wi-fi
Auto Added by WPeMatico
Auto Added by WPeMatico
Weeks after Amazon introduced an updated Fire TV lineup that included, for the first time, its own TVs, Roku today is announcing its own competitive products in a race to capture consumers’ attention before the holiday shopping season. Its updates include a new Roku Streaming Stick 4K and Roku Streaming Stick 4K+ — the latter which ships with Roku’s newer hands-free voice remote. The company is also refreshing the Roku Ultra LT, a Walmart-exclusive version of its high-end player. And it announced the latest software update, Roku OS 10.5, which adds updated voice features, a new Live TV channel for home screens and other minor changes.
The new Streaming Stick 4K builds on Roku’s four-year-old product, the Streaming Stick+, as it offers the same type of stick form factor designed to be hidden behind the TV set. This version, however, has a faster processor, which allows the device to boot up to 30% faster and load channels more quickly, Roku claims. The Wi-Fi is also improved, offering faster speeds and smart algorithms that help make sure users get on the right band for the best performance in their homes where network congestion is an increasingly common problem — especially with the pandemic-induced remote-work lifestyle. The new Stick adds support for Dolby Vision and HDR 10+, giving it the “4K” moniker.
Image Credits: Roku
This version ships with Roku’s standard voice remote for the same price of $49.99. For comparison, Amazon’s new Fire TV Stick Max with a faster processor and speedier Wi-Fi is $54.99. However, Amazon is touting the addition of Wi-Fi 6 and support for its game streaming service, Luna, as reasons to upgrade.
Roku’s new Streaming Stick 4K+ adds the Roku Voice Remote Pro to the bundle instead. This is Roku’s new remote, launched in the spring, that offers rechargeability, a lost remote finder and hands-free voice support via its mid-field microphone, so you can just say things like “hey Roku, turn on the TV,” or “launch Netflix,” instead of pressing buttons. Bought separately, this remote is $29.99. The bundle sells for $69.99, which translates to a $10 discount over buying the stick and remote by themselves.
Image Credits: Roku
Both versions of the Streaming Stick will be sold online and in stores starting in October.
The Roku Ultra LT ($79.99), built for Walmart exclusively, has also been refreshed with a faster processor, more storage, a new Wi-Fi radio with up to 50% longer range, support for Dolby Vision, Bluetooth audio streaming and a built-in ethernet port.
Plus, Roku notes that TCL will become the first device partner to use the reference designs it introduced at CES for wireless soundbars, with its upcoming Roku TV wireless soundbar. This device connects over Wi-Fi to the TV and works with the Roku remote, and will arrive at major retailers in October where it will sell for $179.99.
The other big news is Roku’s OS 10.5 software release. The update isn’t making any dramatic changes this time around, but is instead focused largely on voice and mobile improvements.
The most noticeable consumer-facing change is the ability to add a new Live TV channel to your home screen, which lets you more easily launch The Roku Channel’s 200+ free live TV channels, instead of having to first visit Roku’s free streaming hub directly, then navigate to the Live TV section. This could make the Roku feel more like traditional TV for cord-cutters abandoning their TV guide for the first time.
Image Credits: Roku
Other tweaks include expanded support for launching channels using voice commands, with most now supported; new voice search and podcast playback with a more visual “music and podcast” row and Spotify as a launch partner; the ability to control sound settings in the mobile app; an added Voice Help guide in settings; and additional sound configuration options for Roku speakers and soundbars (e.g. using the speaker pairs and soundbar in a left/center/right) or in full 5.1 surround sound system).
A handy feature for entering in email and passwords in set-up screens using voice commands is new, too. Roku says it sends the voice data off-device to its speech-to-text partner, and the audio is anonymized. Roku doesn’t get the password or store it, as it goes directly to the channel partner. While there are always privacy concerns with voice data, the addition is a big perk from an accessibility standpoint.
Image Credits: Roku
One of the more under-the-radar, but potentially useful changes coming in OS 10.5 is an advanced A/V sync feature that lets you use the smartphone camera to help Roku make further refinements to the audio delay when using wireless headphones to listen to the TV. This feature is offered through the mobile app.
The Roku mobile app in the U.S. is also gaining another feature with the OS 10.5 update with the addition of a new Home tab for browsing collections of movies and shows across genres, and a “Save List, which functions as a way to bookmark shows or movies you might hear about — like when chatting with friends — and want to remember to watch later when you’re back home in front of the TV.
The software update will roll out to Roku devices over the weeks ahead. It typically comes to Roku players first, then rolls out to TVs.
Powered by WPeMatico
Welcome back to This Week in Apps, the weekly TechCrunch series that recaps the latest in mobile OS news, mobile applications and the overall app economy.
The app industry continues to grow, with a record 218 billion downloads and $143 billion in global consumer spend in 2020. Consumers last year also spent 3.5 trillion minutes using apps on Android devices alone. And in the U.S., app usage surged ahead of the time spent watching live TV. Currently, the average American watches 3.7 hours of live TV per day, but now spends four hours per day on their mobile devices.
