Apple's latest iPhone software, iOS 13, is now available -- but on Tuesday, you'll already be able to download the first update, iOS 13.1. And you'll be able to revitalize your iPad with Apple's software created for its tablets. From a report: Apple may be best known for its hardware, but it's really the seamless integration of its devices with its software that's set it apart from rivals. The company's ability to control every aspect of its products -- something that began when Steve Jobs and Steve Wozniak founded Apple in 1976 -- has been key in making Apple the most powerful company in tech. The company's mobile software, iOS, gets revamped every year and launches when its latest phones hit the market. Starting Tuesday, you'll also be able to download the first update to the software, as well as the new iPadOS software tailored for Apple's tablets. iOS 13 brings a dedicated dark mode, a new swipe keyboard and a revamped Photos app (complete with video editing tools). iOS 13.1 will bring bug fixes and will let you share your ETA with friends and family members through Apple Maps. Siri shortcuts can be added to automations, and you can set up triggers to run any shortcut automatically.

A scam. A publicity stunt. Premature. These are just a few of the things Chinese developers are saying about the release of Huawei's supposed secret weapon: The Ark Compiler. From a report: Developers are even claiming the program feels incomplete. The reception has been so bad that one programmer told Abacus that he wondered whether it was released just for publicity. "Maybe they're doing it to help in the PR and trade war, adding leverage against the US," said Max Zhou, co-founder of app-enhancement company MetaApp and former head of engineering at Mobike. The Ark Compiler is a key component of Huawei's new operating system, HarmonyOS. The tool is meant to allow developers to quickly port their Android apps to the new OS, ideally helping to quickly bridge the gap of app availability. It is also said to be able to improve the efficiency of Android apps, making them as smooth as apps on iOS. As of right now, though, developers say promises are too good to be true.

Independent Security Evaluators (ISE) discovered a total of 125 different security vulnerabilities across 13 IoT devices, likely affecting millions of consumers. Help Net Security reports: In nearly all the devices (12 of the 13), ISE achieved its goal of obtaining remote root-level access. The table below shows the types of vulnerabilities that ISE identified in the targets. All 13 of the devices evaluated by ISE had at least one web application vulnerability such as cross-site scripting (XSS), operating system command injection (OS CMDi), or SQL injection (SQLi) that could be leveraged by an attacker to get remote access to the device's shell or gain access to the device's administrative panel. ISE obtained root shells on 12 of the devices, allowing complete control over the device.

Six of them can be remotely exploited without authentication: the Asustor AS-602T, Buffalo TeraStation TS5600D1206, TerraMaster F2-420, Drobo 5N2, Netgear Nighthawk R9000, and TOTOLINK A3002RU. "We found that many of these issues were trivial to exploit and should have been discovered even in a rudimentary vulnerability assessment," says ISE founder Stephen Bono. "This indicates that these manufacturers likely undergo no such assessment whatsoever, that the bug bounty programs they employ are ineffective, that vulnerability disclosures sent to them are not addressed, or more likely, all of the above."

An anonymous reader shares a report: Fedora 31 is due later this year, but first, there needs to be some beta testing. And so, today, Fedora 31 Beta is made available for download. Unfortunately, details surrounding version 31 are a bit sparse. With that said, one big change involves Fedora users with ARM 64-based single board computers, such as a Raspberry Pi. Those folks will get access to an additional desktop spin -- the lightweight Xfce. Workstation users will be treated to GNOME 3.34, but not the final version that was released recently. Don't worry -- when Fedora leaves beta status, and is officially released, you can be sure the stable GNOME 3.34 will be included. Remember, Fedora is one of the best ways to experience a vanilla GNOME desktop environment.

According to Abner Li from 9to5Google, Google is working on a new "Smart Screenshots" feature that integrates Google Lens abilities into the Google app's screenshot function. From the report: The Google app has long had an "Edit & share screenshots" ability where captures made within Search would reveal cropping and annotation tools. Meanwhile, Assistant has long maintained a "What's on my screen" capability that analyzes what you're currently viewing for search suggestions. Google app 10.61 reveals work on "Smart Screenshots" that combine those two features. Like before, a toolbar -- which interestingly uses a four-color light bar -- appears after you take a screenshot. A small preview is shown at the left with a pencil button overlaid. You can open the system share sheet, but the Google app also suggests a frequently used app.

