Toys

Ask Slashdot: Are There Any Good Smartwatches Or Fitness Trackers? 254

"What's your opinion on the current state of smartwatches?" asks long-time Slashdot reader rodrigoandrade. He's been researching both smartwatches and fitness trackers, and shares his own opinions: - Manufacturers have learnt from Moto 360 that people want round smartwatches that actually look like traditional watches, with a couple of glaring exceptions....

- Android Wear 2.0 is a thing, not vaporware. It's still pretty raw (think of early Android phones) but it works well. The LG Sport Watch is the highest-end device that supports it.

- LTE-enabled smartwatches finally allow you to ditch your smartphone, if you wish. Just pop you nano SIM in it and party on. The availability is still limited to a few SKUs in some countries, and they're ludicrously expensive, but it's getting there.

Keep reading for his assessment of four high-end choices -- and share your own opinions in the comments.
Security

Zero-Day iOS HomeKit Vulnerability Allowed Remote Access To Smart Accessories Including Locks (9to5mac.com) 39

Apple has issued a fix to a vulnerability that allowed unauthorized control of accessories, including smart locks and garage door openers. "Our understanding is Apple has rolled out a server-side fix that now prevents unauthorized access from occurring while limiting some functionality, and an update to iOS 11.2 coming next week will restore that full functionality," reports 9to5Mac. From the report: The vulnerability, which we won't describe in detail and was difficult to reproduce, allowed unauthorized control of HomeKit-connected accessories including smart lights, thermostats, and plugs. The most serious ramification of this vulnerability prior to the fix is unauthorized remote control of smart locks and connected garage door openers, the former of which was demonstrated to 9to5Mac. The issue was not with smart home products individually but instead with the HomeKit framework itself that connects products from various companies. The vulnerability required at least one iPhone or iPad on iOS 11.2, the latest version of Apple's mobile operating system, connected to the HomeKit user's iCloud account; earlier versions of iOS were not affected.
Music

Apple Is Reportedly Buying Shazam For Nearly Half a Billion Dollars (phonedog.com) 60

Apple is close to acquiring Shazam, one of the most recognized services for music recognition. While the exact amount is unknown, the service may be purchased by Apple for around $400 million. PhoneDog reports: Apple is close to acquiring Shazam, say sources speaking to TechCrunch. The deal will reportedly be signed this week and could be announced as early as next Monday. A report from Recode echoes the news of Apple acquiring Shazam, adding that Shazam will likely be valued at around $400 million. Apple -- and other companies -- already offer a music recognition service, but Apple must see something in Shazam's services that it thinks can help improve its own music recognition if it's going to drop nearly half a billion dollars on this deal. Shazam is able to identify TV shows, films, and advertisements in addition to music, so perhaps Apple sees some benefit to these abilities, too.
Software

Apple Has Ruined Its Podcasts App (slate.com) 134

Mike Pesca, host of Slate's daily podcast The Gist, writes about the recent interface changes to Apple's Podcasts app (condensed): Up until two months ago, the Apple Podcasts app was the only podcasting app I used. It gave me a nice, workable list of the shows I liked; let me know when those shows were updated; played the shows easily and without glitches; and offered the option of listening in double speed. I knew where everything was, and I thought of its shortcomings not as features the app was lacking but more like things one simply could not do with a podcast. If the Apple Podcast app wasn't great for sharing podcasts via email or text -- and it was not -- I told myself, "That just must be something that's hard for a podcast app to execute." I figured the best a podcasting app could do was to facilitate sharing the feed of a show, rather than the specific episode I was listening to. I never dared dream I could send a specific time within that episode. What sorcery is that? But sometime in the past few months, the Apple app began to fail me. Of my four basic requirements, three suffered. The list of the shows I listened to was now incomplete. There was no longer a number denoting how many episodes of each show I had on the app. The list of unplayed episodes had melded into the list of played episodes. I was offered the opportunity to browse my "Library," but access to any "card catalog" or "Dewey Decimal System" proved elusive. Apple kept pushing me toward my "recently updated" shows, but these weren't the offerings most useful to me every time I checked back in.
Security

