Google is cracking down on rooted Android devices, blocking multiple people from using the RCS message feature in Google Messages. From a report: Users with rooted phones -- a process that unlocks privileged access to the Android operating system, like jailbreaking iPhones -- have made several reports on the Google Messages support page, Reddit, and XDA's web forum over the last few months, finding they're suddenly unable to send or receive RCS messages. One example from Reddit user u/joefuf shows that RCS messages would simply vanish after hitting the send button. Several reports also mention that Google Messages gave no indication that RCS chat was no longer working, and was still showing as connected and working in Google Messages. In a statement sent to the Verge where we asked if Google is blocking rooted devices from using RCS, Google communications manager Ivy Hunt said the company is "ensuring that message-issuing/receiving devices are following the operating measures defined by the RCS standard" in a bid to prevent spam and abuse on Google Messages. In other words, yes, Google is blocking RCS on rooted devices.

An anonymous reader shares a report: Google pulled more than a dozen popular Indian apps including recruitment platform Naukri, matrimony service Shaadi, audio storytelling platforms Kuku FM and Stage and real-estate manager 99acres from Play Store on Friday after warning that it will be taking actions against developers who have persistently not complied with its billing policies, escalating a three-year dispute in what is the company's largest market by users. Google said that 10 companies in the country, including "many well-established" names it did not disclose, had avoided paying fees despite benefiting from the platform.

The Android-maker, owned by Alphabet, said a small group of developers in India had more than three years to prepare and comply with Play Store's payments policy but opted against it. These firms continue to comply with payment policies of other app stores, Google said. Some Android apps of matrimony platforms Shaadi, Matrimony.com and Bharat Matrimony were pulled from the Play Store Friday. Info Edge's Naukri and 99acres, audio storytelling apps Kuku FM and Stage, Alt Balaji's Altt, dating service Quack Quack were also axed from the store.

Murugavel Janakiraman, chief executive of Bharat Matrimony, said Google had pulled about 10 of the Indian firm's apps from the store. Bharat Matrimony is evaluating legal options, he told TechCrunch, adding that he believes Google has violated an Indian antitrust watchdog's order in its removal of the apps today. It's a "dark day for the India internet," he added. Lal Chand Bisu, co-founder and chief executive of Kuku FM lambasted at Google, saying the Android-maker had turned "the most evil" partner to do business with and the Indian startup ecosystem was "completely" in its control.

Nintendo has filed a 41-page lawsuit against the makers of Yuzu, an open-source Nintendo Switch emulator, accusing them of "facilitating piracy at a colossal scale." Polygon reports: Yuzu is a free emulator that was released in 2018 months after the Nintendo Switch originally launched. The same folks who made Citra, a Nintendo 3DS emulator, made this one. Basically, it's a piece of software that lets people play Nintendo Switch games on Windows PC, Linux, and Android devices. (It also runs on Steam Deck, which Valve showed -- then wiped -- in a Steam Deck video clip.) Emulators aren't necessarily illegal, but pirating games to play on them is. But Nintendo said in its lawsuit that there's no way to legal way to use Yuzu.

Nintendo argued that Yuzu executes codes that "defeat" Nintendo's security measures, including decryption using "an illegally-obtained copy of prod.keys." "In other words, without Yuzu's decryption of Nintendo's encryption, unauthorized copies of games could not be played on PCs or Android devices," Nintendo wrote in the lawsuit. As to the alleged damages created by Yuzu, Nintendo pointed to the release of The Legend of Zelda: Tears of the Kingdom. Tears of the Kingdom leaked almost two weeks earlier than the game's May 12 release date. The pirated version of the game spread quickly; Nintendo said it was downloaded more than 1 million times before Tears of the Kingdom's release date. People used Yuzu to play the game; Nintendo said more than 20% of download links pointed people to Yuzu.

