Android

Essential Is Getting Sued For Allegedly Stealing Wireless Connector Technology (gizmodo.com) 43

"Keyssa, a wireless technology company backed by iPod creator and Nest founder Tony Fadell, filed a lawsuit against Essential on Monday, alleging that the company stole trade secrets and breached their nondisclosure agreement," reports Gizmodo. Keyssa has proprietary technology that reportedly lets users transfer large files in a matter of seconds by holding two devices side by side. From the report: According to the lawsuit, Keyssa and Essential engaged in conversations in which the wireless tech company "divulged to Essential proprietary technology enabling every facet of Keyssa's wireless connectivity," all of which was protected under a non-disclosure agreement. More specifically, the lawsuit alleges that Keyssa "deployed a team 20 of its top engineers and scientists" to educate Essential on its proprietary tech, sending them "many thousands of confidential emails, hundreds of confidential technical documents, and dozens of confidential presentations." Essential ended this relationship after over 10 months and later told Keyssa that its engineers would use a competing chip in the Essential Phone. But Keyssa is accusing Essential of including techniques in its phone that were gleaned from their relationship, despite their confidentiality agreement. Central to this lawsuit is one of the Essential Phone's key selling points: the option to swap in modular add-ons, made possible thanks to the phone's unique cordless connector. In short, if Keyssa's claims hold water, then one of the phone's defining factors is a product of theft.
Wireless Networking

Every Patch For 'KRACK' Wi-Fi Vulnerability Available Right Now (zdnet.com) 131

An anonymous reader quotes a report from ZDNet: As reported previously by ZDNet, the bug, dubbed "KRACK" -- which stands for Key Reinstallation Attack -- is at heart a fundamental flaw in the way Wi-Fi Protected Access II (WPA2) operates. According to security researcher and academic Mathy Vanhoef, who discovered the flaw, threat actors can leverage the vulnerability to decrypt traffic, hijack connections, perform man-in-the-middle attacks, and eavesdrop on communication sent from a WPA2-enabled device. In total, ten CVE numbers have been preserved to describe the vulnerability and its impact, and according to the U.S. Department of Homeland Security (DHS), the main affected vendors are Aruba, Cisco, Espressif Systems, Fortinet, the FreeBSD Project, HostAP, Intel, Juniper Networks, Microchip Technology, Red Hat, Samsung, various units of Toshiba and Ubiquiti Networks. A list of the patches available is below. For the most up-to-date list with links to each patch/statement (if available), visit ZDNet's article.
Microsoft

Microsoft Has Already Fixed the Wi-Fi Attack Vulnerability; Android Will Be Patched Within Weeks (theverge.com) 135

Microsoft says it has already fixed the problem for customers running supported versions of Windows. From a report: "We have released a security update to address this issue," says a Microsoft spokesperson in a statement to The Verge. "Customers who apply the update, or have automatic updates enabled, will be protected. We continue to encourage customers to turn on automatic updates to help ensure they are protected." Microsoft is planning to publish details of the update later today. While it looks like Android and Linux devices are affected by the worst part of the vulnerabilities, allowing attackers to manipulate websites, Google has promised a fix for affected devices "in the coming weeks." Google's own Pixel devices will be the first to receive fixes with security patch level of November 6, 2017, but most other handsets are still well behind even the latest updates. Security researchers claim 41 percent of Android devices are vulnerable to an "exceptionally devastating" variant of the Wi-Fi attack that involves manipulating traffic, and it will take time to patch older devices.
Security

WPA2 Security Flaw Puts Almost Every Wi-Fi Device at Risk of Hijack, Eavesdropping (zdnet.com) 249

