Google Phone app could add support for call recording, code suggests

Code added in the latest version of the Google Phone app suggests that it could support native call recording in the future. XDA-Developers was first to spot the code, which appeared in the app downloaded to a Pixel 4. The dialer app adds a new layout, icon, and other assets consistent with a call recording feature. The Google Phone app is currently the default dialer application on devices including Pixel and Android One phones.

Call recording has had a bumpy road on Android over the years. The feature used to be widely available in third-party apps via an official call recording API, but this was removed with Android 6.0 Marshmallow. Then, with Android 9 Pie, Google removed the workarounds app developers had been using to continue to offer it. In many places, this limited call recording to OEM-specific dialers, some slightly hacky workarounds, and rooted phones. There have been reports that Google is working on bringing widespread call recording functionality back to Android, but “security and privacy implications” prevented it from arriving with Android 10.

Currently, Android call recording appears to be available via third-party apps in some countries and devices but not others, at least according to one app developer. The slightly confusing situation has probably got something to do with call recording laws, which differ a lot between different countries, and even between individual states in the US. While some places let one person record a call without informing the other participant, others require both to consent to it. Adding the functionality to the Google Phone app wouldn’t change the law, but it could make call recording easier in locations where it’s less restricted.

While the code could mean that Google is working on bringing call recording to Pixel and Android One phones, XDA speculates that its release could be limited to Xiaomi devices. The code appeared in the Google Phone app soon after Xiaomi announced it would be switching to using Google’s dialer in Europe instead of its own MIUI dialer, which previously allowed for call recording.

There’s no guarantee the code discovered will ever turn into a fully fledged feature, but after Google did such a good job with the Pixel 4’s Recorder app, it’s hard not to see the potential here.

Google now treats iPhones as physical security keys

The latest update to Google’s Smart Lock app on iOS means you can now use your iPhone as a physical 2FA security key for logging into Google’s first-party services in Chrome. Once it’s set up, attempting to log in to a Google service on, say, a laptop, will generate a push notification on your nearby iPhone. You’ll then need to unlock your Bluetooth-enabled iPhone and tap a button in Google’s app to authenticate before the login process on your laptop completes. The news was first reported by 9to5Google.

Two-factor authentication is one of the most important steps you can take to secure your online accounts, and provides an additional layer of security beyond a standard username and password. Physical security keys are much more secure than the six digit codes that are in common use today, since these codes can be intercepted almost as easily as passwords themselves. Google already lets you use your Android phone as a physical security key, and now that the functionality is available on iOS it means that anyone with a smartphone now owns a security key without having to buy a dedicated device.

Attempting to log in to a Google service will send a push notification to your phone over Bluetooth.
Screenshot by Thomas Ricker / The Verge

The new process is similar to the existing Google Prompt functionality, but the key difference is that Smart Lock app works over Bluetooth, rather than connecting via the internet. That means your phone will have to be in relatively close proximity to your laptop for the authentication to work, which provides another layer of security. However, the app itself doesn’t ask for any biometric authentication — if your phone is already unlocked then a nearby attacker could theoretically open the app and authenticate the login attempt.

According to one cryptogopher working at Google, the new functionality makes use of the iPhone processor’s Secure Enclave, which is used to securely store the device’s private keys. The feature was first introduced with the iPhone 5S, and Google’s app says that it requires iOS 10 or later to function.

The new iPhone support appears to be limited to authenticating Google logins from the Chrome browser. When we attempted to use an iPhone to authenticate a login of the same service (we tested with Gmail) using Safari on a MacBook, we were prompted to insert our key fob (which we don’t have), meaning it created an extra step in our login process where we had to pick an alternative 2FA option.

The Smart Lock app’s new functionality means that iPhones can now be used with Google’s Advanced Protection Program, which is Google’s strongest protection against phishing or other attacks. Along with iPhones, the program also supports Android phones and physical security keys.

Update January 15th, 8:13AM ET: Updated with details of Google’s Advanced Protection Program.

Grindr shares personal data with ad companies in violation of GDPR, complaint alleges

Grindr is sharing personal user data in violation of the EU’s GDPR data protection legislation, a new series of complaints is alleging. The app shares data including location and device information with more than a dozen companies, according to The New York Times. The Norwegian Consumer Council has filed three complaints against Grindr, as well as five adtech companies that received personal data through the app.

Grindr describes itself as “the world’s largest social networking app for gay, bi, trans, and queer people,” and so just sharing the fact that a user has the app installed on their device can give an indication of their sexual orientation. Associating this information with an advertising ID then makes the user identifiable to third-party advertisers and across services, according to the report from the Norwegian Consumer Council.