The most interesting addition is Lens. "Exploring with Lens" could be intended as a "Screen search" replacement given that Lens is increasingly taking over visual lookup throughout first-party apps, like Chrome. After taking a capture, Smart Screenshots have an easy way to invoke Lens for search, OCR, and finding visually "similar items." The existing editing tools (Annotating, Cropping, and Sharing) will remain and this new functionality appears to even use the same settings toggle to enable. It's unclear if this functionality once live will again be limited to screenshots taken within Search, or if it will expand to be systemwide and invokable anywhere. A notification from the Google app could appear after capturing a screenshot.

New submitter JDShewey writes: The CentOS Project has announced that CentOS 8.0 will be available for download beginning Tuesday, September 24. This release was deferred so that work to release CentOS 7.7 could be completed, which means that CentOS 7.7 will be out shortly as well (and 7.7 it is already beginning to appear in mirrors and repos). This comes 20 weeks to the day from the release of Red Hat Enterprise Linux 8.

An anonymous reader quotes a report from Ars Technica: VW Group is now consolidating its software all under one new internal group, similar to the way that financial services or the ride-hailing Moia exist alongside individual vehicle brands. And that means in the future, a single unified automotive OS will run on everything from a VW Polo to an Audi A8. With thoughts of existing infotainment operating systems like Android, Automotive Grade Linux, or QNX, I asked Christian Senger, who is responsible for VW Group's Digital Car and Services division, to clarify. "What is an operating system in the automotive world? Today we have an extremely different setup if it's infotainment, if it's the chassis, the powertrain," Senger explained, and that has led to some odd critical dependencies in some cars. For instance, some models simply won't run if the infotainment system is broken; the navigation GPS provides the vehicle's master time counter, and without that, the powertrain won't function. "Whenever we exchange something, we have an impact on everything. What we are now doing with these so-called enabling functions is taking them out of customer functions, putting it in a middleware software layer. And this is what we call an operating system," he explained.

Eventually, that's going to mean a single software stack common across VW Group's vehicles -- everything from the instrument displays and the infotainment to powertrain and chassis management (think traction and stability control or advanced driver assistance systems), plus a common connected car infrastructure and cloud. However, each brand will still get to develop its own UX in the same way that Porsche and Audi can build very different-looking vehicles from the same MLB Evo toolbox. Senger also revealed that VW Group will be using Android for future versions of the MIB infotainment platform, in large part because of the robust third-party app ecosystem with that OS versus Linux. However, it will be a while yet before the full effects of this strategy are felt. Senger says that the as-yet unnamed organization should be fully staffed -- somewhere between 5,000 to 10,000 employees -- by 2025.

An anonymous reader shares a report: Manjaro may have lofty goals of becoming a successful company, but let's be honest -- users of the Linux-based operating system don't really care about that. Don't get me wrong, I am sure most members of the Linux community are rooting for the newly-formed company's success, but they are probably more interested in the excellent operating system itself. Today, Manjaro Linux 18.1.0 "Juhraya" finally becomes available for download, and it isn't without some controversy. You see, rather than just offer up LibreOffice like most distributions, Juhraya offers an alternative choice at installation -- FreeOffice.

"After six months of development, version 18.1 of Manjaro Linux is now available. Juhraya offers numerous improvements, especially with regard to Office productivity applications and package management. Another significant innovation in Manjaro 18.1 is the integrated support for FlatPak and Snap packages. For this purpose, the graphical package management tool 'bauh' (formerly known as 'fpakman' ) is now available to users," says Philip Muller, Manjaro developer.

Out of 937 flashlight apps on the Play Store, Avast Security Evangelist Luis Corrons found that the vast majority requested a large number of permissions, with the average being of 25 permissions per app. ZDNet reports: "There might be variables average users are not aware of and that are needed for these apps to work, but if 408 of the apps need just 10 permissions or less, which seems fairly reasonable, how come there are 262 apps that require 50 permissions or more," Corrons said in a report published this week. The Avast researcher said he found 77 flashlight apps that requested more than 50 permissions, which is about a third of the total number of permissions the Android OS supports. The champions were two apps that requested 77 permissions, followed by another three, which requested 76. But while Corrons said that some apps appeared to justify some of the permissions they asked for, these were only an exception to the rule.

