Back in 2021, Samsung brought SmartThings to Android Auto. Google is now opening the door for more smart home/Internet of Things (IoT) apps on Android Auto and Automotive. 9to5Google reports: Android Auto today supports media and mapping/navigation apps. Google is now "enabling developers to bring [IoT] apps to cars." This might include controlling home security and doors from a touchscreen UI rather than having to rely on voice commands (assuming Google Assistant supports your home ecosystem). Google offers driving-optimized templates in the Android for Cars App Library, with testing via the Automotive OS emulator for Android Automotive OS and the DHU for Android Auto. Expect a consistent grid-based layout throughout apps. In fact, "drivers of cars using Android Auto can now download IOT apps developed with the Android for Cars App Library immediately from Google Play."

Read more of this story at Slashdot.

The first beta of Google's Android 14 OS is available to download today, introducing new features focused on system navigation, privacy, performance, and user customization. From a report We already had a good idea of what to expect thanks to the first two developer-only previews, but the beta release is the first opportunity for the general public to test the changes. Gesture navigation has been updated to include a more conspicuous Material You-themed back arrow that adjusts to complement the device's theme or wallpaper. Aside from arguably being more aesthetically pleasing, the updated back arrow is designed to help users better understand Android 14's predictive back gesture experience, which now previews the screen users are navigating to within applications. Android 14 also introduces a new system share sheet -- the page that opens when you tap to share content. This allows developers to add custom app-specific actions to the top of the share menu. Google describes this as a "superior" experience compared to the existing Android share sheets in which share targets (the app you're sharing content to) are always sorted alphabetically. The new share sheet also uses more app signals to determine where the direct share targets that appear toward the top of the page should rank (though it's not clear what exactly those signals are).

Read more of this story at Slashdot.

South Korea's antitrust regulator has fined Alphabet's Google 42.1 billion won ($31.88 million) for blocking the release of mobile video games on a competitor's platform. From a report: The Korea Fair Trade Commission (KFTC) said on Tuesday that Google bolstered its market dominance, and hurt local app market One Store's revenue and value as a platform, by requiring video game makers to exclusively release their titles on Google Play in exchange for providing in-app exposure between June 2016 and April 2018. Google said it will review the final decision by the KFTC to evaluate the next course of action. "Google makes substantial investments in the success of developers, and we respectfully disagree with the KFTC's conclusions", a spokesperson said. The KFTC said the move against the U.S. technology giant is part of efforts by the government to ensure fair markets.

Read more of this story at Slashdot.

If you want to sneak malware onto people's Android devices via the official Google Play store, it may cost you about $20,000 to do so, Kaspersky suggests. The Register reports: This comes after the Russian infosec outfit studied nine dark-web markets between 2019 and 2023, and found a slew of code and services for sale to infect and hijack the phones and tablets of Google Play users. Before cybercriminals can share their malicious apps from Google's official store, they'll need a Play developer account, and Kaspersky says those sell for between $60 and $200 each. Once someone's bought one of these accounts, they'll be encouraged use something called a loader. Uploading straight-up spyware to the Play store for people to download and install may attract Google's attention, and cause the app and developer account to be thrown out. A loader will attempt to avoid that: it's software a criminal can hide in their otherwise innocent legit-looking app, installed from the official store, and at some convenient point, the loader will fetch and apply an update for the app that contains malicious code that does stuff like steal data or commit fraud. That update may ask for extra permissions to access the victim's files, and may need to be pulled from an unofficial store with the victim's blessing; it depends on the set up. The app may refuse to work as normal until the loader is allowed to do its thing, convincing marks into opening up their devices to crooks. These tools are more pricey, ranging from $2,000 to $20,000, depending on the complexity and capabilities required. Would-be crims who don't want to pay thousands for a loader can pay substantially less -- between $50 and $100 -- for a binding service, which hides a malicious APK file in a legitimate application. However, these have lower successful install rates compared to loaders, so even in the criminal underground you get what you pay for. Some other illicit services offered for sale on these forums include virtual private servers ($300), which allow attackers to redirect traffic or control infected devices, and web injectors ($25 to $80) that look out for victims' visiting selected websites on their infected devices and replacing those pages with malicious ones that steal login info or similar. Criminals can pay for obfuscation of their malware, and they may even get a better price if they buy a package deal. "One of the sellers offers obfuscation of 50 files for $440, while the cost of processing only one file by the same provider is about $30," Team Kaspersky says. Additionally, to increase the number of downloads to a malicious app, thus making it more attractive to other mobile users, attackers can buy installs for 10 cents to $1 apiece. Kaspersky's report can be found here.