Apps aren’t just a way to pass idle hours — they’re also a big business. In 2019, mobile-first companies had a combined $544 billion valuation, 6.5x higher than those without a mobile focus. In 2020, investors poured $73 billion in capital into mobile companies — a figure that’s up 27% year-over-year.
Do you want This Week in Apps in your inbox every Saturday? Sign up here: techcrunch.com/newsletters
Apple announced a major initiative to scan devices for CSAM imagery. The company on Thursday announced a new set of features, arriving later this year, that will detect child sexual abuse material (CSAM) in its cloud and report it to law enforcement. Companies like Dropbox, Google and Microsoft already scan for CSAM in their cloud services, but Apple had allowed users to encrypt their data before it reached iCloud. Now, Apple’s new technology, NeuralHash, will run on users’ devices, tatformso detect when a users upload known CSAM imagery — without having to first decrypt the images. It even can detect the imagery if it’s been cropped or edited in an attempt to avoid detection.
Meanwhile, on iPhone and iPad, the company will roll out protections to Messages app users that will filter images and alert children and parents if sexually explicit photos are sent to or from a child’s account. Children will not be shown the images but will instead see a grayed-out image instead. If they try to view the image anyway through the link, they’ll be shown interruptive screens that explain why the material may be harmful and are warned that their parents will be notified.
Some privacy advocates pushed back at the idea of such a system, believing it could expand to end-to-end encrypted photos, lead to false positives, or set the stage for more on-device government surveillance in the future. But many cryptology experts believe the system Apple developed provides a good balance between privacy and utility, and have offered their endorsement of the technology. In addition, Apple said reports are manually reviewed before being sent to the National Center for Missing and Exploited Children (NCMEC).
The changes may also benefit iOS developers who deal in user photos and uploads, as predators will no longer store CSAM imagery on iOS devices in the first place, given the new risk of detection.
Image Credits: Apple
Though not yet publicly available to all users, those testing the new iOS 15 mobile operating system got their first glimpse of a new App Store discovery feature this week: “in-app events.” First announced at this year’s WWDC, the feature will allow developers and Apple editors alike to showcase directly on the App Store upcoming events taking place inside apps.
The events can appear on the App Store homepage, on the app’s product pages or can be discovered through personalized recommendations and search. In some cases, editors will curate events to feature on the App Store. But developers will also be provided tools to submit their own in-app events. TikTok’s “Summer Camp” for creators was one of the first in-app events to be featured, where it received a top spot on the iPadOS 15 App Store.
Apple expands support for student IDs on iPhone and Apple Watch ahead of the fall semester. Tens of thousands more U.S. and Canadian colleges will now support mobile student IDs in the Apple Wallet app, including Auburn University, Northern Arizona University, University of Maine, New Mexico State University and others.
Apple was accused of promoting scam apps in the App Store’s featured section. The company’s failure to properly police its store is one thing, but to curate an editorial list that actually includes the scams is quite another. One of the games rounded up under “Slime Relaxations,” an already iffy category to say the least, was a subscription-based slime simulator that locked users into a $13 AUD per week subscription for its slime simulator. One of the apps on the curated list didn’t even function, implying that Apple’s editors hadn’t even tested the apps they recommend.
Tax changes hit the App Store. Apple announced tax and price changes for apps and IAPs in South Africa, the U.K. and all territories using the Euro currency, all of which will see decreases. Increases will occur in Georgia and Tajikistan, due to new tax changes. Proceeds on the App Store in Italy will be increased to reflect a change to the Digital Services Tax effective rate.
Game Center changes, too. Apple said that on August 4, a new certificate for server-based Game Center verification will be available via the publicKeyUrl.
Robinhood stock jumped more than 24% to $46.80 on Tuesday after initially falling 8% on its first day of trading last week, after which it had continued to trade below its opening price of $38.
Square’s Cash app nearly doubled its gross profit to $546 million in Q2, but also reported a $45 million impairment loss on its bitcoin holdings.
Coinbase’s app now lets you buy your cryptocurrency using Apple Pay. The company previously made its Coinbase Card compatible with Apple Pay in June.
An anonymous app called Sendit, which relies on Snap Kit to function, is climbing the charts of the U.S. App Store after Snap suspended similar apps, YOLO and LMK. Snap was sued by the parent of child who was bullied through those apps, which led to his suicide. Sendit also allows for anonymity, and reviews compare it to YOLO. But some reviews also complained about bullying. This isn’t the first time Snap has been involved in a lawsuit related to a young person’s death related to its app. The company was also sued for its irresponsible “speed filter” that critics said encouraged unsafe driving. Three young men died using the filter, which captured them doing 123 mph.
