Apple’s new App Store policies fight spam and abuse but also allow ads in notifications

The front of the 2019 iPad Air

Enlarge / The front of the 2019 iPad Air. (credit: Samuel Axon)

Earlier this week, Apple notified app developers of a revised set of App Store review guidelines—the rules by which Apple curates its iOS/iPadOS, tvOS, watchOS, and macOS App Stores.

Among many other things, the revised rules expand the definition of what constitutes a spam app, clarify that developers are able to use push notifications to serve ads to users (provided users have explicitly opt in to them), and limit submissions of certain types apps to trusted organizations in regulated or sensitive industries.

The most controversial of these changes has been the clear statement that developers can serve ads to users via push notifications. At one point in the past, Apple’s guidelines stated that push notifications “should not be used for advertising, promotions, or direct marketing purposes or to send sensitive personal or confidential information.” Now the guidelines state:

Read 8 remaining paragraphs | Comments

Source: Tech – Ars Technica

Hack Turns Apple’s iPhone Into An Android

Ten years ago, David Wang pulled off a remarkable trick, installing Android on the first-generation iPhone. Now Wang and his colleagues at cybersecurity startup Corellium are doing it again with the ostentatiously titled Project Sandcastle. From a report: And Forbes got an exclusive hands-on look at their Android for iPhone product ahead of its public release scheduled for later this Wednesday. The timing is sure to have Apple fanboys rubbernecking: Corellium is in the middle of being sued by Apple. As previously reported by Forbes, in August last year, Corellium was taken to court over Apple claims the startup breached copyright laws by creating software versions of the iPhone for security and testing. The case took a surprise turn late last month when Apple subpoenaed Spanish banking giant Santander and the $50 billion U.S. military and intelligence contractor L3Harris.

But Corellium has lofty ambitions for Project Sandcastle, saying that it’ll actually show how Apple’s walled garden, which it has fiercely protected since launching its flagship phone in 2007, can be deconstructed and taken over by others’ software. “Project Sandcastle is about having fun building something new from the sand — from the literal silicon of the hardware,” said Corellium CEO Amanda Gorton, in a statement sent to Forbes. “Apple restricts iPhone users to operate inside a sandbox, but users own that hardware, and they should be able to use that hardware the way they want. So where sandboxes create limits and boundaries on the hardware that users own, sandcastles provide an opportunity to create something new and wonderful from the limitless bounds of your imagination.”

Read more of this story at Slashdot.

Source: Slashdot

eBay Bans Sales of Face Masks, Hand Sanitizer Amid Coronavirus Price Gouging

As the COVID-19 outbreak continues to spread in the US and other countries, demand for products like face masks and hand sanitizer has led to a spike in prices. To combat price gouging, online retailer eBay is banning some listings related to the coronavirus. From a report: In a notice to eBay sellers posted Thursday and spotted earlier by CNBC, eBay said it would block new listings and remove existing listings in the US for disinfecting wipes, hand sanitizer and face masks, including N95/N100 masks and surgical masks. The listings are being removed due to concerns that inflated prices for these products may violate US laws or regulations. eBay also said it will remove any listings, except for books, that mention COVID-19, coronavirus or 2019nCoV in the title or description. It’s unclear how long the ban will last.

Read more of this story at Slashdot.

Source: Slashdot

Hulu’s live TV doesn’t work on T-Mobile home Internet

The Hulu logo.

Enlarge (credit: Hulu)

T-Mobile’s wireless home Internet service could become more widely available later this year, but potential customers should be aware of a limitation listed in the terms of service: it is “not compatible with some live TV streaming services,” according to T-Mobile.

The reason for this limit isn’t immediately apparent, but complaints in customer forums show that the problem affects Hulu’s live TV service. T-Mobile has been piloting its Home Internet plan at up to 50,000 homes over the past year, and some of the early adopters haven’t been able to use Hulu + Live TV.

The problem appears to be that Hulu’s system for verifying a user’s home location interprets the T-Mobile router as a mobile hotspot instead of a home Internet device. This isn’t an unreasonable assumption, since the device connects to T-Mobile’s LTE network in order to provide in-home Wi-Fi, so it basically is a mobile hotspot. But other live-TV streaming services apparently work fine on the T-Mobile home Internet plan.

