Researchers from Cisco's Talos security team have uncovered detailed information about Predator, a sophisticated spyware sold to governments worldwide, which can secretly record voice calls, collect data from apps like Signal and WhatsApp, and hide or disable apps on mobile devices. Ars Technica reports: An analysis Talos published on Thursday provides the most detailed look yet at Predator, a piece of advanced spyware that can be used against Android and iOS mobile devices. Predator is developed by Cytrox, a company that Citizen Lab has said is part of an alliance called Intellexa, "a marketing label for a range of mercenary surveillance vendors that emerged in 2019." Other companies belonging to the consortium include Nexa Technologies (formerly Amesys), WiSpear/Passitora Ltd., and Senpai. Last year, researchers with Google's Threat Analysis Group, which tracks cyberattacks carried out or funded by nation-states, reported that Predator had bundled five separate zero-day exploits in a single package and sold it to various government-backed actors. These buyers went on to use the package in three distinct campaigns. The researchers said Predator worked closely with a component known as Alien, which "lives inside multiple privileged processes and receives commands from Predator." The commands included recording audio, adding digital certificates, and hiding apps. [...] According to Talos, the backbone of the malware consists of Predator and Alien. Contrary to previous understandings, Alien is more than a mere loader of Predator. Rather, it actively implements the low-level capabilities that Predator needs to surveil its victims. "New analysis from Talos uncovered the inner workings of PREDATOR and the mechanisms it uses to communicate with the other spyware component deployed along with it known as 'ALIEN,'" Thursday's post stated. "Both components work together to bypass traditional security features on the Android operating system. Our findings reveal the extent of the interweaving of capabilities between PREDATOR and ALIEN, providing proof that ALIEN is much more than just a loader for PREDATOR as previously thought to be." In the sample Talos analyzed, Alien took hold of targeted devices by exploiting five vulnerabilities -- CVE-2021-37973, CVE-2021-37976, CVE-2021-38000, CVE-2021-38003, CVE-2021-1048 -- the first four of which affected Google Chrome, and the last Linux and Android. [...] The deep dive will likely help engineers build better defenses to detect the Predator spyware and prevent it from working as designed. Talos researchers were unable to obtain Predator versions developed for iOS devices.

Read more of this story at Slashdot.

A class-action lawsuit has been filed against DoorDash, alleging that the company uses deceptive and fraudulent practices to charge higher delivery fees to iPhone users compared to Android users. Ars Technica reports: The lawsuit (PDF), filed May 5 in the District of Maryland, came in hot. Plaintiff Ross Hecox, in addition to his two children and a presumptive class of similarly situated customers, briefly defines DoorDash as an online marketplace with 32 million users and billions of dollars in annual revenue. "Yet, DoorDash generates its revenues not only through heavy-handed tactics that take advantage of struggling merchants and a significant immigrant driver workforce, but also through deceptive, misleading, and fraudulent practices that illegally deprive consumers of millions, if not billions, of dollars annually," the suit adds. "This lawsuit details DoorDash's illegal pricing scheme and seeks to hold DoorDash accountable for its massive fraud on consumers, including one of the most vulnerable segments of society, minor children." Specifically, the suit claims that DoorDash misleads and defrauds customers by - Making its "Delivery Fee" seem related to distance or demand, even though none of it goes to the delivery person. - Offering an "Express" option that implies faster delivery, but then changing the wording to "Priority" in billing so it is not held to delivery times. - Charging an "Expanded Range Delivery" fee that seems based on distance but is really based on a restaurant's subscription level and demand. - Adding an undisclosed 99 cent "marketing fee," paid by the customer rather than the restaurant, to promote menu items that customers add to their carts. - Obscuring minimum order amounts attached to its "zero-fee" DashPass memberships and coupon offers. - Generally manipulating DashPass subscriptions to appear like substantial savings, when the company is "engineering" fees to seem reduced. One of the more interesting and provocative claims is that DoorDash's fees, based in part on "other factors," continually charge iPhone users of its app more than Android users placing the same orders. The plaintiffs and their law firm conducted a few tests of DoorDash's system, using different accounts to order the same food, from the same restaurant, at almost the same exact time, delivered to the same address, with the same account type, delivery speed, and tip. [...] The plaintiffs are asking for $1 billion in damages for those who "fell prey to DoorDash's illegal pricing" over the past four years. The suit also includes allegations that DoorDash improperly allows children to enter into contract with the company without proper vetting. "The claims put forward in the amended complaint are baseless and simply without merit," said a DoorDash spokesperson in a statement. "We ensure fees are disclosed throughout the customer experience, including on each restaurant storepage and before checkout. Building this trust is essential, and it's why the majority of delivery orders on our platform are placed by return customers. We will continue to strive to make our platform work even better for customers, and will vigorously fight these allegations."

