the Moon. It might be a little complicated, but, unsurprisingly, scientists have some ideas here. Read more.
  • Apple has your eyes
    Most of the iOS beta updates are bug fixes, but the latest change to iOS 13 brought a very strange surprise: changing the way the eyes of users on iPhone XS or XS Max look to people on the other end of the call. Instead of appearing that you’re looking below the camera, some software wizardry will now make it look like you’re staring directly at the camera. Apple hasn’t detailed how this works, but here’s what we do know
  • Trump is having a Twitter party
    Donald Trump’s administration declared a couple of months ago that it was launching an exploratory survey to try to gain a sense of conservative voices that had been silenced on social media. Now @realdonaldtrump is having a get-together and inviting his friends to chat about the issue. It’s a real who’s who; check out some of the people attending here.
Amazon CEO And Blue Origin Founder Jeff Bezos Speaks At Air Force Association Air, Space And Cyber Conference

(Photo by Alex Wong/Getty Images)

GAFA Gaffes

How did the top tech companies screw up this week? This clearly needs its own section, in order of badness:

  1. Amazon is responsible for what it sells:
    [Appeals court rules Amazon can be held liable for third-party products]
  2. Android co-creator gets additional allegations filed:
    [Newly unsealed court documents reveal additional allegations against Andy Rubin]

Extra Crunch

Our premium subscription service had another week of interesting deep dives. TechCrunch reporter Kate Clark did a great interview with the ex-Facebook, ex-Venmo founding team behind Fin and how they’re thinking about the consumerization of the enterprise.

Sam Lessin and Andrew Kortina on their voice assistant’s workplace pivot

“…The thing is, developing an AI assistant capable of booking flights, arranging trips, teaching users how to play poker, identifying places to purchase specific items for a birthday party and answering wide-ranging zany questions like “can you look up a place where I can milk a goat?” requires a whole lot more human power than one might think. Capital-intensive and hard-to-scale, an app for “instantly offloading” chores wasn’t the best business. Neither Lessin nor Kortina will admit to failure, but Fin‘s excursion into B2B enterprise software eight months ago suggests the assistant technology wasn’t a billion-dollar idea.…”

Here are some of our other top reads this week for premium subscribers. This week, we talked a bit about asking for money and the future of China’s favorite tech platform:

Want more TechCrunch newsletters? Sign up here.

Powered by WPeMatico

UnitedMasters releases iPhone app for DIY cross-service music distribution

Posted by | 20th Century Fox, Apple, Apps, AT&T, cloud applications, cloud storage, computing, Dropbox, iCloud, iOS, iPhone, Media, Mobile, national basketball association, NBA, operating systems, PayPal, president, Software, Startups, steve stoute, TC, tidal, UnitedMasters | No Comments

Alphabet-backed UnitedMasters, the music label distribution startup and record label alternative that offers artists 100 percent ownership of everything they create, launched its iPhone app today.

The iPhone app works like the service they used to offer only via the web, giving artists the chance to upload their own tracks (from iCloud, Dropbox or directly from text messages), then distribute them to a full range of streaming music platforms, including Spotify, Apple Music, Tidal and more. In exchange for this distribution, as well as analytics on how your music is performing, UnitedMasters takes a 10% share on revenue generated by tracks it distributes, but artists retain full ownership of the content they create.

UnitedMasters also works with brand partners, including Bose, the NBA and AT&T, to place tracks in marketing use across the brand’s properties and distributed content. Music creators are paid out via PayPal once they connect their accounts, and they can also tie-in their social accounts for connecting their overall online presence with their music.

UnitedMasters

Using the app, artists can create entire releases by uploading not only music tracks but also high-quality cover art, and by entering information like whether any producers participated in the music creation, and whether the tracks contain any explicit lyrics. You can also specific an exact desired release date, and UnitedMasters will do its best to distribute across services on that day, pending content approvals.