A security protocol at the heart of most modern Wi-Fi devices, including computers, phones, and routers, has been broken, putting almost every wireless-enabled device at risk of attack. From a report: The bug, known as "KRACK" for Key Reinstallation Attack, exposes a fundamental flaw in WPA2, a common protocol used in securing most modern wireless networks. Mathy Vanhoef, a computer security academic, who found the flaw, said the weakness lies in the protocol's four-way handshake, which securely allows new devices with a pre-shared password to join the network. That weakness can, at its worst, allow an attacker to decrypt network traffic from a WPA2-enabled device, hijack connections, and inject content into the traffic stream. In other words: hackers can eavesdrop on your network traffic. The bug represents a complete breakdown of the WPA2 protocol, for both personal and enterprise devices -- putting every supported device at risk. "If your device supports Wi-Fi, it is most likely affected," said Vanhoef, on his website. News of the vulnerability was later confirmed on Monday by US Homeland Security's cyber-emergency unit US-CERT, which about two months ago had confidentially warned vendors and experts of the bug, ZDNet has learned.
Operating Systems

OxygenOS Telemetry Lets OnePlus Tie Phones To Individual Users (bleepingcomputer.com) 164

An anonymous reader quotes a report from Bleeping Computer: OxygenOS, a custom version of the Android operating system that comes installed on all OnePlus smartphones, is tracking users actions without anonymizing data, allowing OnePlus to connect each phone to its customer. A security researcher going by the pseudonym of Tux discovered the abusive tracking in July 2016, but his tweet went largely unnoticed in the daily sea of security tweets sent out each day. The data collection issue was brought up to everyone's attention again, today, after British security researcher Christopher Moore published the results of a recent study on his site.

Just like Tux, Moore discovered that OxygenOS was sending regular telemetry to OnePlus' servers. This is no issue of concern, as almost all applications these days collect telemetry data for market analytics and to identify and debug application flaws. The problem is that OnePlus is not anonymizing this information. The Shenzhen-based Chinese smartphone company is collecting a long list of details, such as: IMEI code, IMSI code, ESSID and BSSID wireless network identifiers, and more. The data collection process cannot be disabled from anywhere in the phone's settings. When Moore contacted OnePlus support, the company did not provide a suitable answer for his queries.

Open Source

OpenBSD 6.2 Released (openbsd.org) 114

basscomm writes: OpenBSD 6.2 has now been released. Check out the release notes if you're into that kind of thing. Some of the new features and systems include improved hardware support, vmm(4)/ vmd(8) improvements, IEEE 802.11 wireless stack improvements, generic network stack improvements, installer improvements, routing daemons and other userland network improvements, security improvements and more. Here is the full list of changes.
Cellphones

Alphabet's Balloons Will Bring Cellphone Service To Puerto Rico (wired.com) 65

An anonymous reader writes:Hurricanes Irma and Maria wiped out more than 90 percent of the cellphone coverage on Puerto Rico. Now the FCC has given "Project Loon" permission to fly 30 balloons more than 12 miles above the island for the next six months, Wired reports, to temporarily replace the thousands of cellphone towers knocked down by the two hurricanes.

Each balloon can service an area of 1,930 miles, so the hope is to restore service to the entire island of Puerto Rico and parts of the U.S. Virgin Islands. In May Project Loon, part of Google's parent company Alphabet, deployed its technology in Peru and later provided emergency internet access there during serious flooding. (Those balloons were acually launched from Puerto Rico.) These new Project Loon balloons will be "relaying communications between Alphabet's own ground stations connected to the surviving wireless networks, and users' handsets," according to the article, which reports that eight wireless carriers in Puerto Rico have already consented to the arrangement.

Google

Bluetooth Won't Replace the Headphone Jack -- Walled Gardens Will (theverge.com) 380

