Category: Article

THE DATA ECONOMY has too often betrayed its customers, whether it’s Facebook sharing data you didn’t even realize it had, or invisible trackers that follow you around the webwithout your knowledge. But a new app launching in the iOS App Store today wants to help you take back some control—without making your life harder.

The Guardian Firewall app runs in the background of an iOS device, and stymies data and location trackers while compiling a list of all the times your apps attempt to deploy them. It does so without breaking functionality in your apps or making them unusable. Plus, the blow by blow list gives you much deeper insight than you would normally have into what your phone is doing behind the scenes. Guardian Firewall also takes pains to avoid becoming another cog in the data machine itself. You don’t need to make an account to run the firewall, and the app is architected to box its developers out of user data completely.

“We don’t log IPs, because that’s toxic,” says Will Strafach, a long-time iOS jailbreaker and founder of Sudo Security Group, which develops Guardian Firewall. “To us, data is a liability, not an asset. But to think that way you’ve got to think outside the box, because it means you can’t just choose the simplest solutions to engineering problems a lot of times. But if you are willing to spend the time and resources, you can find solutions where there isn’t a privacy downside.”

Block Party

The Guardian Firewall development team, which also includes noted jailbreaker Joshua Hill, currently comprises four engineers and two security researchers, and the app translates their collective knowledge about App Store services into automatic blocking for modules within apps that are known to be potentially invasive. The service costs $10 per month, or $100 per year. You pay through an in-app purchase using your AppleID, which means Guardian Firewall doesn’t manage the transaction or the data associated with it. The team doesn’t have immediate plans to expand to Android, because their expertise lies so specifically in iOS.

To start using Guardian Firewall, all you do is tap a big button on the main screen. It turns green and says “Protection is on.” From the user’s perspective, that’s it. Under the hood, the app establishes a virtual private network connection, and creates a random connection identity for it to keep track of people’s data without knowing who they are. If you turn Guardian Firewall protection off and then on again, the app establishes a new connection and new connection identity, meaning that there’s no way to connect the dots between your sessions.

The app uses its VPN connection to filter your data in the cloud, but the stream is fully encrypted. Guardian Firewall has automated machine learning mechanisms that evaluate how an app behaves and, particularly, whether it sends out data to third parties, like marketing analytics firms. The idea is to flag whenever an app tries to communicate beyond its own infrastructure. Guardian Firewall is also able to detect and block other types of potentially invasive behavior, like page hijackers that push mobile pop-ups.

Apple itself has already been working on baking similar protections directly into iOS, particularly when it comes to blocking web trackers in Safari that would otherwise fingerprint users across multiple sites. But Guardian Firewall aims to go a few steps further, and to apply across all apps.

Test Drive

I’ve been testing Guardian Firewall on and off for months, and have found it easy to leave it running in the background. The connection doesn’t seem to slow things down on my phone or eat my battery, and the list of trackers the app has blocked is constantly growing—310 location trackers, seven page hijackers, and 3,200 data trackers so far. It felt a little uncomfortable at first to have something constantly running in the background, but it was fascinating to see all the shenanigans happening on my iPhone all the time. Some beta testers have noted that they wish Guardian Firewall offered a customizable blacklisting feature, instead of only automated blocking. But I didn’t personally feel a desire to put time into customizing the app. To me the whole value is in “set it and forget it.”

Guardian Firewall has already engineered its way around at least one privacy conundrum during its limited prerelease. Someone essentially launched a denial of service attack against the service by rapidly initiating a deluge of connection requests all at once. Guardian Firewall couldn’t check what IP address or addresses the requests came from, though, because it doesn’t record IP addresses. The team could have solved the issue by altering its policy to access IP addresses during the small window when devices are establishing their connection and then delete the data. But “we determined that that would go against our values,” Strafach says.

Instead, the developers devised a workaround that uses a device check offered by Apple, but encrypts the check so Guardian Firewall itself can’t see the data that’s sent to Apple. The only thing Guardian Firewall finds out at the end of the process is whether the device is a legitimate iOS device or not.

As with any VPN, the ultimate test of Guardian Firewall’s privacy protections and approach to minimal data retention would be a subpoena that is later made public through a trial in which the service has nothing to hand over. And Strafach says that while the company will cooperate with investigators if necessary as required by law, the company has taken precautions both internally and in contracts with its infrastructure providers to ensure that it can be transparent with users about any law enforcement requests.