Apple Issues Security Updates for MacOS, iOS, TvOS, WatchOS, and Safari (bleepingcomputer.com) 30

Catalin Cimpanu, writing for BleepingComputer: Over the course of the last four days, Apple has released updates to address security issues for several products, such as macOS High Sierra, Safari, watchOS, tvOS, and iOS. The most relevant security update is the one to macOS, as it also permanently fixes the bug that allowed attackers to access macOS root accounts without having to type a password. Apple issued a patch for the bug the next day after it was discovered, but because the patch was delivered as an out-of-band update that did not alter the macOS version number, when users from older macOS versions updated to 10.13.1 (the vulnerable version), the bug was still present. With today's update, the patch for the bug -- now known as "IAmRoot" (CVE-2017-13872) -- has received a permanent fix. All users who upgrade to macOS High Sierra 10.13.2 are safe.
Apple

Amazon Prime Video App Launches on Apple TV (slashdot.org) 92

Six months after Apple chief executive Tim Cook said Amazon's Prime Video service would be coming to Apple TV, the much anticipated on-demand video streaming service has arrived on tvOS. Similar to other versions of Amazon Prime Video, the Apple TV app allows Prime subscribers to sign into their accounts and watch Amazon Prime exclusive TV series, as well as browse a collection of movies.
Chrome

Google Wants Progressive Web Apps To Replace Chrome Apps (androidpolice.com) 154

An anonymous reader quotes a report from Android Police: The Chrome Web Store originally launched in 2010, and serves a hub for installing apps, extensions, and themes packaged for Chrome. Over a year ago, Google announced that it would phase out Chrome apps on Windows, Mac, and Linux in 2018. Today, the company sent out an email to developers with additional information, as well as news about future Progressive Web App support. The existing schedule is mostly still in place -- Chrome apps on the Web Store will no longer be discoverable for Mac, Windows, and Linux users. In fact, if you visit the store right now on anything but a Chromebook, the Apps page is gone. Google originally planned to remove app support on all platforms (except Chrome OS) entirely by Q1 2018, but Google has decided to transition to Progressive Web Apps:

"The Chrome team is now working to enable Progressive Web Apps (PWAs) to be installed on the desktop. Once this functionality ships (roughly targeting mid-2018), users will be able to install web apps to the desktop and launch them via icons and shortcuts; similar to the way that Chrome Apps can be installed today. In order to enable a more seamless transition from Chrome Apps to the web, Chrome will not fully remove support for Chrome Apps on Windows, Mac or Linux until after Desktop PWA installability becomes available in 2018. Timelines are still rough, but this will be a number of months later than the originally planned deprecation timeline of 'early 2018.' We also recognize that Desktop PWAs will not replace all Chrome App capabilities. We have been investigating ways to simplify the transition for developers that depend on exclusive Chrome App APIs, and will continue to focus on this -- in particular the Sockets, HID and Serial APIs."

EU

Apple To Start Paying Ireland the Billions It Owes In Back Taxes (engadget.com) 124

Last year, Apple was ordered to pay a record sum of 13 billion euros ($14.5 billion) plus interest after the European Commission said Ireland illegally slashed the iPhone maker's tax bill. "But Ireland was rather slow to start collecting that cash, which led the Commission to refer the Irish government to the European Court of Justice in October due to Ireland's non-compliance with the 2016 ruling," reports Engadget. "However, the Wall Street Journal reports today that the country will finally start collecting those billions of dollars owed by Apple and it may start doing so early next year." From the report: Both Apple and Ireland have fought back against the ruling -- Ireland has said that the European Union overstepped its authority and got some of the country's laws wrong while Apple has maintained that the amount it's being told to repay was miscalculated. Both are continuing to appeal the decision and the money will sit in an escrow fund while they do so. Ireland has said that negotiating the terms of that fund is what has held up its collection of the money but the European Commission said that the action it has taken against Ireland for failing to follow the 2016 ruling will proceed until the money is collected in full.
Censorship

