The number of people using Android Apps on Chromebooks grew 50 percent year over year, according to a blog post from Chrome OS product managers Fahd Imtiaz and Sanj Nathwani this week. The execs cited internal Google data recorded from 2020-2021. From a report: In 2021, as some smartphones moved to Android 12, Google worked on updating Chromebooks to support Android 11, while attempting to boost security and performance by bringing Android on Chrome OS to a virtual machine, rather than a container. The company also improved its general usability, using runtime improvements to make the resizing and scaling of Android apps on Chromebooks work better, as well as app rendering. As the developer-focused blog noted, Chromebooks on Chrome OS 93 or newer (the latest is Chrome OS 96) automatically run Android apps made for mobile devices in a window that's set to stay in a "phone or tablet orientation." And, yes, you can turn this feature off. Additionally, Imtiaz and Nathwani pointed to Android's Nearby Share feature coming to Chrome 96 for Android 11 and Android 9 apps as another way to try to get developers excited about making their apps fit devices with larger screens.

Read more of this story at Slashdot.

Google's Pixel 6 line may have served as Android 12's big debut for higher-end phones, but Android 12 (Go edition) plans to bring many of the enhancements and features of Android 12 to lower-end phones, too. Google on Tuesday unveiled a host of new features for the Go edition that are set to roll out to devices in 2022. From a report: Google says that in addition to speed enhancements that'll help apps launch up to 30% faster, Android 12 (Go edition) will include a feature that'll save battery life and storage by automatically "hibernating apps that haven't been used for extended periods of time." And with the Files Go app, you'll be able to recover files within 30 days of deletion. Android 12 (Go edition) will also help you easily translate any content, listen to the news and share apps with nearby devices offline to save data, Google says. The company said Android Go has amassed 200 million users.

Read more of this story at Slashdot.

Apple has released a new Android app called Tracker Detect, designed to help people who don't own iPhones or iPads to identify unexpected AirTags and other Find My network-equipped sensors that may be nearby. CNET reports: The new app, which Apple released on the Google Play store Monday, is intended to help people look for item trackers compatible with Apple's Find My network. "If you think someone is using AirTag or another device to track your location," the app says, "you can scan to try to find it." If the Tracker Detector app finds an unexpected AirTag that's away from its owner, for example, it will be marked in the app as "Unknown AirTag." The Android app can then play a sound within 10 minutes of identifying the tracker. It may take up to 15 minutes after a tracker is separated from its owner before it shows up in the app, Apple said. If the tracker identified is an AirTag, Apple will offer instructions within the app to remove its battery. Apple also warns within the app that if the person feels their safety is at risk because of the item tracker, they should contact law enforcement. [...] The Tracker Detect app, which Apple first discussed in June, requires users to actively scan for a device before it'll be identified. Apple doesn't require users have an Apple account in order to use the detecting app. If the AirTag is in "lost mode," anyone with an NFC-capable device can tap it and receive instructions for how to return it to its owner. Apple said all communication is encrypted so that no one, including Apple, knows the location or identity of people or their devices.

Read more of this story at Slashdot.

Google is bringing Android games from Google Play to Windows laptops, PCs, and tablets, the company announced on Thursday. Gizmodo reports: Google announced a standalone Google Play Games launcher that lets gamers play mobile titles on Windows PCs at The Game Show Awards on Thursday. The upcoming app will allow players to close out of their game on one device and resume playing where they left off on another. This means you could switch between a Chromebook, Windows PC, and Android phone without losing saved data. The app, which is being built and distributed by Google, runs games locally on your system, no cloud streaming required. So far, Google has only teased the service in a brief video clip, so some important details haven't been revealed. We do, however, know it is set to arrive sometime in 2022.

Read more of this story at Slashdot.

JoeyRox writes: Last week, a Reddit user reported that they weren't able to call 911 using their Pixel 3 and later said they were working with Google support to figure out the issue. Yesterday, Google announced what was causing the issue in a reply to the post: an "unintended interaction between the Microsoft Teams app and the underlying Android operating system." In its comment, Google says that the bug happens when someone is using Android 10 or later and has Teams installed but isn't logged into the app. The company says that Microsoft will be releasing an update to Teams "soon" to prevent the issue and that there's an update to Android coming January 4th.

Read more of this story at Slashdot.

