In a significant departure from previous years, Google today rolled out Android 12 to AOSP but did not launch any devices, including Pixel phones. "Today we're pushing the source to the Android Open Source Project (AOSP) and officially releasing the latest version of Android," [said Dave Burke, VP of Engineering, in a blog post. "Keep an eye out for Android 12 coming to a device near you starting with Pixel in the next few weeks and Samsung Galaxy, OnePlus, Oppo, Realme, Tecno, Vivo, and Xiaomi devices later this year." 9to5Google reports: Traditionally, the AOSP launch of the next version of Android coincides with day one availability for Google phones. That is not the case this year, with Google only revealing that Pixel phones can expect an update in the "next few weeks." Google says over 225,000 people tested Android 12 over the course of the developer previews and betas. [...] Google officially highlights four Android 12 tentpoles for developers as part of today's AOSP availability. This starts with a "new UI for Android" that incorporates Material You (referred to today as "Material Design 3"), redesigned widgets, Notification UI updates, and App launch splash screens. In terms of "Performance," Google says it has "reduced the CPU time used by core system services by 22% and the use of big cores by 15%." We've also improved app startup times and optimized I/O for faster app loading, and for database queries we've improved CursorWindow by as much as 49x for large windows. "More responsive notifications" are achieved by restricting notification trampolines, with Google Photos launching 34% faster after this change. Other changes include Optimized foreground services, Performance classes for devices, and Faster machine learning. "Privacy" is led by the new Settings Dashboard, the ability to only grant apps Approximate location, and a new Nearby devices permission for setting up wearables and other smart home accessories without granting location access. There are also the microphone and camera indicators/toggles. Developers can take advantage of "Better user experience tools" like new APIs to better support rounded screen corners, rich content insertion, AVIF images, enhanced haptics, and new camera/sensor effects. There's also Compatible media transcoding, better debugging, and an Android 12 for Games push.

Read more of this story at Slashdot.

After years of Samsung filling up its stock apps with ads, the company is finally stopping that practice. As of today, Samsung Pay, Weather, and Health have officially stopped serving ads. 9to5Google reports: Users in the Samsung Community Forums found that ads had suddenly disappeared from the Samsung Pay app, and an investigation from the folks over at TizenHelp unearthed a comment from a Samsung employee that confirms some good news. As of today, October 1, Samsung has stopped serving ads to Samsung Pay and Samsung Health. Samsung has technically only confirmed this change in its home country, but we're seeing the changes in the United States as well. Notably, force stopping these apps seems to force the ads to be removed, just in case they're still live for you.

Read more of this story at Slashdot.

Security researchers have found a massive malware operation that has infected more than 10 million Android smartphones across more than 70 countries since at least November 2020 and is making millions of dollars for its operators on a monthly basis. The Record reports: Discovered by mobile security firm Zimperium, the new GriftHorse malware has been distributed via benign-looking apps uploaded on the official Google Play Store and on third-party Android app stores. If users install any of these malicious apps, GriftHorse starts peppering users with popups and notifications that offer various prizes and special offers. Users who tap on these notifications are redirected to an online page where they are asked to confirm their phone number in order to access the offer. But, in reality, users are subscribing themselves to premium SMS services that charge over $35 per month, money that are later redirected into the GriftHorse operators' pockets. Zimperium researchers Aazim Yaswant & Nipun Gupta, who have been tracking the GriftHorse malware for months, described it as "one of the most widespread campaigns the zLabs threat research team has witnessed in 2021." Based on what they've seen until now, the researchers estimated that the GriftHorse gang is currently making between $1.5 million to $4 million per month from their scheme.

Read more of this story at Slashdot.

Google announced plans today to port its Permission Auto-Reset feature from Android 11 to older versions of its mobile operating system, as far back as Android 6. From a report: Launched last fall, the Permission Auto-Reset feature works by automatically withdrawing user permissions from an app that hasn't been opened and used for a few months. "Starting in December 2021, we are expanding this [feature] to billions more devices," Google said today. "This feature will automatically be enabled on devices with Google Play services that are running Android 6.0 (API level 23) or higher." Exempt from this new feature will be device admin apps and enterprise apps where the permissions have been fixed through a general enterprise policy.

Read more of this story at Slashdot.

An anonymous reader writes: Facebook unveiled a new compression technique they call 'Superpack compression.' In a blog post written by software engineer Sapan Bhatia, they claim that their compression improves Android app size by 20% over the default Zip compression used by Android. The post gives an overview of the compression ideas. The basis of these ideas is called out to be a key insight in Kolmogorov Complexity, that any data can be represented in the form of programs that generate that data. Facebook's tool, Superpack, mines out such small programs and optimizes them using compiler techniques.

