"Here's how Apple's next major product will work," writes Bloomberg's Mark Gurman: The company has been developing a smart home command center that will rival products like the Amazon Echo Hub and Google Nest Hub... The product will run many of Apple's core apps, like Safari, Notes and Calendar, but the interface will be centered on a customizable home screen with iOS-like widgets and smart home controls... The device looks like a low-end iPad and will include a built-in battery, speakers and a FaceTime camera oriented for a horizontal landscape view. The square device, which includes a roughly 6-inch screen, has sensors that let it change the interface depending on how far a user is from the screen. It will also have attachments for walls, plus a base with additional speakers so it can be placed on a table, nightstand or desk.

Apple envisions customers using the device as an intercom, with people FaceTiming each other from different rooms. They'll also be able to pull up home security footage, control their lights, and videoconference with family while cooking in the kitchen. And it will control music throughout the home on HomePod speakers. The device will work with hundreds of HomeKit-compatible items, a lineup that includes third-party switches, lights, fans and other accessories. But the company doesn't plan to roll out a dedicated app store for the product. Given the lack of success with app marketplaces for the Vision Pro, Apple Watch and Apple TV, that's not too surprising.
Looking ahead, the article concludes "The success of this device is still far from assured. Apple's recent track record pushing into new categories has been spotty, and its previous home products haven't been major hits."

But Gurman shares the most interesting part on X.com: If the product does catch on, it will help set the stage for more home devices. Apple is working on a high-end AI companion with a [$1,000] robotic arm and large display that could serve as a follow-up. The company could also put more resources into developing mobile robots, privacy-focused home cameras and speakers. It may even revisit the idea of making an Apple-branded TV set, something it's evaluating. But if the first device fails, Apple may have to rethink its smart home ambitions once again.
Gurman also writes that Apple is also working on a new AirTag with more range and improved privacy features (including "making it more difficult for someone to remove the speaker.")

Google appears to be working on an email-forwarding alias system, according to the blog Android Authority, giving users a new way to "shield" their main email address.

The site performed a teardown on the newest Google Play Services' APK looking for work-in-progress code , and spotted "a whole boatload of strings referencing and in support of something called 'Shielded Email'." Just from that text, we're able to infer quite a lot about what we're looking at here, and it appears that Shielded Email consists of a system to create single-use or limited-use email aliases that will forward messages along to your primary account. And while we could imagine that something like this might be pretty useful in Chrome, here it looks like Google is building it specifically to address apps that ask for your email address. The messages in there touch on a couple reasons beyond spam that you might want to keep your main email private, like reducing the extent to which your online activities can be tracked, and mitigating your personal risk from potential future data breaches.
They also sighted a reference to "Shielded Email" in the Autofill settings menu — though their article acknowledges that even features hinted at by work-in-progress code may not ultimately make it into a public release.

But Forbes suggests that the idea sounds similar to Apple's Hide My Email service, which "provides an automated random email address creator to help keep your personal email address private when subscribing to services."

An anonymous reader quotes a report from TechCrunch: U.K. consumer rights group 'Which?' is filing a legal claim against Apple under competition law on behalf of some 40 million users of iCloud, its cloud storage service. The collective proceeding lawsuit, which is seeking 3 billion pounds in compensation damages (around $3.8 billion at current exchange rates), alleges that Apple has broken competition rules by giving its own cloud storage service preferential treatment and effectively locking people into paying for iCloud at "rip-off" prices. "iOS has a monopoly and is in control of Apple's operating systems and it is incumbent on Apple not to use that dominance to gain an unfair advantage in related markets, like the cloud storage market. But that is exactly what has happened," Which wrote in a press release announcing filing the claim with the U.K.'s Competition Appeal Tribunal (CAT).

The lawsuit accuses Apple of encouraging users of its devices to sign up to iCloud for photo storage and other data storage needs, while simultaneously making it difficult for consumers to use alternative storage providers -- including by not allowing them to store or back-up all of their phone's data with a third-party provider. "iOS users then have to pay for the service once photos, notes, messages and other data go over the free 5GB limit," Which noted. The suit also accuses Apple of overcharging U.K. consumers for iCloud subscriptions owing to the lack of competition. "Apple raised the price of iCloud for UK consumers by between 20% and 29% across its storage tiers in 2023," it wrote, saying it's seeking damages for all affected Apple customers -- and estimating that individual consumers could be owed an average of 70 pounds (around $90), depending on how long they've been paying Apple for iCloud services. "Anyone who has 'obtained' iCloud services, including non-paying users, over the nine-year timeframe since the Consumer Rights Act came into force on October 1st, 2015," will be included in the claim. U.K.-based consumers will have to opt-out if they do not want to be included. "Consumers who live outside the U.K. and believe they are eligible to be included must actively opt-in to join the action," adds TechCrunch.

