• Apps

    by Published on 07-05-2018 07:00 AM
    1. Categories:
    2. News,
    3. Apps

    What we're looking at here is a bunch of Android phones being tested by researchers at Northeastern University, seeking to prove or disprove the popular conspiracy theory that apps like Facebook passively spy on you through your phone's microphone to show you ads based on your conversations with others.

    The researchers analyzed Internet traffic generated from 10 Android phones and 17,260 apps, and found no unauthorized transmission of audio. They did, however, find evidence of apps recording screen activity and sending those recordings on to third parties.

    Gizmodo's reporting of this story cites the specific example of goPuff, an app that enables the delivery of junk food to college students. Researchers found that this app was surreptitiously sending screen recordings to an analytics company called Appsee, which has an entire page devoted to their screen recording technology:

    Every tap, swipe, and action of every screen is recorded, allowing you to gain instant insights of your app’s user experience [...] Even one video can illustrate an obstacle that many of your users are grappling with. That’s why you have complete control in terms of the ratio of recorded users. You can even choose to record sessions based on parameters such as which screens they visit, their demographics, or their mobile device OS.
    There's even a video demo of a recorded screen:

    According to Appsee's CEO, the offending app violated his company's terms of service, as any screen recordings must be disclosed to users. The developers of goPuff have since added a disclosure to their privacy policy. Google itself has also weighed in on the matter; in an email to Gizmodo a spokesperson said that Appsee's screen recordings may put developers at risk of violating Google's Play Store policy.

    Source: Gizmodo

    by Published on 06-22-2018 07:45 AM
    1. Categories:
    2. Apps

    It wasn't so long ago that mobile video, captured in portrait mode and uploaded to YouTube, would appear on that site sideways. That issue has since been fixed, but Instagram is taking vertical video one step further with their new video sharing platform, called IGTV.

    Instagram is pitching IGTV as a mobile-first video sharing platform for "creators". Videos can be up to an hour long and uploaders can have public channel listings, just like YouTube. Besides the addressable audience of a billion Instagram users worldwide, the incentive to host videos on IGTV will be eventual monetization through the inevitable blight of inline ads.

    So what to "creators" think of IGTV? Here's Marques Brownlee on that very subject:

    The official IGTV app is already available for Android and iOS, and the service itself is rolling out right now to all parts of the world.

    Source: Instagram

    by Published on 06-20-2018 08:00 AM
    1. Categories:
    2. Commentary and Analysis,
    3. Apps

    As of this morning Google has no less than four Android apps for music, podcasts and video, with more than a few redundancies between them. The most confounding of the lot has to be YouTube Music, but its existence is more easily understood if you know your recent Internet history. Here's a quick and dirty refresher.

    Google Play Music

    GPM was launched in late 2011, and was part of the reason behind the Android Market's re-branding as Google Play. Google's app store (now Google Play Apps) was joined by an ebook store (Google Play Books) a video store (Google Play Movies) and GPM, likely an answer to the growing popularity of Spotify.

    Like Spotify, GPM users could pay for a premium subscription to stream specific albums and tracks on-demand, or listen for free and endure the occasional ad. Unlike Spotify, GPM users could also upload tracks from their own music collection. In 2016 GPM added podcast support, presumably to lure users (and their listening habits) away from the more popular Pocket Casts app.


    Wait a minute, YouTube isn't a music player... It is, however, the key to understanding YouTube Music. Open for uploads in 2005, YouTube predates GPM by 6 years, and during that time it became a popular practice for YouTubers to upload playlists or entire albums (legal or not) as video files, with high quality audio tracks and either a static graphic or simple animation for visuals.

    In many markets and demographics YouTube is far more popular as a music platform than Google Play Music. This, along with the added pressure of rights holders angry over pirated music streams, inevitably let to the creation of—you guessed it...

    YouTube Music

    At Google, everything is supposedly driven by user data; in that context it makes perfect sense to apply their video brand to a music streaming service. But if the goal is to replace GPM (and it should be) Google's still got some work to do. Tracks uploaded to GPM are not yet available on YouTube Music. Even worse, unless you have a paid subscription the YTM stream on your phone will immediately stop the moment your screen goes dark.