Read more of this story at Slashdot.

Google wants to make it as easy to scrub an app account as it is to create one. The company has announced that Android apps on the Play Store will soon have to let you delete an account and its data both inside the app and on the web. Developers will also have to wipe data for an account when users ask to delete the account entirely. From a report: The move is meant to "better educate" users on the control they have over their data, and to foster trust in both apps and the Play Store at large. It also provides more flexibility. You can delete certain data (such as your uploaded content) without having to completely erase your account, Google says. The web requirement also ensures that you won't have to reinstall an app just to purge your info. The policy is taking effect in stages. Creators have until December 7th to answer questions about data deletion in their app's safety form. Store listings will start showing the changes in early 2024. Developers can file for an extension until May 31st of next year.

Read more of this story at Slashdot.

An anonymous reader writes: Android manufacturers occasionally try to push this idea of a "gaming smartphone" -- usually, these companies try to extend the "PC gamer" design motif to smartphones, with RGB LEDs and aggressive marketing. Since Android games are mostly casual pay-to-win tap fests, though, we often have to ask, does anyone want a gaming smartphone? If you're Lenovo, the answer is apparently "no," as Android Authority reports Lenovo is killing the "Legion" gaming phone business.

Read more of this story at Slashdot.

Security researchers at Moscow-based Kaspersky Lab have identified and outlined potential malware in versions of PDD Holdings' Chinese shopping app Pinduoduo, days after Google suspended it from its Android app store. From a report: In one of the first public accountings of the malicious code, Kaspersky laid out how the app could elevate its own privileges to undermine user privacy and data security. It tested versions of the app distributed through a local app store in China, where Huawei Technologies, Tencent Holdings and Xiaomi run some of the biggest app markets. Kaspersky's findings, shared with Bloomberg News, were among the clearest explanations from an independent security team for what triggered Google's action and malware warning last week. The cybersecurity firm, which has played a role in uncovering some of the biggest cyberattacks in history, said it found evidence that earlier versions of Pinduoduo exploited system software vulnerabilities to install backdoors and gain unauthorized access to user data and notifications. Those conclusions agreed in large part with those of researchers that had posted their discoveries online in past weeks, though Bloomberg News hasn't verified the authenticity of the earlier reports.

Read more of this story at Slashdot.

Remember when Pebble founder Eric Migicovsky released an impassioned plea for someone, anyone, to make a small Android phone that would compete with the iPhone Mini? He's taking matters into his own hands. From a report: Now that Apple has stopped making new small phones, Migicovsky's Small Android Phone petition has evolved into a "community-based project" -- where that community includes a team working to design and produce the phone that Migicovsky wants. The petition got 38,700 signatures, and "almost all of that came from literally one article from The Verge," one team member revealed in a design call. The Small Android Phone team -- it's not a company, yet -- has been doing a lot of planning right under our noses. In a small Discord, they've quietly revealed their efforts to source a display, choose a chip, and design the body of the phone. They've even discussed how they might pay for it all. Diehard small phone enthusiasts are invited to give feedback at every step of the process as the team attempts to bend the phone market to their will.

Read more of this story at Slashdot.

Google's security research unit is sounding the alarm on a set of vulnerabilities it found in certain Samsung chips included in dozens of Android models, wearables and vehicles, fearing the flaws could be soon discovered and exploited. From a report: Google's Project Zero head Tim Willis said the in-house security researchers found and reported 18 zero-day vulnerabilities in Exynos modems produced by Samsung over the past few months, including four top-severity flaws that could compromise affected devices "silently and remotely" over the cellular network. "Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim's phone number," Willis said. By gaining the ability to remotely run code at a device's baseband level -- essentially the Exynos modems that convert cell signals to digital data -- an attacker would be able to gain near-unfettered access to the data flowing in and out of an affected device, including cellular calls, text messages, and cell data, without alerting the victim. The list of affected devices includes (but is not limited to): Samsung mobile devices, including the S22, M and A series handsets; Vivo mobile devices, including those in the S16, S15, S6, X70, X60 and X30 series; Google Pixel 6 and Pixel 7 series; and connected vehicles that use the Exynos Auto T5123 chipset.

Read more of this story at Slashdot.