Read more of this story at Slashdot.

New submitter throx shares a report from Android Police: For months users of the three-year-old Pixel 3 series have been complaining of a common and dreadful problem: seemingly random shutdowns that completely lock their devices. The Pixel 3 and 3 XL have been plagued by the "EDL Mode" bug, which locks the device with no screen or button inputs and makes it more or less impossible to use. To date there's no clear solution to this problem, at least not one that's easily available to even advanced users. Google's official support channels are aware of the issue, and that it seems to be accelerating in terms of users in the last few months. But since more or less every Pixel 3 and 3 XL sold is out of warranty at this point, options are limited. You can start an official support ticket with Google and pay for a repair, or (as one volunteer on the Google support forums suggests) take it into an authorized repair shop to see if their Qualcomm tools can get the phone to wake up. At the time of writing there doesn't seem to be any indication of a user-accessible fix for the EDL issues.

Read more of this story at Slashdot.

If you plan on unlocking the bootloader to root your Galaxy Z Flip 3 or Galaxy Z Fold 3 -- Samsung's two newest foldabes announced earlier this month, you should know that the Korean OEM will disable the cameras. Technically, this has only been confirmed for the Galaxy Z Fold 3, but the Galaxy Z Flip 3 likely has similar restrictions. XDA Developers reports: According to XDA Senior Members [...], the final confirmation screen during the bootloader unlock process on the Galaxy Z Fold 3 mentions that the operation will cause the camera to be disabled. Upon booting up with an unlocked bootloader, the stock camera app indeed fails to operate, and all camera-related functions cease to function, meaning that you can't use facial recognition either. Anything that uses any of the cameras will time out after a while and give errors or just remain dark, including third-party camera apps. It is not clear why Samsung chose the way on which Sony walked in the past, but the actual problem lies in the fact that many will probably overlook the warning and unlock the bootloader without knowing about this new restriction. Re-locking the bootloader does make the camera work again, which indicates that it's more of a software-level obstacle. With root access, it could be possible to detect and modify the responsible parameters sent by the bootloader to the OS to bypass this restriction. However, according to ianmacd, Magisk in its default state isn't enough to circumvent the barrier.

Read more of this story at Slashdot.

An anonymous reader quotes a report from 9to5Google: Google's ambitions in the car led to Android Auto being redesigned a couple of years ago, mostly to positive feedback. However, the version of Android Auto on phone screens was meant to shut down at the time and has been on life support ever since. Now, that version has stopped working for some users. The aptly named "Android Auto for Phone Screens" was launched in 2019 as Google was forced to delay Google Assistant Driving Mode. That feature, which finally started rolling out in 2020, continued into earlier this year, and has expanded since, was supposed to replace the experience on phone screens. At the time, Google called this app a "stopgap" for users who needed an in-car experience but lacked a vehicle compatible with Android Auto. In speaking with Google, we are able to confirm that Android Auto for Phone Screens is, indeed, shutting down with the release of Android 12. The experience will not be available for users on Android 12, but still on older versions of the OS. Google says that Assistant Driving Mode will be "the built-in mobile driving experience" on Android 12. Google's full statement follows: "Google Assistant driving mode is our next evolution of the mobile driving experience. For the people who use Android Auto in supported vehicles, that experience isn't going away. For those who use the on phone experience (Android Auto mobile app), they will be transitioned to Google Assistant driving mode. Starting with Android 12, Google Assistant driving mode will be the built-in mobile driving experience. We have no further details to share at this time."

Read more of this story at Slashdot.