The Norwegian Consumer Council’s report notes that Grindr’s privacy policy discloses that it shares user and device data such as a user’s advertising ID with third parties. However, the report claims the app isn’t clear about the legal basis for how it processes this personal data, and that the scale of Grindr’s adtech network makes it difficult for a user to understand, and therefore properly consent, to their data being collected.

“The extent of tracking and complexity of the adtech industry is incomprehensible to consumers, meaning that individuals cannot make informed choices about how their personal data is collected, shared and used,” the report says.

One of the adtech companies that Grindr shares data with is Twitter-owned MoPub, which says that it may share user data with over 180 of its partners, according to The New York Times. The company told Bloomberg that it has disabled Grindr’s MoPub account while it investigates.

The Norwegian Consumer Council has filed its GDPR complaint with the Norwegian Data Protection Authority, and the privacy group NOYB has said that it intends to file a complaint of its own with the Austrian Data Protection Authority in the coming weeks.

It’s worth noting that the research focused on the service’s Android app. The report said this was because of Android’s larger user base worldwide, but it noted that Android’s data flows are generally easier to observe and that Google has a closer relationship with the adtech industry than Apple does.

Beyond Grindr, the research also raised concerns about the data sharing practices of other dating apps. Match Group’s OkCupid and Tinder, for example, were found to be sharing data with each other, including information on their users’ sexualities, drug use, and political views, according to Bloomberg. The report says this may break GDPR’s purpose limitation rules.

While it declined to comment on the specifics of the report, Grindr told the NYT that it valued users’ privacy and that it safeguards their personal information. Match Group said it only shared user data that’s necessary for providing its services, and added that it complies with privacy laws.

This isn’t the first time Grindr has faced complaints over the data it collects about its users. In 2018, a separate Norwegian nonprofit discovered that the service was sharing its users’ HIV status with two outside companies. Shortly after the report became public, Grindr said it had put an end to the practice.

The PC market just had its first year of growth since 2011

The worldwide PC market just grew consistently for the first time in eight years, according to market research firms IDC and Gartner. IDC reckons worldwide PC shipments grew by 2.7 percent to 266.7 million devices globally, while Gartner has it pegged at 0.6 percent to 261.2 million devices. 2018 contained the market’s first quarter of growth in six years, but in 2019 this finally lead to a full year of growth, the market’s first since 2011.

Although Gartner and IDC broadly agreed on the direction the PC market is currently heading in, the two firms count devices slightly differently. Both firms include desktops, notebooks, and detachable tablets like the Surface, but Gartner excludes Chromebooks.

Both IDC and Gartner cite Windows 10 upgrades for the turnaround. With Microsoft ending support for Windows 7 today, businesses around the world are being forced to upgrade their legacy devices, leading to “vibrant business demand” for Windows 10, according to Gartner. Windows 10 was installed on 900 million devices as of September last year, according to Microsoft. Data from NetMarketShare suggests there are still millions of PCs that are yet to make the upgrade, however, with Windows 7 still being used on over 30 percent of desktops.

IDC says that the benefits from needing to upgrade to a new operating system are unlikely to last long, however, and while there are new technologies like 5G and dual- and folding-screen devices on the horizon, these are going to take time to arrive. Eventually Microsoft is going to have to stop supporting Windows 8, but the operating system’s market share is so small in comparison to Windows 7 that it’s unlikely to lead to the same amount of upgrades.

It wasn’t all good news for the PC market in 2019. Gartner called Intel’s CPU shortage a “major issue,” and IDC reported that the situation was helped by the adoption of AMD CPUs. Performance also varied between companies. The top three PC manufacturers — Lenovo, HP, and Dell — all saw shipment growth, but fourth and fifth placed Apple and Acer saw PC shipments decline between 2018 and 2019.

Your iPhone XS or XR battery case could be due a free replacement from Apple

Apple has launched a new replacement program for its iPhone XS, XS Max, and XR smart battery cases, after charging issues were discovered in some devices. According to the company, some of the cases may have a problem where they won’t charge when plugged into power, or may fail to charge your iPhone. If your model is affected, then Apple or one of its authorized service providers will replace it free of charge.

At $129, the battery cases aren’t cheap, but their tight integration with the iPhone means that they come with a few advantages. iOS will display the charge level of your battery case in its top notification bar, for example, and it can also pass data through the battery case’s Lightning port. If your case is eligible for a replacement, then it might be worth taking it into an Apple Store regardless of whether it’s having problems. You’ll get a newer model, and there should be less chance of it developing problems in the future.