Read more of this story at Slashdot.

"Multiple lines of Android devices came with preinstalled malware," reports Ars Technica, "that couldn't be removed without users taking heroic measures." Their article cites two reports released Thursday — one from Trend Micro and one from TechCrunch: Trend Micro researchers following up on a presentation delivered at the Black Hat security conference in Singapore reported that as many as 8.9 million phones comprising as many as 50 different brands were infected with malware... ["It's highly likely that more devices have been preinfected," the report clarified, "but have not exchanged communication with the Command & Control server, have not been used or activated by the threat actor, or have yet to be distributed to the targeted country or market... The threat actor has spread this malware over the last five years. "] "Guerrilla" opens a backdoor that causes infected devices to regularly communicate with a remote command-and-control server to check if there are any new malicious updates for them to install. These malicious updates collect data about the users that the threat actor, which Trend Micro calls the Lemon Group, can sell to advertisers. Guerrilla then surreptitiously installs aggressive ad platforms that can deplete battery reserves and degrade the user experience... Guerrilla is a massive platform with nearly a dozen plugins that can hijack users' WhatsApp sessions to send unwanted messages, establish a reverse proxy from an infected phone to use the network resources of the affected mobile device, and inject ads into legitimate apps... TechCrunch detailed several lines of Android-based TV boxes sold through Amazon that are laced with malware. The TV boxes, reported to be T95 models with an h616, report to a command-and-control server that, just like the Guerrilla servers, can install any application the malware creators want. The default malware preinstalled on the boxes is known as a clickbot. It generates advertising revenue by surreptitiously tapping on ads in the background... Android devices that come with malware straight out of the factory box are, unfortunately, nothing new. Ars has reported on such incidents at least five times in recent years (here, here, here, here, and here). All the affected models were in the budget tier. People in the market for an Android phone should steer toward known brands like Samsung, Asus, or OnePlus, which generally have much more reliable quality assurance controls on their inventory. To date, there have never been reports of higher-end Android devices coming with malware preinstalled. There are similarly no such reports for iPhones.

Read more of this story at Slashdot.