Though Yuzu doesn't give out pirated copies of games, Nintendo repeatedly said that most ROM sites point people toward Yuzu to play whatever games they've downloaded. Nintendo said its "expended significant resources to stop the illegal copying, marketing, sale, and distribution" of its Nintendo Switch games. It says that Yuzu earns the team $30,000 per month on its Patreon from more than 7,000 patrons. Nintendo said the company has earned at least $50,000 in paid Yuzu downloads. Nintendo said that Yuzu's Patreon doubled its paid members in the period between May 1 and May 12, when Tears of the Kingdom was released. Nintendo is asking the court to shut down the emulator, and for damages.

Amazon has issued an update to Fire TV streaming devices and televisions that has broken apps that let users bypass the Fire OS home screen. From a report: The tech giant claims that its latest Fire OS update is about security but has refused to detail any potential security concerns. Users and app developers have reported that numerous apps that used to work with Fire TV devices for years have suddenly stopped working. As first reported by AFTVnews, the update has made apps unable to establish local Android Debug Bridge (ADB) connections and execute ADB commands with Fire TV devices.

The update, Fire OS 7.6.6.9, affects several Fire OS-based TVs, including models from TCL, Toshiba, Hisense, and Amazon's Fire TV Omni QLED Series. Other devices running the update include Amazon's first Fire TV Stick 4K Max, the third-generation Fire TV Stick, as well as the third and second-generation Fire TV Cubes and the Fire TV Stick Lite. A code excerpt shared with AFTVnews by what the publication described as an "affected app developer," which you can view here, shows a line of code indicating that Fire TVs would not be allowed to make ADB connections with a local device or app. As pointed out by AFTVnews, such apps have been used by Fire TV modders for abilities like clearing installed apps' cache and using a different home screen than the Fire OS default.

Fast Company notes that "the deadly impacts of Pegasus and other cyberweapons — wielded by governments from Spain to Saudi Arabia against human rights defenders, journalists, lawyers and others — is by now well documented. A wave of scrutiny and sanctions have helped expose the secretive, quasi-legal industry behind these tools, and put financial strain on firms like Israel's NSO Group, which builds Pegasus.

"And yet business is booming." New research published this month by Google and Meta suggest that despite new restrictions, the cyberattack market is growing, and growing more dangerous, aiding government violence and repression and eroding democracy around the globe.

"The industry is thriving," says Maddie Stone, a researcher at Google's Threat Analysis Group (TAG) who hunts zero-day exploits, the software bugs that have yet to be fixed and are worth potentially hundreds of millions to spyware sellers. "More companies keep popping up, and their government customers are determined to buy from them, and want these capabilities, and are using them." For the first time, half of known zero-days against Google and Android products now come from private companies, according to a report published this month by Stone's team at Google. Beyond prominent firms like NSO and Candiru, Google's researchers say they are tracking about 40 companies involved in the creation of hacking tools that have been deployed against "high risk individuals."

Of the 72 zero-day exploits Google discovered in the wild between 2014 and last year, 35 were attributed to these and other industry players, as opposed to state-backed actors. "If governments ever had a monopoly on the most sophisticated capabilities, that era is certainly over," reads the report.

The Google findings and a spyware-focused threat report published by Meta a week later reflect an increasingly tough response by Big Tech to an industry that profits from breaking into its systems. The reports also put new pressure on the US and others to take action against the mostly unregulated industry.
"In its report, Google describes a 'rise in turnkey espionage solutions' offered by dozens of shady companies..."

Thanks to Slashdot reader tedlistens for sharing the article.

An anonymous reader shares a report: When Google Wallet launched in 2022, Google kept the "GPay" app around in a handful of countries. The company announced today that the old Google Pay app is soon going away in the US. That app, which appears as "GPay" on your Android homescreen, was Google's previous vision for mobile payments and finance.

It was "designed around your relationships with people and businesses" with conversation-like threads serving as a purchase history, while keeping track of your spending was another big aspect. GPay will stop working in the US from June 4, 2024. It will remain available for users in India and Singapore as Google continues to "build for the unique needs in those countries." As part of the app going away, Google is shutting down peer-to-peer payments that let you send, request, or receive money from others in the US. Google's P2P offering never really took off.