According to Apple, the affected models were manufactured between January and October 2019 (the cases were announced in January). If you want to take advantage of the program, then Apple says you’ll need to take it into an authorized service provider or an Apple store, where it will be examined to make sure it’s eligible. If it is, then Apple says it will dispose of your old model in an environmentally friendly way. Affected cases will be covered for two years following their original sale, according to Apple.

Elon Musk: ‘Teslas will soon talk to people if you want. This is real’

Elon Musk says that Tesla cars will “soon” be able to talk to nearby pedestrians. In a tweet announcing the functionality, the CEO shared a short clip of a Model 3 driving past while its speaker plays a clip saying “Well don’t just stand there staring, hop in.” In his Tweet, Musk says, “Teslas will soon talk to people if you want. This is real.”

We already knew that Tesla has begun adding external speakers to its cars in order to comply with new safety regulations that require electric cars to produce artificial noise. Now it seems these speakers could be used for much more. In a follow-up tweet, Musk indicated that the newly-announced functionality could work with the car’s existing sentry mode alarm system which already uses the car’s internal sound system to deter would-be thieves. Alternatively, he said that you could just have your car fart in people’s general direction.

The specific audio message played in the clip brings to mind Musk’s master plan of eventually having all of Tesla’s cars operate as an autonomous taxi fleet, earning money for their owners when they’re not driving them. In an autonomous state, with no driver to invite passengers into the taxi, the car itself could be left to tell people to “hop in.”

Musk’s tweet says to expect the new functionality “soon,” but you might want to take this promise with a pinch of salt. The CEO previously said that Tesla’s “customized horn and movement sounds” were coming “soon” back in October and they’re still yet to arrive, and we’re still waiting to see a Tesla complete the autonomous Los Angeles to New York journey that was promised back in 2016 (the plans were put on hold in 2018).

Instagram and Facebook won’t stop lies in political ads, but users will get more control

Facebook has stood firm in the face of pressure over its policies on political ads, defending a “warts and all” approach that allows politicians to lie in ads placed on its platform. In a post published in its newsroom, the company said it had based its policies on the principle that “people should be able to hear from those who wish to lead them” and “what they say should be scrutinized and debated in public.” Facebook will be offering more transparency and control over political ads for users of both Instagram and Facebook.

The company’s current ad policies came under tough scrutiny last year, when it emerged that it exempts politicians from its rules about posting misinformation in ads. The policy was fiercely criticized both internally and externally, and Democratic senator Elizabeth Warren published a deliberately misleading Facebook ad in a direct challenge to the policy. However, Facebook has remained firm in its stance.

Rather than make any wholesale changes to its policies on political ads, Facebook is instead giving its users more control over the ads they see. Similar to how you can currently tell Facebook you want to see less ads about certain topics, the company says it will add a new control to let you see fewer political and social issue ads across Facebook and Instagram. It plans to roll out the feature starting this summer in the US.

The company also says it’s adding more features to its Ad Library, which lets anyone see the ads politicians and campaigns are running on Facebook. You’ll now be able to see how many people an advertiser was attempting to reach with a particular ad, and the library’s search and filtering tools will see improvements. Facebook says it plans to roll out these updates in the first quarter of this year.

In a speech made at Georgetown University last October, Facebook CEO Mark Zuckerberg said “I don’t think it’s right for a private company to censor politicians,” and said that political ads are “an important part of voice” for “local candidates, up-and-coming challengers, and advocacy groups that may not get much media attention otherwise.” Today it called for the industry to be regulated by “democratically accountable rules” concerning political advertising.

Facebook’s policies sit in contrast to an increasing number of tech firms. Following the criticism received by Facebook, Twitter decided to ban political ads entirely at the end of October, while Google issued harsh new restrictions on political ad targeting. In December, Spotify took the decision to “pause” political ads on its platform.

Samsung keeps the removable battery alive with new XCover Pro smartphone

Samsung’s new Galaxy XCover Pro is a rugged smartphone that features a removable battery, a feature that’s almost unheard of in a modern phone. So, if you’re prepared enough, you can easily swap out the phone’s 4,050mAh battery with a fully charged spare when its power runs dry. The device was technically launched last week in Finland, but Samsung did it so quietly that at least one report had it pegged as an unannounced handset.