In a paper published in Nature Medicine today, researchers led by ETH Zurich describe how they modified an off-the-shelf prosthetic leg with sensors and electrodes to give wearers a sense of knee movement and feedback from the sole of the foot on the ground. Engadget reports: The researchers worked with two patients with above-the-knee, or transfemoral, amputations. They used an Ossur prosthetic leg, which comes with a microprocessor and an angle sensor in the knee joint, IEEE Spectrum explains. The team then added an insole with seven sensors to the foot. Those sensors transmit signals in real-time, via Bluetooth to a controller strapped to the user's ankle. An algorithm in the controller encodes the feedback into neural signals and delivers that to a small implant in the patient's tibial nerve, at the back of the thigh. The brain can then interpret those signals as feedback from the knee and foot.

The modified prosthetic helped the users walk faster, feel more confident and consume less oxygen -- an indication that it was less strenuous than traditional prosthesis. The team also tested activating the tibial nerve implant to relieve phantom limb pain. Both patients saw a significant reduction in pain after a few minutes of electrical stimulation, but they had to be connected to a device in a lab to receive the treatment. With more testing, the researchers hope they might be able to bring these technologies to more amputees and make both available outside of the lab.

Longtime Slashdot reader Merovech shares a report from ZDNet: Thousands of web servers have been infected and had their files encrypted by a new strain of ransomware named Lilocked (or Lilu). Infections have been happening since mid-July, and have intensified in the past two weeks, ZDNet has learned. Based on current evidence, the Lilocked ransomware appears to target Linux-based systems only. The way the Lilocked gang breaches servers and encrypts their content is currently unknown. A thread on a Russian-speaking forum puts forward the theory that crooks might be targeting systems running outdated Exim (email) software. It also mentions that the ransomware managed to get root access to servers by unknown means.

Lilocked doesn't encrypt system files, but only a small subset of file extensions, such as HTML, SHTML, JS, CSS, PHP, INI, and various image file formats. This means infected servers continue to run normally. According to French security researcher Benkow, Lilocked has encrypted more than 6,700 servers, many of which have been indexed and cached in Google search results. However, the number of victims is suspected to be much much higher. Not all Linux systems run web servers, and there are many other infected systems that haven't been indexed in Google search results. Why it should scare you:
- affects Linux servers
- so far the vector of infection / vulnerability is unknown
- you can craft a Google search to watch it spread!

An anonymous reader quotes 9to5Google: Like it or not, Chromebooks do have something of an expiration date when you purchase them, namely that one day they'll stop receiving updates. Thankfully, that date is typically over five years after the Chromebook's original release. For some, however, Chrome OS has been wrongly indicating this week that their Chromebook has received its "final update" many years too early.

Just like the Chrome browser on desktop and Android, Chrome OS has four different update "channels" -- Stable, Beta, Dev, and Canary. Each one of these after Stable trades a level of stability for more rapid updates, with Canary receiving highly unstable updates almost every day. People who are bold enough to put their Chromebook on Dev or Canary have been facing an interesting new issue for the past few days. Upon restarting their device, Chrome OS immediately displays a notification warning that "this is the last automatic software and security update for this Chromebook." Of course, if you're seeing this message this week, there's a decent chance that this is not actually the case.

Instead, these final update warnings are caused by a bug in the most recent versions of Chrome OS.

An anonymous reader quotes a report from Ars Technica: For months, security practitioners have worried about the public release of attack code exploiting BlueKeep, the critical vulnerability in older versions of Microsoft Windows that's "wormable," meaning it can spread from computer to computer the way the WannaCry worm did two years ago. On Friday, that dreaded day arrived when the Metasploit framework -- an open source tool used by white hat and black hat hackers alike -- released just such an exploit into the wild. The module, which was published as a work in progress on Github, doesn't yet have the polish and reliability of the EternalBlue exploit that was developed by the NSA and later used in WannaCry. For instance, if the people using the new module specify the wrong version of Windows they want to attack, they'll likely wind up with a blue-screen crash. Getting the exploit to work on server machines also requires a change to default settings in the form of a registry modification that turns on audio sharing.

The latest flaw, which is indexed as CVE-2019-0708 but is better known by the name BlueKeep, resides in earlier versions of the Remote Desktop Services, which help provide a graphical interface for connecting to Windows computers over the Internet. It affects Windows 2003 and XP, Vista 7, Server 2008 R2, and Server 2008. When Microsoft patched the vulnerability in May, it warned that computers that failed to install the fix could suffer a similar fate if reliable attack code ever becomes available. The reason: like the flaw that EternalBlue exploited, BlueKeep allowed for self-replicating attacks. Like a falling line of dominoes, a single exploit could spread from vulnerable machine to vulnerable machine with no interaction required of end users. "The release of this exploit is a big deal because it will put a reliable exploit in the hands of both security professionals and malicious actors," Ryan Hanson, principal research consultant at Atredis Partners and a developer who helped work on the release, told Ars. "I'm hoping the exploit will be primarily used by offensive teams to demonstrate the importance of security patches, but we will likely see criminal groups modifying it to deliver ransomware as well."

