Wi-Fi is about to get much, much faster. The Wi-Fi Alliance is now beginning to certify smartphones, laptops, routers, and other devices that include a super-fast Wi-Fi standard called WiGig, which nearly doubles Wi-Fi’s current top speed. The Alliance says it’ll be in “marquee” smartphones and laptops next year.
WiGig only works over a short range — about 33 feet (or 10 meters), according to the Wi-Fi Alliance. That means even once you get a router and a phone or laptop that support it, you’ll probably only get those speeds within the room the router is located in. “We talk about it as an in-room technology,” says Kevin Robinson, who is VP of marketing at the Wi-Fi Alliance.
That’s a big limitation for WiGig, but it still opens up a lot of possibilities — perhaps the most exciting of which is for VR. Right now, if you want to use a virtual-reality headset with a game console or PC, it needs to be tethered using a series of thick cables because current wireless standards just aren’t fast enough. That constrains movement and limits how immersed you can be in a VR experience.
WiGig, on the other hand, should be fast enough to support VR. The Wi-Fi Alliance also suggests its high speeds will be useful for augmented reality, 4K video, and streaming phone and laptop displays to desktop monitors.
The technology could also be used out of the home by internet providers or public access points. WiGig relies on the same millimeter wave frequencies that Alphabet’s Access(formerly Google Fiber) and Starry, an internet startup from the founder of Aereo, are looking into using to deliver high-speed internet from streets to homes without using cables. Robinson also says WiGig could find applications in sports stadiums and other large venues.
In addition to WiGig, there’s one other wonky term you’ll want to get used to: 802.11ad. That’s the new wireless standard that includes support for WiGig. Most modern phones, laptops, and routers support 802.11ac Wi-Fi, which tops out (in theory) at speeds of 4.5 Gbps, while these forthcoming 802.11ad devices are (theoretically) supposed to reach speeds of 8 Gbps.
We’re already starting to see the first of these 802.11ad devices hit the market — some routers supporting it were announced earlier this month.
WiGig itself isn’t brand new — it’s been used here and there over the past few years, and, as those routers illustrate, is already on the market in some key products. But what’s happening today, with the announcement of the Wi-Fi Alliance’s certification program, is essentially the starting gun for the deployment of WiGig. Major members of the tech industry, who make up the Alliance, have all agreed that it’s time to move forward with WiGig. Over the next few years, we should see that happen.
New rooting technique is believed to work against every version.
There’s a new method for rooting Android devices that’s believed to work reliably on every version of the mobile operating system and a wide array of hardware. Individuals can use it to bypass limitations imposed by manufacturers or carriers, but it could also be snuck into apps for malicious purposes.
The technique comes courtesy of a Linux privilege-escalation bug that, as came to light last week,attackers are actively exploiting to hack Web servers and other machines. Dirty Cow, as some people are calling the vulnerability, was introduced into the core Linux kernel in 2007. It’s extremely easy to exploit, making it one of the worst privilege-elevation flaws ever to hit the open-source OS.
Independent security researcher David Manouchehri told Ars that this proof-of-concept code that exploits Dirty Cow on Android gets devices close to root. With a few additional lines, Manouchehri’s code provides persistent root access on all five of the Android devices he has tested.
“It’s very easy for someone who’s somewhat familiar with the Android filesystem,” Manouchehri said of the exploit. “From what I can tell, in theory it should be able to root every device since Android 1.0. Android 1.0 started on [Linux] kernel [version] 2.6.25, and this exploit has been around since [Linux kernel version] 2.6.22.”
A separate security researcher who asked to not be identified said he and several other people developed a separate rooting exploit. It’s based on this publicly available Dirty Cow exploit that they modified to make work on Android and to give it additional capabilities.
“We are using a rather unique route on it that we can use elsewhere in the future as well,” the researcher said when asked why he didn’t want to disclose the code or want his name published. “I don’t want Google or anyone shutting down that route.”
The video below shows the researcher using his app to root an Android-powered HTC phone, which is connected to a computer by a USB cable. The first ID and su commands show that the device is unrooted. After running “moo”—the name of the file containing the exploit code—and then running the su and ID commands again, it’s clear that the device has been rooted.