UnitedMasters was founded by former Interscope Records president Steve Stoute, and also has funding from Andreessen Horwitz and 20th Century Fox. It’s aiming to serve a new generation of artists who are disenfranchised by the traditional label model, but seeking distribution through the services where listeners actually spend their time, and using the iPhone as manage the entire process definitely fits with serving that customer base.

Powered by WPeMatico

Twelve South’s HiRise Wireless is a super versatile wireless smartphone charger

Posted by | AirPods, Apple, computers, Gadgets, inductive charging, iOS, iPhone, mobile phones, PIXEL, pixel 3, Reviews, smartphones, TC, technology, usb, wireless charger, wireless chargers, Wireless Charging | No Comments

Wireless charging has been a wonderful addition to mainstream flagship smartphones including the iPhone, Samsung’s Galaxy lineup and Google’s Pixel phones. But there hasn’t been a really great option for bringing the benefits of wireless charging with you on the road, while keeping your desktop setup tidy until now, with TwelveSouth’s recently released HiRise Wireless.

The HiRise Wireless builds on the good reputation of the existing HiRise line from TwelveSouth, which includes the Duet, a great combo charger for both iPhone and Apple Watch. The Wireless version, as implied by the name, includes wireless charging of up to 10W, which means you get the fastest cable-free charging rate available for devices that support Qi charging, including the iPhone X, XR and XS, as well as the Pixel 3 and Samsung Galaxy S10.

The HiRise is unique in that it provides a charging puck that can both mount in the frame (which has a nice weighted base to stay rock solid on your desk) and pop out to either provide a lie-flat wireless charger (which will work with the new wireless AirPods charging case, for instance) or pack away in a bag.

The upright angle the wireless charger provides when mounted in the frame is perfect for registering Face ID unlocks when used with an iPhone X or later, and positioned on your desk. That’s a great way to give yourself access to phone notifications without distracting too much from your desktop work. And the puck itself is a lot smaller than most wireless chargers, which isn’t idea for typical at-home charging, but which is terrific for stowing it in a gadget pouch.

The puck also has a rubberized ring bordering the charging pad to prevent your device from slipping around, and it works with a detachable USB-C to USB-A cable that comes in the box which adds to the portability, and means you can easily use it with whatever USB-C charging cables you already have on-hand for your Mac or other devices.

If you’re in the market for a wireless charger and travel a decent amount, it’s hard to beat the value of the HiRise Wireless. It’s $79.99, which is more than you’ll pay for a lot of quality wireless chargers, but Twelve South’s unique design is worth the premium in this case for people looking for its unique flexibility.

Powered by WPeMatico

Apple’s iOS 13 update will make FaceTime eye contact way easier

Posted by | Apple, apple inc, Apps, FaceTime, Gadgets, iOS, iOS 12, iPhone, iPhone XS, mobile phones, operating systems, TC | No Comments

Apple has added a feature called “FaceTime Attention Correction” to the latest iOS 13 Developer beta, and it looks like it could make a big difference when it comes to actually making FaceTime calls feel even more like talking to someone in person. The feature, spotted in the third beta of the new software update that went out this week, apparently does a terrific job of making it look like you’re looking directly into the camera even when you’re looking at the screen during a FaceTime call.

That’s actually a huge improvement, because when people FaceTime, most of the time they’re looking at the screen rather than the camera, since the whole point is to see the person or people you’re talking to, rather than the small black lens at the top of your device.

Guys – “FaceTime Attention Correction” in iOS 13 beta 3 is wild.

Here are some comparison photos featuring @flyosity: https://t.co/HxHhVONsi1 pic.twitter.com/jKK41L5ucI

— Will Sigmon (@WSig) July 2, 2019

The catch so far seems to be that this FaceTime feature is only available on iPhone XS and iPhone XS Max, which could mean it only works with the latest camera tech available on Apple hardware. That could be because of the new image signal processor that Apple included in the A12 processor that powers the iPhone XS and XS Max, which also provide improvements over previous generation phones in terms of HDR and portrait lighting effects.

