Faster Wi-Fi will be in smartphones and laptops next year

Jacob Kastrenakes, The Verge, 10/25/16

Wi-Fi is about to get much, much faster. The Wi-Fi Alliance is now beginning to certify smartphones, laptops, routers, and other devices that include a super-fast Wi-Fi standard called WiGig, which nearly doubles Wi-Fi’s current top speed. The Alliance says it’ll be in “marquee” smartphones and laptops next year.

WiGig only works over a short range — about 33 feet (or 10 meters), according to the Wi-Fi Alliance. That means even once you get a router and a phone or laptop that support it, you’ll probably only get those speeds within the room the router is located in. “We talk about it as an in-room technology,” says Kevin Robinson, who is VP of marketing at the Wi-Fi Alliance.

That’s a big limitation for WiGig, but it still opens up a lot of possibilities — perhaps the most exciting of which is for VR. Right now, if you want to use a virtual-reality headset with a game console or PC, it needs to be tethered using a series of thick cables because current wireless standards just aren’t fast enough. That constrains movement and limits how immersed you can be in a VR experience.

WiGig, on the other hand, should be fast enough to support VR. The Wi-Fi Alliance also suggests its high speeds will be useful for augmented reality, 4K video, and streaming phone and laptop displays to desktop monitors.

The technology could also be used out of the home by internet providers or public access points. WiGig relies on the same millimeter wave frequencies that Alphabet’s Access(formerly Google Fiber) and Starry, an internet startup from the founder of Aereo, are looking into using to deliver high-speed internet from streets to homes without using cables. Robinson also says WiGig could find applications in sports stadiums and other large venues.

In addition to WiGig, there’s one other wonky term you’ll want to get used to: 802.11ad. That’s the new wireless standard that includes support for WiGig. Most modern phones, laptops, and routers support 802.11ac Wi-Fi, which tops out (in theory) at speeds of 4.5 Gbps, while these forthcoming 802.11ad devices are (theoretically) supposed to reach speeds of 8 Gbps.

We’re already starting to see the first of these 802.11ad devices hit the market — some routers supporting it were announced earlier this month.

WiGig itself isn’t brand new — it’s been used here and there over the past few years, and, as those routers illustrate, is already on the market in some key products. But what’s happening today, with the announcement of the Wi-Fi Alliance’s certification program, is essentially the starting gun for the deployment of WiGig. Major members of the tech industry, who make up the Alliance, have all agreed that it’s time to move forward with WiGig. Over the next few years, we should see that happen.

Posted on October 25, 2016 at 2:16 pm by lesliemanzara · Permalink · Leave a comment
In: Mobile Technology · Tagged with: 

Android phones rooted by “most serious” Linux escalation bug ever

oodin, Ars Technica, 10/25/16

New rooting technique is believed to work against every version.

There’s a new method for rooting Android devices that’s believed to work reliably on every version of the mobile operating system and a wide array of hardware. Individuals can use it to bypass limitations imposed by manufacturers or carriers, but it could also be snuck into apps for malicious purposes.

The technique comes courtesy of a Linux privilege-escalation bug that, as came to light last week,attackers are actively exploiting to hack Web servers and other machines. Dirty Cow, as some people are calling the vulnerability, was introduced into the core Linux kernel in 2007. It’s extremely easy to exploit, making it one of the worst privilege-elevation flaws ever to hit the open-source OS.

Independent security researcher David Manouchehri told Ars that this proof-of-concept code that exploits Dirty Cow on Android gets devices close to root. With a few additional lines, Manouchehri’s code provides persistent root access on all five of the Android devices he has tested.

“It’s very easy for someone who’s somewhat familiar with the Android filesystem,” Manouchehri said of the exploit. “From what I can tell, in theory it should be able to root every device since Android 1.0. Android 1.0 started on [Linux] kernel [version] 2.6.25, and this exploit has been around since [Linux kernel version] 2.6.22.”

A separate security researcher who asked to not be identified said he and several other people developed a separate rooting exploit. It’s based on this publicly available Dirty Cow exploit that they modified to make work on Android and to give it additional capabilities.

“We are using a rather unique route on it that we can use elsewhere in the future as well,” the researcher said when asked why he didn’t want to disclose the code or want his name published. “I don’t want Google or anyone shutting down that route.”

The video below shows the researcher using his app to root an Android-powered HTC phone, which is connected to a computer by a USB cable. The first ID and su commands show that the device is unrooted. After running “moo”—the name of the file containing the exploit code—and then running the su and ID commands again, it’s clear that the device has been rooted.