Google mistakenly released a test version of its Personal Safety app that includes a new feature called "Dashcam" on select Android devices. As the name suggests, it allows users to record video and audio while driving in the event of an accident or unexpected situation, with automatic recording triggered when connecting to a specific Bluetooth device and videos automatically deleted after three days unless saved. 9to5Google reports: Once available, the feature can be launched through a new "Dashcam" shortcut in the "Be prepared" section of the home page. Here, you can begin recording manually or view your recent videos. While Dashcam is recording, your phone is still fully usable, including for navigating with Google Maps. Alternatively, you can save power by locking your screen, and the recording will continue. More importantly, Google has built this feature to work without you needing to think much about it. When setting up, you can choose to have recordings begin automatically when you connect to a particular Bluetooth device (e.g., your car stereo or infotainment system) and end when you disconnect. To conserve storage space, your recordings are automatically deleted after three days unless you save them. Additionally, the app says that the videos themselves are compressed, averaging "30 MB per minute," with a maximum recording length of 24 hours. Overall, this feature seems to be impressively well thought out and looks essentially ready to launch. Using a smartphone as a dashcam also makes quite a bit of sense, as your phone probably has a better camera than some cheaper dashcams would offer. It's unclear if this feature will be available on other phones with Google's Personal Safety or exclusive to Pixel phones.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: After the release of Apple's AirTags, Google suddenly has interest in the Bluetooth tracker market. The company has already quietly rolled out what must be the world's largest Bluetooth tracking network via Android's 3 billion active devices, and now trackers are starting to plug in to that network. Google is taking the ecosystem approach and letting various companies plug in to the Android Bluetooth tracking network, which has the very derivative name of "Find My Device." While these Bluetooth trackers are great for finding your lost car keys on a messy desk, they can also work as worldwide GPS trackers and locate items much farther away, even though they don't have GPS. The IDs of Bluetooth devices are public, so Tile started this whole idea of crowdsourced Bluetooth tracker location, called the "Tile Network." Every phone with the Tile app installed scans Bluetooth devices in the background and, using the phone GPS, uploads their last seen location to the cloud. This location data is only available to the person who owns the Tile, but every Tile user works to scan the environment and upload any Tiles the app can see. [...] Now, third-party Bluetooth trackers for Android's network are starting to arrive. The two companies that have announced products are Chipolo and Pebblebee, both of which seem to be cloning the Tile line of products. Both offer normal keychain tracker tags and slim credit card format trackers. The worst habits of Tile include making completely disposable products because the batteries can't be changed, but it looks like our clones have mostly avoided that. All of Pebblebee's Find My Device products are rechargeable, which is great, while the Chipolo keychain tracker has a replaceable CR2032 battery. Only the Chipolo wallet tracker is disposable (boo!). All these tags will show up in the Find My Device app, right alongside your Android phones, headphones, and whatever else you have that plugs in to the network. They also have a speaker, like normal, so you can make them ring when you're near them. Both sets of products are up for preorder now.

Read more of this story at Slashdot.

At Google I/O on Wednesday, VP of Engineering at Android David Burke new customization features coming to Android 14 later this year. Engadget reports: The tools build on the Material You design system Google introduced in 2021 by allowing users to create a custom wallpaper by picking a few of their favorite emojis. One of the new tools allows you to add up to 14 emojis to a single wallpaper. You can then pick a pattern and a color to bring everything together. Once the wallpaper is on your home screen, the characters will react when you tap on them. If you want something more sentimental, there's a separate option to create "Cinematic" wallpapers. The feature uses on-device neural networks to animate your favorite photos. Once the photo is on your home screen, tilting your device will cause it to move, giving the image more depth and life than it would have had you not used the new feature. Burke said both cinematic and emoji wallpapers would arrive on Pixel devices next month. Come the fall, Google will also introduce a built-in AI image generator within Android's customization menu. You can use the tool to create wallpapers you can't find online. It comes with pre-populated prompts you can tweak to make the process of guiding the AI easier. Once you add an AI wallpaper to your home screen, Android's Material You system will automatically color-match all the user interface elements, including any app icons, so they don't clash with one another. Android 14 will further augment those tools with the addition of new clocks and shortcuts you can add to your lock screen. And if colors aren't your thing, Google also plans to add a new monochromatic theme for those who prefer a more understated look. At I/O, Burke also previewed Magic Compose, a Messages feature that will use Google's generative AI technology to write texts for you. The tool comes with multiple style settings you can use to give your messages a different flair. Google plans to beta test Magic Compose this summer. Separately, Google said after the keynote that Android 14 will add support for Ultra HDR, allowing for photos that feature more vivid colors and detailed shadows.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: Google is launching a new AI-powered coding bot for Android developers. During its I/O event on Wednesday, Google announced that the tool, called Studio Bot, will help developers build apps by generating code, fixing errors, and answering questions about Android. According to Google, the bot is built on Codey, the company's new foundational coding model that stems from its updated PaLM 2 large language model (LLM). Studio Bot supports both the Kotlin and Java programming languages and will live directly in the toolbar on Android Studio. There, developers can get quick answers to their questions or even have the bot debug a portion of their code. While Google notes that developers don't need to share their source code with Google in order to use Studio Bot, the company will receive data on the conversations they have with the tool. Google says the bot is still in "very early days" but that it will continue training it to improve its answers. It's also currently only available to developers in the US for now via the Canary channel, and there's no word on when it will see a global launch.

Read more of this story at Slashdot.