An anonymous reader quotes a report from BleepingComputer: A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access. The new malware, spotted by Group-IB, is part of a malware suite developed by the Chinese threat group known as 'GoldFactory,' which is responsible for other malware strains such as 'GoldDigger', 'GoldDiggerPlus,' and 'GoldKefu.' Group-IB says its analysts observed attacks primarily targeting the Asia-Pacific region, mainly Thailand and Vietnam. However, the techniques employed could be effective globally, and there's a danger of them getting adopted by other malware strains. [...]

For iOS (iPhone) users, the threat actors initially directed targets to a TestFlight URL to install the malicious app, allowing them to bypass the normal security review process. When Apple remove the TestFlight app, the attackers switched to luring targets into downloading a malicious Mobile Device Management (MDM) profile that allows the threat actors to take control over devices. Once the trojan has been installed onto a mobile device in the form of a fake government app, it operates semi-autonomously, manipulating functions in the background, capturing the victim's face, intercepting incoming SMS, requesting ID documents, and proxying network traffic through the infected device using 'MicroSocks.'

Group-IB says the Android version of the trojan performs more malicious activities than in iOS due to Apple's higher security restrictions. Also, on Android, the trojan uses over 20 different bogus apps as cover. For example, GoldPickaxe can also run commands on Android to access SMS, navigate the filesystem, perform clicks on the screen, upload the 100 most recent photos from the victim's album, download and install additional packages, and serve fake notifications. The use of the victims' faces for bank fraud is an assumption by Group-IB, also corroborated by the Thai police, based on the fact that many financial institutes added biometric checks last year for transactions above a certain amount.

Republican Commissioner Brendan Carr is calling on the Federal Communications Commission to investigate Apple's response to Beeper Mini -- the app that briefly brought iMessage to Android. From a report: During the State of the Net Conference on Monday, Carr said the FCC should look into whether Apple's move "complies with the FCC's Part 14 rules" about accommodating users with disabilities.

Beeper Mini launched last year, allowing Android users to gain access to iMessage features, including blue message bubbles and the ability to send high-quality photos and videos. However, Apple quickly blocked Beeper Mini users and continued to shut down attempts to make the app work, leading its developers to eventually just give up. The FCC's Part 14 rules lay out requirements that "advanced communications service," such as iMessage, must follow to ensure they're accessible.

Remember "Servo," Mozilla's "next-generation browser engine," focused on performance and robustness?

"The developers of Servo are starting 2024 by going all in..." reports It's FOSS News, citing a social media post from FOSDEM. "[T]he Servo Project team were there showing off the work done so far." If you were not familiar, Servo is an experimental browser engine that leverages the power of Rust to provide a memory-safe and modular experience that is highly adaptable. After Mozilla created Servo back in 2012 as a research project, it saw its share of ups and downs over the years, with it making a comeback in 2023; thanks to a fresh approach by the developers on how Servo should move forward.

Even though there are plenty of open source Chrome alternatives, with this, there's a chance that we will get some really cool options based on Servo that just might give Blink and Gecko a run for the money! Just a few months back, in September 2023, after The Servo Project officially joined Linux Foundation Europe, the existing contributors from Igalia stepped up their game by taking over the project maintenance. To complement that, at Open Source Summit Europe last year, Manuel Rego from Igalia shared some really useful insights when he presented.

He showcased stuff like the WebGL support, cross-platform support including mobile support for Android and Linux, among other things. They have experimented with Servo for embedded applications use-cases (like running it on Raspberry Pi), and have plans to make advances on it. As far as I can see, it looks like, Servo is faster for Raspberry Pi compared to Chromium. You can explore more such demos on Servo's demo webpage.
2024's roadmap includes "Initial Android support, that will see Servo being made to build on modern Android versions," according to the article, "with the developers publishing nightly APKs on the official website some time in the future."