Over 300,000 Android smartphone users have downloaded what turned out to be banking trojans after falling victim to malware that has bypassed detection by the Google Play app store. ZDNet reports: Detailed by cybersecurity researchers at ThreatFabric, the four different forms of malware are delivered to victims via malicious versions of commonly downloaded applications, including document scanners, QR code readers, fitness monitors and cryptocurrency apps. The apps often come with the functions that are advertised in order to avoid users getting suspicious. In each case, the malicious intent of the app is hidden and the process of delivering the malware only begins once the app has been installed, enabling them to bypass Play Store detections. The most prolific of the four malware families is Anatsa, which has been installed by over 200,000 Android users -- researchers describe it as an "advanced" banking trojan that can steal usernames and passwords, and uses accessibility logging to capture everything shown on the user's screen, while a keylogger allows attackers to record all information entered into the phone. [...] The second most prolific of the malware families detailed by researchers at ThreatFabric is Alien, an Android banking trojan that can also steal two-factor authentication capabilities and which has been active for over a year. The malware has received 95,000 installations via malicious apps in the Play Store. [...] The other two forms of malware that have been dropped using similar methods in recent months are Hydra and Ermac, which have a combined total of at least 15,000 downloads. ThreatFabric has linked Hydra and Ermac to Brunhilda, a cyber-criminal group known to target Android devices with banking malware. Both Hydra and Ermac provide attackers with access to the device required to steal banking information. ThreatFabric has reported all of the malicious apps to Google and they've either already been removed or are under review.

Read more of this story at Slashdot.

Amid a heightened amount of scrutiny and tension surrounding the App Store and how users download and install apps on the iPhone, Apple CEO Tim Cook said today that customers who wish to sideload apps should consider purchasing an Android device as the experience offered by the iPhone maximizes their security and privacy. From a report: Speaking at The New York Times "DealBook" summit, Cook said that customers currently already have a choice between wanting a secure and protected platform or an ecosystem that allows for sideloading. "I think that people have that choice today, Andrew. If you want to sideload, you can buy an Android phone." Cook drew the comparison of sideloading to a carmaker selling a car without airbags or seatbelt, saying it would be "too risky." "I think that people have that choice today, Andrew, if you want to sideload, you can buy an Android phone. That choice exists when you go into the carrier shop. If that is important to you, then you should buy an Android phone. From our point of view, it would be like if I were an automobile manufacturer telling [a customer] not to put airbags and seat belts in the car. He would never think about doing this in today's time. It's just too risky to do that. And so it would not be an iPhone if it didn't maximize security and privacy," he said.

Read more of this story at Slashdot.

Netflix, the video-streaming giant, began its expected foray into video games with the introduction of five mobile games to its users worldwide, playable initially on Android devices. From a report: The titles are included in a Netflix subscription, and there'll be no advertising or additional purchases required, Mike Verdu, Netflix's vice president of game development, said Tuesday. The streaming company has targeted video games as its next big thing -- it's an industry that's larger than the movie and TV businesses. Players logging in will see a dedicated games row and tab where they can choose which titles to play. Games for Apple's iPhone are also planned. The initial offering includes titles linked to Netflix shows, such as Stranger Things: 1984 and Stranger Things 3: The Game. Also included are Shooting Hoops, Card Blast and Teeter Up.

Read more of this story at Slashdot.

"New Android malware can root infected devices to take complete control and silently tweak system settings, as well as evade detection using code abstraction and anti-emulation checks," reports BleepingComputer. Cybersecurity company Lookout said on its blog that they'd spotted the malware on Google Play "and prominent third-party stores such as the Amazon Appstore and the Samsung Galaxy Store.... To protect Android users, Google promptly removed the app as soon as we notified them of the malware." We named the malware "AbstractEmu" after its use of code abstraction and anti-emulation checks to avoid running while under analysis. A total of 19 related applications were uncovered, seven of which contain rooting functionality, including one on Play that had more than 10,000 downloads... This is a significant discovery because widely-distributed malware with root capabilities have become rare over the past five years. As the Android ecosystem matures there are fewer exploits that affect a large number of devices, making them less useful for threat actors... By using the rooting process to gain privileged access to the Android operating system, the threat actor can silently grant themselves dangerous permissions or install additional malware — steps that would normally require user interaction. Elevated privileges also give the malware access to other apps' sensitive data, something not possible under normal circumstances... AbstractEmu does not have any sophisticated zero-click remote exploit functionality used in advanced APT-style threats, it is activated simply by the user having opened the app. As the malware is disguised as functional apps, most users will likely interact with them shortly after downloading... By rooting the device, the malware is able to silently modify the device in ways that would otherwise require user interaction and access data of other apps on the device. "Apps bundling the malware included password managers and tools like data savers and app launchers," reports BleepingComputer, "all of them providing the functionality they promised to avoid raising suspicions..." Lookout's blog post said they'd spotted people affected by the malware in 17 different countries.