It’s also possible with any updates or features that arrive in iOS beta releases that they could expand to other devices and/or vanish prior to the actual public launch of iOS 13, which is set for this fall. But here’s hoping this one remains in place, because it really seems to make a huge difference in terms of providing a sense of “presence” for FaceTime calls, which is one of the core values of the Apple chat feature overall.

Powered by WPeMatico

5G reportedly coming to premium iPhones in 2020, all models in 2021

Posted by | 5g, Apple, hardware, iPhone, ming-chi kuo, Mobile | No Comments

The latest report from renowned Apple leaker Ming-Chi Kuo already has an eye on 2020 and beyond. The news lines up with other reports around future iPhones, noting that the high-end versions of the handset are set to get 5G in the second half of next year. By 2021, all models are set to be on-board with the next-gen wireless standard.

The report is in line with recent rumors that have the company holding off on 5G until 2020. That puts Apple somewhat behind the curve of a number of Android manufacturers that have been racing to get the technology to market. Of course, those companies (including Samsung, LG and even OnePlus) may be putting the cart before the horse, with wireless carriers providing extremely limited access to the tech through the end of 2019.

Apple’s push into 5G is believed to be a primary driver behind the company’s recent decision to make nice with Qualcomm, though Kuo believes that the company is shooting for 2022/2023 to begin manufacturing its own wireless chips. That would help Apple further divorce itself on reliance from third-party component makers, which seems to have been the plan all along.

The report has Apple continuing to release three models of iPhone later next year. The list includes 5.4-inch and 6.7-inch OLED models, making the smaller iPhone even smaller and the larger even larger. The XR successor, meanwhile, would maintain a 6.1-inch display, getting upgraded to OLED next year, while only offering up an LTE modem — a move that could muddy the waters a bit for consumers.

Powered by WPeMatico

With iOS 13, Apple delivers new features to court users in India

Posted by | alibaba, Apple, apple news, Apple Pay, Apps, Asia, india, iPhone, language, Languages of India, Mobile, Netflix, smartphone, writing | No Comments

Apple has finally listened to its small, but slowly growing user base in India. The iPhone-maker today announced a range of features in iOS 13 that are designed to appease users in the world’s second largest smartphone market.

First up, the company says its Siri voice assistant now offers all new and “more natural” Indian English male and female voices. It has also introduced a bilingual keyboard, featuring support for Hindi and English languages. The keyboard offers typing predictions in Devanagari Hindi that can suggest the next word as a user types and it learns from their typing over time.

Additionally, the keyboard in iOS 13 supports all of 22 Indian languages, with the inclusion of 15 new Indian language keyboards: Assamese, Bodo, Dogri, Kashmiri (Devanagari, Arabic), Konkani (Devanagari), Manipuri (Bangla, Meetei Mayek), Maithili, Nepali, Sanskrit, Santali (Devanagari, Ol Chiki), and Sindhi (Devanagari, Arabic).

The addition of these features comes as Apple cautiously grows more serious about India, where it holds about just 1% of the smartphone market share, according to research firm Counterpoint. Even as smartphone shipment is declining in much of the world, India has emerged as the fastest growing market for handsets in recent years. According to Counterpoint, more than 145 million smartphones shipped in India last year, up 10% year-over-year.

But users in India have long complained about Apple services not being fully optimized for local conditions. Siri, for instance, has so far offered limited functionalities in India, and many Apple services such as Apple Pay and Apple News are yet to launch in the nation.

The upcoming version of iOS, which will ship to a range of iPhone handsets later this year, also includes four new system fonts in Indian languages: Gurmukhi, Kannada, Odia, and Gujarati. These will “help deliver greater clarity and ease when reading in apps like Safari, typing in Messages and Mail, or swiping through Contacts,” the company said in a statement.

Additionally, there are 30 new document fonts for Indian languages Hindi, Marathi, Nepali, Sanskrit, Bengali, Assamese, Tamil, Telugu, Gujarati, Kannada, Gurmukhi, Malayalam, Odia, and Urdu.