One fun fact? "Even though Mozilla dropped the experimental project, Firefox still utilizes some servo components in the browser"

Another FOSDOM update from social media: "Thunderbird is also embracing Rust."

An anonymous Slashdot reader shared this report from SiliconANGLE: The Rust Foundation, which supports the development of the popular open-source Rust programming language... shared that Google LLC had made a $1 million contribution specifically earmarked for a C++/Rust interoperability effort known as the "Interop Initiative." The initiative aims to foster seamless integration between Rust and the widely used C++ programming language, addressing one of the significant barriers to Rust's adoption in legacy systems entrenched in C++ code.

Rust has the ability to prevent common memory errors that plague C++ programs and offers a path toward more secure and reliable software systems. However, transitioning from C++ to Rust presents notable challenges, particularly for organizations with extensive C++ codebases. The Interop Initiative seeks to mitigate these challenges by facilitating smoother transitions and enabling organizations to leverage Rust's advantages without completely overhauling their existing systems.

As part of the initiative, the Rust Foundation will collaborate closely with the Rust Project Leadership Council, stakeholders and member organizations to develop a comprehensive scope of work. The collaborative effort will focus on enhancing build system integration, exploring artificial intelligence-assisted code conversion techniques and expanding upon existing interoperability frameworks. By addressing these strategic areas, the initiative aims to accelerate the adoption of Rust across the software industry and hence contribute to advancing memory safety and reducing the prevalence of software vulnerabilities.
A post on Google's security blog says they're excited to collaborate "to ensure that any additions made are suitable and address the challenges of Rust adoption that projects using C++ face. Improving memory safety across the software industry is one of the key technology challenges of our time, and we invite others across the community and industry to join us in working together to secure the open source ecosystem for everyone."

The blog post also includes this quote from Google's VP of engineering, Android security and privacy. "Based on historical vulnerability density statistics, Rust has proactively prevented hundreds of vulnerabilities from impacting the Android ecosystem. This investment aims to expand the adoption of Rust across various components of the platform."

The Register adds: Lars Bergstrom, director of Android platform tools and libraries and chair of the Rust Foundation Board, announced the grant and said that the funding will "improve the ability of Rust code to interoperate with existing legacy C++ codebases.... Integrating Rust today is possible where there is a fallback C API, but for high-performance and high-fidelity interoperability, improving the ability to work directly with C++ code is the single biggest initiative that will further the ability to adopt Rust...."

According to Bergstrom, Google's most significant increase in the use of Rust has occurred in Android, where interoperability started receiving attention in 2021, although Rust is also being deployed elsewhere.... Bergstrom said that as of mid-2023, Google had more than 1,000 developers who had committed Rust code, adding that the ad giant recently released the training material it uses. "We also have a team working on building out interoperability," he added. "We hope that this team's work on addressing challenges specific to Google's codebases will complement the industry-wide investments from this new grant we've provided to the Rust Foundation."

Google's grant matches a $1 million grant last November from Microsoft, which also committed $10 million in internal investment to make Rust a "first-class language in our engineering systems." The Google-bucks are expected to fund further interoperability efforts, along the lines of KDAB's bidirectional Rust and C++ bindings with Qt.

India's Space Research Organisation (ISRO) will send a humanoid robot astronaut into this space this year, then send it back alongside actual humans in 2025 on its long-delayed Gaganyaan orbital mission. From a report: According to the space agency, the robot-crewed Vyommitra Mission is scheduled for the third quarter of this year. The robot -- whose name translates to "Space Friend" in Sanskrit -- can monitor module parameters, issue alerts and execute life support operations. Vyommitra is also an excellent multitasker that can operate six panels while responding to queries and mimicking human functions. The humanoid speaks two languages: Hindi and English.

It's also been designated as female -- to the extent possible for a legless robot -- and sports coiffed hair, feminine facial features, and hands that look like they are wearing white gloves. It resembles a wax figurine or mannequin and The Register fancies it mostly manages to stay out of the Uncanny Valley -- the term applied to robots and digital depictions of humans that try to appear human but instead come off as creepy and/or unsettling.