Both of the exploits allow end users to root Android phones so they have capabilities such astethering that are often restricted by individual manufacturers or carriers. By gaining access to the core parts of the Android OS, owners can bypass such limitations and vastly expand the things their devices can do. The darker side of rooting is that it’s sometimes done surreptitiously so that malicious apps can spy on users by circumventing application sandboxing and other security measures built into Android.
Just as Dirty Cow has allowed untrusted users or attackers with only limited access to a Linux server to dramatically elevate their control, the flaw can allow shady app developers to evade Android defenses that cordon off apps from other apps and from core OS functions. The reliability of Dirty Cow exploits and the ubiquity of the underlying flaw makes it an ideal malicious root trigger, especially against newer devices running the most recent versions of Android.
“I would be surprised if someone hasn’t already done that this past weekend,” Manouchehri said.
Dirty Cow came to light a few days before the release of a separate rooting method for Android devices. “Drammer,” as the latter exploit has been dubbed, is significant because it targets the “Rowhammer” bitflipping hardware bug, which allows attackers to modify data stored in device memory. Google plans to release a patch in November that makes Rowhammer much harder to exploit.
Now that the Dirty Cow hole has been patched in the Linux kernel, it’s only a matter of time until the fix makes its way into Android, too. But the soonest it will be available is with the release of next month’s Android patch batch. Of course, that’s not available for a large number of devices, mostly because of limitations set by manufacturers and carriers.
An unstable and experimental version of the Chrome web browser, going by the name of Chrome Canary, is now available for Android. This latest Chrome edition is destined to give users an idea of what’s in store from future versions of the browser for smartphone and tablet.
Already available for Windows and macOS, Google Chrome Canary has now landed on Android. Designed primarily for developers and early adopters, this version of the browser features brand new functions, many of which are still experimental.
Like any product of the kind, Chrome Canary is prone to crashing and should be used with caution. What’s more, Google releases updates on an almost daily basis, which can prove laborious for users and consume large amounts of data. Evidently, this version of Chrome can be used alongside the official application, which promises perfect stability.
Note, however, that Google isn’t officially announcing all of the new functions it gradually introduces to the experimental browser. The firm is above all seeking to check that the system can still operate once the functions are integrated, before rolling them out to the developers’ edition of Chrome.
In total, there are four different versions of Google Chrome: Chrome, Chrome Beta, Chrome Dev and Chrome Canary.
For anyone interested in taking a look, Google Chrome Canary is available to download free from Google Play.
More mobile services will start sharing spectrum, so your speeds could vary more
The long fight over LTE networks sharing frequencies with Wi-Fi may be just the first of many battles as device makers and service providers try to make the most of the limited available spectrum.
Around the world, regulators and industry are working on how to let different kinds of networks use the same spectrum. The new techniques and policies they use should lead to better mobile performance in some areas, but it’s also likely that wireless performance will fluctuate more as you move around.
LTE-U has grabbed headlines because it involves licensed carriers using some of the channels that consumers depend on for Wi-Fi service, which often is free or runs on users’ own routers. Wi-Fi supporters cried foul last year after Qualcomm and some U.S. carriers proposed the technology, and it took until last month for the two sides to reach an apparent peace agreement.
LTE-U products could start getting certified soon with a battery of coexistence tests. But this won’t be the last time mobile users find the services they rely on forced to coexist with other technologies. Growing demand for wireless capacity, plus the runaway success of Wi-Fi as an example of a new approach to spectrum that worked, are bringing more players to the table in many cases.
Though new technologies make spectrum-sharing more feasible, exactly how these schemes will play out isn’t clear yet.
“It’s a very crowded world, and we are adjusting our expectations for how these things are going to work together,” said Harold Feld, senior vice president of the U.S. consumer advocacy group Public Knowledge, on a recent LTE-U panel discussion.
Interference issues used to be relatively simple, Feld said. If one operator held a license, anyone else had to get off the frequency. If the spectrum was unlicensed, every user had to accept interference and not do anything to monopolize the band.
LTE-U raised new questions, because even though the 5.8GHz band where it operates is unlicensed and was set aside to allow room for innovation, this wasn’t a question of two small, experimental technologies vying for space. Millions depend on Wi-Fi today, and at least two major U.S. carriers – Verizon and T-Mobile – want to roll out LTE-U to supplement massive cellular networks.
