The Pokémon you want, but without leaving the house.

blank

Maybe you’re tired of walking playing Pokémon Go but still need to get a Pokémon fix — well, why not give the new Magikarp Jump game a try? This casual Pokémon-themed game is far less involved than Go but still kicks in with the nostalgia we crave. Announced earlier this week with a limited release, Magikarp Jump is now available in the U.S. and most other countries.

Everything you need to know about Magikarp Jump is right in the title: the objective of the game is to train your Magikarp to jump higher than the other Magikarp. Yes, that’s rather simple and somewhat pathetic, but, y’know, so is Magikarp itself. You’ll train your Magikarp to gain jumping skills, feed it so it grows stronger, and then head into competition where you see just how high your Magikarp can jump.

There’s little more to try and sell someone on this: you’ll just need to download it and play. If you’re a Pokémon fan, you’re going to enjoy playing this casual title (it’s already picking up tons of five-star reviews). It’s free but has in-app ads by default, so expect to drop a little money to clean up the experience.




Go to Source

 | Posted by | Categories: Android |

Should you be concerned about this new Android exploit called Cloak & Dagger? Here’s what you need to know!

A new Android exploit has been unveiled called Cloak & Dagger and, true to its name, it describes ways in which ill-intentioned apps can take advantage of two Android permissions to steal keystrokes and trick users into divulging personal information.

But is it dangerous? Let’s break it down quickly.

What is Cloak & Dagger?

Cloak & Dagger is the name for a combination of two exploitable Android permissions that, when used independently or separately through an ill-intentioned app, can have dire consequences.

It was published as a proof-of-concept by a four-person team at Georgia Institute of Technology and University of California, Santa Barbara.

It is not an active exploit, and to date there have been no known public uses of it.

How does it work?

According to the team, Cloak & Dagger takes advantage of two Android permissions — SYSTEM_ALERT_WINDOW (“draw on top”) and BIND_ACCESSIBILITY_SERVICE (“a11y”) — that, when working together or separately, make it possible for an app to “listen in” and either steal text input such as passwords, two-factor authentication numbers, or personal data.

Cloak & Dagger is a new class of potential attacks affecting Android devices. These attacks allow a malicious app to completely control the UI feedback loop and take over the device — without giving the user a chance to notice the malicious activity. These attacks only require two permissions that, in case the app is installed from the Play Store, the user does not need to explicitly grant and for which she is not even notified. Our user study indicates that these attacks are practical.

The “draw on top” permission is known as the Android overlay feature and is used by many apps like Facebook Messenger and Samsung’s own Multi Window feature to enable “windows” that can be minimized and moved around on top of other apps.

How does the exploit work?

Because both the permissions are not part of Android’s explicit permission granting system that began in Android 6.0 Marshmallow, when a malicious app is downloaded, the app can automatically grant the “draw on top” permission.

Once that happens, the app, once opened, can create an overlay on top of a well-known app, like Facebook, to “phish” input like passwords. It can also overlay on top of the Android keyboard, picking up all inputted text.

The accessibility permission is a little bit harder to force a user to enable, but the team says that its proof of concept used the overlay permission to trick users into activating it. Once both are enabled, a “god mode” app can potentially steal data from any app used on the phone.

Everyone is affected

Cloak & Dagger affects all versions of Android, according to the team, including Android 5.0, 6.0 and 7.0, up to the latest release of Android 7.1.2.

Android 7.0 and above makes it a bit more difficult for some of the overlay exploits to work, but some ingenuity can still get around it.

Should you worry?

Right now, there are no known apps that take advantage of these permissions for malicious purposes, though now that they are public, that may change. The team published the research to force Google’s hand to improve the experience, since, unlike other Android vulnerabilities, these exploits take advantage of design flaws in the permissions themselves, not holes or bugs in the software.

What can you do to protect yourself?

This will not be a problem for you if you are careful with the apps you use.

Much is often made of Android’s security flaws, but Cloak & Dagger is not something you need to worry about as long as you’re careful about granting overlay permissions.

In order to mitigate the potential effects of Cloak & Dagger, it’s a good idea to review which apps can create overlays on top of your Android system. On most versions of Android, here’s how to do it:

  1. Open Android Settings.
  2. Scroll down and tap on Apps.
  3. Tap on the Menu or Cog icon.
  4. Find and tap on Special access. It’s usually under the “Advanced” heading.
  5. Tap on Draw over other apps. These are the apps that can create overlays using the above permission.
  6. Disable any apps you don’t recognize.