TikTok is testing Stories. As Twitter’s own Stories integrations, Fleets, shuts down, TikTok confirmed it’s testing its own Stories product. The TikTok Stories appear in a left-hand sidebar and allow users to post ephemeral images or video that disappear in 24 hours. Users can also comment on Stories, which are public to their mutual friends and the creator. Stories on TikTok may make more sense than they did on Twitter, as TikTok is already known as a creative platform and it gives the app a more familiar place to integrate its effects toolset and, eventually, advertisements.
Facebook has again re-arranged its privacy settings. The company continually moves around where its privacy features are located, ostensibly to make them easier to find. But users then have to re-learn where to go to find the tools they need, after they had finally memorized the location. This time, the settings have been grouped into six top-level categories, but “privacy” settings have been unbundled from one location to be scattered among the other categories.
A VICE report details ban-as-a-service operations that allow anyone to harass or censor online creators on Instagram. Assuming you can find it, one operation charged $60 per ban, the listing says.
TikTok merged personal accounts with creator accounts. The change means now all non-business accounts on TikTok will have access to the creator tools under Settings, including Analytics, Creator Portal, Promote and Q&A. TikTok shared the news directly with subscribers of its TikTok Creators newsletter in August, and all users will get a push notification alerting them to the change, the company told us.
Discord now lets users customize their profile on its apps. The company added new features to its iOS and Android apps that let you add a description, links and emojis and select a profile color. Paid subscribers can also choose an image or GIF as their banner.
Twitter Spaces added a co-hosting option that allows up to two co-hosts to be added to the live audio chat rooms. Now Spaces can have one main host, two co-hosts and up to 10 speakers. Co-hosts have all the moderation abilities as hosts, but can’t add or remove others as co-hosts.
Tencent reopened new user sign-ups for its WeChat messaging app, after having suspended registrations last week for unspecified “technical upgrades.” The company, like many other Chinese tech giants, had to address new regulations from Beijing impacting the tech industry. New rules address how companies handle user data collection and storage, antitrust behavior and other checks on capitalist “excess.” The gaming industry is now worried it’s next to be impacted, with regulations that would restrict gaming for minors to fight addiction.
WhatsApp is adding a new feature that will allow users to send photos and videos that disappear after a single viewing. The Snapchat-inspired feature, however, doesn’t alert you if the other person takes a screenshot — as Snap’s app does. So it may not be ideal for sharing your most sensitive content.
Telegram’s update expands group video calls to support up to 1,000 viewers. It also announced video messages can be recorded in higher quality and can be expanded, regular videos can be watched at 0.5 or 2x speed, screen sharing with sound is available for all video calls, including 1-on-1 calls, and more.
American Airlines added free access to TikTok aboard its Viasat-equipped aircraft. Passengers will be able to watch the app’s videos for up to 30 minutes for free and can even download the app if it’s not already installed. After the free time, they can opt to pay for Wi-Fi to keep watching. Considering how easy it is to fall into multi-hour TikTok viewing sessions without knowing it, the addition of the addictive app could make long plane rides feel shorter. Or at least less painful.
Chinese TikTok rival Kuaishou saw stocks fall by more than 15% in Hong Kong, the most since its February IPO. The company is another victim of an ongoing market selloff triggered by increasing investor uncertainty related to China’s recent crackdown on tech companies. Beijing’s campaign to rein in tech has also impacted Tencent, Alibaba, Jack Ma’s Ant Group, food delivery company Meituan and ride-hailing company Didi. Also related, Kuaishou shut down its controversial app Zynn, which had been paying users to watch its short-form videos, including those stolen from other apps.
Twitch overtook YouTube in consumer spending per user in April 2021, and now sees $6.20 per download as of June compared with YouTube’s $5.60, Sensor Tower found.
Image Credits: Sensor Tower
Spotify confirmed tests of a new ad-supported tier called Spotify Plus, which is only $0.99 per month and offers unlimited skips (like free users get on the desktop) and the ability to play the songs you want, instead of only being forced to use shuffle mode.
The company also noted in a forum posting that it’s no longer working on AirPlay2 support, due to “audio driver compatibility” issues.
Mark Cuban-backed audio app Fireside asked its users to invest in the company via an email sent to creators which didn’t share deal terms. The app has yet to launch.
YouTube kicks off its $100 million Shorts Fund aimed at taking on TikTok by providing creators with cash incentives for top videos. Creators will get bonuses of $100 to $10,000 based on their videos’ performance.
Match Group announced during its Q2 earnings it plans to add to several of the company’s brands over the next 12 to 24 months audio and video chat, including group live video, and other livestreaming technologies. The developments will be powered by innovations from Hyperconnect, the social networking company that this year became Match’s biggest acquisition to date when it bought the Korean app maker for a sizable $1.73 billion. Since then, Match was spotted testing group live video on Tinder, but says that particular product is not launching in the near-term. At least two brands will see Hyperconnect-powered integrations in 2021.
The Photo & Video category on U.S. app stores saw strong growth in the first half of the year, a Sensor Tower report found. Consumer spend among the top 100 apps grew 34% YoY to $457 million in Q2 2021, with the majority of the revenue (83%) taking place on iOS.