Sarah Perez reports via TechCrunch: Fresh on the heels of its $40 million fundraise, streaming media company Plex is today announcing its expansion into a new business: a movie rentals storefront. The addition, which will initially be offered to U.S. customers, will give the streamer another means of generating revenue beyond its subscription products and ad-supported streaming -- a diversification that will prove critical as the ad market continues to be unpredictable.

At launch, the marketplace will offer movies from top studios, including WB, Paramount, MGM, Lionsgate and A24, which means Plex users will be able to rent titles like "Barbie," "Wonka," "Aquaman and the Lost Kingdom," "Mission: Impossible -- Dead Reckoning," "The Color Purple," "Expend4bles," "PAW Patrol: The Mighty Movie," "Hunger Games: The Ballad of Songbirds and Snakes," "Mean Girls" and others. Plex says there will be just over 1,000 titles available to rent starting at $3.99, but the number of titles will grow over time. Titles will also move in and out of windows, so the number of rentals will fluctuate over time, as well. [...]

Once users rent a movie, they have 30 days to watch. After starting the rental, you'll have 48 hours to finish viewing it, similar to other marketplaces. The movie will also appear in the "Continue Watching" section on Plex's home screen if you don't finish watching it upon your first go. The company plans to add more studio partners to its movie rentals store over time, it says. [...] The new movie marketplace will launch across platforms, Plex notes, including its apps on Amazon Fire TV, Apple TV, Android TV/Google TV, Roku, smart TVs (LG, Hisense, Samsung, Sony, VIZIO), game consoles and Apple and Android smartphones and tablets.

Google has renamed its AI assistant to "Gemini" and unveiled a paid subscription tier offering. The $19.99/month "Gemini Advanced" includes a more powerful AI model and cloud storage integration, targeting users seeking advanced content creation and complex query resolution. Google is also leveraging its Android user base by making Gemini the default digital assistant, aiming to replicate the success of its billion-user products.

New submitter Dustin Destree shares a report: Android users in Singapore will be blocked from installing apps from unverified sources, a process called sideloading, as part of a new trial by Google to crack down on malware scams. The security tool will work in the background to detect apps that demand suspicious permissions, like those that grant the ability to spy on screen content or read SMS messages, which scammers have been known to abuse to intercept one-time passwords. Singapore is the first country to begin the gradual roll-out of the security feature over the next few weeks, done in collaboration with the Cyber Security Agency of Singapore, according to a statement on Feb 7 by Google, which develops the Android software.

According to a job listing spotted by AFTVNews, Amazon makes it clear that the company plans to ditch Android for its own "VegaOS" operating system. "The new platform is said to rely on React Native and would require new apps to be built," reports 9to5Google. From the report: As spotted by AFTVNews, a job listing from Amazon was looking for a "Fire TV Experience Software Development Engineer." The job listing's description makes it abundantly clear that a key part of the role is focused on the transition from Android to the rumored "VegaOS," because it quite literally says that's what is happening, with Amazon saying that Fire TV is transitioning from "FOS/Android" (Fire OS/Android) to "native/Rust" and even explicitly mentioning React Native. The listing, which has since been removed, provides extremely strong evidence of Amazon's plans, which is probably why it was so quickly removed.

Fossil Group has decided to call it quits on smartwatches. The company announced Friday that it would leave the smartwatch business and redirect resources to its less-smart goods instead. From a report: The company has been one of the most prolific makers of Wear OS smartwatches over the years, and its absence will leave a large gap in the market. "As the smartwatch landscape has evolved significantly over the past few years, we have made the strategic decision to exit the smartwatch business," Fossil spokesperson Amanda Castelli tells The Verge. "Fossil Group is redirecting resources to support our core strength and the core segments of our business that continue to provide strong growth opportunities for us: designing and distributing exciting traditional watches, jewelry, and leather goods under our own as well as licensed brand names." This means that the Gen 6, which first launched in 2021, will be the last Fossil smartwatch. Castelli says the company will continue to keep existing Wear OS watches updated "for the next few years."