Bluesky has reached 15 million users, driven by a recent surge in U.S. signups following the presidential election. It's currently the top free app on iOS. The Verge reports: The platform, which rests on the decentralized AT Protocol, added about a million new users in the last week. Bluesky COO Rose Wang recently told The Verge that the "majority" of new users flocking to the platform have been from the US. Meta's Threads is still outpacing Bluesky, having recently hit 275 million monthly users and growing at a rate of over a million signups per day. But Bluesky offers a very different experience. Both are ad-free (for now), but whereas Threads uses a single Meta-made algorithmic feed, Bluesky offers user-created algorithmic feeds in addition to its "Discover" and "Popular With Friends" ones.

With iOS 18.2, Apple will allow you to share the location of a lost AirTag with other people and with more than 15 different airlines. The Verge reports: When using the feature, you can generate a Share Item Location link within the Find My app on an iPhone, iPad, or Mac. Once you share the link with someone, they can click on it to view an interactive map with the location of your lost item. Apple will update the website automatically when the lost item moves, and it will also display a timestamp when it moved last. Apple will turn off the feature once you find your lost item. You can also manually stop sharing the location of an AirTag at any time, or the link will "automatically expire after seven days." [...]

As part of the rollout, Apple is partnering with over 15 airlines, including Delta, United, Virgin Atlantic, Lufthansa, Air Canada, and more. All of these airlines will be able to "privately and securely" accept links to lost items, as "access to each link will be limited to a small number of people, and recipients will be required to authenticate in order to view the link through either their Apple Account or partner email address." This feature will be available to airlines in the "coming months." Additionally, SITA, a baggage tracing solution, will also implement Share Item Location into its luggage tracker.

On its 20th anniversary, Firefox "is still going strong, and it is a better browser today than it ever was," according to TechCrunch.

In an interview, Mozilla's interim CEO says one of the first things they did when was to "unlock a bunch of money towards Firefox product development... I've been in enough places where people tend to forget about the core business, and they stop investing in it, because they get distracted by shiny things — and then they regret it." "Firefox is incredibly important, and it is our core. We've actually put more investment into it this year and into connecting with our communities, into bringing out and testing features that are positive and creating good experiences for folks. That's been a huge priority for me and for the company this year, and it's showing up in the results."

She acknowledged that Mozilla doesn't have the device distribution that benefits many of Firefox's competitors, especially on mobile, but she did note that the Digital Marks Act (DMA) in Europe — which means Apple, for example, has to provide a browser choice screen on iOS — is working. "With the DMA, even though the implementation hasn't been outstanding, we're seeing a real shift. When people have the choice to choose Firefox, they're choosing Firefox," she said...

To kick-start some of this growth, Mozilla is looking at reaching new, and younger, users. Chambers noted that Mozilla is running a number of marketing campaigns to make people aware of Firefox, especially those who are only now starting to make their first browser choices. With them, she believes, Mozilla's messaging around privacy lands especially well.
In a future where browsers include AI agents that take actions on behalf of users, there might be more confidence in a browser designed for privacy and transparency, the interim CEO points out — as part of their larger mission. "What I love about Firefox is that it really provides users with an alternative choice of a browser that is just genuinely designed for them.

"We have, from its very inception and throughout, really wanted to create a browser that prioritizes people over profit, prioritizes privacy over anything else, and to have that option, the choice."

Law enforcement officers are warning other officials and forensic experts that iPhones which have been stored securely for forensic examination are somehow rebooting themselves, returning the devices to a state that makes them much harder to unlock, 404 Media is reporting, citing a law enforcement document it obtained. From the report: The exact reason for the reboots is unclear, but the document authors, who appear to be law enforcement officials in Detroit, Michigan, hypothesize that Apple may have introduced a new security feature in iOS 18 that tells nearby iPhones to reboot if they have been disconnected from a cellular network for some time. After being rebooted, iPhones are generally more secure against tools that aim to crack the password of and take data from the phone.

"The purpose of this notice is to spread awareness of a situation involving iPhones, which is causing iPhone devices to reboot in a short amount of time (observations are possibly within 24 hours) when removed from a cellular network," the document reads. Apple did not provide a response on whether it introduced such an update in time for publication.