Image Credits: Sensor Tower
Epic Games revealed the host of its in-app Rift Tour event is Ariana Grande, in the event that runs August 6-8.
Pokémon GO influencers threatened to boycott the game after Niantic removed the COVID safety measures that had allowed people to more easily play while social distancing. Niantic’s move seemed ill-timed, given the Delta variant is causing a new wave of COVID cases globally.
Apple kicked out an app called Unjected from the App Store. The new social app billed itself as a community for the unvaccinated, allowing like-minded users to connect for dating and friendships. Apple said the app violated its policies for COVID-19 content.
Google Pay expanded support for vaccine cards. In Australia, Google’s payments app now allows users to add their COVID-19 digital certification to their device for easy access. The option is available through Google’s newly updated Passes API which lets government agencies distribute digital versions of vaccine cards.
COVID Tech Connect, a U.S. nonprofit initially dedicated to collecting devices like phones and tablets for COVID ICU patients, has now launched its own app. The app, TeleHome, is a device-agnostic, HIPAA-compliant way for patients to place a video call for free at a time when the Delta variant is again filling ICU wards, this time with the unvaccinated — a condition that sometimes overlaps with being low-income. Some among the working poor have been hesitant to get the shot because they can’t miss a day of work, and are worried about side effects. Which is why the Biden administration offered a tax credit to SMBs who offered paid time off to staff to get vaccinated and recover.
Popular journaling app Day One, which was recently acquired by WordPress.com owner Automattic, rolled out a new “Concealed Journals” feature that lets users hide content from others’ viewing. By tapping the eye icon, the content can be easily concealed on a journal by journal basis, which can be useful for those who write to their journal in public, like coffee shops or public transportation.
Recently IPO’d language learning app Duolingo is developing a math app for kids. The company says it’s still “very early” in the development process, but will announce more details at its annual conference, Duocon, later this month.
Educational publisher Pearson launched an app that offers U.S. students access to its 1,500 titles for a monthly subscription of $14.99. the Pearson+ mobile app (ack, another +), also offers the option of paying $9.99 per month for access to a single textbook for a minimum of four months.
Quora jumps into the subscription economy. Still not profitable from ads alone, Quora announced two new products that allow its expert creators to monetize their content on its service. With Quora+ ($5/mo or $50/yr), subscribers can pay for any content that a creator paywalls. Creators can choose to enable a adaptive paywall that will use an algorithm to determine when to show the paywall. Another product, Spaces, lets creators write paywalled publications on Quora, similar to Substack. But only a 5% cut goes to Quora, instead of 10% on Substack.
Google Maps on iOS added a new live location-sharing feature for iMessage users, allowing them to more easily show your ETA with friends and even how much battery life you have left. The feature competes with iMessage’s built-in location-sharing feature, and offers location sharing of 1 hour up to 3 days. The app also gained a dark mode.
Controversial crime app Citizen launched a $20 per month “Protect” service that includes live agent support (who can refer calls to 911 if need be). The agents can gather your precise location, alert your designated emergency contacts, help you navigate to a safe location and monitor the situation until you feel safe. The system of live agent support is similar to in-car or in-home security and safety systems, like those from ADT or OnStar, but works with users out in the real world. The controversial part, however, is the company behind the product: Citizen has been making headlines for launching private security fleets outside law enforcement, and recently offered a reward in a manhunt for an innocent person based on unsubstantiated tips.
Square announced its acquisition of the “buy now, pay later” giant AfterPay in a $29 billion deal that values the Australian firm at more than 30% higher than the stock’s last closing price of AUS$96.66. AfterPay has served over 16 million customers and nearly 100,000 merchants globally, to date, and comes at a time when the BNPL space is heating up. Apple has also gotten into the market recently with an Affirm partnership in Canada.
Gaming giant Zynga acquired Chinese game developer StarLark, the team behind the mobile golf game Golf Rival, from Betta Games for $525 million in both cash and stock. Golf Rival is the second-largest mobile golf game behind Playdemic’s Golf Clash, and EA is in the process of buying that studio for $1.4 billion.
U.K.-based Humanity raised an additional $2.5 million for its app that claims to help slow down aging, bringing the total raise to date to $5 million. Backers include Calm’s co-founders, MyFitness Pal’s co-founder and others in the health space. The app works by benchmarking health advice against real-world data, to help users put better health practices into action.
YELA, a Cameo-like app for the Middle East and South Asia, raised $2 million led by U.S. investors that include Tinder co-founder Justin Mateen and Sean Rad, general partner of RAD Fund. The app is focusing on signing celebrities in the regions it serves, where smartphone penetration is high and over 6% of the population is under 35.
London-based health and wellness app maker Palta raised a $100 million Series B led by VNV Global. The company’s products include Flo.Health, Simple Fasting, Zing Fitness Coach and others, which reach a combined 2.4 million active, paid subscribers. The funds will be used to create more mobile subscription products.