Google has announced today that it will no longer be selling its Glass Enterprise Edition 2 headsets, with support set to be discontinued later this year. 9to5Google reports: After the commercial failure of its original Google Glass headsets, the company segued the AR product into a solution for businesses and industrial customers, intended to allow workers to stay connected in a hands-free way. This lineup, dubbed Glass Enterprise Edition, received a second-generation update in 2019, which was built on the Snapdragon XR1 hardware platform. Google has updated many of the pages related to the Google Glass Enterprise Edition to announce that sales of the headset have been discontinued as of March 15. For existing Glass Enterprise Edition customers, Google will continue to support the headset until September 15, 2023, though the company has said that "no software updates from Google are planned." Instead, "support" here means that customers will be able to receive replacement devices under the existing programs until that deadline. After the deprecation date, all existing headsets will continue to work as normal, and third-party developers will still be able to update their applications, which are usually responsible for any business-specific tasks. One caveat, though, is that Google says the "Meet on Glass" app that launched less than a year ago is only guaranteed to work until the September 15 deadline, after which the app has the potential to break.

Read more of this story at Slashdot.

Starting today, Google is rolling out fall detection to all Pixel Watches. The Verge reports: Google's version of fall detection is similar to those you'll find on other smartwatches, like the Apple Watch and the Samsung Galaxy Watch 4 and 5 lineups. It uses the device's motion sensors and machine learning to figure out when someone's taken a tumble and might need some help. The feature will purportedly kick in about 30 seconds after it detects a hard fall. At that point, the watch will vibrate, sound an alarm, and flash a notification asking if the Pixel Watch owner needs help. If users don't respond after a minute, the watch will automatically call emergency services and share their location. According to Google, the Pixel Watch ought to be able to differentiate between a hard fall, stumble, or physical activity that may mimic falling -- like the dreaded burpee. Whether that claim holds water is another matter that we'll have to test for ourselves. [...] The feature is opt in, so you'll have to turn it on manually if it's something you want. Google says Pixel Watch owners may see a promotional card pop up in the Updates page within the Watch Companion app. If you don't see it there, you can also check directly from the wrist in the Personal Safety app.

Read more of this story at Slashdot.

Android 14 is here -- or the first preview is, at least. From a report: Google is kicking off the months-long developer preview process for Android's latest version, which will get a final release in the second half of the year. Even with multiple previews, Google likes to keep the final set of Android features under wraps at least until its I/O conference in May, so we can't look at the features here to determine the scope of Android 14. These are just some of the features Google wants developers to have a head start on. The biggest news is that Android 14 will block the installation of old Android apps. As Android changes over the years, new APIs and increased security, privacy, or background processing restrictions could break old apps, but Android's backward-compatibility system keeps these old apps running. Apps can declare the newest version of Android they support via a "Target SDK" flag. To prevent old apps from breaking, new features and app restrictions in, say, Android 12 only apply to apps that target Android 12 or above. Older apps will continue to run with the older set of restrictions they're used to. (A different setting, called "Minimum SDK," determines if a new app can run on an old Android OS.) The system works great for honest developers, but if you're building a piece of malware, it's an easy decision to target a very old version of Android. While you'll get access to fewer features, you'll also be subject to fewer security and privacy restrictions. For the first time, Android 14 will close this malware loophole by simply refusing to install old apps. The cutoff point is generous enough that it shouldn't cause anyone problems; any app targeting the 8-year-old Android 6.0 or below will be blocked. Google says it picked Android 6 because it's the version that introduced runtime permissions, the allow/deny boxes that pop up asking for things like camera access. In addition, "some malware apps use a targetSdkVersion of [Android 5.1] to avoid being subjected to the runtime permission model introduced in 2015 by Android 6.0," Google said.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: As a smartphone operating system, Android strives to be a lightweight OS so it can run on a variety of hardware. The first version of the OS had to squeeze into the T-Mobile G1, with only a measly 256MB of internal storage for Android and all your apps, and ever since then, the idea has been to use as few resources as possible. Unless you have the latest Samsung phone, where Android somehow takes up an incredible 60GB of storage. Yes, the Galaxy S23 is slowly trickling out to the masses, and, as Esper's senior technical editor Mishaal Rahman highlights in a storage space survey, Samsung's new phone is way out of line with most of the ecosystem. Several users report the phone uses around 60GB for the system partition right out of the box. If you have a 128GB phone, that's nearly half your storage for the Android OS and packed-in apps. That's four times the size of the normal Pixel 7 Pro system partition, which is 15GB. It's the size of two Windows 11 installs, side by side. What could Samsung possibly be putting in there?! We can take a few guesses as to why things are so big. First, Samsung is notorious for having a shoddy software division that pumps out low-quality code. The company tends to change everything in Android just for change's sake, and it's hard to imagine those changes are very good. Second, Samsung may want to give the appearance of having its own non-Google ecosystem, and to do that, it clones every Google app that comes with its devices. Samsung is contractually obligated to include the Google apps, so you get both the Google and Samsung versions. That means two app stores, two browsers, two voice assistants, two text messaging apps, two keyboard apps, and on and on. These all get added to the system partition and often aren't removable. Unlike the clean OSes you'd get from Google or Apple, Samsung sells space in its devices to the highest bidder via pre-installed crapware. A company like Facebook will buy a spot on Samsung's system partition, where it can get more intrusive system permissions that aren't granted to app store apps, letting it more effectively spy on users. You'll also usually find Netflix, Microsoft Office, Spotify, Linkedin, and who knows what else. Another round of crapware will also be included if you buy a phone from a carrier, i.e., all the Verizon apps and whatever space they want to sell to third parties. The average amount users are reporting is 60GB, but crapware deals change across carriers and countries, so it will be different for everyone.