Apple released the first beta of visionOS 2.2, introducing new "Wide" and "Ultrawide" modes for the Mac Virtual Display feature on the Vision Pro headset. MacRumors reports: Apple has previously said the ultra-wide version of Mac Virtual Display is equivalent to having two physical 4K displays sitting side by side on a desk. Mac Virtual Display is now available in three sizes: Normal, Wide, and Ultrawide. visionOS 2.2 will likely be released to the public in December alongside iOS 18.2, iPadOS 18.2, macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, and other updates. Further reading: Apple Delays Cut-price Vision Headset Until 2027, Analyst Ming-Chi Kuo Says

Apple has reached an agreement to acquire Pixelmator, the maker of popular photo and image editing apps Pixelmator Pro, Pixelmator for iOS, and Photomator. Financial terms of the deal wasn't disclosed.

Nintendo has announced a mobile app called Nintendo Music, which lets users listen to classic video game soundtracks from Nintendo games spanning the last few decades, including Splatoon, Animal Crossing, and The Legend of Zelda. According to The Verge, the app is available on iOS and Android but only Switch Online subscribers will be able to stream the tunes. From the report: The app features curated playlists themed around games, moments, moods, or characters, though you can also build your own. It also supports streaming as well as downloading tracks for offline listening. Curiously, it includes a spoiler feature that lets you filter out tracks that, somehow, might spoil a game you haven't played or finished yet. And if you just want some Hyrule white noise, the app also lets you "loop songs or extend select tracks to 15, 30, or 60 minutes for uninterrupted listening." Here's a list of all the regions the app will be available in.

An anonymous reader quotes a report from The Verge: Apple's AI features are finally starting to appear. Apple Intelligence is launching today on the iPhone, iPad, and Mac, offering features like generative AI-powered writing tools, notification summaries, and a cleanup tool to take distractions out of photos. It's Apple's first official step into the AI era, but it'll be far from its last. Apple Intelligence has been available in developer and public beta builds of Apple's operating systems for the past few months, but today marks the first time it'll be available in the full public OS releases. Even so, the features will still be marked as "beta," and Apple Intelligence will very much remain a work in progress. (You'll have to get on a waitlist to try Apple Intelligence, too.) Siri gets a new look, but its most consequential new features -- like the ability to take action in apps -- probably won't arrive until well into 2025.

In the meantime, Apple has released a very "AI starter kit" set of features. "Writing Tools" will help you summarize notes, change the tone of your messages to make them friendlier or more professional, and turn a wall of text into a list or table. You'll see AI summaries in notifications and emails, along with a new focus mode that aims to filter out unimportant alerts. The updated Siri is signified by a glowing border around the screen, and it now allows for text input by double-tapping the bottom of the screen. It's helpful stuff, but we've seen a lot of this before, and it'll hardly represent a seismic shift in how you use your iPhone. Apple says that more Apple Intelligence features will arrive in December. [...] Availability will expand in December to Australia, Canada, Ireland, New Zealand, South Africa, and the UK, with additional languages coming in April. Despite Apple's previous claim that Apple Intelligence wouldn't be available in the European Union due to the Digital Markets Act, the features will, in fact, be coming to Europe in April of next year.

Further reading: Apple Updates the iMac With M4 Chip

Apple's latest iOS update has removed the "C" button from its Calculator app, replacing it with a backspace function. The change, part of iOS 18, has sparked debate among users accustomed to the traditional clear function. The removal of the "C" button represents a significant departure from decades-old calculator design conventions, The Atlantic writes. From the story: The "C" button's function is vestigial. Back when calculators were commercialized, starting in the mid-1960s, their electronics were designed to operate as efficiently as possible. If you opened up a desktop calculator in 1967, you might have found a dozen individual circuit boards to run and display its four basic mathematical functions. Among these would have been an input buffer or temporary register that could store an input value for calculation and display. The "C" button, which was sometimes labeled "CE" (Clear Entry) or "CI" (Clear Input), provided a direct interface to zero out -- or "clear" -- such a register. A second button, "AC" (All Clear), did the same thing, but for other parts of the circuit, including previously stored operations and pending calculations. (A traditional calculator's memory buttons -- "M+," "M-," "MC" -- would perform simple operations on a register.)

By 1971, Mostech and Texas Instruments had developed a "calculator on a chip," which condensed all of that into a single integrated circuit. Those chips retained the functions of their predecessors, including the ones that were engaged by "C" and "AC" buttons. And this design continued on into the era of pocket calculators, financial calculators, and even scientific calculators such as the ones you may have used in school. Some of the latter were, in essence, programmable pocket computers themselves, and they could have been configured with a backspace key. They were not.