Apple, Google CEOs Bring Star Power as China Promotes Censorship (bloomberg.com) 38

An anonymous reader shares a Bloomberg report: Apple's Tim Cook and Google's Sundar Pichai made their first appearances at China's World Internet Conference, bringing star power to a gathering the Chinese government uses to promote its strategy of tight controls online. Apple's chief executive officer gave a surprise keynote at the opening ceremony on Sunday, calling for future internet and AI technologies to be infused with privacy, security and humanity. The same day, one of China's most-senior officials called for more aggressive government involvement online to combat terrorism and criminals. Wang Huning, one of seven men on China's top decision-making body, even called for a global response team to go well beyond its borders. It was Cook's second appearance in China in two months, following a meeting with President Xi Jinping in October. The iPhone maker has most of its products manufactured in the country and is trying to regain market share in smartphones against local competitors such as Huawei. "The theme of this conference -- developing a digital economy for openness and shared benefits -- is a vision we at Apple share," Cook said. "We are proud to have worked alongside many of our partners in China to help build a community that will join a common future in cyberspace."
Desktops (Apple)

Apple Snafu Means Updating To macOS 10.13.1 Could Reactivate Root Access Bug (betanews.com) 74

Mark Wilson writes: A few days ago, a serious security flaw with macOS High Sierra came to light. It was discovered that it was possible to log into the 'root' account without entering a password, and -- although the company seemed to have been alerted to the issue a couple of weeks back -- praise was heaped on Apple for pushing a fix out of the door quickly. But calm those celebrations. It now transpires that the bug fix has a bug of its own. Upgrade to macOS 10.13.1 and you could well find that the patch is undone. Slow hand clap.
Iphone

Should Apple Share iPhone X Face Data With App Developers? (washingtonpost.com) 66

The Washington Post ran a technology column asking what happens "when the face-mapping tech that powers the iPhone X's cutesy 'Animoji' starts being used for creepier purposes." It's not just that the iPhone X scans 30,000 points on your face to make a 3D model. Though Apple stores that data securely on the phone, instead of sending it to its servers over the Internet, "Apple just started sharing your face with lots of apps." Although their columnist praises Apple's own commitment to privacy, "I also think Apple rushed into sharing face maps with app makers that may not share its commitment, and it isn't being paranoid enough about the minefield it just entered." "I think we should be quite worried," said Jay Stanley, a senior policy analyst at the American Civil Liberties Union. "The chances we are going to see mischief around facial data is pretty high -- if not today, then soon -- if not on Apple then on Android." Apple's face tech sets some good precedents -- and some bad ones... Less noticed was how the iPhone lets other apps now tap into two eerie views from the so-called TrueDepth camera. There's a wireframe representation of your face and a live read-out of 52 unique micro-movements in your eyelids, mouth and other features. Apps can store that data on their own computers.

To see for yourself, use an iPhone X to download an app called MeasureKit. It exposes the face data Apple makes available. The app's maker, Rinat Khanov, tells me he's already planning to add a feature that lets you export a model of your face so you can 3D print a mini-me. "Holy cow, why is this data available to any developer that just agrees to a bunch of contracts?" said Fatemeh Khatibloo, an analyst at Forrester Research.

"From years of covering tech, I've learned this much," the article concludes. "Given the opportunity to be creepy, someone will take it."
Medicine

Can Researchers Detect Irregular Heart Rhythms with the Apple Watch? (usatoday.com) 42

An anonymous reader quotes USA Today: Might wearing an Apple Watch save you from a stroke or cardio problem? Apple is careful not to make that direct claim. But the company, in collaboration with Stanford University School of Medicine, launched the Apple Heart Study app on Thursday that uses the heart rate sensor inside the Apple Watch to collect data on irregular heart rhythms... If an irregular heart rhythm is detected, participants in the study will be notified through the Apple Watch and on their iPhones. Should that occur, you'll be offered a free consultation with a study doctor, and possibly an electrocardiogram patch for additional monitoring...