    Instead of focusing their efforts on a better YTM experience Google has decided instead to release a standalone podcast app. Again, if the goal is to migrate users away from GPM (and again, it should be) this makes sense. But with the current state of YTM no one is going to stop using GPM anytime soon, so a dedicated podcast app is a bit premature.

    And that, in a nutshell, is Google's current music (and podcast) mess, and how I believe it came to be.

    by Published on 06-19-2018 07:00 AM
    1. Categories:
    2. Apps

    Google's official SMS app (not that one) now supports texting from a desktop web browser. The feature started rolling out to users yesterday, so if it's not yet available to you it should be soon. Getting set up is easy enough: While signed in to your Google account head over to the Messages desktop site, where you'll be greeted with a unique QR code that you can scan with the Messages app on your phone to connect. That's pretty much it.

    I haven't tried it myself, because (1) I use a different texting app, and (2) I think that a better solution for desktop SMS already exists. It's called Pushbullet; it not only lets you send and reply to texts from your computer, but also mirrors phone notifications on your computer as well.

    The downside to Pushbullet is that there's a cap on the number of texts you can send unless you upgrade to a paid subscription, whereas Messages for the web won't ever cost you anything. Full support for the new RCS spec might be another reason to go with Messages. If you're already using the app on your phone then you might as well give it a try; if you do, be sure to let us know what you think!

    Sources: Messages Help, Liliputing

    by Published on 06-18-2018 01:30 PM
    1. Categories:
    2. Apps

    Making good on their promise from last month, YouTube Premium is now available in Canada—and also Australia, Austria, Finland, France, Germany, Ireland, Italy, Mexico, New Zealand, Norway, Russia, South Korea, Spain, Sweden, United Kingdom, plus (obviously) the United States.

    Even better, Google seems to be offering a three-month free trial of the service (one month for family plans) which also includes YouTube Music. If you're confused I don't blame you; think of it this way: YouTube Music is the equivalent to a paid subscription to Google Play Music, while YouTube Premium would be akin to YouTube Red... which also includes the upgraded Google Play Music experience... This isn't helping at all, is it?

    Why don't I let the respective signup pages do the talking instead:

    YouTube Music Premium
    "Get Music Premium to listen ad-free, offline & with your screen off"
    $9.99 CAD per month / $14.99 CAD for families (up to 6 users)

    YouTube Premium
    "YouTube and YouTube Music ad-free. Plus access to all YouTube Originals."
    $11.99 CAD per month / $17.99 CAD for families (up to 6 users)

    By the way, Google Play Music still works, is covered under the same subscriptions and also includes a decent Android podcast player. The more you know...

    Source: Android Police

    by Published on 06-15-2018 06:30 AM
    1. Categories:
    2. Devices,
    3. Apps

    Rebble.io, the small outfit with the lofty goal of replacing Pebble web services with their own, are taking names—literally. In a blog post yesterday they announced that accounts can now be created using an existing sign-in from either Facebook, GitHub, Google or Twitter.

    It's important that interested users do this sooner rather than later, and take the additional step of connecting their existing Pebble account to Rebble. This will ensure that your Pebble data will be imported before the servers shut down on June 30th. Registering will also help the Rebble team gauge just how many Pebblers they'll be providing service to.

    I myself am interested in Rebble for two critical Pebble features: voice replies and weather data. Those features may or may not be ready when the Pebble servers go dark and Rebble lights up. I'm certainly willing to give them a chance; my Amazfit Bip is currently taking a break while I'm getting reacquainted with Pebble, and its music (and podcast) controls plus the critical features mentioned above make it a better smartwatch than the Bip.

    Source: Rebble Blog

    by Published on 06-13-2018 07:00 AM
    1. Categories:
    2. Apps

    Every so often we need to be reminded that smartphones, if compromised, can be effective surveillance devices. Case in point: Spanish soccer league La Liga is being investigated for their smartphone app, which helps itself to the user's microphone and location data to check for unauthorized game broadcasts.

    According to the BBC this surveillance "feature" was added to the app in an update last week. La Liga maintains that its only wish is to protect both fans and teams from fraud; broadcasting games in bars and other public places without a license apparently costs the league €150 million annually in lost revenue. The league also told Bloomberg that users of its app must opt in to the collection of audio and location data, and that the app will periodically remind you that this data is being collected.