Double-edge blade

Both of the exploits allow end users to root Android phones so they have capabilities such astethering that are often restricted by individual manufacturers or carriers. By gaining access to the core parts of the Android OS, owners can bypass such limitations and vastly expand the things their devices can do. The darker side of rooting is that it’s sometimes done surreptitiously so that malicious apps can spy on users by circumventing application sandboxing and other security measures built into Android.

Just as Dirty Cow has allowed untrusted users or attackers with only limited access to a Linux server to dramatically elevate their control, the flaw can allow shady app developers to evade Android defenses that cordon off apps from other apps and from core OS functions. The reliability of Dirty Cow exploits and the ubiquity of the underlying flaw makes it an ideal malicious root trigger, especially against newer devices running the most recent versions of Android.

“I would be surprised if someone hasn’t already done that this past weekend,” Manouchehri said.

Dirty Cow came to light a few days before the release of a separate rooting method for Android devices. “Drammer,” as the latter exploit has been dubbed, is significant because it targets the “Rowhammer” bitflipping hardware bug, which allows attackers to modify data stored in device memory. Google plans to release a patch in November that makes Rowhammer much harder to exploit.

Now that the Dirty Cow hole has been patched in the Linux kernel, it’s only a matter of time until the fix makes its way into Android, too. But the soonest it will be available is with the release of next month’s Android patch batch. Of course, that’s not available for a large number of devices, mostly because of limitations set by manufacturers and carriers.

Posted on October 25, 2016 at 2:13 pm by lesliemanzara · Permalink · Leave a comment
In: Android, Mobile Technology · Tagged with: ,

Google rolls out Chrome Canary experimental web browser to Android

Yahoo! News, 10/21/16

An unstable and experimental version of the Chrome web browser, going by the name of Chrome Canary, is now available for Android. This latest Chrome edition is destined to give users an idea of what’s in store from future versions of the browser for smartphone and tablet.

Already available for Windows and macOS, Google Chrome Canary has now landed on Android. Designed primarily for developers and early adopters, this version of the browser features brand new functions, many of which are still experimental.

Like any product of the kind, Chrome Canary is prone to crashing and should be used with caution. What’s more, Google releases updates on an almost daily basis, which can prove laborious for users and consume large amounts of data. Evidently, this version of Chrome can be used alongside the official application, which promises perfect stability.

Note, however, that Google isn’t officially announcing all of the new functions it gradually introduces to the experimental browser. The firm is above all seeking to check that the system can still operate once the functions are integrated, before rolling them out to the developers’ edition of Chrome.

In total, there are four different versions of Google Chrome: Chrome, Chrome Beta, Chrome Dev and Chrome Canary.

For anyone interested in taking a look, Google Chrome Canary is available to download free from Google Play.

Check out Google Chrome Canary:


Posted on October 21, 2016 at 1:02 pm by lesliemanzara · Permalink · Leave a comment
In: Mobile Technology

Wi-Fi vs. LTE could be the start of a mobile rollercoaster

, ComputerWorld, 10/11/16

More mobile services will start sharing spectrum, so your speeds could vary more

Posted on October 11, 2016 at 5:13 pm by lesliemanzara · Permalink · Leave a comment
In: Mobile Technology · Tagged with: , , , , ,

Android malware that can infiltrate corporate networks is spreading

CSO, 10/5/16

DressCode has been found circulating in at least 3,000 Trojanized apps

An Android malware is spreading across app stores, including Google Play, and has the capability of stealing sensitive files from corporate networks.

DressCode, a family of Android malware, has been found circulating in at least 3,000 Trojanized apps, security firm Trend Micro said on Friday.

DressCode hides itself inside games, user interface themes, and phone optimization boosters. It can also be difficult to detect because the malicious coding only makes up a small portion of the overall app.

On Google Play, Trend Micro found more than 400 apps that are part of the DressCode family, it said. That’s 10 times more than what security researchers at Check Point noticed a month ago.

Trend Micro added that one these apps on Google Play had been installed 100,000 to 500,000 times. Once installed, DressCode’s malicious coding will contact its command and control servers and receive orders from its developers.

The malware is particularly dangerous because it can infiltrate whatever internet network the infected device connects to. Imagine a user bringing a phone to the office and connecting to the corporate network. The makers of DressCode could use the phone as a springboard to hack into the corporate network or download sensitive files, Trend Micro said.

“With the growth of Bring Your Own Device (BYOD) programs, more enterprises are exposing themselves to risk via carefree employee mobile usage,” the security firm said.

According to Trend Micro, 82 percent of businesses have BYOD programs, allowing their employees to use personal devices for work functions.