A participant in the study merely has to download the app and wear the watch... The way Apple explains it, a sensor inside the watch uses green LED lights flashing hundreds of times per second and light-sensitive photodiodes to detect the amount of blood flowing through the wrist. The sensor has an optical design that gathers signals from four distinct points on the wrist. Using software algorithms, the Apple Watch can isolate heart rhythms from other noise, and identify an irregular heart rhythm.

The FDA has also approved the first personal electrocardiogram accessory for the Apple Watch, according to TechNewsWorld. "The KardiaBand" also detects and records atrial fibrillation that can lead to strokes or other heart problems. "The user simply touches an integrated sensor, and the results are then displayed on the face of the Apple Watch."

An irregular, bloodflow-disrupting heartbeat is the top cause of strokes, which kill 130,000 people every year just in the U.S. -- in many case before they've experienced any symptoms.
Businesses

Shouting 'Pay Your Taxes', Activists Occupy Apple Stores in France (marketwatch.com) 233

An anonymous reader quotes MarketWatch: A group of global activists stormed and occupied several Apple Stores in France on Saturday in a move aimed at pressuring the company to pay up on a €13 billion ($15.5 billion) tax bill to the European Union. In a press release, the France unit of the Association for the Taxation of Financial Transactions and Citizen's Action organization (Attac), said 100 of its members occupied the Opera Apple Store in Paris, demanding the company pay its taxes... Attac said dozens of protests were organized at other Apple store locations throughout France on Saturday. In the Paris store, activists were seen via videos circulating on Twitter, pushing past security and hanging a banner that said "We will stop when Apple pays." Security in Paris reportedly evacuated Apple workers from the building as those protests began.
After three hours they left the store -- leaving behind protest messages on the iPads on display. The group claims that Apple has stashed $230 billion in tax havens around the world, but also hopes to raise awareness about other issues.

"Attac said the action was part of the #PhoneRevolt movement aimed at highlighting unfair practices by Apple, that are not just about taxes, but also pollution via extraction of metals for its phones, worker exploitation and driving a global consumption binge."
Iphone

Every iPhone X Is Not Created Equal (pcmag.com) 74

According to a PC Magazine report that uses data from Cellular Insights, the Qualcomm-powered iPhone X has better LTE performance than the Intel-powered model. From the report: There are three iPhone X models sold globally. Using lab equipment, Cellular Insights tested two of them: the Qualcomm-powered A1865, sold by Sprint, Verizon, and U.S. Cellular and in Australia, China, and India; and the Intel-powered A1901, sold by most other global carriers including AT&T and T-Mobile. (The third model, A1902, is only sold in Japan.) Here in the U.S., we anticipate that the SIM-free model sold directly by Apple will be the A1865, as that's the model that supports all four U.S. carriers. For this test, Cellular Insights looked at performance on LTE Band 4, which is used by every major U.S. carrier except Sprint, as well as in Canada and parts of Latin America. Cellular Insights attenuated an LTE signal from a strong -85dBm until the modems showed no performance. While both modems started out with 195Mbps of download throughput on a 20MHz carrier, the Qualcomm difference appeared quickly, as the Intel modem dropped to 169Mbps at -87dBm. The Qualcomm modem took an additional -6dBm of attenuation to get to that speed. Most consumers will feel the difference in very weak signal conditions, where every dBm of signal matters, so we zoomed in on that in the chart below. At very weak signal strength, below -120dBm, the Qualcomm modem got speeds on average 67 percent faster than the Intel modem. The Intel modem finally died at -129dBm and the Qualcomm modem died at -130dBm, so we didn't find a lot of difference in when the modems finally gave out.
Desktops (Apple)