Google has announced the Pixel Tablet after teasing it during last year's Google I/O conference. The Verge reports: The Pixel Tablet is designed from the ground up to be good at what people typically use tablets for: watching video or playing games in the comfort of their own home. It is not, however, making any statements about the future of computing. The looks of the Pixel Tablet are relatively generic. It has an 11-inch, 16:10, 2560 x 1600 pixel LCD display, even bezels all around, and a matte back. It comes in three colors: white, dark green, and light pink, with the dark green model featuring a black bezel. Though it looks like plastic from a distance, the Pixel Tablet has an aluminum frame with a nanotexture coating, not unlike what Google did with the Pixel 5 smartphone. Bundled in the box with the Pixel Tablet is a magnetic speaker dock. This serves multiple purposes and is meant to prevent the dreaded "dead tablet in a drawer" syndrome: it's a place to store the Pixel Tablet when it's not in use; it charges the battery; and it has a louder, fuller speaker better suited for communal listening than the speakers that are built into the tablet. If you're playing music or watching a video on the tablet when you put it on the dock, it will seamlessly transfer the audio to the dock's speaker. Pull the tablet off the dock while something is playing, and it will instantly switch to the tablet's speakers. When mounted on the speaker dock, the Pixel Tablet looks an awful lot like the Nest Hub Max, a $250 smart display that Google released back in 2019. But make no mistake, the Pixel Tablet is an Android tablet and not a smart display -- it runs completely different software and has different capabilities compared to the Nest Hub. That said, when the tablet is docked on the speaker, it can show a slideshow of images from your Google Photos albums just like the Nest Hub. It also has a quick access button to the Google Home app so you can control smart home devices, and it can accept voice commands from a distance for hands-free Google Assistant queries. The lock screen won't show any personal information like notifications -- for that, you'll have to unlock the tablet to access the accounts that are set up on it. The $499 slab is available for preorder starting today, and will begin shipping on June 20th.

Read more of this story at Slashdot.

Google has launched the Pixel 7a for $499, featuring a 6.1-inch OLED display at 90Hz, Tensor G2 chip with 8GB RAM, and 64MP main camera. The Pixel 7a nearly matches the flagship Pixel 7 on specs but starts at a lower price. GSMArena.com reports: Yes, the 7a marks several firsts for the Pixel a series. For starters, its 6.1" OLED display now runs at 90Hz, the same refresh rate as the Pixel 7 (though that one has a slightly larger 6.3" display). The resolution is FHD+ and you get Gorilla Glass 3 protection. Speaking of protection, the phone is rated IP67 for dust and water resistance. It has a metal frame and a plastic back -- Google notes that it used recycled aluminum, glass and plastic to build the phone. For example, the visor is 100% recycled aluminum. Available colors are Charcoal, Sea and Snow. Another major upgrade is the switch to the Tensor G2 chipset, which is now paired with 8GB of LPDDR RAM (up from 6GB on the 6a) and 128GB UFS 3.1 storage. This is the same configuration as the Pixel 7, so the a-phone will be just as fast at the various computational tasks. Also, note that Google is promising 5 years of security updates. Among them is the Super Res Zoom (up to 8x), which is enabled by the new 64MP camera (up from 12MP). The ultra wide camera has a 13MP sensor and a f/2.2 lens that is blessed with Dual Pixel autofocus. The front-facing camera was also bumped up to 13MP with a fixed-focus lens (f/2.2). The rear camera can record 5K video at up to 60fps, the front one tops out at 4K at 30fps. The Pixel 7a supports sub-6GHz and mmWave flavors of 5G, though only models for select regions will have mmWave enabled. This is a dual-SIM device with one physical nano-SIM and one eSIM. The 7a is powered by a 4,385mAh battery that supports up to 18W wired charging and for the first time on an a-phone wireless charging is available too -- also at 18W. Note that the port on the bottom is USB-C 3.2 Gen 2, but the retail box comes only with a USB C-to-C cable with USB 2.0 wiring (and you have to supply your own charger). You can order the Pixel 7a via the Google Store.

Read more of this story at Slashdot.