Don’t panic!

Seriously, this is not a big deal if you’re careful about the apps you download, especially since Google now scans 50 billion apps for malware every day using its Play Protect system.

Hopefully, Google will address this issue publicly or at least provide some clarification about what it intends to do with app overlays. Android O should eliminate this problem altogether by refactoring the overlay problem with a new API, but it’s unclear how or if Google plans to address the concern on earlier versions.




Go to Source

 | Posted by | Categories: Android |

The Huawei P10 and P10 Plus will come to Canada just in time for the summer.

Huawei’s P series will be sold at a North American carrier for the first time ever starting June 6, as Canadian providers are set to sell the P10 and P10 Plus.

The company’s newest flagship phones do a lot of things right — and, unfortunately, one thing very wrong — but they stand up well to the competition from Samsung, LG and others. And with no HTC flagship launching in Canada this summer, the P10 and P10 Plus should stand in nicely.

The smaller P10 will be sold at Bell, Videotron, Fido and Rogers in black. Rogers, which has an excellent existing relationship with Huawei, will sell the P10 in both gold and black, and will exclusively stock the larger P10 Plus in black, with the blue variants of both phones coming out later this summer, again as Rogers exclusives.

Huawei P10 and P10 Plus specs

Both phones are remarkably similar, with the P10 Plus notching a slightly bigger 5.5-inch QHD panel compared to the P10′s 5.1-inch 1080p display, along with a larger 3,750mAh battery compared to the P10′s 3,200mAh cell. The P10 Plus also has a slightly sharper f/1.8 lens, but in real world usage we found it to be nearly indistinguishable from the P10′s f/2.2 lens except for in very dark scenes.

Pricing has not been determined just yet, but we’ll know in the coming days.




Go to Source

 | Posted by | Categories: Android |

Google I/O is about more than just keynote presentations, big announcements, developer sessions and sunburn. Each year, Google also has a tent full of wacky computational “experiments” based around some of its most important products, platforms and technologies, and I/O 2017 was no exception. This year’s “Experiments” tent combined everything from machine vision, with an AI-powered electronica robot, to VR ping-pong and machine learning picture recognition games.

As the show was winding down late last week, we stopped by the tent in question to capture these experiments in all their glory. Check out our video feature above to see how both professional and amateur developers are using Google’s technology to do fun, crazy and interesting things!




Go to Source

 | Posted by | Categories: Android |

Is Amazon’s newest budget tablet worth your $50?

The online giant is calling it the “all new Fire 7,” which is perhaps more a marketing thing than actual hard truth when it comes to the tablet in question. It is new, and it is improved, but marketing hype is still marketing hype.

So, let’s actually break down what is new and whether this latest budget tablet is worth your time.

See at Amazon

What’s actually new?

There are subtle differences in the hardware on the all new Fire 7, but ones that will make for a solid improvement in user experience. The first of these is that it now supports the microSDXC standard which means you can now expand your internal storage by up to 256GB based on currently available cards.

The next important improvement is the inclusion of dual-band Wi-Fi, which means you’re now able to use the Fire 7 on the 5GHz band. Traditionally these give you better speeds over your local network, and it’s a notable upgrade over the single-band available in the old model.

Amazon has also an improved 7-inch IPS display in the new Fire 7, though just how good that is will have to wait until we actually see one.

Then there’s a little thing called Alexa. Amazon’s AI platform continues to grow, and following its inclusion on the most recent Fire TV products, Alexa is now on the basic Fire tablet, too. Holding the home button launches Alexa and from there you can ask questions and control your connected home devices just as you can with an Echo.

Is it worth getting one?

Absolutely. We’ve long recommended the Fire 7 as a cheap tablet that’s actually worth buying and that hasn’t changed with the new one. The improvements that have been made strengthen an already great product for $50.

Alexa is probably only going to excite you if you’re already getting into that ecosystem, but if you are, it’s yet another piece of tech you can use to turn on your lights and much more besides.

If you already have a Fire 7, it’s not necessarily worth ditching it just to grab the latest one. If it’s working just fine still, keep hold of it for now. Then again, $50 is almost an impulse buy, which is part of what makes the Fire 7 so good in the first place.