A change Apple is making to improve privacy in an upcoming version of its iPhone operating system has alarmed an unlikely group of software makers: developers of privacy-focused encrypted messaging apps. The Information (paywalled): They warn the change, which is already available in public test versions of iOS 13, could end up undermining the privacy goals that prompted it in the first place. The Information previously reported that the technical change Apple is making to its next operating systems, iOS 13, has sparked concern at Facebook, which believes it will have to make significant modifications to encrypted messaging apps like Facebook Messenger and WhatsApp to comply. But a much wider group of developers of encrypted messaging apps -- including Signal, Wickr, Threema and Wire -- is scrambling to overhaul their software so that key privacy features continue to work. Apple told The Information on Wednesday in a statement that it is working with the developers to resolve their concerns. "We've heard feedback on the API changes introduced in iOS 13 to further protect user privacy and are working closely with iOS developers to help them implement their feature requests," an Apple spokesperson said.

dryriver writes: The Amiga was a remarkable machine at the time it was released -- 1985. It had a multitasking capable GUI-driven OS and a mouse. It had a number of cleverly designed custom chips that gave the Amiga amazing graphics and sound capabilities far beyond the typical IBM/DOS PCs of its time. The Amiga was the multimedia beast of its time -- you could create animated and still 2D or 3D graphics on it, compose sophisticated electronic music, develop 2D or 3D 16-Bit games, edit and process digital video (using Video Toaster), and of course, play some amazing games. And after the Amiga -- as well as the Atari ST, Archimedes and so on -- died, everybody pretty much had to migrate to either the PC or Mac platforms. If Commodore and the Amiga had survived and thrived, there might have been four major desktop platforms in use today: Windows, OSX, AmigaOS and Linux. And who knows what the custom chips (ASICs? FPGAs?) of an Amiga in 2019 might have been capable of -- Amiga could possibly have been the platform that makes nearly life-like games and VR/AR a reality, and given Nvidia and AMD's GPUs a run for their money.

What do you think the computing landscape in 2019 would have looked like if the Amiga and AmigaOS as a platform had survived? Would Macs be as popular with digital content creators as they are today? Would AAA games target Windows 7/8/10 by default or tilt more towards the Amiga? Could there have been an Amiga hardware-based game console? Might AmigaOS and Linux have had a symbiotic existence of sorts, with AmigOS co-existing with Linux on many enthusiast's Amigas, or even becoming compatible with each other over time?

An anonymous reader quotes a report from Ars Technica: Android 10 is finally finished! The next big Android update, which we've been examining for most of the year as the "Android Q Beta," starts rolling out to devices today. As usual, Android 10 is arriving on Pixel phones first (even the three-year-old Pixel 1), and Google says it is "working with a number of partners to launch or upgrade devices to Android 10 this year." Google has introduced a new branding strategy for Android, by the way, so there's no "Q" snack name with this release. In 2019, it's just "Android 10." Android 10 brings a number of changes to the world's most popular mobile operating system.

First up, devices are getting "fully gestural" navigation, which lets you navigate around the phone with swipe gestures. Just like the implementation on the iPhone X, gesture navigation removed the need for a dedicated space for navigation buttons, allowing for more space for app content. There's finally full support for a dark theme, which will turn the entire system UI and any supported apps from the usual black text on a white background to white text on a black background. (That option significantly reduces the amount of light a phone puts out and saves battery life on OLED displays.) Google has also promised dark mode support for "all" of the Google apps in time for Android 10's launch, so we should be seeing updates to Gmail, Google Play, Google Maps, and a million other Google apps sometime soon. Other features of Android 10 include a faster share sheet, a "bubbles" API for floating apps, 230 new emoji, improved security and privacy options, and smarter notification panel.