Read more of this story at Slashdot.

Today, Google has officially launched Android 12 for select Pixel devices. The Verge reports: It's available to install right now on Pixel 3 and up, including the Pixel 3A, Pixel 4, Pixel 4A, Pixel 4A 5G, the Pixel 5, and the Pixel 5A. It'll launch on the Pixel 6 and Pixel 6 Pro, as well. Android 12 will be coming later this year to Samsung Galaxy, OnePlus, Oppo, Realme, Tecno, Vivo, and Xiaomi devices. The most noticeable feature in Android 12 is the new Material You design, which lets you go a little deeper to tweak the look of the homescreen to your liking. It's more expressive than previous versions of Android, with tools to let you coordinate colors that can extend across app icons, pull-down menus, widgets, and more. Speaking of widgets, many of those have been updated to match the new look, and Google shared today that by the end of October, it plans to have over a dozen new or refreshed widgets available for its first-party apps. Google has published a blog post detailing more features available in this release, including the "Pixel-first" features like Material You.

Read more of this story at Slashdot.

Apple said today that one of the reasons it does not allow app sideloading or the use of third-party app stores on iOS is because of privacy and security reasons, pointing to the fact that Android sees between 15 to 47 times more malware compared to its app ecosystem. The Record reports: Apple says that the reason its iOS devices are locked into the App Store as the only way to install applications is for security reasons, as this allows its security teams to scan applications for malicious content before they reach users. Apple cited statements from multiple sources (DHS, ENISA, Europol, Interpol, NIST, Kaspersky, Wandera, and Norton), all of which had previously warned users against installing apps from outside official app stores, a process known as app sideloading. Apple's report then goes on to list multiple malware campaigns targeting Android devices where the threat actors asked users to sideload malicious apps hosted on internet sites or third-party app stores. [...] The list includes a host of threats, such as mundane adware, dangerous ransomware, funds-stealing banking trojans, commercial spyware, and even nation-state malware, which Apple said threat actors have spread by exploiting the loophole in Android's app installation process that allows anyone to install apps from anywhere on the internet. Today's 31-page report (PDF) is the second iteration of the same report, with a first version (PDF) being published back in June, shortly after EU authorities announced their investigation.

Read more of this story at Slashdot.

A new study (PDF) by a team of university researchers in the UK has unveiled a host of privacy issues that arise from using Android smartphones. BleepingComputer reports: The researchers have focused on Samsung, Xiaomi, Realme, and Huawei Android devices, and LineageOS and /e/OS, two forks of Android that aim to offer long-term support and a de-Googled experience. The conclusion of the study is worrying for the vast majority of Android users: "With the notable exception of /e/OS, even when minimally configured and the handset is idle these vendor-customized Android variants transmit substantial amounts of information to the OS developer and also to third parties (Google, Microsoft, LinkedIn, Facebook, etc.) that have pre-installed system apps." As the summary table indicates, sensitive user data like persistent identifiers, app usage details, and telemetry information are not only shared with the device vendors, but also go to various third parties, such as Microsoft, LinkedIn, and Facebook. And to make matters worse, Google appears at the receiving end of all collected data almost across the entire table. It is important to note that this concerns the collection of data for which there's no option to opt-out, so Android users are powerless against this type of telemetry. This is particularly concerning when smartphone vendors include third-party apps that are silently collecting data even if they're not used by the device owner, and which cannot be uninstalled. For some of the built-in system apps like miui.analytics (Xiaomi), Heytap (Realme), and Hicloud (Huawei), the researchers found that the encrypted data can sometimes be decoded, putting the data at risk to man-in-the-middle (MitM) attacks. As the study points out, even if the user resets the advertising identifiers for their Google Account on Android, the data-collection system can trivially re-link the new ID back to the same device and append it to the original tracking history. The deanonymization of users takes place using various methods, such as looking at the SIM, IMEI, location data history, IP address, network SSID, or a combination of these. In response to the report, a Google spokesperson said: "While we appreciate the work of the researchers, we disagree that this behavior is unexpected -- this is how modern smartphones work. As explained in our Google Play Services Help Center article, this data is essential for core device services such as push notifications and software updates across a diverse ecosystem of devices and software builds. For example, Google Play services uses data on certified Android devices to support core device features. Collection of limited basic information, such as a device's IMEI, is necessary to deliver critical updates reliably across Android devices and apps."