The DressCode malware can also be used to turn infected devices into a botnet. This allows the infected devices to carry out distributed denial-of-service (DDOS) attacks or be used to send spam.

Trend Micro has found DressCode infecting enterprise users in the U.S., France, Israel, Ukraine, and other countries. The security firm is advising that users always check the online reviews for whatever apps they download.

Users can also install Trend Micro’s mobile security products to protect themselves.

Google didn’t immediately respond to a request for comment on the malware.

Posted on October 5, 2016 at 3:29 pm by lesliemanzara · Permalink · Leave a comment
In: Android, Mobile Technology · Tagged with: ,

Wi-Fi Alliance publishes LTE/WiFi coexistence test plan

Richard Chirgwin, The Register, 9/22/16

Would-be LTE-U carriers told to take these tests, or just leave off

The Wi-Fi Alliance’s long-awaited – and controversial – LTE-U Coexistence Test plan has landed.

The reg-walled test plan is supposed to help work out if LTE-U – the mobile carriers’ plan to use unlicensed spectrum if nobody else is talking – can coexist with Wi-Fi.

Carriers, already under a spectrum squeeze, are hoping they can pitch their tents on Wi-Fi’s campground, promising that LTE-U won’t disrupt Wi-Fi. will play nice if there are Wi-Fi users around.

Negotiations between the groups and America’s Federal Communications Commission have been tense, and at one point, Qualcomm complained its input to the test plan had been ignored.

In particular, Qualcomm had complained that the proposal to use -82 dBm as the threshold LTE-U would treat as “vacant” was too loose, and would leave a lot of Wi-Fi users out in the cold. That, however, is the lowest test threshold in the test plan.

Qualcomm is already conducting LTE-U field trials with T-Mobile, and early this week it asked the FCCfor a 12-month extension to the authorisation it first received in May of this year.

Reading between the lines of the Wi-Fi Alliance’s love-in-media-release, The Register gets the impression the arguments remained unresolved. The document says “Early agreement on foundational principles, such as a commitment to maintaining the typical connectivity experience for Wi-Fi users and a clear definition of fairness, allowed completion of the work on an aggressive timeline and guided development of test plan specifics.”

“These same, shared principles augmented by robust technical data were instrumental in finalizing aspects of the test plan where consensus was unachievable. Coming to an industry-agreed solution required compromises from all sides. Therefore, the test plan is designed to be used as an unedited whole. Alternate test approaches, such as selectively omitting or modifying portions of the test plan would not have been acceptable in this cross-industry effort since those tactics will not provide assurances of fair coexistence.”

Which sounds a lot like “take it or leave it”, a sentiment re-enforced with the further pronouncement that ““the test plan is designed to be used as an unedited whole” and an accompanying warning against carriers cherry-picking the document in their tests.

The test plan itself is a 51-page thicket of densely technical procedures. If you can find something of interest in it, let us know.

Posted on September 22, 2016 at 1:03 pm by lesliemanzara · Permalink · Leave a comment
In: Mobile Technology · Tagged with: , ,

T-Mobile’s 5G speed is mind-bogglingly faster than Verizon

, CNET, 9/22/16

The nation’s third-largest carrier gets into 5G in a big way.

T-Mobile has mocked the other carriers for making ridiculous promises and hyping up 5G, or the next generation of wireless technology.

So what does it do on Tuesday? Hype up 5G.

T-Mobile Chief Technology Officer Neville Ray laid out his vision for the carrier’s move into 5G, which it’s making in a big way. Working with Nokia, Ericsson and Samsung, T-Mobile was able to show off speeds of 12 gigabits per second. That’s more than three times as fast as the trials Verizon conducted back in February.

Just to put these speeds into perspective, Verizon’s 5G trials alone represented a connection that was several hundred times faster than today’s LTE and three and a half times faster than Google’s superfast Fiber internet service.

Those kinds of speeds are key to driving a whole new generation of applications, whether its virtual reality, self-driving cars or the ability for you to download the entire library of Seinfeld episodes in minutes. But don’t hold your breath for 5G to show up anytime soon. The wireless industry hasn’t come to an agreement on the underlying standards, and most experts believe the real ball will get rolling in 2018.

As a result, these speed games don’t matter much to what the service will actually look like down the line. AT&T, for instance, claims it has hit 14 gigabits per second in its own lab tests.

Still, Ray said T-Mobile is already working on the transition.

“5G is something we are building now,” he said, noting that the investment pouring into its LTE network will serve as the foundation.

Verizon was the first to sound the 5G horn, last year, when it jumped out with its intention to test the technology, partially as a way to influence the international wireless community. AT&T followed suit and now has two test locations. Both plan to use a 5G-like wireless ability to test out an alternative version of home broadband service.