Emoji database and Wikipedia-like site Emojipedia was acquired by Zedge, the makers of a phone personalization app offering wallpapers, ringtones and more to 35 million MAUs. Deal terms weren’t disclosed. Emojipedia says the deal provides it with more stability and the opportunity for future growth. For Zedge, the deal provides
….um, a popular web resource it thinks it can better monetize, we suspect.
Mental health app Revery raised $2 million led by Sequoia Capital India’s Surge program for its app that combines cognitive behavioral therapy for insomnia with mobile gaming concepts. The company will focus on other mental health issues in the future.
London-based Nigerian-operating fintech startup Kuda raised a $55 million Series B, valuing its mobile-first challenger bank at $500 million. The inside round was co-led by Valar Ventures and Target Global.
Vietnamese payments provider VNLife raised $250 million in a round led by U.S.-based General Atlantic and Dragoneer Investment Group. PayPal Ventures and others also participated. The round values the business at over $1 billion.

Fans of decentralized social media efforts now have a new app. The nonprofit behind the open source decentralized social network Mastodon released an official iPhone app, aimed at making the network more accessible to newcomers. The app allows you to find and follow people and topics; post text, images, GIFs, polls, and videos; and get notified of new replies and reblogs, much like Twitter.
Xingtu
@_666eveITS SO COOL FRFR do u guys want a tutorial? #fypシ #醒图 #醒图app♬ original sound – Ian Asher
TikTok users are teaching each other how to switch over to the Chinese App Store in order to get ahold of the Xingtu app for iOS. (An Android version is also available.) The app offers advanced editing tools that let users edit their face and body, like FaceTune, apply makeup, add filters and more. While image-editing apps can be controversial for how they can impact body acceptance, Xingtu offers a variety of artistic filters which is what’s primarily driving the demand. It’s interesting to see the lengths people will go to just to get a few new filters for their photos — perhaps making a case for Instagram to finally update its Post filters instead of pretending no one cares about their static photos anymore.
Facebook still dominating top charts, but not the No. 1 spot:
Not cool, Apple:
This user acquisition strategy:
Maybe Stories don’t work everywhere:
Powered by WPeMatico
A shared user account used by WeWork employees to access printer settings and print jobs had an incredibly simple password — so simple that a customer guessed it.
Jake Elsley, who works at a WeWork in London, said he found the user account after a WeWork employee at his location mistakenly left the account logged in.
WeWork customers like Elsley normally have an assigned seven-digit username and a four-digit passcode used for printing documents at WeWork locations. But the username for the account used by WeWork employees was just four-digits: “9999”. Elsley told TechCrunch that he guessed the password because it was the same as the username. (“9999” is ranked as one of the most common passwords in use today, making it highly insecure.)
The “9999” account is used by and shared among WeWork community managers, who oversee day-to-day operations at each location, to print documents for visitors who don’t have accounts to print on their own. The account cannot be used to access print jobs sent to other customer accounts.
Elsley said that the “9999” account could not see the contents of documents beyond file names, but that logging in to the WeWork printing web portal could allow him to release other people’s pending print jobs sent to the “9999” account to any other WeWork printer on the network.
The printing web portal can only be accessed on WeWork’s Wi-Fi networks, said Elsley, but that includes the free guest Wi-Fi network which doesn’t have a password, and WeWork’s main Wi-Fi network, which still uses a password that has been widely circulated on the internet.
Elsley reached out to TechCrunch to ask us to alert the company to the insecure password.
“WeWork is committed to protecting the privacy and security of our members and employees,” said WeWork spokesperson Colin Hart. “We immediately initiated an investigation into this potential issue and took steps to address any concerns. We are also nearing the end of a multi-month process of upgrading all of our printing capabilities to a best in class security and experience solution. We expect this process to be completed in the coming weeks.”
WeWork confirmed that it had since changed the password on the “9999” user account.
Powered by WPeMatico
The UK may be rethinking its decision to shun Apple and Google’s API for its national coronavirus contacts tracing app, according to the Financial Times, which reported yesterday that the government is paying an IT supplier to investigate whether it can integrate the tech giants’ approach after all.
As we’ve reported before coronavirus contacts tracing apps are a new technology which aims to repurpose smartphones’ Bluetooth signals and device proximity to try to estimate individuals’ infection risk.
The UK’s forthcoming app, called NHS COVID-19, has faced controversy because it’s being designed to use a centralized app architecture. This means developers are having to come up with workarounds for platform limitations on background access to Bluetooth as the Apple-Google cross-platform API only works with decentralized systems.
The choice of a centralized app architecture has also raised concerns about the impact of such an unprecedented state data grab on citizens’ privacy and human rights, and the risk of state ‘mission creep‘.
The UK also looks increasingly isolated in its choice in Europe after the German government opted to switch to a decentralized model, joining several other European countries that have said they will opt for a p2p approach, including Estonia, Ireland and Switzerland.