    The AEPD, Spain's data protection agency, has launched a preliminary investigation into the matter. EU privacy laws give it the power to levy sanctions of up to 4% of any guilty party's annual global sales. La Liga's annual revenue has been reported at €3.6 billion; if my math is right 4% of that would be €1.44 million, plus the ire of angry fans who have had their privacy breached.

    Sources: BBC, Bloomberg

    by Published on 06-06-2018 08:00 AM
    1. Categories:
    2. News,
    3. Apps

    Scary if true, and it's probably true... Someone on reddit alleges that Android malware was installed on both his Moto X4 and his wife's Huawei Mate 10 as they entered overland into mainland China. The redditor describes the incident as follows:

    I saw the installation process, an icon appear on the home screen, the police ran the application and then the icon hid itself. Not sure if it rooted my phone or what. I know something was running on my phone because they used a handheld device to confirm our phones were communicating with their system before letting us go.
    Because this was posted in the security subreddit the current top-voted comment is actually an offer to purchase the two compromised devices for forensic analysis. As to why this person and their spouse were targeted specifically, it might have been because they were crossing into Xinjiang, an area where the police forces are known to be using extreme forms of surveillance targeted at the local Uighur (Muslim) minority.

    Source: r/security via Cory Doctorow

    by Published on 06-05-2018 08:15 AM
    1. Categories:
    2. News,
    3. Apps

    Apple detailed the next big update to iOS at their WWDC conference yesterday. iOS 12 will be available for the following compatible devices this fall:

    iPhone X, iPhone 8, iPhone 8 Plus, iPhone 7, iPhone 7 Plus, iPhone 6s, iPhone 6s Plus, iPhone 6, iPhone 6 Plus, iPhone SE, iPhone 5s

    12.9-inch iPad Pro 2nd generation, 12.9-inch iPad Pro 1st generation, 10.5-inch iPad Pro, 9.7-inch iPad Pro, iPad Air 2, iPad Air, iPad 5th generation, iPad mini 4, iPad mini 3, iPad mini 2,

    iPod touch 6th generation

    In addition to performance boosts and security fixes, here are five new features coming your way:

    1. Grouped Notifications
    iOS finally catches up to Android with notifications grouped by app, greatly reducing clutter and giving you more control over dismissing them.

    2. Group FaceTime
    With iOS 12 Apple's native video chat application will support video calls with up to 32 people at once. Neat.

    3. Screen Time
    This new feature will show you how much time you're spending in individual apps and on your device overall. Increased parental controls can also limit individual app usage—though parents could probably get similar results just turning the WiFi off when it's lights out.

    4. Siri Shortcuts
    Similar to Alexa skills, shortcuts will enable Apple's digital assistant to connect to other apps on your iOS device. Just be prepared to learn some specific commands first.

    5. Memoji
    Apple copies Samsung, who copied Apple, and the virtuous cycle of tech "innovation" is complete. Apple's version of personalized, animated emoji are definitely less hideous than Samsung's, but no less gimmicky.

    Sources: MacWorld UK, The Verge

    by Published on 05-23-2018 10:45 AM
    1. Categories:
    2. How-To,
    3. Apps

    You can guess by the graphic above how that went.

    A recent update to my Amazfit Bip added an option for wrist-based payments with Alipay. Here in Canada the Chinese m-commerce giant is becoming an increasingly common option at the payment terminals that I see.

    Some quick facts about Alipay, via this stats site:

    520 million registered users as of May, 2018;
    150 million active monthly mobile users as of May, 2018;
    100 million active daily users as of December, 2016;
    175 million daily transactions as of August, 2016;
    42.3 billion total transactions as of December, 2014;
    $519 billion USD in total payments as of May, 2014.

    Being the self-professed tap-and-pay geek that I am, I looked into hooking myself up with an Alipay account. According to this site you need the following to register for an account:

    A valid passport;
    a Chinese phone number;
    a Chinese bank account.

    Despite not having the second or third thing I went ahead and downloaded the official Alipay Android app from Google Play. I entered a junk Canadian passport number (same combination of letters and numbers) and was able to verify my Canadian mobile number, but could not enter my Canadian VISA card as a method of payment. So much for mobile first.