T-Mobile, meanwhile, said it is working with the Federal Communications Commission, its majority owner Deutsche Telekom and standards bodies in its preparation for 5G

Posted on September 22, 2016 at 1:00 pm by lesliemanzara · Permalink · Leave a comment
In: Mobile Technology · Tagged with: , , , , ,

Look out cell phone carriers, Comcast is launching its own mobile service in 2017

Lulu Chang, Yahoo!, 9/22/16

Look out Verizon, your competitive pool is about to get a bit deeper. On Tuesday, Comcast revealed that after years of delays, it is finally ready to make its official debut. Well, almost.

Speaking at the Goldman Sachs Communacopia conference in New York, Comcast CEO Brian Roberts told an audience that a new Wi-Fi-based wireless service will be made available “somewhere in the middle of next year, maybe a little sooner, but not at the beginning of next year.” Curiously enough, the service will depend upon the Verizon Wireless network, as it will use leased airwaves from Verizon’s network in conjunction with Comcast’s 15 million Wi-Fi locations.

Roberts remained tight-lipped on further details regarding the new service and said only that the new mobile solution will be geared toward Comcast’s existing cable customer base. As The Verge points out, this new offering allows the cable company to compete with the AT&T and DirecTV partnership, which currently allows DirecTV subscribers to sign up for an exclusive AT&T unlimited data plan.

While it may seem strange for a company that has long been known for its broadcast and cable television services to enter the mobile services game, Craig Moffett, of MoffettNathanson Research told Fortune that it is just good sense.

“The lines between wired and wireless networks are blurring,” he said. “For Comcast … being a wireless operator isn’t optional. All network operators are going to be in the wireless business whether they like it or not.”

When Comcast does ultimately unveil its mobile phone service, it will become the first cable mobile virtual network operator (MVNO), which refers to a situation in which “one company buys capacity on other wireless carriers’ networks and resells services under its own brand,” Bloomberg explains. It could ultimately pave the way for Comcast to acquire a carrier so that they can stop renting and just buy instead.

“Most investors wouldn’t be surprised to see Comcast pursue a multi-pronged strategy of developing an MVNO, acquiring additional spectrum, and pursuing an acquisition of an existing network provider,” said Paul Sweeney, a Bloomberg Intelligence analyst.

So look out cell phone carriers — your slice of the pie may be getting smaller pretty soon.

Posted on September 22, 2016 at 12:57 pm by lesliemanzara · Permalink · Leave a comment
In: Mobile Technology · Tagged with: , ,

Malicious smartphone apps turn your phone into tracking device

, CNET, 9/16/16

Researchers find apps spying on their users available for download in the Android play store.

Be careful what you download.

Four apps available on the Google Play Store were spying on users in secret, according to research released Friday by Mobile security company Lookout. Running a malicious code that Lookout has dubbed Overseer, the apps could track your latitude and longitude and collect information on who you were emailing when.

“That information is incredibly valuable to an attacker who wants to find out where a person is and who they’re talking with,” said Kristy Edwards, product manager for security research at Lookout.

One of the apps, called Embassy, functioned as advertised in the Play Store, letting users look up their nation’s embassy in foreign cities. In the meantime, it turned users’ phones into homing devices and sent out email contact lists to accounts hosted on servers run by Facebook and Amazon. The other apps advertised themselves as news apps but didn’t actually work. Nonetheless, they also contained Overseer.

Google has since removed the apps from the Play Store, according to a Lookout spokesperson. Google confirmed that apps’ removal but declined further comment.

Edwards said she can’t speculate on who created Overseer. She said the malicious software, which hasn’t been identified in any other mobile apps so far, uses a novel technique to avoid detection.

Often, malicious software shows its hand by sending data to a random server in a foreign country. The fact that Overseer was sending user information to an account hosted by a Facebook server makes everything look above board.

That’s useful for bad guys, because these days, companies are monitoring their employees’ work phones for problems just like Overseer. Tricks like these make it hard to see “weird traffic,” Edwards said.

Posted on September 16, 2016 at 9:01 am by lesliemanzara · Permalink · Leave a comment
In: Mobile Technology

Android is slowly sliding back into old bad habits

, ComputerWorld, 9/16/16

Android has a lot of good things going for it, but not all of Google’s recent progress has been positive.

Those of us who watch Android closely know that Google has a history of flipping and flopping — of firmly getting behind one idea or way of doing things, then casually changing its mind and doing a complete 180 a while later.