Wi-Fi and LTE use different methods to keep order among wireless channels. If unmodified LTE networks were unleashed in an unlicensed band, the effect would be “devastating,” said Patrick Welsh, Verizon’s assistant vice president for federal regulatory affairs, during a panel discussion last month.
Verizon wanted to use the 5.8GHz band for extra capacity, so it brought together engineers from its equipment suppliers to develop LTE-U, Welsh said. That technology is available for use primarily in the U.S., South Korea, China and India.
To do the same thing, carriers in most other countries had to wait for another technology called LAA (Licensed Assisted Access), which was being standardized by LTE’s overseers at the 3GPP and took longer to finish. It uses different coexistence techniques that most Wi-Fi backers think are safer. Some U.S. carriers are planning eventually to use LAA, too.
Meanwhile, vendors and service providers are jockeying for position on several other frequency bands that may host multiple services.
The 3.5GHz band: The U.S., Australia, the U.K., and other countries around the world want to open up frequencies in the 3.5GHz band to mobile devices. Just adding this band to the channels available for Wi-Fi wouldn’t work because the exact frequencies available in each country are different, Tolaga Research analyst Phil Marshall said.
In some cases, mobile users of 3.5GHz will have to share the band with existing users, such as the U.S. Department of Defense. In the U.S. case, the military would get first priority in the few areas where it uses the spectrum, service providers could get a new kind of license in some local areas, and other users would get in line behind them.
Millimeter-wave bands:Millimeter-wave bands targeted for use with future 5G networks also seem to be bound for complicated sets of uses. In particular, the 50GHz to 70GHz frequencies are partly unlicensed and partly “lightly licensed” to incumbent users in some countries, Marshall said. Unlicensed spectrum, in general, is expected to play a big role in 5G, though exactly how won’t be totally clear for a few years.
DSRC band: Regulators in both the U.S. and Europe have grappled with coexistence between Wi-Fi and DSRC (Dedicated Short-Range Communications) systems that use frequencies around 5.9GHz. These include systems for cars to communicate with each other and with nearby objects like tollbooths, though adoption has been limited, especially in the U.S. In-car Wi-Fi systems have been accused of hurting DSRC performance, and in the U.S. there is a drive to force DSRC to share its spectrum with Wi-Fi.
What’s missing, at least in the U.S., is a standard way of defining harmful interference between technologies that are bound to overlap with each other because they use the same spectrum, Public Knowledge’s Feld said. There should also be a standard framework for settling fights over shared spectrum so the Federal Communications Commission, or industries the FCC prods to solve their own disputes, don’t have to reinvent the wheel every time, he said.
Opening more frequencies for mobile Internet access should be good for users overall, analyst Marshall said. He doesn’t expect performance hits on Wi-Fi from LTE-U, for example.
But as consumers increasingly get their mobile access over frequencies shared by numerous technologies, the boost that comes from the extra spectrum may be a fleeting thrill, Marshall said.
“You’re talking about very, very high capacity if you’ve got that spectrum available,” Marshall said. “If you haven’t, you push down to a lower rate.”
DressCode has been found circulating in at least 3,000 Trojanized apps
An Android malware is spreading across app stores, including Google Play, and has the capability of stealing sensitive files from corporate networks.
DressCode, a family of Android malware, has been found circulating in at least 3,000 Trojanized apps, security firm Trend Micro said on Friday.
DressCode hides itself inside games, user interface themes, and phone optimization boosters. It can also be difficult to detect because the malicious coding only makes up a small portion of the overall app.
On Google Play, Trend Micro found more than 400 apps that are part of the DressCode family, it said. That’s 10 times more than what security researchers at Check Point noticed a month ago.
Trend Micro added that one these apps on Google Play had been installed 100,000 to 500,000 times. Once installed, DressCode’s malicious coding will contact its command and control servers and receive orders from its developers.
The malware is particularly dangerous because it can infiltrate whatever internet network the infected device connects to. Imagine a user bringing a phone to the office and connecting to the corporate network. The makers of DressCode could use the phone as a springboard to hack into the corporate network or download sensitive files, Trend Micro said.