Read 13 remaining paragraphs | Comments


Biz & IT – Ars Technica

Copyright Lobby Calls Out Plex For Not Doing Enough To Stop Piracy

An anonymous reader shares a report: For those who don’t want to dive fully into torrents, Plex is a great alternative for streaming television shows and movies for free. Officially, Plex is a “neutral” media player, and it first became popular with people looking to stream content between devices at home, like from their desktop in the study to their laptop in their bedroom. But, with Plex Media Server, users can also share media with other users to stream, creating a virtual free-for-all, and a serious problem from a copyright perspective. CreativeFuture, a pro-copyright coalition boasting more than 560 members, has taken notice and is calling out the platform, along with rival service Kodi.

“Thanks to a rapidly growing media application called Plex, torrent-based piracy is back in vogue, and better than ever (for criminals who have no problem with profiting from content that doesn’t belong to them, that is),” the coalition writes in a blog post. Those who pay $4.99 per month for Plex Pass are able to share their libraries with up to 100 users. As Creative Future points out, this isn’t always done for the sake of altruism, or so family’s can share their legally procured copies of Frozen. Some Plex users actually charge for access to their content — a more nefarious (though, granted, enterprising) evolution from the totally free world of torrenting. For extra sass, the shared content can be pirated to begin with.

Read more of this story at Slashdot.

Source: Slashdot

Quibi is Giving People a 90-day Free Trial in Hopes They’ll Actually Sign Up

Quibi, a streaming service that has already raised more than $1.6 billion, is finally almost here, and in an effort to entice people who are probably already spending too much on content every month, the short form video streaming service is giving people a 90-day free trial for a limited time. From a report: The company is also planning to pump an impressive amount of content into the app within that time. Quibi is set to launch on April 6th with 50 shows and movies, half of which consists of “daily essential” programming that’s constantly being updated. More will be released throughout the first month and beyond. After the 90-day trial, Quibi will cost $4.99 with ads, and $7.99 without. That’s more expensive than Apple TV Plus and Disney Plus, both of which run ad-free.

Read more of this story at Slashdot.

Source: Slashdot

Oppo’s flagship Find X2 Pro announced with 65W charging, Snapdragon 865

Oppo’s latest flagship was announced last night, the Find X2 Pro. The Find X2 Pro is the sequel to the Oppo Find X, an innovative phone that had a motorized pop-up top, unveiling a camera and facial recognition system from behind the display. The Find X2 doesn’t have any radical design elements, though. It really just looks like a Samsung phone. Oppo and OnePlus are both owned by BBK and frequently share designs, so there’s a good chance some of the tech here will show up on the OnePlus 8.

The phone has a 6.7-inch, 3168×1440 120Hz display, a Snapdragon 865 with 5G, 12GB of RAM, 512GB of storage, a 4260mAh battery, IP68 dust and water resistance, and three rear cameras. Oppo is definitely out-Samsunging Samsung with the display here. While The Galaxy S20 makes you choose between the full resolution or 120Hz, the Find X2 Pro lets you run at 120Hz at full resolution. On paper, it’s the best display on the market. There’s an in-display fingerprint reader, which Oppo says is 10 percent larger than last year’s. There’s no wireless charging, no headphone jack, and no expandable storage. We were hoping Oppo would do better on the price than Samsung, but at €1,199 ($1,357), the phone slots in right between the $1,199.99 S20+ and the $1,399.99 S20 Ultra.

The once-unique design touch seems to be in the back material. The black version is a polished ceramic instead of the usual glass. The last ceramic phone we tried was the Essential Phone, and while ceramic weighs more, it seems to have the same pros and cons as glass: It’s RF transparent, which is good, and it has a fair bit of scratch resistance, but it’s also going to shatter the first time you drop the phone. Oppo says the ceramic has a “gleaming surface that feels as silky as it looks,” but I don’t really want “silky” as a feel for a back material, I want it to be grippy. One option that might offer more grip is the orange color, which uses a faux leather back.

Read 3 remaining paragraphs | Comments

Source: Tech – Ars Technica

The EARN IT Act is an Attack on Encryption

A bipartisan pair of US senators on Thursday introduced long-rumored legislation known as the EARN IT Act. The bill is meant to combat child sexual exploitation online, but if passed, it could hurt encryption as we know it. Matthew Green, a cryptographer and professor at Johns Hopkins University, writes: Because the Department of Justice has largely failed in its mission to convince the public that tech firms should stop using end-to-end encryption, it’s decided to try a different tack. Instead of demanding that tech firms provide access to messages only in serious criminal circumstances and with a warrant, the DoJ and backers in Congress have decided to leverage concern around the distribution of child pornography, also known as child sexual abuse material, or CSAM. […] End-to-end encryption systems make CSAM scanning more challenging: this is because photo scanning systems are essentially a form of mass surveillance — one that’s deployed for a good cause — and end-to-end encryption is explicitly designed to prevent mass surveillance. So photo scanning while also allowing encryption is a fundamentally hard problem, one that providers don’t yet know how to solve.