In the region, France remains the other major backer of a centralized system for its forthcoming coronavirus contacts tracing app, StopCovid.
Apple and Google, meanwhile, are collaborating on a so-called “exposure notification” API for national coronavirus contacts tracing apps. The API is slated to launch this month and is designed to remove restrictions that could interfere with how contact events are logged. However it’s only available for apps that don’t hold users’ personal data on central servers and prohibits location tracking, with the pair emphasizing that their system is designed to put privacy at the core.
Yesterday the FT reported that NHSX, the digital transformation branch of UK’s National Health Service, has awarded a £3.8M contract to the London office of Zuhlke Engineering, a Switzerland-based IT development firm which was involved in developing the initial version of the NHS COVID-19 app.
The contract includes a requirement to “investigate the complexity, performance and feasibility of implementing native Apple and Google contact tracing APIs within the existing proximity mobile application and platform”, per the newspaper’s report.
The work is also described as a “two week timeboxed technical spike”, which the FT suggests means it’s still at a preliminary phase — thought it also notes the contract includes a deadline of mid-May.
The contracted work was due to begin yesterday, per the report.
We’ve reached out to Zuhlke for comment. Its website describes the company as “a strong solutions partner” that’s focused on projects related to digital product delivery; cloud migration; scaling digital platforms; and the Internet of Things.
We also put questions arising from the FT report to NHSX.
At the time of writing the unit had not responded but yesterday a spokesperson told the newspaper: “We’ve been working with Apple and Google throughout the app’s development and it’s quite right and normal to continue to refine the app.”
The specific technical issue that appears to be causing concern relates to a workaround the developers have devised to try to circumvent platform limitations on Bluetooth that’s intended to wake up phones when the app itself is not being actively used in order that the proximity handshakes can still be carried out (and contacts events properly logged).
Thing is, if any of the devices fail to wake up and emit their identifiers so other nearby devices can log their presence there will be gaps in the data. Which, in plainer language, means the app might miss some close encounters between users — and therefore fail to notify some people of potential infection risk.
Recent reports have suggested the NHSX workaround has a particular problem with iPhones not being able to wake up other iPhones. And while Google’s Android OS is the more dominant platform in the UK (running on circa ~60% of smartphones, per Kantar) there will still be plenty of instances of two or more iPhone users passing near each other. So if their apps fail to wake up they won’t exchange data and those encounters won’t be logged.
On this, the FT quotes one person familiar with the NHS testing process who told it the app was able to work in the background in most cases, except when two iPhones were locked and left unused for around 30 minutes, and without any Android devices coming within 60m of the devices. The source also told it that bringing an Android device running the app close to the iPhone would “wake up” its Bluetooth connection.
Clearly, the government having to tell everyone in the UK to use an Android smartphone not an iPhone wouldn’t be a particularly palatable political message.
This is effectively a form of Android Herd Immunity: for the good of Britain, vaccinate your friends by giving them Androids!
— Michael Veale (@mikarv) May 5, 2020
One source with information about the NHSX testing process told us the unit has this week been asking IT suppliers for facilities or input on testing environments with “50-100 Bluetooth devices of mixed origin”, to help with challenges in testing the Bluetooth exchanges — which raises questions about how extensively this core functionality has been tested up to now. (Again, we’ve put questions to the NHSX about testing and will update this report with any response.)
Work on planning and developing the NHS COVID-19 app began March 7, according to evidence given to a UK parliamentary committee by the NHSX CEO’s, Matthew Gould, last month.
Gould has also previously suggested that the app could be “technically” ready to launch in as little as two or three weeks time from now. While a limited geographical trial of the app kicked off this week in the Isle of Wight. Prior to that, an alpha version of the app was tested at an RAF base involving staff carrying out simulations of people going shopping, per a BBC report last month.
Gould faced questions over the choice of centralized vs decentralized app architecture from the human rights committee earlier this week. He suggested then that the government is not “locked” to the choice — telling the committee: “We are constantly reassessing which approach is the right one — and if it becomes clear that the balance of advantage lies in a different approach then we will take that different approach. We’re not irredeemably wedded to one approach; if we need to shift then we will… It’s a very pragmatic decision about what approach is likely to get the results that we need to get.”
However it’s unclear how quickly such a major change to app architecture could be implemented, given centralized vs decentralized systems work in very different ways.
Additionally, such a big shift — more than two months into the NHSX’s project — seems, at such a late stage, as if it would be more closely characterized as a rebuild, rather than a little finessing (as suggested by the NHSX spokesperson’s remark to the FT vis-a-vis ‘refining’ the app).
In related news today, Reuters reports that Colombia has pulled its own coronavirus contacts tracing app after experiencing glitches and inaccuracies. The app had used alternative technology to power contacts logging via Bluetooth and wi-fi. A government official told the news agency it aims to rebuild the system and may now use the Apple-Google API.