Last year, when it was rumoured that the then upcoming iPhone models -- 7 and 7 Plus -- won't have the 3.5mm audio jack, The Verge's Nilay Patel wrote that if Apple does do it, it would be a user-hostile and stupid move. When those iPhone models were official announced, they indeed didn't have the audio jack. Earlier this week, Android-maker Google announced the Pixel 2 and Pixel 2 XL smartphones that also don't feature the decades-old audio jack either, a move that would likely push rest of the smartphone makers to adopt a similar change. The rationale behind killing the traditional headphones jack, both Apple and Google say, is to move to an improved technology: Bluetooth. But there is another motive at play here, it appears. Patel, writes for The Verge: As the headphone jack disappears, the obvious replacement isn't another wire with a proprietary connector like Apple's Lightning or the many incompatible and strange flavors of USB-C audio. It's Bluetooth. And Bluetooth continues to suck, for a variety of reasons. Newer phones like the iPhone 8, Galaxy S8, and the Pixel 2 have Bluetooth 5, which promises to be better, but 1. There are literally no Bluetooth 5 headphones out yet, and 2. we have definitely heard that promise before. So we'll see. To improve Bluetooth, platform vendors like Apple and Google are riffing on top of it, and that means they're building custom solutions. And building custom solutions means they're taking the opportunity to prioritize their own products, because that is a fair and rational thing for platform vendors to do. Unfortunately, what is fair and rational for platform vendors isn't always great for markets, competition, or consumers. And at the end of this road, we will have taken a simple, universal thing that enabled a vibrant market with tons of options for every consumer, and turned it into yet another limited market defined by ecosystem lock-in. The playbook is simple: last year, Apple dropped the headphone jack and replaced it with its W1 system, which is basically a custom controller chip and software management layer for Bluetooth. The exemplary set of W1 headphones is, of course, AirPods, but Apple also owns Beats, and there are a few sets of W1 Beats headphones available as well. You can still use regular Bluetooth headphones with an iPhone, and you can use AirPods as regular Bluetooth headphones, but the combination iPhone / W1 experience is obviously superior to anything else on the market. [...] Google's version of this is the Pixel Buds, a set of over-ear neckbuds that serve as basic Bluetooth headphones but gain additional capabilities when used with certain phones. Seamless fast pairing? You need Android N or higher, which most Android phones don't have.
Google

Google Pixel Buds Are Wireless Earbuds That Translate Conversations In Real Time (arstechnica.com) 163

At its hardware event today, Google debuted new wireless earbuds, dubbed "Pixel Buds." These are Google's first wireless earbuds that give users access to Google Translate so they can have conversations with people who speak a different language. Ars Technica reports: Unlike Apple's AirPods, the Pixel Buds have a wire connecting the two earpieces. However, that wire doesn't connect to a smartphone or other device. Pixel Buds will pair via Bluetooth to the new Pixel smartphones -- and presumably any other devices that accept Bluetooth wireless earbuds. All of the Pixel Buds' controls are built in to the right earpiece, which is a common hardware solution on wireless earbuds. You can access Google Assistant by tapping or pressing on the right earbud, and the Assistant will be able to read notifications and messages to you through the Buds.

But the most intriguing feature of the Pixel Buds is the integrated Google Translate feature. Demoed on stage at Google's event today, this feature lets two Pixel Bud wearers chat in their native languages by translating conversations in real time. In the demo, a native English speaker and a native Swedish speaker had a conversation with each other, both using their native languages. Google Translate translated the languages for each user. There was barely any lag time in between the speaker saying a phrase and the Buds' hearing those words and translating them into the appropriate language. The Pixel Buds will use Google Translate to comprehend conversations in 40 different languages.
Some other features include a 5-hour battery life, and a charging case that can hold up to 24 hours of battery life. They're available for preorder today for $159.
Google

Google Debuts Its $400 Google Home Max Speaker To Rival Apple's HomePod (techcrunch.com) 60

In addition to the Pixel 2 and Pixel 2 XL, Google debuted a $400 speaker, called Home Max, that looks to compete directly with Apple's recently announced HomePod. The Home Max is a larger Google Home that features stereo speakers and more premium looks and materials. It's expected to go on sale in December in the U.S. TechCrunch reports: It can tune its audio to its own space, analyzing the sound coming from the speaker using its built in microphones to determine the best equalizer settings. This is called Smart Sound, and it evolves over time and based on where you move the speaker, using built-in machine learning. It has Cast functionality, as well as input via stereo 3.5 mm jack. Home Max can output sound that's up to 20 times more powerful than the standard version of Home, Google says, and it has two 4.5 inch woofers on board with two 0.7 inch custom-built tuners. It can sit in either vertical or horizontal orientation, and it comes in both 'chalk' and 'charcoal.' Of course, this bigger speaker also includes a noise isolating array that makes it work even in open rooms with background noise, and it's Assistant-enabled, so you can use it to control your music playback via voice, or manage your smart home devices, set yourself reminders, alarms, and timers and much more. Google also launched a budget-friendly Google Home Mini that features the Google Assistant but in a smaller form factor. 9to5Google reports: Google touts the Home Mini as having a powerful speaker with "crisp" 360 degree sound. The Mini can also be connected to any Chromecast wireless speaker, but there is no 3.5mm jack like Amazon's Echo Dot. In the center, there are four white lights that note when the Home Mini is listening or responding. Besides saying the "Ok, Google" hotword, users can tap on the Home Mini to issue a command. Google also retained the Home's original button for disabling the microphone with a toggle next to the charging port. The Google Home Mini will be go on sale later this month for $49, with pre-orders starting today.
Android