The FIDO Alliance is developing new specifications to enable secure transfer of passkeys between different password managers and platforms. Announced this week, the initiative is the result of collaboration among members of the FIDO Alliance's Credential Provider Special Interest Group, including Apple, Google, Microsoft, 1Password, Bitwarden, Dashlane, and others. From a report: Passkeys are an industry standard developed by the FIDO Alliance and the World Wide Web Consortium, and were integrated into Apple's ecosystem with iOS 16, iPadOS 16.1, and macOS Ventura. They offer a more secure and convenient alternative to traditional passwords, allowing users to sign in to apps and websites in the same way they unlock their devices: With a fingerprint, a face scan, or a passcode.

Passkeys are also resistant to online attacks like phishing, making them more secure than things like SMS one-time codes. The draft specifications, called Credential Exchange Protocol (CXP) and Credential Exchange Format (CXF), will standardize the secure transfer of credentials across different providers. This addresses a current limitation where passkeys are often tied to specific ecosystems or password managers. Further reading: Passwords Have Problems, But Passkeys have more.

An anonymous reader quotes a report from Ars Technica: On Wednesday, NYC-based software developer Nick Spreen received a surprising alert on his iPhone 15 Pro, delivered through an early test version of Apple's upcoming Apple Intelligence text message summary feature. "No longer in a relationship; wants belongings from the apartment," the AI-penned message reads, summing up the content of several separate breakup texts from his girlfriend -- that arrived on his birthday, no less. Spreen shared a screenshot of the AI-generated message in a now-viral tweet on the X social network, writing, "for anyone who's wondered what an apple intelligence summary of a breakup text looks like." Spreen told Ars Technica that the screenshot does not show his ex-girlfriend's full real name, just a nickname.

This summary feature of Apple Intelligence, announced by the iPhone maker in June, isn't expected to fully ship until an iOS 18.1 update in the fall. However, it has been available in a public beta test of iOS 18 since July, which is what Spreen is running on his iPhone. It works akin to something like a stripped-down ChatGPT, reading your incoming text messages and delivering its own simplified version of their content. On X, Spreen replied to skepticism over whether the message was real in a follow-up post. "Yes this was real / yes it happened yesterday / yes it was my birthday," Spreen wrote. In response to a question about it being a fair summary of his girlfriend's messages, he wrote, "it is."

We reached out to Spreen directly via email and he delivered his own summary of his girlfriend's messages. "It was something along the lines of i can't believe you just did that, we're done, i want my stuff. we had an argument in a bar and I got up and left, then she sent the text," he wrote. How did he feel about getting the news via AI summary? "I do feel like it added a level of distance to it that wasn't a bad thing," he told Ars Technica. "Maybe a bit like a personal assistant who stays professional and has your back even in the most awful situations, but yeah, more than anything it felt unreal and dystopian."

"Pig Butchering Alert: Fraudulent Trading App targeted iOS and Android users."

That's the title of a new report released this week by cybersecurity company Group-IB revealing the official Apple App Store and Google Play store offered apps that were actually one part of a larger fraud campaign. "To complete the scam, the victim is asked to fund their account... After a few seemingly successful trades, the victim is persuaded to invest more and more money. The account balance appears to grow rapidly. However, when the victim attempts to withdraw funds, they are unable to do so."

Forbes reports: Group-IB determined that the frauds would begin with a period of social engineering reconnaissance and entrapment, during which the trust of the potential victim was gained through either a dating app, social media app or even a cold call. The attackers spent weeks on each target. Only when this "fattening up" process had reached a certain point would the fraudsters make their next move: recommending they download the trading app from the official App Store concerned.

When it comes to the iOS app, which is the one that the report focussed on, Group-IB researchers said that the app remained on the App Store for several weeks before being removed, at which point the fraudsters switched to phishing websites to distribute both iOS and Android apps. The use of official app stores, albeit only fleetingly as Apple and Google removed the fake apps in due course, bestowed a sense of authenticity to the operation as people put trust in both the Apple and Google ecosystems to protect them from potentially dangerous apps.
"The use of web-based applications further conceals the malicious activity," according to the researchers, "and makes detection more difficult." [A]fter the download is complete, the application cannot be launched immediately. The victim is then instructed by the cybercriminals to manually trust the Enterprise developer profile. Once this step is completed, the fraudulent application becomes operational... Once a user registers with the fraudulent application, they are tricked into completing several steps. First, they are asked to upload identification documents, such as an ID card or passport. Next, the user is asked to provide personal information, followed by job-related details...