Australia has also reported Bluetooth related problems with its national coronavirus app. And has also been reported to be moving towards adopting the Apple-Google API.
While, Singapore, the first country to launch a Bluetooth app for coronavirus contacts tracing, was also the first to run into technical hitches related to platform limits on background access — likely contributing to low download rates for the app (reportedly below 20%).
Powered by WPeMatico
If you’ve ever entered a company’s office as a visitor or contractor, you probably know the routine: check in with a receptionist, figure out who invited you, print out a badge and get on your merry way. Brussels, Belgium and New York-based Proxyclick aims to streamline this process, while also helping businesses keep their people and assets secure. As the company announced today, it has raised a $15 million Series B round led by Five Elms Capital, together with previous investor Join Capital.
In total, Proxyclick says its systems have now been used to register more than 30 million visitors in 7,000 locations around the world. In the U.K. alone, more than 1,000 locations use the company’s tools. Current customers include L’Oréal, Vodafone, Revolut, PepsiCo and Airbnb, as well as a number of other Fortune 500 firms.
Gregory Blondeau, founder and CEO of Proxyclick, stresses that the company believes that paper logbooks, which are still in use in many companies, are simply not an acceptable solution anymore, not in the least because that record is often permanent and visible to other visitors.
“We all agree it is not acceptable to have those paper logbooks at the entrance where everyone can see previous visitors,” he said. “It is also not normal for companies to store visitors’ digital data indefinitely. We already propose automatic data deletion in order to respect visitor privacy. In a few weeks, we’ll enable companies to delete sensitive data such as visitor photos sooner than other data. Security should not be an excuse to exploit or hold visitor data longer than required.”
What also makes Proxyclick stand out from similar solutions is that it integrates with a lot of existing systems for access control (including C-Cure and Lenel systems). With that, users can ensure that a visitor only has access to specific parts of a building, too.
In addition, though, it also supports existing meeting rooms, calendaring and parking systems, and integrates with Wi-Fi credentialing tools so your visitors don’t have to keep asking for the password to get online.
Like similar systems, Proxyclick provides businesses with a tablet-based sign-in service that also allows them to get consent and NDA signatures right during the sign-in process. If necessary, the system also can compare the photos it takes to print out badges with those on a government-issued ID to ensure your visitors are who they say they are.
Blondeau noted that the whole industry is changing, too. “Visitor management is becoming mainstream, it is transitioning from a local, office-related subject handled by facility managers to a global, security and privacy-driven priority handled by chief information security officers. Scope, decision drivers and key people involved are not the same as in the early days,” he said.
It’s no surprise then that the company plans to use the new funding to accelerate its roadmap. Specifically, it’s looking to integrate its solution with more third-party systems with a focus on physical security features and facial recognition, as well as additional new enterprise features.
Powered by WPeMatico
Portable consoles are hardly new, and thanks to the Switch, they’re basically the most popular gaming devices in the world. But ClockworkPi’s GameShell is something totally unique, and entirely refreshing when it comes to gaming on the go. This clever DIY console kit provides everything you need to assemble your own pocket gaming machine at home, running Linux-based open-source software and using an open-source hardware design that welcomes future customization.
The GameShell is the result of a successful Kickstarter campaign, which began shipping to its backers last year and is now available to buy either direct from the company or from Amazon. The $159.99 ( on sale for $139.99 as of this writing) includes everything you need to build the console, like the ClockworkPi quad-core Cortex A7 motherboard with integrated Wi-Fi, Bluetooth and 1GB of DDR3 RAM — but it comes unassembled.
You won’t have to get out the soldering iron — the circuit boards come with all components attached. But you will be assembling screen, keypad, CPU, battery and speaker modules, connecting them with included cables and installing them in the slick, GameBoy-esque plastic shell. This might seem like an intimidating task, depending on your level of technical expertise: I know I found myself a bit apprehensive when I opened the various boxes and laid out all the parts in front of me.
But the included instructions, which are just illustrations, like those provided by Lego or Ikea, are super easy to follow and break down the task into very manageable tasks for people of all skill levels. All told, I had mine put together in less than an hour, and even though I did get in there with my teeth at one point (to remove a bit of plastic nubbin when assembling the optional Lightkey component, which adds extra function keys to the console), I never once felt overwhelmed or defeated. The time-lapse below chronicles my entire assembly process, start to finish.
What you get when you’re done is a fully functional portable gaming device, which runs Clockwork OS, a Linux-based open-source OS developed by the company. It includes Cave Story, one of the most celebrated indie games of the past couple of decades, and a number of built-in emulators (use of emulators is ethically and legally questionable, but it does provide an easy way to play some of those NES and SNES games you already own with more portability).
There’s a very active community around the GameShell that includes a number of indie games to play on the console, and tips and tricks for modifications and optimal use. It’s also designed to be a STEM educational resource, providing a great way for kids to see what’s actually happening behind the faceplate of the electronics they use everyday, and even getting started coding themselves to build software to run on the console. Loading software is easy, thanks to an included microSD storage card and the ability to easily connect via Wi-Fi to move over software from Windows and Mac computers.