Google's next midrange smartphone is the Pixel 5a, featuring a slightly bigger display than last year's Pixel 4a, a considerably larger battery and IP67 water and dust resistance. It's priced at $449, which is $100 more than the Pixel 4a, and is expected to be the last Google phone to include a charger in the box (sorry Pixel 6 fans). Ars Technica reports: Part of the reason for the price increase is that the Pixel 5a is a bigger phone, with a 6.34-inch display and 73.7 mm width compared to the Pixel 4a's 5.8-inch display and 69.4 mm width. Another big change is the addition of IP67 dust and water resistance, which means the phone should survive submersion in 3 feet of water (1 meter) for 30 minutes. As with the Pixel 5, the Pixel 5a's body is metal coated in plastic instead of the pure plastic body of the Pixel 4a. We didn't see the appeal of this construction in the Pixel 5, but the new phone is presumably stronger now. As usual, we're getting a no-frills design that takes care of the basics. On the front, there's a slim-bezel OLED display and a hole-punch camera in the top right, while there are two cameras (main and wide-angle) and a capacitive fingerprint reader on the back. Specs include a Snapdragon 765G (that's a 7 nm chip with two Cortex A76 cores and six Cortex A55 cores), 6GB of RAM, 128GB of storage, and the biggest battery of any Pixel: 4680 mAh. The main camera is 12.2 MP and looks like the same Sony IMX363 sensor that Google has used for the past four years. There's a 16 MP wide-angle and an 8 MP front camera. Oh yeah, the headphone jack is sticking around for at least one more year. If there's a disappointment with the Pixel 5a, it's the 60 Hz display, which is looking pretty slow in a world where 90 Hz and 120 Hz are often the norm. Another important note is that the Pixel 5a will get three years of major updates and three years of security updates. It's currently available for preorder now and starts shipping on August 26.

Read more of this story at Slashdot.

A previously undocumented Android-based remote access trojan (RAT) has been found to use screen recording features to steal sensitive information on the device, including banking credentials, and open the door for on-device fraud. The Hacker News reports: Dubbed "Vultur" due to its use of Virtual Network Computing (VNC)'s remote screen-sharing technology to gain full visibility on targeted users, the mobile malware was distributed via the official Google Play Store and masqueraded as an app named "Protection Guard," attracting over 5,000 installations. Banking and crypto-wallet apps from entities located in Italy, Australia, and Spain were the primary targets. "For the first time we are seeing an Android banking trojan that has screen recording and keylogging as the main strategy to harvest login credentials in an automated and scalable way," researchers from ThreatFabric said in a write-up shared with The Hacker News. "The actors chose to steer away from the common HTML overlay development we usually see in other Android banking Trojans: this approach usually requires a larger time and effort investment from the actors to create multiple overlays capable of tricking the user. Instead, they chose to simply record what is shown on the screen, effectively obtaining the same end result." Vultur [...] takes advantage of accessibility permissions to capture keystrokes and leverages VNC's screen recording feature to stealthily log all activities on the phone, thus obviating the need to register a new device and making it difficult for banks to detect fraud. What's more, the malware employs ngrok, a cross-platform utility used to expose local servers behind NATs and firewalls to the public internet over secure tunnels, to provide remote access to the VNC server running locally on the phone. Additionally, it also establishes connections with a command-and-control (C2) server to receive commands over Firebase Cloud Messaging (FCM), the results of which, including extracted data and screen captures, are then transmitted back to the server. ThreatFabric's investigation also connected Vultur with another well-known piece of malicious software named Brunhilda, a dropper that utilizes the Play Store to distribute different kinds of malware in what's called a "dropper-as-a-service" (DaaS) operation, citing overlaps in the source code and C2 infrastructure used to facilitate attacks. These ties, the Amsterdam-based cybersecurity services company said, indicate Brunhilda to be a privately operating threat actor that has its own dropper and proprietary RAT Vultur.

Read more of this story at Slashdot.

Google's updated its inappropriate content policy to ban "compensated sexual relationships" -- i.e., sugar daddy or sugar dating apps. Ryne Hager writes via Android Police: If somehow you aren't familiar with the term, a "sugar daddy" is more than a caramel candy on a stick. In the more common vernacular, a sugar daddy is a person -- usually an older man, but you could have a "sugar mommy" or maybe a gender-neutral "sugar parent?" -- that spends or gives money in what is typically a transactional relationship, often for sexual favors. I don't judge, different people enjoy different things, and if all parties are consenting with full knowledge, I don't see how an arrangement like that really harms anyone. But, it seems Google does care, though the company is clear it's not objecting to the nature of the relationship, merely the fact that they're often sexual relationships with a perceived compensation basis, and the company has a blanket ban on sexual content -- at least partly ignoring the primary impulse for many customers behind more generalized dating apps like Tinder and Hinge, as well as many of the messages that even mainstream dating app users swap.

Read more of this story at Slashdot.

Security researchers have discovered a novel piece of Android malware that uses the VNC technology to record and broadcast a victim's smartphone activity, allowing threat actors to collect keyboard presses and app passwords. From a report: First spotted in March 2021 by Dutch security firm ThreatFabric, this new piece of malware, named Vultur, is a departure from other Android malware strains that usually rely on fake login screens floating on top of legitimate apps to collect a victim's credentials. Instead, Vultur opens a VNC server on the infected phone, and broadcasts screen captures to an attacker command and control server, where the Vultur operator extracts passwords for desired apps.