See at Amazon




Go to Source

 | Posted by | Categories: Android |

Snapchat’s new feature isn’t a killer one, but it will certainly give its existing users another reason to keep using it.

blank

A new Snapchat feature could help you when encouraging your friends to at least install the Snapchat app for the weekend. Snap has introduced custom Stories, which are designed to help friends and family groups collectively snap even the most mundane of events on the fly.

Custom Stories are easy to set up and don’t require that much planning beforehand. Tap the new Create Story icon in the top-right corner of the main Stories screen. Type in a name for the event, and then invite your friends. You can extend the invitation to anyone you’d like to participate in the as-it-happens festivities, regardless of their location. The new feature isn’t geofenced. You can also invite nearby Snapchat users to participate if it’s, say, a public event, like a high school prom or college graduation. Snapchat will create a one-block geofence around your current location.

Custom Stories will stay up on the main Stories page for as long as they are live, or until no one contributes for 24 hours. Each user is limited to three custom Stories at a time.

Is this a killer feature that will bring back hoards of budding Snapchat users? Not likely. It’s hard to ignore Snapchat’s declining numbers, especially when Instagram has all but run rampant with its own story-making features. But in the realm of mobile-first apps, it’s encouraging to see social networks attempting to become more of an extension of our social lives rather than a replacement.

The update is slowly rolling out to Snapchat users right now. If you don’t see it in the Google Play Store just yet, hang tight.




Go to Source

 | Posted by | Categories: Android |

The television and internet conglomerate has teamed up with Verizon Wireless in an attempt to become its own mobile operator.

In its ever-present quest for wireless superiority, Comcast quietly launched its own mobile network, aptly dubbed Xfinity Mobile. The service offers an unlimited data plan or you can pay by the gigabyte. It’s only available to those with existing Comcast internet service, however.

Xfinity Mobile began its nationwide rollout last week. It’s typically $65 a month for unlimited data access, but Comcast is currently offering a promotion at $45 a month. Speeds will be reduced after 20GB, however, which might not make it the best option for large family plans. The alternative is to pay-as-you-go at the $12 per gigabyte rate, but that option becomes quite pricey if you’re using more than four gigs a month. The subscription also garners you access to Verizon Wireless’s network, as well as access to Comcast’s Wi-Fi hotspots in the U.S. and its TV streaming service.

All this this not without its caveats. Xfinity Mobile is available to Comcast’s internet customers only, so you’ll have to pay for internet in addition to the mobile service. And though the $45 a month rate will continue to apply to existing high-end X1 plan subscribers, that quickly adds up when you’re paying for the whole suite of offerings. You also can’t bring your own device to the network, though you can pick from a Samsung Galaxy S8, Galaxy S7, Galaxy S7 Edge, or a low-end LG X Power at typical prices.

But for light data users who maybe don’t rely on their smartphones outside of the home as much as the rest of us do, Xfinity Mobile could be a convenient add-on when a tethered internet connection is already getting the most use. Just as long as you don’t mind being entirely beholden to Comcast.




Go to Source

 | Posted by | Categories: Android |

Our expectations of what it takes to get into our phones have been set too high.

The Galaxy S8‘s iris scanning is quicker and more accurate than when it debuted (for a short period) on the Galaxy Note 7, saving us from using the fingerprint sensor every time we want to unlock the phone. But it doesn’t guarantee your phone can’t be accessed by an unwanted person, as the Chaos Computer Club has easily demonstrated.

The CCC shows how it could simply take a photo of a person’s eye — with up to a 200 mm lens from 15 feet away, it says — and then print it out on typical paper, cover the paper with a wet contact lens to mimic an eye and instantly gain access to the phone. With a sufficient amount of time and complete access to the phone, you could theoretically unlock any Galaxy S8 with iris scanning enabled.

Despite Samsung’s claims that iris scanning is nearly on-par with a fingerprint sensor’s security and far stronger than face recognition, this shouldn’t come as any surprise. But in the CCC’s own article on the iris scanner bypass, it links to its defeating of Apple’s TouchID fingerprint sensor years ago. It has been demonstrated numerous times that other fingerprint sensors can be bypassed with a certain level of trickery and time — so how worried should you be?

Each option you have for unlocking your phone comes with trade-offs and potential risks. For most of us out there who simply want to keep our private information locked up should our phone be lost or stolen, a fingerprint sensor or iris scanner is sufficient. It’s easy enough to use that we’ll actually keep it enabled 100% of the time, while being difficult enough to deter the most-common threats to the physical security of the device.