Not Many People Are Buying Andy Rubin's iPhone-Killer Essential Phone, It Seems (fiercewireless.com) 148

An anonymous reader shares a report: Essential Products has sold an estimated 5,000 phones through Sprint since the gadget made its big retail debut in the United States earlier this month, according to estimates from BayStreet Research. That figure would put Essential, whose maker became a unicorn without shipping handset, well below market heavyweights like Apple and Samsung, which typically sell tens of millions of phones per quarter in the United States. BayStreet tracks shipments of phones and other devices across the United States. Essential representatives didn't respond to requests for comment on the BayStreet estimates. BayStreet also clarified that its 5,000 figure is an estimate of Essential's sell-through (when a customer buys a product from a retailer) rather than its sell-in (when a retailer buys something from a manufacturer). Sprint is the exclusive carrier for the phone; most phones in the United States are sold through carriers. However, Essential also offers an unlocked version of its gadget. Essential, the first major startup from Android founder Andy Rubin's venture capital firm Playground, currently sells the $699 Android-powered Essential Phone through Sprint and promises to release the Essential Home smart-home hub later this year. Essential was named as one of FierceWireless' top 15 startups to watch in 2017.
Businesses

Would a T-Mobile-Sprint Merger Hurt Consumers? (dslreports.com) 95

Following a report from Reuters claiming T-Mobile is close to agreeing on a deal to merge with Sprint, an anonymous Slashdot reader shares a report from DSLReports arguing how such a merger would remain "a very bad deal for consumers": The Sprint-T-Mobile merger could prove problematic for not only wireless prices, but the recent resurgence in unlimited data plans. While wireless carriers still often engage in theatrical non-price competition more often than not, the government's decision to block AT&T's acquisition of T-Mobile several years ago helped spur an unprecedented period of competition in wireless (something large ISPs and their policy armies like to ignore). The end result was a brasher and more competitive T-Mobile, who lead the way on a wave of improvements in the sector culminating most recently in the return of simpler, easier unlimited data plans. The government's decision to block Sprint from acquiring T-Mobile helped keep that competition intact, something large ISPs and their policy folk would similarly like you to forget. As a result, T-Mobile has added more customers per quarter than any other wireless carrier for several years running, as the resulting competition put an end to numerous, nasty industry tactics including overcharging for international roaming, to obnoxious fees and long-term contracts. And while the new, combined company will likely still be run by current popular T-Mobile CEO John Legere, the very act of eliminating one of only four major players in the wireless market will indisputably reduce the incentive to more seriously compete on price, and could help reverse the progress the sector has seen in recent years. It's well within reason that this reduced competition could also bring back metered plans and put an end to unlimited data.
Communications

Verizon Backtracks Slightly In Plan To Kick Customers Off Network (arstechnica.com) 52