“With the growth of Bring Your Own Device (BYOD) programs, more enterprises are exposing themselves to risk via carefree employee mobile usage,” the security firm said.
According to Trend Micro, 82 percent of businesses have BYOD programs, allowing their employees to use personal devices for work functions.
The DressCode malware can also be used to turn infected devices into a botnet. This allows the infected devices to carry out distributed denial-of-service (DDOS) attacks or be used to send spam.
Trend Micro has found DressCode infecting enterprise users in the U.S., France, Israel, Ukraine, and other countries. The security firm is advising that users always check the online reviews for whatever apps they download.
Users can also install Trend Micro’s mobile security products to protect themselves.
Google didn’t immediately respond to a request for comment on the malware.
Would-be LTE-U carriers told to take these tests, or just leave off
The Wi-Fi Alliance’s long-awaited – and controversial – LTE-U Coexistence Test plan has landed.
The reg-walled test plan is supposed to help work out if LTE-U – the mobile carriers’ plan to use unlicensed spectrum if nobody else is talking – can coexist with Wi-Fi.
Carriers, already under a spectrum squeeze, are hoping they can pitch their tents on Wi-Fi’s campground, promising that LTE-U won’t disrupt Wi-Fi. will play nice if there are Wi-Fi users around.
Negotiations between the groups and America’s Federal Communications Commission have been tense, and at one point, Qualcomm complained its input to the test plan had been ignored.
In particular, Qualcomm had complained that the proposal to use -82 dBm as the threshold LTE-U would treat as “vacant” was too loose, and would leave a lot of Wi-Fi users out in the cold. That, however, is the lowest test threshold in the test plan.
Qualcomm is already conducting LTE-U field trials with T-Mobile, and early this week it asked the FCCfor a 12-month extension to the authorisation it first received in May of this year.
Reading between the lines of the Wi-Fi Alliance’s love-in-media-release, The Register gets the impression the arguments remained unresolved. The document says “Early agreement on foundational principles, such as a commitment to maintaining the typical connectivity experience for Wi-Fi users and a clear definition of fairness, allowed completion of the work on an aggressive timeline and guided development of test plan specifics.”
“These same, shared principles augmented by robust technical data were instrumental in finalizing aspects of the test plan where consensus was unachievable. Coming to an industry-agreed solution required compromises from all sides. Therefore, the test plan is designed to be used as an unedited whole. Alternate test approaches, such as selectively omitting or modifying portions of the test plan would not have been acceptable in this cross-industry effort since those tactics will not provide assurances of fair coexistence.”
Which sounds a lot like “take it or leave it”, a sentiment re-enforced with the further pronouncement that ““the test plan is designed to be used as an unedited whole” and an accompanying warning against carriers cherry-picking the document in their tests.
The test plan itself is a 51-page thicket of densely technical procedures. If you can find something of interest in it, let us know.
The nation’s third-largest carrier gets into 5G in a big way.
T-Mobile has mocked the other carriers for making ridiculous promises and hyping up 5G, or the next generation of wireless technology.
So what does it do on Tuesday? Hype up 5G.
T-Mobile Chief Technology Officer Neville Ray laid out his vision for the carrier’s move into 5G, which it’s making in a big way. Working with Nokia, Ericsson and Samsung, T-Mobile was able to show off speeds of 12 gigabits per second. That’s more than three times as fast as the trials Verizon conducted back in February.
Just to put these speeds into perspective, Verizon’s 5G trials alone represented a connection that was several hundred times faster than today’s LTE and three and a half times faster than Google’s superfast Fiber internet service.
Those kinds of speeds are key to driving a whole new generation of applications, whether its virtual reality, self-driving cars or the ability for you to download the entire library of Seinfeld episodes in minutes. But don’t hold your breath for 5G to show up anytime soon. The wireless industry hasn’t come to an agreement on the underlying standards, and most experts believe the real ball will get rolling in 2018.
As a result, these speed games don’t matter much to what the service will actually look like down the line. AT&T, for instance, claims it has hit 14 gigabits per second in its own lab tests.
Still, Ray said T-Mobile is already working on the transition.
“5G is something we are building now,” he said, noting that the investment pouring into its LTE network will serve as the foundation.