The average criminal looking to steal a phone isn’t printing a high-resolution image of your eye.

The average criminal or sleuth looking to steal a phone and unlock it for a quick factory reset and sale isn’t taking a high-resolution photo of our eyes and printing it out. Not only would they be far better off looking over your shoulder in public to see what your backup PIN or pattern is instead, they’d just as easily throw your stolen phone in the trash when they realize it couldn’t be unlocked and quickly resold. But the most important thing at that point is that all of your data is safe, because they weren’t going to be willing to go through the process to get a scan of your irises or fingers to unlock it.

Yes, your Galaxy S8′s iris scanner can be defeated in the right circumstances — those circumstances include a targeted attack that requires time and complete physical access to the phone. But that doesn’t mean you need to move away from iris scanning or be unnecessarily worried about the security of your data when using it.

Only roughly two-thirds of modern Android phones are using lock screen security at all — we need to get that number a lot closer to 100 percent before we start nitpicking about which security form we’re using and how easy it is to defeat.




Go to Source

 | Posted by | Categories: Android |

It was time to update my home weather station from something functional but ugly to something decidedly more modern. Netatmo has fit the bill nicely.

I was going to show you my old weather station — a venerable beast from Oregon Scientific, which is quite good at this sort of thing. But alas, as soon as I took it off the wall it disappeared to wherever Phil’s Old Stuff disappears. (Basically an older, less sexy version of this.)

So. Time for something new. Something connected, and something definitely more modern.

A quick search of ye olde internet consistently returned offerings from Netatmo. They haven’t changed a lot over the years, which actually is a good thing in this case. So that’s the direction my credit card was pointed.

Subscribe to Modern Dad on YouTube

The basics: the standard Netatmo Weather Station comes a relatively small indoor sensor, and an outdoor sensor. They look, well, like silver cans. The indoor one measures temperature and humidity and sound level and carbon dioxide levels. The outdoor sensor does temperature and pressure and humidity. They connect to your smartphone, and connect to each other. Note that there’s no external display here — you have to use a phone or tablet or computer or something to actually get data.

There are two additional modules that can be connected — a rain gauge, which I grabbed because Florida, and a wind gauge, which I didn’t get because I don’t care quite that much about just how breezy it is.

Setup was as simple as you’d expect for this sort of thing — you just follow the instructions in the app. I’ve used it with Android and on iOS — but there’s also an honest-to-goodness Windows Phone app as well. The web interface may be my favorite of the bunch, actually, full of features and nicely designed. And finally I’ve settled on the third-party app Baratmo for my Mac menu bar.

So now I have access to all my weather information — inside and out. And I can get to it from anywhere, and in more detail than what even my $250 Nest thermostat provides. (By the way: Netatmo is a Works with Nest device, but you can tie it in via third-party services like IFTTT.)

What’s missing? Not a whole lot. I do miss having a single place at home where I can see all this info at one time. For as much as I loathed that aging LCD display, it did its job without complaint. So I’m hoping someone builds a skill for it to work with the upcoming Amazon Echo Show. And I’d like a little more historical data — how much rain did I get in the last week versus just the last day.

But strictly from a data standpoint? This has been a good purchase.

See on Amazon




Go to Source

 | Posted by | Categories: Android |

Just because you chose Google’s Android over every other rendition doesn’t mean you should be left out of the wireless fun.

Mophie has concocted a clever solution for those of you who may adore your Pixel XL smartphones, but have been secretly ruing the day you abandoned your wireless charging privileges. The newly released Juice Pack case for the Pixel XL not only tacks on an additional 2950mAh battery, but it also adds Qi wireless charging capabilities.

The Juice Pack offers protective covering and up to 50 hours of additional talk time, claims Mophie. You can charge both the battery pack and the Pixel XL’s internal battery via a Qi wireless charging pad, though Mophie also mentions compatibility with “other wireless systems.” If you need even faster charging, you can plug in a USB Type-C cable instead and Juice Pack will prioritize re-juicing the Pixel XL first.

Perhaps the only drawback of the Juice Pack is that it tacks on an additional 3.8 ounces to your current load, making the Pixel XL an even bigger device. But if you need the extra energy and like the idea of tapping to charge, the Mophie Juice Pack for the Pixel XL sells for nearly $100.

See at Mophie




Go to Source

 | Posted by | Categories: Android |