The first discovered application, distributed through the Apple App Store, functions as a downloader, merely retrieving and displaying a web-app URL. In contrast, the second application, downloaded from phishing websites, already contains the web-app within its assets. We believe this approach was deliberate, since the first app was available in the official store, and the cybercriminals likely sought to minimise the risk of detection. As previously noted, the app posed as a tool for mathematical formulas, and including personal trading accounts within an iOS app would have raised immediate suspicion.
The app (which only runs on mobile phones) first launches a fake activity with formulas and graphics, according to the researchers. "We assume that this condition must bypass Apple's checks before being published to the store. As we can see, this simple trick allows cybercriminals to upload their fraudulent application to the Apple Store." They argue their research "reinforces the need for continued review of app store submissions to prevent such scams from reaching unsuspecting victims". But it also highlights "the importance of vigilance and end-user education, even when dealing with seemingly trustworthy apps..."

"Our investigation began with an analysis of Android applications at the request of our client. The client reported that a user had been tricked into installing the application as part of a stock investment scam. During our research, we uncovered a list of similar fraudulent applications, one of which was available on the Google Play Store. These apps were designed to display stock-related news and articles, giving them a false sense of legitimacy."

Apple just fixed a duo of security bugs in iOS 18.0.1 and iPadOS 18.0.1, one of which might cause users' saved passwords to be read aloud. It's hardly an ideal situation for the visually impaired. From a report: For those who rely on the accessibility features baked into their iGadgets, namely Apple's VoiceOver screen reader, now is a good time to apply the latest update. In typical Apple fashion, the company hasn't released much in the way of details about the first security issue, tracked as CVE-2024-44204, which makes it tougher to understand the conditions under which this vulnerability could be triggered, or how to avoid it until the update is applied. What we do know is that it was characterized as a logic issue, which Apple rectified by improving validation. The disclosure of the bug comes less than a month after iOS 18 and iPadOS 18 debuted. Ironically, this release included Apple's first native password manager, the Passwords app.

Apple's iOS 18 update has introduced changes to contact sharing that could significantly impact social app developers. The new feature allows users to selectively share contacts with apps, rather than granting access to their entire address book. While Apple touts this as a privacy enhancement, developers warn it may hinder the growth of new social platforms. Nikita Bier, a start-up founder, called it "the end of the world" for friend-based social apps. Critics argue the change doesn't apply to Apple's own services, potentially giving the tech giant an unfair advantage.

Nintendo has convinced Ryujinx's lead developer to shut down the project. According to The Verge, the Switch emulator's download page is empty and its GitHub is gone. The Verge reports: "Yesterday, gdkchan was contacted by Nintendo and offered an agreement to stop working on the project, remove the organization and all related assets he's in control of," writes developer and moderator ripinperiperi on Discord. "While awaiting confirmation on whether he would take this agreement, the organization has been removed, so I think it's safe to say what the outcome is." The rest of ripinperiperi's message is a eulogy for the project, including a pair of videos showing the Ryujinx team's progress on iOS and Android ports of the Nintendo Switch emulator, among other core changes -- ones that will now presumably never ship.

Nintendo would not confirm or deny to The Verge that it made a deal with the developer. Instead, Nintendo spokesperson Eddie Garcia mysteriously pointed me to the Entertainment Software Association's head of public affairs Aubrey Quinn -- who said she couldn't speak on behalf of Nintendo.

Epic Games filed a new antitrust lawsuit against Google and Samsung, alleging they conspired to undermine third-party app stores. The suit focuses on Samsung's "Auto Blocker" feature, now enabled by default on new phones, which restricts app installations to "authorized sources" - primarily Google and Samsung's stores.

Epic claims Auto Blocker creates significant barriers for rival stores, requiring users to navigate a complex process to install third-party apps. The company argues this feature does not actually assess app safety, but is designed to stifle competition. Epic CEO Tim Sweeney stated the lawsuit aims to benefit all developers, not secure special privileges for Epic. The company seeks either default deactivation of Auto Blocker or creation of a fair whitelisting process for legitimate apps. This legal action follows Epic's December victory against Google in a separate antitrust case. Epic recently launched its own mobile app store, which it claims faces unfair obstacles due to Auto Blocker.

Apple has pulled 60 VPNs from its App Store in Russia, according to research from anti-censorship org GreatFire. From a report: The iThing-maker's action comes amid a Kremlin crackdown on VPNs that has already seen a ban on privacy-related extensions to the open source Firefox browser. The software's developer, Mozilla, defied that ban and allowed the extensions back into its web store. In July, Apple removed at least one VPN from its Russian App Store. Cupertino removed at least 60 more between early July and September 18, according to research by GreatFire posted to its site that tracks Apple censorship. The org's research asserts that 98 VPNs are now unavailable in Russia -- but doesn't specify if the removals were made in the iOS or macOS app stores.