Verizon was the first to sound the 5G horn, last year, when it jumped out with its intention to test the technology, partially as a way to influence the international wireless community. AT&T followed suit and now has two test locations. Both plan to use a 5G-like wireless ability to test out an alternative version of home broadband service.
T-Mobile, meanwhile, said it is working with the Federal Communications Commission, its majority owner Deutsche Telekom and standards bodies in its preparation for 5G
Look out Verizon, your competitive pool is about to get a bit deeper. On Tuesday, Comcast revealed that after years of delays, it is finally ready to make its official debut. Well, almost.
Speaking at the Goldman Sachs Communacopia conference in New York, Comcast CEO Brian Roberts told an audience that a new Wi-Fi-based wireless service will be made available “somewhere in the middle of next year, maybe a little sooner, but not at the beginning of next year.” Curiously enough, the service will depend upon the Verizon Wireless network, as it will use leased airwaves from Verizon’s network in conjunction with Comcast’s 15 million Wi-Fi locations.
Roberts remained tight-lipped on further details regarding the new service and said only that the new mobile solution will be geared toward Comcast’s existing cable customer base. As The Verge points out, this new offering allows the cable company to compete with the AT&T and DirecTV partnership, which currently allows DirecTV subscribers to sign up for an exclusive AT&T unlimited data plan.
While it may seem strange for a company that has long been known for its broadcast and cable television services to enter the mobile services game, Craig Moffett, of MoffettNathanson Research told Fortune that it is just good sense.
“The lines between wired and wireless networks are blurring,” he said. “For Comcast … being a wireless operator isn’t optional. All network operators are going to be in the wireless business whether they like it or not.”
When Comcast does ultimately unveil its mobile phone service, it will become the first cable mobile virtual network operator (MVNO), which refers to a situation in which “one company buys capacity on other wireless carriers’ networks and resells services under its own brand,” Bloomberg explains. It could ultimately pave the way for Comcast to acquire a carrier so that they can stop renting and just buy instead.
“Most investors wouldn’t be surprised to see Comcast pursue a multi-pronged strategy of developing an MVNO, acquiring additional spectrum, and pursuing an acquisition of an existing network provider,” said Paul Sweeney, a Bloomberg Intelligence analyst.
So look out cell phone carriers — your slice of the pie may be getting smaller pretty soon.
Researchers find apps spying on their users available for download in the Android play store.
Be careful what you download.
Four apps available on the Google Play Store were spying on users in secret, according to research released Friday by Mobile security company Lookout. Running a malicious code that Lookout has dubbed Overseer, the apps could track your latitude and longitude and collect information on who you were emailing when.
“That information is incredibly valuable to an attacker who wants to find out where a person is and who they’re talking with,” said Kristy Edwards, product manager for security research at Lookout.
One of the apps, called Embassy, functioned as advertised in the Play Store, letting users look up their nation’s embassy in foreign cities. In the meantime, it turned users’ phones into homing devices and sent out email contact lists to accounts hosted on servers run by Facebook and Amazon. The other apps advertised themselves as news apps but didn’t actually work. Nonetheless, they also contained Overseer.
Google has since removed the apps from the Play Store, according to a Lookout spokesperson. Google confirmed that apps’ removal but declined further comment.
Edwards said she can’t speculate on who created Overseer. She said the malicious software, which hasn’t been identified in any other mobile apps so far, uses a novel technique to avoid detection.
Often, malicious software shows its hand by sending data to a random server in a foreign country. The fact that Overseer was sending user information to an account hosted by a Facebook server makes everything look above board.
That’s useful for bad guys, because these days, companies are monitoring their employees’ work phones for problems just like Overseer. Tricks like these make it hard to see “weird traffic,” Edwards said.
Android has a lot of good things going for it, but not all of Google’s recent progress has been positive.
Those of us who watch Android closely know that Google has a history of flipping and flopping — of firmly getting behind one idea or way of doing things, then casually changing its mind and doing a complete 180 a while later.
Sometimes, these U-turns work out well in the end. Other times, they’re baffling and frustrating for us as users. And other times yet, they’re so subtle and evolutionary — more of broad philosophical shifts than surface-level alterations — that you almost don’t even notice them until you really stop and think.