    I then tried to get an account via my desktop PC. Clicking on the global Alipay site redirected me to AliExpress; I signed up for an account there, and adding a payment card seemed to give me an Alipay account. BUT... when I went back to the app and used my credentials to log in I was told that my account "did not exist".

    I've looked a bit further into the Alipay account created on my PC and discovered that it's actually registered to a Alipay's Singapore operation. On the Play Store there's a separate app specific to Hong Kong, but nothing for Singapore. Even if there was I likely wouldn't be able to register my Canadian credit card on it. So yeah, the last two days I've spent on this have basically been for nothing. Hopefully this post will prevent someone out there from wasting their time as well.

    by Published on 05-22-2018 07:15 AM
    1. Categories:
    2. Apps

    Not a sponsored post, just a new in-house app from my other favourite Android site.

    Navigation Gestures by XDA does what it says on the tin, bringing iPhone X-style gestures to almost any Android phone or tablet. In fact, the only devices that it won't work with are those running the latest beta of Android P. No big deal, really, as Google already has its own navigation gestures for that.

    As you can see in the screen grab above, the app replaces the standard navigation buttons with a single bar or "pill". The configurable actions in the initial release include the following:

    Taps - single, double, long press
    Swipes - left, right, down, up, up and hold

    A premium add-on to the app—currently $1.29 CAD on the Play Store—provides the user with some additional options.

    The app doesn't require root access to run, but to use it without root you'll need to grant some additional permissions via adb on your desktop PC. Somewhat paradoxically, the type of user most familiar with adb commands would likely be the one who's already rooted their device.

    And finally, a word of caution: if you decide that you're not a fan of gesture navigation after all make sure to disable gestures before uninstalling the app!

    Links: Navigation Gestures on Google Play via XDA

    by Published on 05-16-2018 07:15 AM
    1. Categories:
    2. Apps

    Freedom beards and tinkerers rejoice! AsteroidOS, a custom ROM built entirely on GNU/Linux libraries, has just reached its first stable release. You can install it right now on the following devices:

    Asus Zenwatch 1
    Asus Zenwatch 2
    Asus Zenwatch 3
    LG G Watch
    LG G Watch Urbane
    LG G Watch R
    Sony Smartwatch 3

    Support for other older Android Wear watches is on the way—including the Texas Instruments-powered first-gen Moto 360. Sadly, a large swath of the current Wear OS ecosystem will never get AsteroidOS; their lack of charging pins prevent hardware probing, testing and support.

    I'm calling AsteroidOS a custom ROM because flashing it is a procedure akin to putting something like LineageOS on an Android phone: first you unlock your watch's bootloader with the same fastboot oem unlock command, then you use adb to flash a new bootloader and the AsteroidOS image. If you're not ready to commit you can also use fastboot to boot into the image temporarily, just like on Android.

    You won't need to flash a gapps package, but you will need a phone app to connect your new watch OS to your Android phone. It's called AsteroidOS Sync (makes sense) and can be found on F-Droid right here.

    If you end up trying it out please report back and let us know what you think!

    Source: AsteroidOS via Android Police

    by Published on 05-08-2018 07:00 AM
    1. Categories:
    2. News,
    3. Carriers,
    4. Apps

    To be fair, I don't think that my current carrier (Virgin Mobile) is even participating. I did receive an alert about the alert from Rogers, as did my neighbour on Freedom Mobile. It doesn't look like I missed much, however; by all accounts the first big tests of Alert Ready, Canada's new wireless alerting system, were a big fail.

    In Québec a typo prevented the test from being executed properly, which isn't exactly encouraging. One thing I didn't know about Alert Ready is that it's run by Pelmorex, who own and operate Météomédia and The Weather Network. If you have either of these apps installed on your phone then you should receive any emergency alert through that, even if your phone isn't Alert Ready-ready.

    In Ontario it quickly became apparent just how many phones aren't yet compatible with the technology; in my girlfriend's office exactly one phone received the test alert. My advice? Install The Weather Network app on your phone. Better to risk duplicate alerts than to get none at all.