An anonymous reader quotes a report from Ars Technica: Verizon Wireless is giving a reprieve to some rural customers who are scheduled to be booted off their service plans, but only in cases when customers have no other options for cellular service. Verizon recently notified 8,500 customers in 13 states that they will be disconnected on October 17 because they used roaming data on another network. But these customers weren't doing anything wrong -- they are being served by rural networks that were set up for the purpose of extending Verizon's reach into rural areas. Today, Verizon said it is extending the deadline to switch providers to December 1. The company is also letting some customers stay on the network -- although they must switch to a new service plan. "If there is no alternative provider in your area, you can switch to the S (2GB), M (4GB), 5GB single-line, or L (8GB) Verizon plan, but you must do so by December 1," Verizon said in a statement released today. These plans range from $35 to $70 a month, plus $20 "line fees" for each line. The 8,500 customers who received disconnection letters have a total of 19,000 lines. Verizon sells unlimited plans in most of the country but said only those limited options would be available to these customers. Verizon also reiterated its promise that first responders will be able to keep their Verizon service even though some public safety officials received disconnection notices. "We have become aware of a very small number of affected customers who may be using their personal phones in their roles as first responders and another small group who may not have another option for wireless service," Verizon said. "After listening to these folks, we are committed to resolving these issues in the best interest of the customers and their communities. We're committed to ensuring first responders in these areas keep their Verizon service."
Communications

T-Mobile, Sprint Close To Agreeing Deal Terms (reuters.com) 85

From a report: T-Mobile US is close to agreeing tentative terms on a deal to merge with peer Sprint Corp, people familiar with the matter said on Friday, a major breakthrough in efforts to merge the third and fourth largest U.S. wireless carriers. The development follows more than four months of on-and-off talks this year between T-Mobile and Sprint, and comes as the U.S. telecommunications sector seeks ways to tackle investments in 5G technology that will greatly enhance wireless data transfer speeds.
Businesses

Judge Kills FTC Lawsuit Against D-Link for Flimsy Security (dslreports.com) 100

Earlier this year, the Federal Trade Commission filed a complaint against network equipment vendor D-Link saying inadequate security in the company's wireless routers and internet cameras left consumers open to hackers and privacy violations. The FTC, in a complaint filed in the Northern District of California charged that "D-Link failed to take reasonable steps to secure its routers and Internet Protocol (IP) cameras, potentially compromising sensitive consumer information, including live video and audio feeds from D-Link IP cameras." For its part, D-Link Systems said it "is aware of the complaint filed by the FTC." Fast forward nine months, a judge has dismissed the FTC's case, claiming that the FTC failed to provide enough specific examples of harm done to consumers, or specific instances when the routers in question were breached. From a report: "The FTC does not identify a single incident where a consumer's financial, medical or other sensitive personal information has been accessed, exposed or misused in any way, or whose IP camera has been compromised by unauthorized parties, or who has suffered any harm or even simple annoyance and inconvenience from the alleged security flaws in the [D-Link] devices," wrote the Judge. "The absence of any concrete facts makes it just as possible that [D-Link]'s devices are not likely to substantially harm consumers, and the FTC cannot rely on wholly conclusory allegations about potential injury to tilt the balance in its favor."
Entertainment

Sonos To Launch a Wireless Speaker That Would Support Multiple Voice Assistants (yahoo.com) 33

Sonos, a mid- to high-end speaker manufacturer, released an updated privacy policy for its speakers that almost certainly confirms that the company will release a speaker with Amazon's Alexa voice assistant built into the device in the near term. From a report: Though many devices that integrate with Alexa have been announced and are starting to come to market, this is one of the higher-profile examples and could be instructive for smart-speaker designers. The company first announced its intention to add voice-assistant integration to its speakers over a year ago, but didn't give any specific time frame for that step. And an FCC filing from the company that surfaced a few weeks ago showed that it is looking into systems that would support multiple voice assistants, so a user could potentially have the option to choose between Amazon's Alexa or Google's Assistant, depending on what other devices they own and what platform they prefer.
Networking

Scientists Explore A Light Bulb-Based Based 10Gbps Li-Fi/5G Home Network (ispreview.co.uk) 12

Mark.JUK writes: Researchers at Brunel University in London have begun to develop a new 10 Gbps home wireless network using both Li-Fi (light fidelity) and 5G based mmWave technology, which will fit inside LED (light-emitting diode) light bulbs on your ceiling.

In simple terms, the Visible Light Communication (VLC) based Li-Fi technology works by flicking a LED light off and on thousands of times a second (by altering the length of the flickers you can introduce digital communications).