Apple says iOS 13 will also enable improved video downloading option for patchy networks. It says users in India can now set an optimized time of the day in video streaming apps such as Hotstar and Netflix for downloading videos. Consumption of video apps is increasingly skyrocketing in India. Just last week, Alibaba said it was investing $100 million in its short video app called Vmate in the nation.

In recent months, Apple has also improved Apple Maps in India. Earlier this year, Apple Maps added support for turn-by-turn navigation, and enabled users to book a cab — from Ola or Uber — directly from within the maps app. The company has also been aggressively hiring people to expand its maps and other software teams in  the country, according to job postings on the its site.

Improvements to software aside, Apple has also been working to reduce the cost of iPhones in India, the single major factor for their poor sales in the country. Two years ago, Apple started to assemble the iPhone 7 handset in India. It plans to ramp up its local production in the coming weeks, a person familiar with the matter told TechCrunch.

As part of local government’s ‘Make in India’ program, phone vendors that assemble phones in the country are offered tax and other benefits. Ravi Shankar Prasad, an Indian minister who oversees law and justice, telecom, and electronics and IT departments, said at a press conference earlier today (local time) that Bharatiya Janata Party, the ruling party which was reelected last month, will work on expanding Make in India program as one of its top priorities.

Powered by WPeMatico

Apple restricts ads and third-party trackers in iPhone apps for kids

Posted by | Android, app-store, Apple, Apps, computing, Google Play, iOS, iPhone, iTunes, privacy, smartphones, WWDC 2019 | No Comments

Apple has told developers to stop including third-party trackers in apps designed for kids — or they face having their apps pulled from the app store.

The tech giant quietly updated its guidelines for apps that are submitted to the app store’s kids category following the keynote address at its annual developer conference on Monday.

“Apps in the kids category may not include third-party advertising or analytics,” the new guidelines say. Previously, the guidelines only restricted behavioral advertising tracking.

Apple also currently prohibits apps in the kids category from including links that point outside the app or contain in-app purchasing.

Apple has come under fire for its recent marketing campaign claiming “what happens on your iPhone stays on your iPhone,”  which critics say is misleading. All too often apps include ads or tracking code that allows app makers to collect information about the device, including its location and other data, and send it back to base so companies can better target its users with ads, learn more about how you use the app, and more.

Just last week, the Washington Post found over 5,400 app trackers were uploading data from an iPhone over a single week — even at night when the phone owner was asleep.

As a TechCrunch investigation earlier this year found, some apps use so-called session replay technology, a kind of analytics software that records the screen when an app is open. Apps built by Expedia, Hollister and Hotels.com were found in violation of Apple’s rules and developers were told to remove the code.

Apple follows in the footsteps of Google, which last week set out new policies around kids’ apps available for Android through Google Play. The move came following a complaint by the Federal Trade Commission filed by close to two-dozen consumer advocacy groups, which accused the mobile giant of not ensuring app compliance with federal children’s privacy laws.

Now with Apple’s new restrictions, at least kids have a fighting chance of keeping their iPhone data private.

Powered by WPeMatico

A cryptocurrency stealing app found on Google Play was downloaded over a thousand times

Posted by | app-store, apple wallet, Apps, computing, cryptocurrency, e-commerce, Google Play, iPhone, Mobile, mobile app, online marketplaces, operating systems, Security | No Comments

Researchers have found two apps masquerading as cryptocurrency apps on Android’s app store, Google Play.

One of them was largely a dud. The second was designed to steal cryptocurrency, the researchers said.

Security firm ESET said one of the two fake Android apps impersonated Trezor, a hardware cryptocurrency wallet. The good news is that the app couldn’t be used to steal cryptocurrency stored by Trezor. But the researchers found the app was connected to a second Android app that could have been used to scam funds out of unsuspecting victims.