    If you need it, carrier-specific information about Alert Ready is available for Bell, Rogers and Telus.

    by Published on 05-04-2018 07:15 AM
    1. Categories:
    2. Commentary and Analysis,
    3. Apps

    If you were curious about Paytm, specifically the Canadian offering from the Indian m-commerce giant, here are my observations after using it for almost a year. Spoiler alert: I uninstalled it from my phone yesterday.

    I first came to understand Paytm as a competitor to Plastiq, a service that lets you use your credit card to pay bills that typically don't accept credit cards—mortgage payments, car insurance, that sort of thing. That's no longer a fair fight, as VISA card payments have been suspended from the Paytm platform. You can, however, connect your chequing account and use it to pay your credit card bills. For this you are rewarded with Paytm points, one point per dollar up to a maximum of a thousand points per payment.

    So what can you redeem this points for? This is where things start to unravel...

    Here's a screen grab of a popular reward on Paytm. If you're confused, what's actually being offered here is $4 cash back if you purchase a $100 Amazon gift card and redeem 1,000 points. The $4 goes into your Paytm balance, which can then be applied against your next transaction. In this way Paytm keeps you perpetually locked into using the service.

    And for credit card payments the service isn't great. Paytm seems to need an extra 5 business days to process that specific type of transaction, so you'll have to remember to pay at least a week earlier than usual. It might be worth the hassle for better rewards; even one or two percent cash back would be fantastic on a transaction where you'd otherwise get nothing. But using the same example above I could extract more value out of that same gift card by buying it with an AMEX Cobalt at a supermarket.

    If you use a MasterCard and/or need to send money to someone in India, Paytm is worth looking in to. For me, though, the numbers just don't add up.

    Still interested? Here are the app store links for Android and iOS.

    by Published on 05-01-2018 07:45 AM
    1. Categories:
    2. Commentary and Analysis,
    3. Apps

    An article I saw on XDA recently got me pretty excited; apparently a new beta of the popular chat platform WhatsApp includes data portability, in order to comply with the European Union's General Data Privacy Regulation (GDPR) coming into effect later this month. From within the app users can request an archive of their personal data, which will be made available for download in about a day or so.

    There's just one problem: actual messages from this messaging platform aren't included in the archive.

    The GDPR is crystal clear on data portability. Here's an excerpt from a PDF on the matter:

    The data subject shall have the right to receive the personal data concerning him or
    her, which he or she has provided to a controller, in a structured, commonly used and
    machine-readable format and have the right to transmit those data to another
    controller without hindrance from the controller to which the data have been provided [...]
    I would say that messages most certainly fall under the definition of personal data. The privacy part gets a bit tricky here; in order to be useful a messaging archive would also have to include the messages of other users. But WhatsApp already has a function to export specific message threads via email, so they might as well make your entire message database exportable by other means.

    And to be perfectly clear, this current data portability solution is only being tested in a beta of the app. Hopefully the release version will be fully compliant when the GDPR goes into effect on May 25th.

    Source: XDA

    by Published on 04-13-2018 06:30 AM
    1. Categories:
    2. Commentary and Analysis,
    3. Apps

    If you needed another reason to be angry at your Android device maker, here it is. According to a new feature in WIRED some OEMs have been flat-out lying about their security patches. The table above is a summary of missing patches found in Android builds across thirteen manufactures. Google and Samsung, as one would hope, are fairly honest; on the other end is TCL and ZTE, each with more than four patches missing from their "updated" devices.

    For the past two years the German security firm SRL have been reverse-engineering software on hundreds on Android phones, investigating what they call "patch gap". The research will be presented today at a conference in Amsterdam.

    With so many Android hardware makers there's no single reason for missing security patches. Sometimes it's an honest mistake and, to quote someone from SRL, sometimes not so much:

    "Sometimes these guys just change the date without installing any patches. Probably for marketing reasons, they just set the patch level to almost an arbitrary date, whatever looks best."
    Whenever a security firm presents bad news like this there's often a solution being peddled to address it. And sure enough, SRL has SnoopStitch, which runs a local test on your device and supposedly informs you of any missing patches. I tried it on my OnePlus phone but the results were inconclusive, possibly because I'm on a beta channel of the software for that device.

    Read more about SRL and patch gap at the links directly below.