Sometimes, these U-turns work out well in the end. Other times, they’re baffling and frustrating for us as users. And other times yet, they’re so subtle and evolutionary — more of broad philosophical shifts than surface-level alterations — that you almost don’t even notice them until you really stop and think.

This latest instance falls into that final category. I’m talking about the apparent move back toward out-of-sight, difficult-to-discover actions in the operating system — something Google explicitly made an effort to avoid starting with 2011’s Android 4.0 Ice Cream Sandwich release.

With this year’s Android 7.0 Nougat software, the regression has become enough of a trend to make me worry.

Out of sight, out of mind

First, a quick step back in time for perspective: Much of Google’s focus with Android 4.0 was on making the operating system more polished, intuitive, and user-friendly. (Astute observers may remember that Ice Cream Sandwich was the first release fully guided by then-new-Android-design-chief Matias Duarte, who joined Google midway through Honeycomb’s development and has since moved onto a broader role overseeing Material Design across all of Google’s products.) A large part of that effort involved taking the platform’s many hidden elements and bringing them out into the open. That way, they’d be more visible and thus more likely to be discovered and used.

It was that goal that led to the elimination of Android’s system-level Menu key, which had caused commands to be tucked away off the screen — with no indication of their presence. Having elements of the interface hidden, Google realized, did not make for an ideal user experience; without any visual cues, such elements were difficult for people to discover and unnatural for them to use.

I don’t know if something changed or if that lesson was simply deprioritized over time, but Android has been inching increasingly back into the realm of buried commands as of late. The slideback actually started with 2013’s Android 4.4 KitKat release — albeit in a relatively small way: With Android 4.0, as you may recall, Google moved the option to add home screen widgets from a hidden long-press menu into the main app drawer, where it’d be plainly in sight and accessible. The idea was to create a single place for finding everything that could be added onto your home screen. From a discoverability and usability perspective, it seemed to make an awful lot of sense.

But then, without explanation, KitKat did an about-face: The release quietly pulled widgets out of the app drawer and put them back into their former long-press-menu hiding spot. Out of sight once again — and that was just the start.

“There’s a lot of good stuff in Android that people aren’t even aware exists”

2012’s Android 4.1 release introduced Google Now, which made the hidden long-press command a core part of Android’s user interface. Last year’s Android 6.0 Marshmallow software took things a step further and brought the also-cue-lacking Now On Tap into the equation. (Even I constantly forget it’s there, and I pay attention to this stuff for a living.)

And with this year’s Android 7.0 Nougat update, a whole host of similarly concealed commands has been added into the mix — things like long-pressing the Overview key (or, more inconspicuous yet, tapping it and then long-pressing an app’s card from there) to initiate split-screen mode; long-pressing notifications to customize their behavior; and long-pressing icons in the Share list to change the order in which they appear.

All of these commands are significant additions to the operating system and have the potential to be quite useful — and all of them are equally out of sight and difficult to discover. I was reminded of this when I asked my wife, who has a reasonably good grasp on technology but is much more of a “normal user” than an enthusiast, what she thought about the new Nougat software that arrived on her Nexus 5X earlier this week.

Her answer? “It’s fine, I guess. I haven’t really noticed anything different. I know there’s that split-screen thing you showed me, but I haven’t figured out how to do it yet.”

And remember: She’s someone who has the advantage of at least hearing about these things (via my incessant blabbing) and knowing that they’re there. Most typical users are going into this completely blind. And that’s precisely the type of situation where a lack of intuitiveness really becomes an issue.

An important nit to pick

Don’t get me wrong: At this point, Android is pretty, polished, and packed with power. But increasingly, a fair portion of that power is out of sight and thus out of mind to users — particularly the more common casual users who don’t carefully follow the platform’s development. And that’s a shame, because there’s a lot of good stuff here that regular people aren’t even aware exists.

Part of it may just be that as the platform expands, the software inevitably grows more dense with features and options — and Google’s running out of obvious places to squeeze all of that within the current Android framework. (There are only so many places for top-level buttons and commands, after all.) Maybe the answer, then, is something that requires more sweeping changes to the operating system’s interface — something that allows these features to be incorporated in an intuitive and visible way rather than being crammed awkwardly into a corner.

One way or another, I hope Google regains its focus on maintaining a simple and visual-guided UI for Android before the complexity seeps in much further. It took the company years to transform Android from a power-user-centric mishmosh of possibilities into an intuitive and inviting (though no less powerful) platform for the masses. If these current trends continue, it’ll take far less time for all of that progress to be undone.


Posted on September 16, 2016 at 8:53 am by lesliemanzara · Permalink · Leave a comment
In: Android, Mobile Technology