Read more of this story at Slashdot.

Google is revising its business agreements with phonemakers and other partners in India and making a series of other changes in the South Asian market to comply with the local antitrust watchdog's directions in a major shift that could invite regulators in other regions to make similar suggestions. From a report: The Android-maker, which was slapped with a $161 million fine by the Competition Commission of India last year and was ordered to make a series of changes in its business practices, said Wednesday that it will allow smartphone vendors in India to license individual apps for pre-installation on their Android-powered devices. Google will also give consumers the ability to change search engine and use third-party billing options for apps and games purchases on Play Store starting next month, it said.

Read more of this story at Slashdot.

To help reduce the potential for malware, Android 14 will begin fully blocking the installation of apps that target outdated versions of Android. 9to5Google reports: For years now, the guidelines for the Google Play Store have ensured that Android developers keep their apps updated to use the latest features and safety measures of the Android platform. Just this month, the guidelines were updated, requiring newly listed Play Store apps to target Android 12 at a minimum. Up to this point, these minimum API level requirements have only applied to apps that are intended for the Google Play Store. Should a developer wish to create an app for an older version, they can do so and simply ask their users to sideload the APK file manually. Similarly, if an Android app hasn't been updated since the guidelines changed, the Play Store will continue serving the app to those who have installed it once before. According to a newly posted code change, Android 14 is set to make API requirements stricter, entirely blocking the installation of outdated apps. This change would block users from sideloading specific APK files and also block app stores from installing those same apps. Initially, Android 14 devices will only block apps that target especially old Android versions. Over time though, the plan is to increase the threshold to Android 6.0 (Marshmallow), with Google having a mechanism to "progressively ramp [it] up." That said, it will likely still be up to each device maker to decide the threshold for outdated apps or whether to enable it at all. The report notes that it'll still be possible to install an outdated version of an app "through a command shell, by using a new flag."

Read more of this story at Slashdot.

According to the latest official Android distribution numbers from Google, Android 13 is running on 5.2% of all devices less than six months after launch. 9to5Google reports: According to Android Studio, devices running Android 13 now account for 5.2% of all devices. Meanwhile Android 12 and 12L now account for 18.9% of the total, a significant increase from August's 13.5% figure. Notably, while Google's chart does include details about Android 13, it doesn't make a distinction between Android 12 and 12L. Looking at the older versions, we see that usage of Android Oreo has finally dropped below 10%, with similar drops in percentage down the line. Android Jelly Bean, which previously weighed in at 0.3%, is no longer listed, while KitKat has dropped from 0.9% to 0.7%. Android 13's 5.2% distribution number "is better than it sounds," writes Ryan Whitwam via ExtremeTech: These numbers show an accelerating pickup for Google's new platform versions. If you look back at stats from the era of Android KitKat and Lollipop, the latest version would only have a fraction of this usage share after half a year. That's because the only phones running the new software would be Google's Nexus phones, plus maybe one or two new devices from OEMs that worked with Google to deploy the latest software as a marketing gimmick. The improvements are thanks largely to structural changes in how Android is developed and deployed. For example, Project Treble was launched in 2017 to re-architect the platform, separating the OS framework from the low-level vendor code. This made it easier to update devices without waiting on vendors to provide updated drivers. We saw evidence of improvement that very year, and it's gotten better ever since.

Read more of this story at Slashdot.

Google has been dealt a significant blow in one of its key overseas markets. India's Supreme Court on Thursday declined to block an antitrust order that requires the Android-maker to make a series of changes that could topple its financial viability. From a report: India's apex court rejected to block the ruling against Google by the nation's antitrust watchdog Competition Commission of India. The court extended the deadline for enforcement of CCI's order by one week, however. The matter will now go back to the country's appellate tribunal, the National Company Law Appellate Tribunal (NCLAT), where Google previously failed to secure any relief. The Supreme Court has directed NCLAT to make its decision by March 31. The challenge for Google is that unless NCLAT reaches a decision in Google's favor by this month, the tech giant will have to make a series of changes to Android. [...] The CCI has ordered Google to not require licensing of its Play Store to be linked with mandating installation of several Google apps such as Chrome and YouTube. The watchdog has also ordered Google to allow removal of all its apps from phones and give smartphone users the ability to change their search engine provider. The CCI also fined Google $162 million in its first order.