The article says it'd be more energy efficient (and faster) than a standard Wi-Fi network -- though both technologies have trouble penetrating walls, so "you'd have to buy lots of pricey new bulbs in order to cover your home..."

"It's probably not something that an ordinary home owner would want to install; unless you're happy with running lots of optical fibre cable around your various light fittings."
Verizon

8,500 Verizon Customers Disconnected Because of 'Substantial' Data Use (arstechnica.com) 108

An anonymous reader quotes a report from Ars Technica: Verizon is disconnecting another 8,500 rural customers from its wireless network, saying that roaming charges have made certain customer accounts unprofitable for the carrier. The 8,500 customers have 19,000 lines and live in 13 states (Alaska, Idaho, Iowa, Indiana, Kentucky, Maine, Michigan, Missouri, Montana, North Carolina, Oklahoma, Utah, and Wisconsin), a Verizon Wireless spokesperson told Ars today. They received notices of disconnection this month and will lose access to Verizon service on October 17. Verizon said in June that it was only disconnecting "a small group of customers" who were "using vast amounts of data -- some as much as a terabyte or more a month -- outside of our network footprint." But one customer, who contacted Ars this week about being disconnected, said her family never used more than 50GB of data across four lines despite having an "unlimited" data plan. We asked Verizon whether 50GB a month is a normal cut-off point in its disconnections of rural customers, but the company did not provide a specific answer. "These customers live outside of areas where Verizon operates our own network," Verizon said. "Many of the affected consumer lines use a substantial amount of data while roaming on other providers' networks and the roaming costs generated by these lines exceed what these consumers pay us each month. We sent these notices in advance so customers have plenty of time to choose another wireless provider."
Iphone

iPhone 8 and iPhone X Will Support Fast Charging, But Only If You Buy a New USB-C Charger (9to5mac.com) 144

One little detail Apple didn't mention at its event in Cupertino, California yesterday was the fact that the new iPhones will support fast charging. According to the official tech specs page, the new iPhones can recharge up to 50 percent of their battery life in a 30-minute charge. The catch? You have to use a USB-C charger and Lightning cable (sold separately). 9to5Mac reports: iPhone 8 battery life is roughly equivalent to the iPhone 7 and iPhone 7 Plus. On a full charge, expect up to 12 hours of internet usage on iPhone 8 and iPhone X, with up to 13 hours on iPhone 8 Plus. With a 50% quick charge in 30 minutes, you are effectively gaining hours of additional battery life during the day, even if you only plug in for a short period. However, to take advantage of fast-charging, you cannot use the Lightning to USB-A cable that is bundled in the box. Fast charging requires a USB-C to Lightning cable and the USB-C wall charger. More specifically, one of three USB-C wall chargers. Apple sells 29W, 61W and 87W variants of its USB-C power adapters. Prices range from $49 to $79. Apple doesn't break out specific numbers on how each model affects charging times, it's not clear if the cheapest 29W model can achieve the advertised 50% recharge in 30 minutes.
Intel

Intel Cuts Cord On Its Current Cord-Cutting WiGig Products (zdnet.com) 30

An anonymous reader shares a ZDNet report, which also has some clarification from Intel: It looks like you can add WiGig wireless docking to Intel's dustbin (along with IoT products axed earlier this summer), as the company has discontinued existing products using the 802.11ad wireless standard, according to Anandtech. [Since publishing this report, we've received a statement from Intel clarifying its WiGig support: "We continue to offer current versions of our 802.11ad products, such as the Intel Tri-band Wireless AC 18265 and Gigabit Wireless 10101R antenna module. We remain committed to WiGig and think it has exciting potential for a number of applications, including enabling VR to become wireless, mesh networking and as part of Intel's leading products for 5G."] WiGig was developed several years ago with faster speeds than then-current Wi-Fi standards, but because it relied on the 60GHz channel, its high throughput could only travel over short distances. As a result, it eventually became marketed as a feature for wireless laptop docking stations, and while it received some support from enterprise laptop manufactures like Dell and Lenovo, the technology didn't make a big dent against standard wired laptop docks.

Slashdot Top Deals