Everything about the GameShell is programmable, and it features micro HDMI out, a built-in music player and Bluetooth support for headphone connection. It’s at once instantly accessible for people with very limited tech chops, and infinitely expandable and hackable for those who do want to go deeper and dig around with what else it has to offer.
Swappable face and backplates, plus open 3D models of each hardware component, mean that community-developed hardware add-ons and modifications are totally possible, too. The modular nature of the device means it can probably get even more powerful in the future too, with higher capacity battery modules and improved development boards.
I’ve definitely seen and used devices like the GameShell before, but few manage to be as accessible, powerful and customizable all at once. The GameShell is also fast, has great sound and an excellent display, and it seems to be very durable, with decent battery life of around three hours or slightly more of continuous use depending on things like whether you’re using Wi-Fi and screen brightness.
Powered by WPeMatico
Google says a small number of its enterprise customers mistakenly had their passwords stored on its systems in plaintext.
The search giant disclosed the exposure Tuesday but declined to say exactly how many enterprise customers were affected. “We recently notified a subset of our enterprise G Suite customers that some passwords were stored in our encrypted internal systems unhashed,” said Google vice president of engineering Suzanne Frey.
Passwords are typically scrambled using a hashing algorithm to prevent them from being read by humans. G Suite administrators are able to manually upload, set and recover new user passwords for company users, which helps in situations where new employees are on-boarded. But Google said it discovered in April that the way it implemented password setting and recovery for its enterprise offering in 2005 was faulty and improperly stored a copy of the password in plaintext.
Google has since removed the feature.
No consumer Gmail accounts were affected by the security lapse, said Frey.
“To be clear, these passwords remained in our secure encrypted infrastructure,” said Frey. “This issue has been fixed and we have seen no evidence of improper access to or misuse of the affected passwords.”
Google has more than 5 million enterprise customers using G Suite.
Google said it also discovered a second security lapse earlier this month as it was troubleshooting new G Suite customer sign-ups. The company said since January it was improperly storing “a subset” of unhashed G Suite passwords on its internal systems for up to two weeks. Those systems, Google said, were only accessible to a limited number of authorized Google staff, the company said.
“This issue has been fixed and, again, we have seen no evidence of improper access to or misuse of the affected passwords,” said Frey.
Google said it’s notified G Suite administrators to warn of the password security lapse, and will reset account passwords for those who have yet to change.
A spokesperson confirmed Google has informed data protection regulators of the exposure.
Google becomes the latest company to have admitted storing sensitive data in plaintext in the past year. Facebook said in March that “hundreds of millions” of Facebook and Instagram passwords were stored in plaintext. Twitter and GitHub also admitted similar security lapses last year.
Read more:
Powered by WPeMatico
Google’s Project Fi wireless service is getting a major update today that introduces an optional always-on VPN service and a smarter way to switch between Wi-Fi and cellular connections.
By default, Fi already uses a VPN service to protect users when they connect to the roughly two million supported Wi-Fi hotspots. Now, Google is expanding this to cellular connections, as well. “When you enable our enhanced network, all of your mobile and Wi-Fi traffic will be encrypted and securely sent through our virtual private network (VPN) on every network you connect to, so you’ll have the peace of mind of knowing that others can’t see your online activity,” the team writes in today’s announcement.
Google notes that the VPN also shields all of your traffic from Google itself and that it isn’t tied to your Google account or phone number.
The VPN is part of what Google calls its “enhanced network” and the second part of this announcement is that this network now also allows for a faster switch between Wi-Fi and mobile networks. When you enable this — and both of these features are currently in beta and only available on Fi-compatible phones that run Android Pie — your phone will automatically detect when your Wi-Fi connection gets weaker and fill in those gaps with cellular data. The company says that in its testing, this new system reduces a user’s time without a working connection by up to 40 percent.
These new features will start rolling out to Fi users later this week. They are off by default, so you’ll have to head to the Fi Network Tools in the Project Fi app and turn them on to get started. One thing to keep in mind here: Google says your data usage will likely increase by about 10 percent when you use the VPN.
Powered by WPeMatico
Project Fi, Google’s multi-network cell service, now provides you with data coverage in 170 countries.
That’s up from the 135 countries in which the company has long offered service. New countries where service is now available include the likes of Belize and Myanmar.
The good thing here is that Project Fi still doesn’t charge you extra for your data usage in these countries. Read More
Powered by WPeMatico
Skype, the Microsoft-owned service that helped pioneer and popularize the rise of voice and video calls over the internet, is killing off one of the features that it added in later years to try to make the service more ubiquitous, especially among roaming users: on March 31, the company is killing off its WiFi service, which let users buy Wi-Fi access in paid public hotspots. Read More
Powered by WPeMatico