Read more of this story at Slashdot.

According to new research, Google is working on a new Bluetooth tracker device to compete with Apple's AirTags. 9to5Google reports: Since 2021, Google has included ultra-wideband (UWB) connectivity in its high-end "Pro" phones like the Pixel 6 Pro and Pixel 7 Pro. For now, the hardware has only been used for niche cases like unlocking a luxury car or sending files to a friend, but it's been clear that Google intends for UWB to be used more often. [...] To build up its own "Finder Network," compete with Apple AirTags, and potentially make UWB more useful on Pixel phones, Google is reportedly developing its own tracking accessory. The information comes courtesy of Android researcher and frequent Pixel leaker Kuba Wojciechowski. The tracker is said to be in development under the codename "Grogu" -- a reference to the popular Star Wars series "The Mandalorian" -- alongside the alternate names "GR10" and "Groguaudio." The only other tidbits that have been uncovered so far suggest that the Nest team is seemingly taking lead on the development and that the tracker may be available in multiple colors. The "Groguaudio" codename suggests that Google's tracker would potentially come equipped with a speaker. On Apple's AirTags, a built-in speaker serves as both a privacy measure and a location aid, as if you move someone else's AirTag after it's been separated from them, it will beep. This is just one of many potential privacy issues that Google will need to work through before launching a tracker accessory like this one.

Read more of this story at Slashdot.

A Canadian systems security consultant discovered that an Android TV box purchased from Amazon was pre-loaded with persistent, sophisticated malware baked into its firmware. BleepingComputer reports: The malware was discovered by Daniel Milisic, who created a script and instructions to help users nullify the payload and stop its communication with the C2 (command and control) server. The device in question is the T95 Android TV box with an AllWinner T616 processor, widely available through Amazon, AliExpress, and other big e-commerce platforms. It is unclear if this single device was affected or if all devices from this model or brand include the malicious component. Milisic believes the malware installed on the device is a strain that resembles 'CopyCat,' a sophisticated Android malware first discovered by Check Point in 2017. This malware was previously seen in an adware campaign where it infected 14 million Android devices to make its operators over $1,500,000 in profits. The analyst tested the stage-1 malware sample on VirusTotal, where it returns only 13 detections out of 61 AV engine scans, classified with the generic term of an Android trojan downloader. [...] Unfortunately, these inexpensive Android-based TV box devices follow an obscure route from manufacturing in China to global market availability. In many cases, these devices are sold under multiple brands and device names, with no clear indication of where they originate. [...] To avoid such risks, you can pick streaming devices from reputable vendors like Google Chromecast, Apple TV, NVIDIA Shield, Amazon Fire TV, and Roku Stick.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: It can be done. Android manufacturers can actually support a phone for a sizable amount of time. Fairphone has announced the end of life for the Fairphone 2, which will be March 2023. That phone was released in October 2015, so that's almost seven-and-a-half years of updates. Fairphone is a very small Dutch company with nowhere near as many resources as Google, Samsung, BBK, and the other Big-Tech juggernauts, yet it managed to outlast them with its support program. The whole goal of the company is sustainability, with easily repairable phones, available spare parts, and long update promises. The Fairphone 4 has a five-year hardware warranty and six years of updates, and the company's reputation says it can provide that. Sadly, the phones only ship in the UK and Europe. The Fairphone 2 only promised "three to five years" of updates, and it blew that out of the water. The Fairphone 2 features the Qualcomm Snapdragon 801 SoC, a chip that Qualcomm ended support for with Android 6.0. In what is probably an Android ecosystem first, that lack of chipset support didn't stop Fairphone, which teamed up with LineageOS and today ships Android 10 on the 7-year-old device. That's not the newest OS in the world, but it passes all of Google's Android compatibility tests. I'm sure there are newer amateur releases in the Android ROM community, but Fairphone's Android 10 build is up to the standard of an official release, as opposed to the "tell me what doesn't work" standard of many amateur ROM releases. Fairphone doesn't say why support is ending in March, but if it's staying on Android 10, it was going to have to kill support sometime this year. Google only supports security patches for the last four versions of Android, so even Google will be shutting down Android 10 support soon.

Read more of this story at Slashdot.