High Sierra Root Login Bug Was Mentioned on Apple's Support Forums Two Weeks Ago (daringfireball.net) 85

John Gruber, reporting for DaringFireball: It's natural to speculate how a bug as egregious as the now-fixed High Sierra root login bug could escape notice for so long. It seems to have been there ever since High Sierra 10.3.0 shipped on September 25, and may have existed in the betas through the summer. One explanation is that logging in with the username "root" and a blank password is so bizarre that it's the sort of thing no one would think to try. More insidious though, is the notion that it might not have escaped notice prior to its widespread publicization yesterday -- but that the people who had heretofore discovered it kept it to themselves. This exploit was in fact posted to Apple's own support forums on November 13. It's a bizarre thread. The thread started back on June 8 when a user ran into a problem after installing the WWDC developer beta of High Sierra.
Google

Google Faces Lawsuit For Gathering Personal Data From Millions of iPhone Users (betanews.com) 35

Mark Wilson writes: A group going by the name Google You Owe Us is taking Google to court in the UK, complaining that the company harvested personal data from 5.4 million iPhone users. The group is led by Richard Lloyd, director of consumer group Which?, and it alleges that Google bypassed privacy settings on iPhones between June 2011 and February 2012. The lawsuit seeks compensation for those affected by what is described as a "violation of trust." Google is accused of breaching UK data protection laws, and Lloyd says that this is "one of the biggest fights of my life." Even if the case is successful, the people represented by Google You Owe Us are not expected to receive more than a few hundred pounds each, and this is not an amount that would make much of an impact on Google's coffers.
Desktops (Apple)

Apple To Review Software Practices After Patching Serious Mac Bug (reuters.com) 192

Apple said on Wednesday it would review its software development process after scrambling to patch a serious bug it learned of on Tuesday in its macOS operating system for desktop and laptop computers. From a report: "We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused," Apple said in a statement. "Our customers deserve better. We are auditing our development processes to help prevent this from happening again."
Businesses

Apple Accuses Qualcomm of Patent Infringement in Countersuit (reuters.com) 34

From a report: Apple on Wednesday filed a countersuit against Qualcomm, alleging that Qualcomm's Snapdragon mobile phone chips that power a wide variety of Android-based devices infringe on Apple's patents, the latest development in a long-running dispute. Qualcomm in July accused Apple of infringing several patents related to helping mobile phones get better battery life. Apple has denied the claims that it violated Qualcomm's battery life patents and alleged that Qualcomm's patents were invalid, a common move in such cases. But on Wednesday, in a filing in U.S. District Court in San Diego, Apple revised its answer to Qualcomm's complaint with accusations of its own. Apple alleges it owns at least eight battery life patents that Qualcomm has violated.
Bug

MacOS High Sierra Bug Allows Login As Root With No Password (theregister.co.uk) 237

An anonymous reader quotes a report from The Register: A trivial-to-exploit flaw in macOS High Sierra, aka macOS 10.13, allows users to gain admin rights, or log in as root, without a password. The security bug is triggered via the authentication dialog box in Apple's operating system, which prompts you for an administrator's username and password when you need to do stuff like configure privacy and network settings. If you type in "root" as the username, leave the password box blank, hit "enter" and then click on unlock a few times, the prompt disappears and, congrats, you now have admin rights. You can do this from the user login screen. The vulnerability effectively allows someone with physical access to the machine to log in, cause extra mischief, install malware, and so on. You should not leave your vulnerable Mac unattended until you can fix the problem. And while obviously this situation is not the end of the world -- it's certainly far from a remote hole or a disk decryption technique -- it's just really, really sad to see megabucks Apple drop the ball like this. Developer Lemi Orhan Ergan was the first to alert the world to the flaw. The Register notes: "If you have a root account enabled and a password for it set, the black password trick will not work. So, keep the account enabled and set a root password right now..."

Slashdot Top Deals