Away from its removable battery, the real focus of the handset is its rugged design that’s meant to be able to survive being used out in the elements. WinFuture.de reports that it’s got an IP68 dust and water-resistance rating, can survive falls of up to 1.5 meters (roughly 4.9 feet), and that its touchscreen works even when wet or when you’re wearing gloves. A press release that was subsequently discovered on Samsung’s Swedish website said that the phone comes with a barcode scanner and has two programmable buttons — although the press release has since been edited to remove any mention of the XCover Pro.

Otherwise, the Galaxy XCover Pro’s specs wouldn’t look out of place on a standard midrange device, with a 6.3-inch 1080p LCD display, Exynos 9611 chipset, 4GB of RAM, and 64GB of storage. It’s got dual rear cameras, including a main 25-megapixel sensor and an 8-megapixel ultra-wide angle, while on the front there’s a single 13-megapixel selfie camera contained within the display’s hole-punch cutout. Unfortunately, it seems to ship with Android Pie, rather than the more up-to-date Android 10.

Samsung’s Galaxy XCover Pro will be available starting at the end of the month across parts of Europe, including Finland and Sweden, for €499 (about $554). However, given these details have since been removed from the press release they first appeared in, they could be subject to change. No US release has been announced yet.

Update January 10th, 10:10AM ET: The press release found on Samsung’s Swedish site has been edited to remove any mention of the XCover Pro. We have updated this article to reflect this.

Google’s Project Zero is now being more considerate with how it discloses security vulnerabilities

Google’s Project Zero cybersecurity team is trialling a new policy where it won’t make security vulnerabilities public early after a fix has been issued. “Full 90 days by default, regardless of when the bug is fixed,” is the team’s new policy, which it will trial for a year before deciding whether to adopt it permanently.

Under the old system, Project Zero’s researchers would give vendors 90 days to fix an issue before making the problem public. However, if a patch was issued within that 90 day window, it would disclose the vulnerability early. This can be a problem, because it means users have to rush to patch a vulnerability before hackers can exploit it. A vulnerability might be fixed by the company, but that doesn’t matter if the patch hasn’t been widely adopted.

So now, regardless of whether a patch is issued 20 days or 90 days after Project Zero makes a vendor aware of the problem, it will still wait 90 days to make the issue public. There are a couple of exceptions, though. One is when there’s “mutual agreement” between the two companies to disclose early, and Project Zero may also extend the deadline by 14 days if it’s taking longer for a vendor to put together a patch. The seven day deadline for vulnerabilities that are being exploited in the wild will remain unchanged.

As well as giving patches more time to be adopted, Project Zero says it hopes the new policy will improve consistency, giving vendors a better idea of when a vulnerability will be made public. It also says it’s eager to see more iterative and thorough patches issued, thanks to the time vendors will now have between a patch initially being issued and the vulnerability it addresses being made public.

Despite the changes, the Project Zero team says it’s broadly happy with how its disclosure period has worked until now. In 2014, when the team started its work, it says that bugs were sometimes not fixed six months after being discovered. Now, of the issues it’s identified (of which there have been many), it says 97.7 percent are patched within its 90 day window.

OnePlus’ latest feature will stop your phone from overcharging overnight

OnePlus has announced a new feature called Optimized Charging, which aims to make your phone’s battery last longer by changing the way it charges. The feature, which was first spotted in beta in December, will stop your phone from charging to above 80 percent until 100 minutes before you’re expected to unplug it. Only then will it let your device fully charge. The limitation is meant to minimize the amount of time your phone spends charging at 100 percent — which can cause its battery to degrade faster over time.

OnePlus isn’t the first company to introduce a feature like this. Apple announced its own Optimized Battery Charging feature with iOS 13, and Asus’ phone software supports similar functionality. However, it’s great to see other companies adopting such a potentially useful feature so quickly.

The key challenge to overcome with the functionality appears to be the guesswork involved with trying to work out when someone’s going to unplug their phone. OnePlus says that its software attempts to use your daily wake-up time, first alarm, or first event to guess when that might be, but after a few weeks, it should learn when this happens of its own accord. In the future, OnePlus says it’s hoping to improve its predictions to account for changing sleep patterns on weekends or changing time zones.

OnePlus says that you’ll be able to turn the feature on or off using the Optimized Charging option in the battery settings menu. The company also says that while your phone’s charge level is idling at 80 percent, it will show a muted notification with an option to override the setting if you need to (similar to iOS 13).

OnePlus’ announcement doesn’t specify exactly when the feature will arrive or which OnePlus handsets it will be available on, but given it’s been available in a beta form since last month we’d imagine it’s not too far away. We’ve contacted OnePlus for more information and will update this piece when we hear back.