Read more of this story at Slashdot.

In a significant departure from previous years, Google today rolled out Android 12 to AOSP but did not launch any devices, including Pixel phones. "Today we're pushing the source to the Android Open Source Project (AOSP) and officially releasing the latest version of Android," [said Dave Burke, VP of Engineering, in a blog post. "Keep an eye out for Android 12 coming to a device near you starting with Pixel in the next few weeks and Samsung Galaxy, OnePlus, Oppo, Realme, Tecno, Vivo, and Xiaomi devices later this year." 9to5Google reports: Traditionally, the AOSP launch of the next version of Android coincides with day one availability for Google phones. That is not the case this year, with Google only revealing that Pixel phones can expect an update in the "next few weeks." Google says over 225,000 people tested Android 12 over the course of the developer previews and betas. [...] Google officially highlights four Android 12 tentpoles for developers as part of today's AOSP availability. This starts with a "new UI for Android" that incorporates Material You (referred to today as "Material Design 3"), redesigned widgets, Notification UI updates, and App launch splash screens. In terms of "Performance," Google says it has "reduced the CPU time used by core system services by 22% and the use of big cores by 15%." We've also improved app startup times and optimized I/O for faster app loading, and for database queries we've improved CursorWindow by as much as 49x for large windows. "More responsive notifications" are achieved by restricting notification trampolines, with Google Photos launching 34% faster after this change. Other changes include Optimized foreground services, Performance classes for devices, and Faster machine learning. "Privacy" is led by the new Settings Dashboard, the ability to only grant apps Approximate location, and a new Nearby devices permission for setting up wearables and other smart home accessories without granting location access. There are also the microphone and camera indicators/toggles. Developers can take advantage of "Better user experience tools" like new APIs to better support rounded screen corners, rich content insertion, AVIF images, enhanced haptics, and new camera/sensor effects. There's also Compatible media transcoding, better debugging, and an Android 12 for Games push.

Read more of this story at Slashdot.

After years of Samsung filling up its stock apps with ads, the company is finally stopping that practice. As of today, Samsung Pay, Weather, and Health have officially stopped serving ads. 9to5Google reports: Users in the Samsung Community Forums found that ads had suddenly disappeared from the Samsung Pay app, and an investigation from the folks over at TizenHelp unearthed a comment from a Samsung employee that confirms some good news. As of today, October 1, Samsung has stopped serving ads to Samsung Pay and Samsung Health. Samsung has technically only confirmed this change in its home country, but we're seeing the changes in the United States as well. Notably, force stopping these apps seems to force the ads to be removed, just in case they're still live for you.

Read more of this story at Slashdot.

Security researchers have found a massive malware operation that has infected more than 10 million Android smartphones across more than 70 countries since at least November 2020 and is making millions of dollars for its operators on a monthly basis. The Record reports: Discovered by mobile security firm Zimperium, the new GriftHorse malware has been distributed via benign-looking apps uploaded on the official Google Play Store and on third-party Android app stores. If users install any of these malicious apps, GriftHorse starts peppering users with popups and notifications that offer various prizes and special offers. Users who tap on these notifications are redirected to an online page where they are asked to confirm their phone number in order to access the offer. But, in reality, users are subscribing themselves to premium SMS services that charge over $35 per month, money that are later redirected into the GriftHorse operators' pockets. Zimperium researchers Aazim Yaswant & Nipun Gupta, who have been tracking the GriftHorse malware for months, described it as "one of the most widespread campaigns the zLabs threat research team has witnessed in 2021." Based on what they've seen until now, the researchers estimated that the GriftHorse gang is currently making between $1.5 million to $4 million per month from their scheme.

Read more of this story at Slashdot.