This latest instance falls into that final category. I’m talking about the apparent move back toward out-of-sight, difficult-to-discover actions in the operating system — something Google explicitly made an effort to avoid starting with 2011’s Android 4.0 Ice Cream Sandwich release.
With this year’s Android 7.0 Nougat software, the regression has become enough of a trend to make me worry.
Out of sight, out of mind
First, a quick step back in time for perspective: Much of Google’s focus with Android 4.0 was on making the operating system more polished, intuitive, and user-friendly. (Astute observers may remember that Ice Cream Sandwich was the first release fully guided by then-new-Android-design-chief Matias Duarte, who joined Google midway through Honeycomb’s development and has since moved onto a broader role overseeing Material Design across all of Google’s products.) A large part of that effort involved taking the platform’s many hidden elements and bringing them out into the open. That way, they’d be more visible and thus more likely to be discovered and used.
It was that goal that led to the elimination of Android’s system-level Menu key, which had caused commands to be tucked away off the screen — with no indication of their presence. Having elements of the interface hidden, Google realized, did not make for an ideal user experience; without any visual cues, such elements were difficult for people to discover and unnatural for them to use.
I don’t know if something changed or if that lesson was simply deprioritized over time, but Android has been inching increasingly back into the realm of buried commands as of late. The slideback actually started with 2013’s Android 4.4 KitKat release — albeit in a relatively small way: With Android 4.0, as you may recall, Google moved the option to add home screen widgets from a hidden long-press menu into the main app drawer, where it’d be plainly in sight and accessible. The idea was to create a single place for finding everything that could be added onto your home screen. From a discoverability and usability perspective, it seemed to make an awful lot of sense.
But then, without explanation, KitKat did an about-face: The release quietly pulled widgets out of the app drawer and put them back into their former long-press-menu hiding spot. Out of sight once again — and that was just the start.
“There’s a lot of good stuff in Android that people aren’t even aware exists”
2012’s Android 4.1 release introduced Google Now, which made the hidden long-press command a core part of Android’s user interface. Last year’s Android 6.0 Marshmallow software took things a step further and brought the also-cue-lacking Now On Tap into the equation. (Even I constantly forget it’s there, and I pay attention to this stuff for a living.)
And with this year’s Android 7.0 Nougat update, a whole host of similarly concealed commands has been added into the mix — things like long-pressing the Overview key (or, more inconspicuous yet, tapping it and then long-pressing an app’s card from there) to initiate split-screen mode; long-pressing notifications to customize their behavior; and long-pressing icons in the Share list to change the order in which they appear.
All of these commands are significant additions to the operating system and have the potential to be quite useful — and all of them are equally out of sight and difficult to discover. I was reminded of this when I asked my wife, who has a reasonably good grasp on technology but is much more of a “normal user” than an enthusiast, what she thought about the new Nougat software that arrived on her Nexus 5X earlier this week.
Her answer? “It’s fine, I guess. I haven’t really noticed anything different. I know there’s that split-screen thing you showed me, but I haven’t figured out how to do it yet.”
And remember: She’s someone who has the advantage of at least hearing about these things (via my incessant blabbing) and knowing that they’re there. Most typical users are going into this completely blind. And that’s precisely the type of situation where a lack of intuitiveness really becomes an issue.
An important nit to pick
Don’t get me wrong: At this point, Android is pretty, polished, and packed with power. But increasingly, a fair portion of that power is out of sight and thus out of mind to users — particularly the more common casual users who don’t carefully follow the platform’s development. And that’s a shame, because there’s a lot of good stuff here that regular people aren’t even aware exists.
Part of it may just be that as the platform expands, the software inevitably grows more dense with features and options — and Google’s running out of obvious places to squeeze all of that within the current Android framework. (There are only so many places for top-level buttons and commands, after all.) Maybe the answer, then, is something that requires more sweeping changes to the operating system’s interface — something that allows these features to be incorporated in an intuitive and visible way rather than being crammed awkwardly into a corner.
One way or another, I hope Google regains its focus on maintaining a simple and visual-guided UI for Android before the complexity seeps in much further. It took the company years to transform Android from a power-user-centric mishmosh of possibilities into an intuitive and inviting (though no less powerful) platform for the masses. If these current trends continue, it’ll take far less time for all of that progress to be undone.