Jules Wang from Android Police reports on the cases of two icon pack artists who had their products taken down from the Play Store for supposedly violating the platform's Repetitive Content policy. Despite both creators' products being reinstated, they revealed that Google's opaque application of its rules has caused frustration and hopelessness among developers. From the report: All this heartache stems from Google Play's Repetitive Content policy. While on its face a well-meaning effort to reduce spammy apps and keep quality up, there's a core problem with compliance when creators find themselves forced to use apps to distribute content: "If these apps are each small in content volume, developers should consider creating a single app that aggregates all the content." If you've browsed on the Play Store, you'll immediately know this guidance isn't universally followed: many artists like JustNewDesigns will have multiple designs in their portfolio and each of those designs will come in multiple colorways or shapeways -- whether they're changing out an accent in a line design or are implementing some sort of adaptive element. Not only are there so many apps, but they also look so much alike -- artists, many of whom might not consider coding their strong suit, tend to use open-source templates to create the actual app. You'll likely see them credited to Sarsa Murmu, who runs a GitHub project called CandyBar, or Jahir Fiquitiva, the maintainer of the Blueprint repository. These resources take care of the "packaging" for the assets. They include integration compatibility with various popular launchers, a license scheme to prevent those who sideloaded the app for free from having the icons applied, and all sorts of other functionality. In addition to the icon assets, the apps may also house wallpapers and links to other apps. [...] What is Google's role and what should it be? Wang writes: Artists would have much to gain from a new or revised API. Adding and adapting new icon designs to existing products would be much easier. New designs may be able to take advantage of changes to the Adaptive Icons API as Google lays them out. There would be unease as to how the business model could shift -- should publishers charge by the app, through in-app purchases, or both? But as it stands, the biggest benefit with such a change is that it would presumably get Play's "RoboCops" off their back. Of course, we can't be sure of that with how Google's enforcement apparatus operates, but the notion of unfairness lends credibility to those supporting the status quo unless the company is willing to come to the bargaining table. At the end of the day, Google is certainly within its right to build regulations around apps to respond to emergent scammers and distressing content. Automation is meant to render manageable the sheer volume of content the Play platform sees published on a daily basis. But so long as icon artists sit under threat from a rulebook that can be arbitrarily thrown at them at any time, if nothing changes, we may be on a road leading to the degradation of a core Android tenet that even the most casual tech consumer associates with the platform -- user customizability.

Read more of this story at Slashdot.

Bluesky, the Twitter alternative backed by Twitter co-founder and CEO Jack Dorsey, has now rolled out to Android users. TechCrunch reports: The app, which promises a future of decentralized social networking and choose-your-own algorithms, initially launched to iOS users in late February and remains in a closed beta. The exclusivity is driving demand for the newer social network to some extent, but so is having Dorsey's name attached. Bluesky aims to give users algorithmic choice, letting them eventually choose from a marketplace of algorithms that let them control what they see on their own feed, instead of having it controlled by some central authority. At launch, however, Bluesky remains a pared-down version of Twitter without many of the features that make the social network what it is today, including basic tools for tracking likes or bookmarks, editing tweets, quote-tweeting, DM's, using hashtags and more. It's also building in decentralization with its own protocol -- the AT Protocol -- instead of contributing to the existing work around ActivityPub, the protocol powering the open source Twitter alternative Mastodon and a range of other decentralized apps in the wider "Fediverse" -- the name for these interconnected servers running open software used for web publishing. That puts Bluesky on the outside of where a lot of the current activity is taking place around decentralized social networking. You can download Bluesky on the Google Play Store here.

Read more of this story at Slashdot.

Back in 2021, Samsung brought SmartThings to Android Auto. Google is now opening the door for more smart home/Internet of Things (IoT) apps on Android Auto and Automotive. 9to5Google reports: Android Auto today supports media and mapping/navigation apps. Google is now "enabling developers to bring [IoT] apps to cars." This might include controlling home security and doors from a touchscreen UI rather than having to rely on voice commands (assuming Google Assistant supports your home ecosystem). Google offers driving-optimized templates in the Android for Cars App Library, with testing via the Automotive OS emulator for Android Automotive OS and the DHU for Android Auto. Expect a consistent grid-based layout throughout apps. In fact, "drivers of cars using Android Auto can now download IOT apps developed with the Android for Cars App Library immediately from Google Play."