All of this brings us to EARN IT. The new bill, out of Lindsey Graham’s Judiciary committee, is designed to force providers to either solve the encryption-while-scanning problem, or stop using encryption entirely. And given that we don’t yet know how to solve the problem — and the techniques to do it are basically at the research stage of R&D — it’s likely that “stop using encryption” is really the preferred goal. EARN IT works by revoking a type of liability called Section 230 that makes it possible for providers to operate on the Internet, by preventing the provider for being held responsible for what their customers do on a platform like Facebook. The new bill would make it financially impossible for providers like WhatsApp and Apple to operate services unless they conduct “best practices” for scanning their systems for CSAM. Since there are no “best practices” in existence, and the techniques for doing this while preserving privacy are completely unknown, the bill creates a government-appointed committee that will tell technology providers what technology they have to use. The specific nature of the committee is byzantine and described within the bill itself. Needless to say, the makeup of the committee, which can include as few as zero data security experts, ensures that end-to-end encryption will almost certainly not be considered a best practice.

Read more of this story at Slashdot.

Source: Slashdot

When Voyager 2 Calls Home, Earth Soon Won’t Be Able to Answer

NASA will spend 11 months upgrading the only piece of its Deep Space Network that can send commands to the prob, which has crossed into interstellar space. From a report: Voyager 2 has been traveling through space for 43 years, and is now 13 billion miles from Earth. But every so often, something goes wrong. At the end of January, for instance, the robotic probe executed a routine somersault to beam scientific data back to Earth when an error triggered a shutdown of some of its functions. “Everybody was extremely worried about recovering the spacecraft,” said Suzanne Dodd, who is the Voyager project manager at NASA’s Jet Propulsion Laboratory in Pasadena, Calif. The mission’s managers on our planet know what to do when such a fault occurs. Although it takes about a day and a half to talk to Voyager 2 at its current distance, they sent commands to restore its normal operations.

But starting on Monday for the next 11 months, they won’t be able to get word to the spry spacecraft in case something again goes wrong (although the probe can still stream data back to Earth). Upgrades and repairs are prompting NASA to take offline a key piece of space age equipment used to beam messages all around the solar system. The downtime is necessary because of a flood of new missions to Mars scheduled to leave Earth this summer. But the temporary shutdown also highlights that the Deep Space Network, essential infrastructure relied upon by NASA and other space agencies, is aging and in need of expensive upgrades. On any given day, NASA communicates with an armada of spacecraft in deep space. These long distance calls require the most powerful radio antennas in the world. Luckily NASA has its own switchboard, the Deep Space Network or DSN.

Read more of this story at Slashdot.

Source: Slashdot

Before Clearview Became a Police Tool, It Was a Secret Plaything of the Rich

Investors and clients of the facial recognition start-up freely used the app on dates and at parties — and to spy on the public. From a report: One Tuesday night in October 2018, John Catsimatidis, the billionaire owner of the Gristedes grocery store chain, was having dinner at Cipriani, an upscale Italian restaurant in Manhattan’s SoHo neighborhood, when his daughter, Andrea, walked in. She was on a date with a man Mr. Catsimatidis didn’t recognize. After the couple sat down at another table, Mr. Catsimatidis asked a waiter to go over and take a photo. Mr. Catsimatidis then uploaded the picture to a facial recognition app, Clearview AI, on his phone. The start-up behind the app has a database of billions of photos, scraped from sites such as Facebook, Twitter and LinkedIn. Within seconds, Mr. Catsimatidis was viewing a collection of photos of the mystery man, along with the web addresses where they appeared: His daughter’s date was a venture capitalist from San Francisco.. Ms. Catsimatidis said she and her date had no idea how her father had identified him so quickly.

Clearview was unknown to the general public until this January, when The New York Times reported that the secretive start-up had developed a breakthrough facial recognition system that was in use by hundreds of law enforcement agencies. The company quickly faced a backlash on multiple fronts. Facebook, Google and other tech giants sent cease-and-desist letters. Lawsuits were filed in Illinois and Virginia, and the attorney general of New Jersey issued a moratorium against the app in that state. […] The Times, however, has identified multiple individuals with active access to Clearview’s technology who are not law enforcement officials. And for more than a year before the company became the subject of public scrutiny, the app had been freely used in the wild by the company’s investors, clients and friends.

Read more of this story at Slashdot.

Source: Slashdot