Lukas Stefanko, a security researcher at ESET — who has a long history of finding dodgy Android apps — said the fake Trezor app “appeared trustworthy at first glance” but was using a fake developer name to impersonate the company.

The fake app was designed to trick users into turning over a victim’s login credentials. Uploaded to Google Play on May 1, the app quickly ranked as the second-most popular search result when searching for “Trezor” behind the legitimate app, said Stefanko. Users on Reddit also found the fake app and reported it as recently as two weeks ago.

According to Stefanko, the server where user credentials were sent was linked to a website linked to another fake wallet, purportedly to store cryptocurrency, and also listed on Google Play since February 25.

“The app claims it lets its users create wallets for various cryptocurrencies,” said Stefanko. “However, its actual purpose is to trick users into transferring cryptocurrency into the attackers’ wallets – a classic case of what we’ve named wallet address scams in our previous research into cryptocurrency-targeting malware.”

Both apps were collectively downloaded more than a thousand times. After ESET contacted Google, the apps were pulled offline the next day.

Read more:

Powered by WPeMatico

The EU will reportedly investigate Apple following anti-competition complaint from Spotify

Posted by | Android, app-store, Apple, apple inc, apple music, belgium, Brussels, ceo, computing, daniel ek, EC, Europe, european commission, european union, Facebook, Google, Google Play Store, iPhone, lawsuit, Margrethe Vestager, Media, online marketplaces, Online Music Stores, operating systems, Search, smartphones, social network, Software, Spotify, United States | No Comments

The spat between Spotify and Apple is going to be the focus on a new investigation from the EU, according to a report from the FT.

The paper reported today that the European Commission (EC), the EU’s regulatory body, plans to launch a competition inquiry around Spotify’s claim that the iPhone-maker uses its position as the gatekeeper of the App Store to “deliberately disadvantage other app developers.”

In a complaint filed to the EC in March, Spotify said Apple has “tilted the playing field” by operating iOS, the platform, and the App Store for distribution, as well as its own Spotify rival, Apple Music.

In particular, Spotify CEO Daniel Ek has said that Apple “locks” developers and their platform, which includes a 30 percent cut of in-app spending. Ek also claimed Apple Music has unfair advantages over rivals like Spotify, while he expressed concern that Apple controls communication between users and app publishers, “including placing unfair restrictions on marketing and promotions that benefit consumers.”

Spotify’s announcement was unprecedented — Ek claimed many other developers feel the same way, but do not want to upset Apple by speaking up. The EU is sure to tap into that silent base if the investigation does indeed go ahead as the FT claims.

Apple bit back at Spotify’s claims, but its response was more a rebuttal — or alternative angle — on those complaints. Apple did not directly address any of the demands that Spotify put forward, and those include alternative payment options (as offered in the Google Play store) and equal treatment for Apple apps and those from third-parties like Spotify.

The EU is gaining a reputation as a tough opponent that’s reining in U.S. tech giants.

Aside from its GDPR initiative, it has a history of taking action on apparent monopolies in tech.

Google fined €1.49 billion ($1.67 billion) in March of this year over antitrust violations in search ad brokering, for example. Google was fined a record $5 billion last year over Android abuses and there have been calls to look into breaking the search company up. Inevitably, Facebook has come under the spotlight for a series of privacy concerns, particularly around elections.

Pressure from the EU has already led to the social network introduce clear terms and conditions around its use of data for advertising, while it may also change its rules limiting overseas ad spending around EU elections following concern from Brussels.

Despite what some in the U.S. may think, the EU’s competition commissioner, Margrethe Vestager, has said publicly that she is against breaking companies up. Instead, Vestager has pledged to regulate data access.

“To break up a company, to break up private property would be very far-reaching and you would need to have a very strong case that it would produce better results for consumers in the marketplace than what you could do with more mainstream tools. We’re dealing with private property. Businesses that are built and invested in and become successful because of their innovation,” she said in an interview at SXSW earlier this year.

Powered by WPeMatico