Read more of this story at Slashdot.

In a post titled "What Wear OS 3 means for you," Google provides a few more details about its upcoming Wear OS update plans, which will be the first major Wear OS update since Wear OS 2 in 2018. Unfortunately, as Ars Technica points out, the list of devices receiving the new update are limited to some of Mobvoi's TicWatch devices and Fossil Group's new generation of devices launching later this year. Older Wear OS devices featuring the Wear 3100 SoC, which makes up almost all the current Wear OS devices, will not support the new update. From the report: We still have next to no information about Wear OS 3, but there are a few tidbits in the upgrade announcement indicating that things will be very different. One line in the announcement lays out the requirement for a mandatory factory reset for any Wear 4100 devices upgrading from Wear OS 2 to version 3. Wear OS 3 is apparently so different that user data can't be ported over, and all local data will need to be wiped. We've certainly heard Google and Samsung talk about how Wear OS 3 will combine the "best of Wear OS and Tizen," indicating that even the base OS might be rebuilt. Google also vaguely tells 4100 upgraders that "in some limited cases, the user experience will also be impacted." Is this a reference to the 4100 performance or the app selection and features compared to Wear OS 2? It's hard to say. Because Wear OS 3 will be so different, Google says it won't force the upgrade on 4100 users: "We expect that for these reasons, some of you will prefer to keep your current Wear OS experience. Therefore, we will offer the system upgrade on an opt-in basis for eligible devices. We will provide more details in advance of the update so you can make an informed decision. We expect our partners to be able to roll out the system update starting in mid to second half of 2022." The Samsung Watch with Wear OS 3 is expected to ship sometime in August 2021, so the partner time of "2H 2022" -- potentially a year after Samsung's release -- is surprisingly late. Android has typically been very good at letting partners get early access to code, so (at least the ones that care) can be ready for launch, but this suggests Samsung is getting a huge head start. Google's message that upcoming Fossil watches, launching later this year, will be "eligible for upgrade" to Wear OS 3 also suggests that we might see Wear OS 2 devices launch from other companies after Samsung launches Wear OS 3 next month.

Read more of this story at Slashdot.

Nvidia's Shield TVs are some of the best streaming video boxes on the market, but following a recent update to Android TV, Shield TV users are starting to see ads on their home screen and they aren't happy about it. From a report: The latest update to Android TV on Shield TV devices began rolling out earlier this month and featured a small UI redesign that added large banner images to Android TV's home screen, similar to what you get when using Google TV devices like the Chromecast with Google TV. Now technically, Google calls these banner images "recommendations," as they are regularly updated and rotated to help users find new streaming content Google thinks they might enjoy. However, a number of Shield TV users consider these images to be advertisements (especially when they recommend shows on services users aren't even subscribed to), and as such, have taken to showing their displeasure with the recent update by review bombing the listing for the Android TV Home app, which now has a one-star rating across more than 800 reviews.

Read more of this story at Slashdot.

ASUS and Qualcomm have teamed up to make a smartphone that shows off some of the latter's mobile tech. Although the phone is ostensibly for the 1.6 million members of the Snapdragon Insiders program (which is a bit like Microsoft's Windows Insider early-access scheme), it'll be more broadly available by August. From a report: The snappily named Smartphone for Snapdragon Insiders harnesses Qualcomm's Snapdragon 888 5G chipset with a 2.84 GHz octa-core processor and the Adreno 660 GPU. It has what Qualcomm describes as "the most comprehensive support for all key 5G sub-6 and mmWave bands" of any device, along with WiFi 6 and WiFi 6E support with speeds of up to 3.6 Gbps. You'll get 16GB of LPDDR5 memory and 512GB of storage. The 6.78-inch AMOLED display from Samsung has a 144 Hz refresh rate, which could help make it a solid gaming phone. The screen has up to 1,200 nits of brightness and it's HDR10 and HDR10+ certified. The phone has three rear cameras: a 64MP main lens, 12MP ultrawide camera and 8MP telephoto. The array can capture video in up to 8K. The device also has a 24MP front camera and AI auto-zoom. You'll be able to buy the $1,499 device at ASUSTeK's eShop and other retailers.

Read more of this story at Slashdot.