Read more of this story at Slashdot.

The first beta of Google's Android 14 OS is available to download today, introducing new features focused on system navigation, privacy, performance, and user customization. From a report We already had a good idea of what to expect thanks to the first two developer-only previews, but the beta release is the first opportunity for the general public to test the changes. Gesture navigation has been updated to include a more conspicuous Material You-themed back arrow that adjusts to complement the device's theme or wallpaper. Aside from arguably being more aesthetically pleasing, the updated back arrow is designed to help users better understand Android 14's predictive back gesture experience, which now previews the screen users are navigating to within applications. Android 14 also introduces a new system share sheet -- the page that opens when you tap to share content. This allows developers to add custom app-specific actions to the top of the share menu. Google describes this as a "superior" experience compared to the existing Android share sheets in which share targets (the app you're sharing content to) are always sorted alphabetically. The new share sheet also uses more app signals to determine where the direct share targets that appear toward the top of the page should rank (though it's not clear what exactly those signals are).

Read more of this story at Slashdot.

South Korea's antitrust regulator has fined Alphabet's Google 42.1 billion won ($31.88 million) for blocking the release of mobile video games on a competitor's platform. From a report: The Korea Fair Trade Commission (KFTC) said on Tuesday that Google bolstered its market dominance, and hurt local app market One Store's revenue and value as a platform, by requiring video game makers to exclusively release their titles on Google Play in exchange for providing in-app exposure between June 2016 and April 2018. Google said it will review the final decision by the KFTC to evaluate the next course of action. "Google makes substantial investments in the success of developers, and we respectfully disagree with the KFTC's conclusions", a spokesperson said. The KFTC said the move against the U.S. technology giant is part of efforts by the government to ensure fair markets.

Read more of this story at Slashdot.

If you want to sneak malware onto people's Android devices via the official Google Play store, it may cost you about $20,000 to do so, Kaspersky suggests. The Register reports: This comes after the Russian infosec outfit studied nine dark-web markets between 2019 and 2023, and found a slew of code and services for sale to infect and hijack the phones and tablets of Google Play users. Before cybercriminals can share their malicious apps from Google's official store, they'll need a Play developer account, and Kaspersky says those sell for between $60 and $200 each. Once someone's bought one of these accounts, they'll be encouraged use something called a loader. Uploading straight-up spyware to the Play store for people to download and install may attract Google's attention, and cause the app and developer account to be thrown out. A loader will attempt to avoid that: it's software a criminal can hide in their otherwise innocent legit-looking app, installed from the official store, and at some convenient point, the loader will fetch and apply an update for the app that contains malicious code that does stuff like steal data or commit fraud. That update may ask for extra permissions to access the victim's files, and may need to be pulled from an unofficial store with the victim's blessing; it depends on the set up. The app may refuse to work as normal until the loader is allowed to do its thing, convincing marks into opening up their devices to crooks. These tools are more pricey, ranging from $2,000 to $20,000, depending on the complexity and capabilities required. Would-be crims who don't want to pay thousands for a loader can pay substantially less -- between $50 and $100 -- for a binding service, which hides a malicious APK file in a legitimate application. However, these have lower successful install rates compared to loaders, so even in the criminal underground you get what you pay for. Some other illicit services offered for sale on these forums include virtual private servers ($300), which allow attackers to redirect traffic or control infected devices, and web injectors ($25 to $80) that look out for victims' visiting selected websites on their infected devices and replacing those pages with malicious ones that steal login info or similar. Criminals can pay for obfuscation of their malware, and they may even get a better price if they buy a package deal. "One of the sellers offers obfuscation of 50 files for $440, while the cost of processing only one file by the same provider is about $30," Team Kaspersky says. Additionally, to increase the number of downloads to a malicious app, thus making it more attractive to other mobile users, attackers can buy installs for 10 cents to $1 apiece. Kaspersky's report can be found here.

Read more of this story at Slashdot.

