Android L will have built-in encryption, just like iOS

Digital Trends reported on built-in encryption for Andriod L.

The next major version of Android is going to come with one feature that will please the security-conscious: built-in encryption. It means anyone who grabs hold of your mobile device—from petty thief to law enforcement officer—will find it much more difficult to extract data from it. The same level of advanced encryption is also available in iOS 8.

Android users have had the option to encrypt their phones and tablets since 2011, but the setup process for Android L will switch it on by default. iOS has always encrypted data on devices automatically — there’s no option to enable it as there is on current versions of Android — but the protection has been reworked and improved in iOS 8.

Let’s not talk about why it’s always on for iOS while Android makes it turned off by default. Given how Android updates are rolled out, it will be years before this is widely adopted.

Third party keyboard in iOS 8 key logging?

Gabe Weatherhead wrote about his concerns about iOS 8 key logging.

This is what I found (quoted from the documentation):

  • All capabilities of a nonnetworked custom keyboard
  • Keyboard can access Location Services and Address Book, with user permission
  • Keyboard and containing app can employ a shared container
  • Keyboard can send keystrokes and other input events for server-side processing
  • Containing app can provide editing interface for keyboard’s custom autocorrect lexicon
  • Via containing app, keyboard can employ iCloud to ensure settings and autocorrect lexicon are up to date on all devices
  • Via containing app, keyboard can participate in Game Center and In-App Purchase
  • If keyboard supports mobile device management (MDM), it can work with managed apps

My interpretation of the documentation is that a keyboard extension can enable network access if it is for the purpose of improving the application. What improvements warrant this, is up to the app developer.

It is a concern I share as well. Why would a keyboard need to send keystrokes?

Google’s Doubleclick ad servers exposed millions to malware

The Verge reported on Google’s Doubleclick serving malware.

The first impressions came in late August, and by now millions of computers have likely been exposed to Zemot, although only those with outdated antivirus protection were actually infected.

That means that millions of computers are on outdated antivirus.

And using an ad-blocker proves to be more effective than having an antivirus.

Need help moving from Android phone to iPhone?

Apple has provided a detailed guide for people who wish to move from Android phone to iPhone.

Why didn’t any other company think of this?

Apple says iOS 8 update keeps data private, even from the police

NYT Bits reported on iOS 8 privacy data.

“Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data,” the company said on the new webpage. “So it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.”

“Our business model is very straightforward: We sell great products,” he said. “We don’t build a profile based on your email content or web browsing habits to sell to advertisers.”

Other tech companies need to take note.

Ways to think about watches

Benedict Evans shared his thoughts on ways to think about watches.

In fact, one could argue that the closest precedent for puzzlement is the mobile phone itself. If you tell the young people of today this they won’t believe you, but in the mid 1990s most people thought that mobile phones were an expensive niche product without mass-market potential. We already had phones, and pay phones, so why would you need this other thing? Mobile operators around the world (the disruptive innovators of the day) had to run advertising campaigns suggesting reasons why having a mobile phone might be useful. Price was obviously one reason this was hard to imagine, but there were more basic factors. Simple behaviors we take for granted today were different. People made plans to to meet their friends before going out in the evening, for example. We managed without mobile phones, and had to be persuaded into them. 

It seems to me that there are two kinds of puzzle around a new… thing. One is that you already have a thing that does this. For tablets this was the PC (and the smartphone) and for the iPod it was the Walkman – for the iPod the advantage of the new thing seems obvious now, but people took some persuading even at the time, and for tablets the scope of replacement remains unclear. But for another kind of new product, you don’t already have a thing that does this because there is no ’this’, and it’s not clear what ’this’ might be. A mobile phone is not a landline that doesn’t have a wire – it changes large parts of how you can live your life, so much so that it was not obvious in 1995 what would change. So too a smart watch. Yes, it tells the time, but what else?

We had discmans and walkmans, why would anyone want a portable MP3 player? We had mobile phones that came with keypads, why would anyone want a smartphone with a touchscreen? We have netbooks and laptops, why would anyone want a tablet?

Apple Watch – the smart watch for everyone

Ben Thompson share more of his thoughts on the Apple Watch.

This makes the Pebble sound a lot like a smartphone circa 2006. The thing is, though, the iPhone was never targeted at 2006-era smartphone users: it was targeted at everyone, and that meant it had to destroy our expectations of what a smartphone was in order to build a new one that happened to look exactly like an iPhone. Similarly, to be the sort of tentpole product Cook promised the Watch would be it must target more than current watch wearers: it must be a product so good that non watch-wearers will put something on their wrists, put up with nightly charging, spend hundreds or thousands of dollars every few years, and all the other sorts of behavior that no one thought any rational phone buyer would tolerate just eight years ago. In other words, it must swing for the fences, just like Apple seems to have done.

This brings a sense of déjà vu for some of us tech watchers. I’m reminded of how the iPod, the iPhone and the iPad were ridiculed by people who did not see their potential when they were announced.

Android Browser flaw a “privacy disaster” for half of Android users

Are Technica reported on Android Browser flaw bring a “privacy disaster” for half of Android users.

Baloch initially reported the bug to Google, but the company told him that it couldn’t reproduce the problem and closed his report. Since he wrote his blog post, a Metasploit module has been developed to enable the popular security testing framework to detect the problem, and Metasploit developers have branded the problem a “privacy disaster.” Baloch says that Google has subsequently changed its response, agreeing that it can reproduce the problem and saying that it is working on a suitable fix.

Removing the free U2 album from Apple

One of the last things that Apple did during the iPhone 6 and iWatch event was give away a free U2 album to every iTunes users out there – whether you wanted to or not. Depending on which side of the fence you’re on, you’re probably overjoyed at the freebie, or appalled that Apple can just push a music album into your device. If you fall into the latter category, you’ll be happy to know that Apple has put up a link to remove the album from your iTunes library. This should put an end to the complaining. It won’t. But it should.

Tim Cook on Charlie Rose

You may have previously caught snippets of Tim Cook on Charlie Rose, but now the whole interview is available on Hulu, and it’s a good watch.