AT&T, Google and Vodafone are investing a total of $206.5 million in AST SpaceMobile, a satellite manufacturer that plans to be the first space-based network to connect standard mobile phones at broadband speeds. Fierce Wireless reports: AST SpaceMobile claims it invented the space-based direct-to-device market, with a patented design facilitating broadband connectivity directly to standard, unmodified cellular devices. In a press release, AST SpaceMobile said the investment from the likes of AT&T, Google and Vodafone underscores confidence in the company's technology and leadership position in the emerging space-based cellular D2D market. There's the potential to offer connectivity to 5.5 billion cellular devices when they're out of coverage.

Bolstering the case for AST SpaceMobile, Vodafone and AT&T placed purchase orders -- for an undisclosed amount -- for network equipment to support their planned commercial services. In addition, Google and AST SpaceMobile agreed to collaborate on product development, testing and implementation plans for SpaceMobile network connectivity on Android and related devices. AST SpaceMobile boasts agreements and understandings with more than 40 mobile network operators globally. However, it's far from alone in the D2D space. Apple/Globalstar, T-Mobile/SpaceX, Bullitt and Lynk Global are among the others.

"Would you pay $15 a month so Android doesn't track you and send all of that data back to Google?" asks Stuff South Africa: A new Swiss-based privacy company thinks $15 is a fair fee for that peace of mind. "A person's data is the original digital currency," argues Apostrophy, which has created its own operating system, called Apostrophy OS.

It's based on Android — don't panic — but the version that has already been stripped of Google's intrusiveness by another privacy project called GrapheneOS, which used to be known as CopperheadOS. Launched in 2014, it which was briefly known as the Android Hardening project, before being rebranded as GrapheneOS in 2019. Apostrophy OS is "focused on empowering our users, not leveraging them," it says and is "purposely Swiss-based, so we can be champions of data sovereignty".

What it does, they say, is separate the apps from the underlying architecture of the operating system and therefore prevent apps from accessing miscellaneous personal data, especially the all-important location data so beloved of surveillance capitalism... Apostrophy OS has its own app store, but also cleverly allows users to access the Google Play Store. If you think that is defeating the point, Apostrophy argues that those apps can't get to the vitals of your digital life. Apostrophy OS has "partitioned segments prioritising application integrity and personal data privacy".
The service is free for one year with the purchase of the new MC02 phone from Swiss manufacturer Punkt, according to PC Magazine. "The phone costs $749 and is available for preorder now. It will ship at the end of January." Additional features include a built-in VPN called Digital Nomad based on the open-source Wireguard framework to secure your activity against outside snooping, which includes "exit addresses" in the US, Germany, and Japan with the base subscription.

China's Huawei will not support Android apps on the latest iteration of its in-house Harmony operating system, domestic financial media Caixin reported, as the company looks to bolster its own software ecosystem. From a report: The company plans to roll out a developer version of its HarmonyOS Next platform in the second quarter of this year followed by a full commercial version in the fourth quarter, it said in a company statement highlighting the launch event for the platform in its home city of Shenzhen on Thursday.

Huawei first unveiled its proprietary Harmony system in 2019 and prepared to launch it on some smartphones a year later after U.S. restrictions cut its access to Google's technical support for its Android mobile OS. However, earlier versions of Harmony allowed apps built for Android to be used on the system, which will no longer be possible, according to Caixin.

Microsoft is getting ready to place Teams meeting reminders on the Start menu in Windows 11. From a report: The software giant has started testing a new build of Windows 11 with Dev Channel testers that includes a Teams meeting reminder in the recommended section of the Start menu. Microsoft is also testing an improved way to instantly access new photos and screenshots from Android devices. [...] The Teams meeting reminders will be displayed alongside the regular recently used and recommended file list on the Start menu, and they won't be displayed for non-business users of Windows 11.