Google wants to make it as easy to scrub an app account as it is to create one. The company has announced that Android apps on the Play Store will soon have to let you delete an account and its data both inside the app and on the web. Developers will also have to wipe data for an account when users ask to delete the account entirely. From a report: The move is meant to "better educate" users on the control they have over their data, and to foster trust in both apps and the Play Store at large. It also provides more flexibility. You can delete certain data (such as your uploaded content) without having to completely erase your account, Google says. The web requirement also ensures that you won't have to reinstall an app just to purge your info. The policy is taking effect in stages. Creators have until December 7th to answer questions about data deletion in their app's safety form. Store listings will start showing the changes in early 2024. Developers can file for an extension until May 31st of next year.

Read more of this story at Slashdot.

An anonymous reader writes: Android manufacturers occasionally try to push this idea of a "gaming smartphone" -- usually, these companies try to extend the "PC gamer" design motif to smartphones, with RGB LEDs and aggressive marketing. Since Android games are mostly casual pay-to-win tap fests, though, we often have to ask, does anyone want a gaming smartphone? If you're Lenovo, the answer is apparently "no," as Android Authority reports Lenovo is killing the "Legion" gaming phone business.

Read more of this story at Slashdot.

Security researchers at Moscow-based Kaspersky Lab have identified and outlined potential malware in versions of PDD Holdings' Chinese shopping app Pinduoduo, days after Google suspended it from its Android app store. From a report: In one of the first public accountings of the malicious code, Kaspersky laid out how the app could elevate its own privileges to undermine user privacy and data security. It tested versions of the app distributed through a local app store in China, where Huawei Technologies, Tencent Holdings and Xiaomi run some of the biggest app markets. Kaspersky's findings, shared with Bloomberg News, were among the clearest explanations from an independent security team for what triggered Google's action and malware warning last week. The cybersecurity firm, which has played a role in uncovering some of the biggest cyberattacks in history, said it found evidence that earlier versions of Pinduoduo exploited system software vulnerabilities to install backdoors and gain unauthorized access to user data and notifications. Those conclusions agreed in large part with those of researchers that had posted their discoveries online in past weeks, though Bloomberg News hasn't verified the authenticity of the earlier reports.

Read more of this story at Slashdot.

Remember when Pebble founder Eric Migicovsky released an impassioned plea for someone, anyone, to make a small Android phone that would compete with the iPhone Mini? He's taking matters into his own hands. From a report: Now that Apple has stopped making new small phones, Migicovsky's Small Android Phone petition has evolved into a "community-based project" -- where that community includes a team working to design and produce the phone that Migicovsky wants. The petition got 38,700 signatures, and "almost all of that came from literally one article from The Verge," one team member revealed in a design call. The Small Android Phone team -- it's not a company, yet -- has been doing a lot of planning right under our noses. In a small Discord, they've quietly revealed their efforts to source a display, choose a chip, and design the body of the phone. They've even discussed how they might pay for it all. Diehard small phone enthusiasts are invited to give feedback at every step of the process as the team attempts to bend the phone market to their will.

Read more of this story at Slashdot.

Google's security research unit is sounding the alarm on a set of vulnerabilities it found in certain Samsung chips included in dozens of Android models, wearables and vehicles, fearing the flaws could be soon discovered and exploited. From a report: Google's Project Zero head Tim Willis said the in-house security researchers found and reported 18 zero-day vulnerabilities in Exynos modems produced by Samsung over the past few months, including four top-severity flaws that could compromise affected devices "silently and remotely" over the cellular network. "Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim's phone number," Willis said. By gaining the ability to remotely run code at a device's baseband level -- essentially the Exynos modems that convert cell signals to digital data -- an attacker would be able to gain near-unfettered access to the data flowing in and out of an affected device, including cellular calls, text messages, and cell data, without alerting the victim. The list of affected devices includes (but is not limited to): Samsung mobile devices, including the S22, M and A series handsets; Vivo mobile devices, including those in the S16, S15, S6, X70, X60 and X30 series; Google Pixel 6 and Pixel 7 series; and connected vehicles that use the Exynos Auto T5123 chipset.

Read more of this story at Slashdot.