PatentlyApple has spotted several patents that suggest Apple is playing with the idea of making the Apple Watch's band identify users via their wrist's skin texture and arm hair. TechCrunch reports: The first patent describes a sensor built into the Watch or the watch's band that could use infrared to build a thermal image of your wrist and its identifying traits (like skin texture/arm hair) to identify who is wearing it -- sort of like a fingerprint, but from your wrist. Unlike most of Apple's other devices, the Apple Watch doesn't currently have any sort of built-in biometrics for unlocking -- there's no thumbprint sensor for Touch ID, or camera for Face ID. Unlocking your Apple Watch means poking at the screen to punch in a PIN (or, if you've configured it to unlock when you unlock your phone, doing that). A sensor setup like this could make the unlocking process automatic without the need to unlock your phone.

The second granted patent describes a Watch band that can adjust itself on the fly -- think Nike's self-tightening shoes, but on your wrist. If the Watch detects that it's sliding while you're running (or if the aforementioned thermal sensors need a closer look at your wrist skin) tensioners in the device could tighten or loosen the band on command. Finally, a third granted patent tinkers with the idea of a Watch band with built-in light-up indicators -- like, say, a notification light for incoming texts, or a meter that fills up to tell you at-a-glance how much distance you've got left on your run, or a stripe that glows yellow when you've got something on your calendar in the next hour. All of this can already be done on the Watch's screen, of course -- this would just allow for it without having to power up the entire display.

Huawei's next flagship smartphone will not come with Google's popular apps, such as Maps, YouTube, and Drive. The BBC reports: Google confirmed that due to a U.S. government ban on sales to Huawei, it could not license its apps to the Chinese smartphone giant. It also means the next Huawei phone will not have access to the Google Play app store, which could leave customers without access to other popular apps. The U.S. government restricted American companies from selling products and services to Huawei in May, citing national security concerns, which Huawei rejects.

Huawei is just weeks away from launching its next flagship phone, the Mate 30 Pro. It will be Huawei's first major phone launch since the U.S. restrictions were applied in May. But analysts say launching without Google's apps in Europe will be a major blow. Consumers expect to have access to all the major apps they are used to - including Maps and YouTube. Without them, Huawei's phones will seem a lot less appealing. And losing the Play Store means Huawei will need to provide another way for customers to access other popular apps such as Facebook, Twitter and BBC News. Huawei said in a statement: "Huawei will continue to use the Android OS and ecosystem if the U.S. government allows us to do so. Otherwise, we will continue to develop our own operating system and ecosystem."

Tom's Guide notes that consumers can still download apps from APK repositories like APKmirror.com. "While this is certainly a nuisance, it's far from crippling."

An anonymous reader quotes a report from The Verge: Microsoft is planning to redesign the tablet experience for Windows 10. The software giant has started testing a new design for 2-in-1 convertible PCs that will keep the user interface more similar to the existing desktop design. Currently, Windows 10 throws you into a more tablet-optimized UI that removes task bar icons and puts the Start menu full-screen when a device automatically switches into "tablet mode." Microsoft is now walking back some of those changes, while keeping some touch-optimized elements for 2-in-1 PCs.

In the new tablet experience, the desktop will remain in full view, with the task bar icons visible and increased spacing between them. If enabled, the search box will collapse into an icon, and the touch keyboard will appear when you tap on a text field. File Explorer will also switch to a touch-optimized layout. Microsoft is testing this with Windows Insiders and has marked the design as beta, suggesting it will change and be shaped by feedback. Still, it's hard not to see this as Microsoft walking back from a dedicated tablet experience in Windows 10. These new changes will trigger automatically when you remove a keyboard from a device like a Surface Pro, and Microsoft has confirmed that a dedicated "tablet mode" will remain but you'll have to enable it manually. Microsoft is also testing a cloud download option to reset and restore Windows 10 PCs. "[I]t will allow Windows users to quickly reinstall the OS without needing it to be installed on the local disk or having a recovery USB drive," reports The Verge.

China's Huawei has begun talks with Russia about installing Russian operating system (OS) Aurora on 360,000 of its tablets to conduct Russia's population census next year, Reuters reported Monday, citing two sources. From the report: Huawei has been seeking alternative operating systems to Google's Android OS after Washington put the world's second-largest smartphone maker on a so-called Entity List that threatens to cut off its access to the essential U.S. components and technology. "This is a pilot project. We see it as the first stage of launching the Russian OS on Huawei devices," the first source told Reuters. Huawei is in talks with the Russian Ministry of Communications, a spokeswoman for Huawei said, but did not provide any other details. Last week, Huawei said the U.S. trade restrictions could cut its smartphone unit's revenue by about $10 billion this year. Russia is discussing the use of Aurora OS on 360,000 Huawei tablets by August 2020.