If you use an iPhone or Android phone, chances are the majority of your most-used apps were made by Apple and Google. From a report: That's the takeaway from a new Comscore study that ranks the popularity of preinstalled iOS and Android apps, such as Apple's Messages, alongside apps made by other developers. The results show that the majority of apps people use on their phones in the US come preinstalled by either Apple or Google. The first-of-its-kind report was commissioned by Facebook, one of Apple's loudest critics, and shared exclusively with The Verge. Preinstalled services dominate when it comes to basics like weather, photos, and clocks, according to the report, suggesting these categories will be difficult for other apps to compete in. Defaults don't win out exclusively, though: Apple Maps and Music don't appear on the iOS list at all, and Gmail makes the iOS list several entries below Apple Mail. The timing, as Facebook likely intentioned, is apt: Apple and Google are increasingly under scrutiny for how they favor their own services over competitors like Spotify. US lawmakers are currently reviewing a new set of bills designed to curb the power of Big Tech, including legislation that could potentially bar Apple and Google from giving their services the upper hand against rivals. The pushback stems from how Apple and Google bundle their apps and services with their mobile operating systems in ways that some of their competitors think is unfair. The criticism is harsher against Apple, given that it more tightly controls the apps that come preinstalled on the iPhone and doesn't allow developers to circumvent its App Store.

Read more of this story at Slashdot.

Last month, it was revealed that OnePlus will become an Oppo sub-brand. Now, the company announced that it's also merging OxygenOS with Oppo's ColorOS operating system. 9to5Google reports: In a forum post today, OnePlus explains that the sub-brand of Oppo is "working on integrating the codebase of OxygenOS and ColorOS." Apparently, the change will go unnoticed because it is happening behind the scenes: "This is a change that you will likely not even notice since it's happening behind the scenes. We now have a larger and even more capable team of developers, more advanced R&D resources, and a more streamlined development process all coming together to improve the OxygenOS experience." OnePlus also further reiterates that OxygenOS will remain the "global" operating system for OnePlus-branded devices rather than ColorOS, which runs on Oppo devices and OnePlus devices in China, too. It's not mentioned if OxygenOS will change visually, but it's fairly clear that will happen based on early looks at the Android 12 Beta which is available for OnePlus 9 devices. The bright side of this change, however, is that OnePlus will be committing to a stronger Android update schedule that delivers at least three years of support to the company's entire portfolio.

Read more of this story at Slashdot.

Famed software engineer Miguel de Icaza confirmed on Twitter that you will be able to sideload Android APKs in Windows 11. Android Authority reports: Yesterday, Microsoft surprised us all by announcing that Windows 11 will support native Android app installation. Using the Microsoft Store, you'll be able to search for, install, and use Android apps right on your PC. This is possible through an integration of the Amazon App Store. However, a big question loomed over the announcement: would you be able to sideload Android APKs on Windows 11? Sideloading apps would allow you to install Android programs from outside the Microsoft Store, which would give you a much larger potential library. It seems the answer to that question is "yes," at least according to famed engineer Miguel de Icaza. Miguel is responsible for numerous software projects, including GNOME, and currently works at Microsoft. However, his Twitter bio explicitly says "Working at Microsoft, not speaking for them," so we need to take this news with some skepticism. Of course, it's not quite clear how sideloading Android APKs on Windows 11 will work. Will you be able to simply download an APK as you would an EXE, double-click it, and install it? Or will there be some sort of workaround protocol? We'll need to wait to see how this develops.

Read more of this story at Slashdot.

Android and Windows users will finally be able to join FaceTime calls. From a report: During its WWDC keynote, Apple announced that FaceTime is going to be available on the web so users can call in from Android devices and Windows PCs. The video calling service was previously only available on iOS and Mac devices. Apple is turning FaceTime into a bit more of a Zoom-like video calling service with this update. FaceTime is also going to allow you to grab a link to a scheduled call, so that you can share it with people in advance and join in at the right time.

Read more of this story at Slashdot.

It's going to get harder for Android apps to track users who've opted out of receiving personalized ads, the Financial Times reports, after Google announced changes to how it'll handle the unique device identifiers that allow marketers to track them between apps. From a report: Starting later this year, Google is cutting off access to these "Advertising IDs" after a user opts out, and will show developers a "string of zeros" in its place. The news was announced in an email to Play Store developers, and Google has also updated its support page for Advertising IDs with the announcement. Google told developers the changes will "provide users with more control over their data, and help bolster security and privacy," the Financial Times reports. The change comes a few short months after Apple overhauled how advertising IDs work on iOS in an apparent attempt to compete with the new policy.

Read more of this story at Slashdot.