Google announced plans today to port its Permission Auto-Reset feature from Android 11 to older versions of its mobile operating system, as far back as Android 6. From a report: Launched last fall, the Permission Auto-Reset feature works by automatically withdrawing user permissions from an app that hasn't been opened and used for a few months. "Starting in December 2021, we are expanding this [feature] to billions more devices," Google said today. "This feature will automatically be enabled on devices with Google Play services that are running Android 6.0 (API level 23) or higher." Exempt from this new feature will be device admin apps and enterprise apps where the permissions have been fixed through a general enterprise policy.

Read more of this story at Slashdot.

An anonymous reader writes: Facebook unveiled a new compression technique they call 'Superpack compression.' In a blog post written by software engineer Sapan Bhatia, they claim that their compression improves Android app size by 20% over the default Zip compression used by Android. The post gives an overview of the compression ideas. The basis of these ideas is called out to be a key insight in Kolmogorov Complexity, that any data can be represented in the form of programs that generate that data. Facebook's tool, Superpack, mines out such small programs and optimizes them using compiler techniques.

Read more of this story at Slashdot.

New submitter throx shares a report from Android Police: For months users of the three-year-old Pixel 3 series have been complaining of a common and dreadful problem: seemingly random shutdowns that completely lock their devices. The Pixel 3 and 3 XL have been plagued by the "EDL Mode" bug, which locks the device with no screen or button inputs and makes it more or less impossible to use. To date there's no clear solution to this problem, at least not one that's easily available to even advanced users. Google's official support channels are aware of the issue, and that it seems to be accelerating in terms of users in the last few months. But since more or less every Pixel 3 and 3 XL sold is out of warranty at this point, options are limited. You can start an official support ticket with Google and pay for a repair, or (as one volunteer on the Google support forums suggests) take it into an authorized repair shop to see if their Qualcomm tools can get the phone to wake up. At the time of writing there doesn't seem to be any indication of a user-accessible fix for the EDL issues.

Read more of this story at Slashdot.

If you plan on unlocking the bootloader to root your Galaxy Z Flip 3 or Galaxy Z Fold 3 -- Samsung's two newest foldabes announced earlier this month, you should know that the Korean OEM will disable the cameras. Technically, this has only been confirmed for the Galaxy Z Fold 3, but the Galaxy Z Flip 3 likely has similar restrictions. XDA Developers reports: According to XDA Senior Members [...], the final confirmation screen during the bootloader unlock process on the Galaxy Z Fold 3 mentions that the operation will cause the camera to be disabled. Upon booting up with an unlocked bootloader, the stock camera app indeed fails to operate, and all camera-related functions cease to function, meaning that you can't use facial recognition either. Anything that uses any of the cameras will time out after a while and give errors or just remain dark, including third-party camera apps. It is not clear why Samsung chose the way on which Sony walked in the past, but the actual problem lies in the fact that many will probably overlook the warning and unlock the bootloader without knowing about this new restriction. Re-locking the bootloader does make the camera work again, which indicates that it's more of a software-level obstacle. With root access, it could be possible to detect and modify the responsible parameters sent by the bootloader to the OS to bypass this restriction. However, according to ianmacd, Magisk in its default state isn't enough to circumvent the barrier.

Read more of this story at Slashdot.

An anonymous reader quotes a report from 9to5Google: Google's ambitions in the car led to Android Auto being redesigned a couple of years ago, mostly to positive feedback. However, the version of Android Auto on phone screens was meant to shut down at the time and has been on life support ever since. Now, that version has stopped working for some users. The aptly named "Android Auto for Phone Screens" was launched in 2019 as Google was forced to delay Google Assistant Driving Mode. That feature, which finally started rolling out in 2020, continued into earlier this year, and has expanded since, was supposed to replace the experience on phone screens. At the time, Google called this app a "stopgap" for users who needed an in-car experience but lacked a vehicle compatible with Android Auto. In speaking with Google, we are able to confirm that Android Auto for Phone Screens is, indeed, shutting down with the release of Android 12. The experience will not be available for users on Android 12, but still on older versions of the OS. Google says that Assistant Driving Mode will be "the built-in mobile driving experience" on Android 12. Google's full statement follows: "Google Assistant driving mode is our next evolution of the mobile driving experience. For the people who use Android Auto in supported vehicles, that experience isn't going away. For those who use the on phone experience (Android Auto mobile app), they will be transitioned to Google Assistant driving mode. Starting with Android 12, Google Assistant driving mode will be the built-in mobile driving experience. We have no further details to share at this time."

Read more of this story at Slashdot.