    Source: WIRED via XDA

    by Published on 04-06-2018 08:00 AM
    1. Categories:
    2. Commentary and Analysis,
    3. Apps

    There's already mounting evidence that we've reached peak smartphone growth—see Exhibit A here and Exhibit B here; now we have our first indication that smartphone app growth has also peaked. The analytics company appfigures makes its case in this chart:

    According to their research, the number of titles in Apple's App Store declined for the first time in 2017. So how do you explain the continuing growth of Google's Android equivalent? Well, there's a chart for that, too:

    As most Android users already know, the majority of apps are developed for iOS first, then ported to Android later. So while the number of titles published in Google Play saw continued growth last year, a similar contraction is likely to occur at some point.

    What does all this mean? Less apps, obviously, but hopefully better ones.

    Source: appfigures via Android Police, TechCrunch

    by Published on 04-04-2018 08:00 AM
    1. Categories:
    2. Apps

    You may have heard that the latest update to Instagram will remove its companion app for WatchOS. If you read the same 9to5Mac story that I did then you'll also know that Amazon, eBay, Google Maps, Slack and Whole Foods have already abandoned the Apple Watch.

    And it's not a big deal. At least, I don't think so.

    There are two reasons why this is happening. The first is pragmatic—in the case of Instagram, continued support for WatchOS would require a rewrite of the software using a newer SDK. Instagram likely decided that it wouldn't be worth the effort, which brings us to reason number two: Just because you're wearing a small computer on your wrist doesn't mean it should be used like a computer on your wrist. I can't see how swiping through tiny thumbnails of your Instagram feed would be in any way better than using a full-sized iPhone. And using a watch to make an Amazon purchase or to put an item up for auction on eBay sounds like a terrible experience.

    Presumably users will still get notifications for these abandoned apps through WatchOS itself. I personally don't see this as any kind of crisis—rather the opposite, a healthy culling of the herd. After all, not every app on your phone needs to be duplicated on your wrist.

    Source: 9to5Mac

    by Published on 04-02-2018 07:00 AM
    1. Categories:
    2. News,
    3. Apps

    Just before Easter weekend Under Armour, Inc. announced that user data from its MyFitnessPal service had been compromised. Sometime in February an unauthorized party acquired data associated with some 150 million user accounts. The stolen data includes user names, email addresses and hashed passwords, but thankfully does not include payment card data.

    This breach is especially troubling for a number of reasons. One is, of course, the number of users affected by it. Another cause for concern is that Under Armour doesn't seem to know how the data was stolen. Finally, MyFitnessPal is a bit unique in that it acts as an aggregator for other fitness apps and tracking devices associated with them. So it's conceivable that a user's location history, tied to their email address, might also have been compromised.

    Under Armour is urging users to change their passwords—on MyFitnessPal as well as any other accounts that use the same email/password combination—and to be especially wary of any suspicious emails seeking to harvest even more personal information.

    Sources: MyFitnessPal, Reuters via Android Police

    by Published on 03-27-2018 07:30 AM
    1. Categories:
    2. News,
    3. Apps

    As Ars Technica reports, in the wake of the Cambridge Analytica scandal a Facebook user in New Zealand decided to download and inspect their personal data archive. This person was shocked to find about two years' worth of phone call metadata, where no explicit access to that data was granted. Ars has confirmed that this personal information, along with metadata for SMS and MMS, is showing up in the archives for other Facebook users as well. The information includes names, phone numbers plus times and lengths of phone calls.

    You may have guessed that this is all about app permissions, and you'd be right. Since Android Marshmallow (v6.0) app permissions have been opt-in—meaning that before the Facebook app can help itself to your contact list you have to explicitly allow it via a pop-up toggle. Before Marshmallow the only means of granular control for such permissions were (as I recall) Privacy Guard for CyanogenMod and LBE Privacy Guard for MIUI. Even worse, granting Facebook access to your contacts in Android Jelly Bean (v4.1) and earlier automatically gave the app access to your call and message logs as well.

    Even if you had one of the aforementioned privacy guards in place, or if you never used the Facebook app at all, it's still very possible that your personal information was harvested from the device of someone you know. So whether you use it or not, Facebook very likely knows exactly who you are.

    Source: Ars Technica

    Page 2 of 18 FirstFirst 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 ... LastLast