“Looking over their privacy policy it looks really good,” says William Budington, a senior staff technologist at the Electronic Frontier Foundation. “You’re not logging in, and there’s radical data minimization in general. If they don’t have data stored on a server then a breach or buy-out won’t actually have that much of a negative impact. But keeping an eye on the privacy policy and news about the company is a good practice in general with VPNs, because things can slowly change.”

Not Just Another VPN

Of course, many of the same questions about trust apply to Guardian Firewall as they do to other VPNs. You’re still sending all of your data to their server. But at least Guardian Firewall uses the built-in iOS VPN application programming interface instead of trying to reinvent the wheel, and the encryption scheme protecting your data similarly draws on vetted industry standards, rather than anything proprietary. Strafach also says Guardian Firewall’s goal is to be as open and transparent about its actions as possible—and agrees that people should think carefully about whether it suits their specific needs, as they should for any app.

“People should know exactly what Guardian is doing and if it’s just a concept they don’t like, or they think we’re not the right data custodians for them then so be it, that’s cool,” he says. “‘How can we trust you?’ is just such a valid question for users to be asking all app makers.”

One thing Guardian Firewall can’t currently do is identify what specific apps trigger its tracking alerts, a feature that I found myself wishing it had. If anything, though, the absence helps solidify its privacy cred. Strafach and his team hadn’t figured out how to achieve that granularity without inadvertently creating a potentially identifiable data set of all the apps on your phone. An upcoming solution still won’t directly connect warnings to specific apps, but will instead show the apps that were running at that timestamp that could have cased the alert.

“All you’ll be able to see is ‘at this time we saw this tracker and these are the apps which could be causing it,'” Strafach says. “So maybe that’s one app or maybe three, but it’s a compromise that gives more of the answer users want while it respects their privacy.”

“Clearly the biggest risk to the everyday iOS user is apps surreptitiously tracking them, which unfortunately the majority of apps do—rather massively,” says Patrick Wardle, a Mac security specialist. “Guardian generically thwarts such trackers. I love that Will and Josh, who are former jailbreakers, tackled this. I bet it wasn’t easy, but with their unique skills they are probably one of the few teams that could figure it out and make it all seamlessly work in the constrictive iOS environment.”

It’s complicated and resource-intensive to make all of these wild workarounds happen, but if Guardian Firewall can do it and be financially viable, Strafach hopes that the project will become a sort of case study that privacy pays. With so many companies in the marketplace seemingly convinced that that’s not the case, there’s a lot riding on its success.

Today, Nvidia announced the Shield Experience Upgrade 8.0 update for the Shield TV. The update finally brings Android 9 Pie to the Shield TV, the first Android TV device to get Google’s latest version of Android.

Pie streamlines the interface to make it easier to access your apps and settings. Along with an updated interface are updated colors, improved organization, and a streamlined set-up process. There’s also a heavier emphasis on Google Assistant, with an enlarged microphone icon and search area at the top of the main menu.

The update also highlights the updated Hulu with Live TV app. The interface is similar to what you’ll see on the smartphone and tablet versions of the app, with a horizontal list of categories and vertical lists of shows and movies. The updated Hulu with Live TV app will complete its rollout in the coming weeks.

Other goodies include 20 new GeForce Now games, three new Shield TV games, and more. Here’s the full changelog:

Updates “Display and Sounds” advanced setting into two easier to navigate menus.

Adds option to match content color space (Settings > Display & Sound > Advanced).

Improved volume dynamic range for USB and Bluetooth connected headsets.

Shield TV remote app adds Bluetooth assist for pairing and improves connection.

Enables 720p refresh rate switching on supported apps.

Adds “Disconnect Bluetooth accessories” option to quick settings.

Adds IR power control options to customize on/off functionality.

Adds option to turn off USB power when Shield sleeps.

Adds option to connect to 2.4GHz or 5GHz Wi-Fi network with shared SSID.

Latest accessory firmware versions: Shield controller (2017): v1.30

Shield controller (2015): v1.96/99/3.71/0.32

Shield remote (2017): v1.43

Shield remote (2015): v1.36

It’s no secret that Android tablets are in an awkward position. While Apple’s iPad remains an important part of its product line-up, even Google has given up on making an equivalent. But Samsung hasn’t given up on Android tablets just yet. Today it announced the Galaxy Tab S6. It’s clear the tablet has taken some inspiration from the new iPad Pro, but it has a few tricks of its own too.

First, the specs:

10.5″ Super AMOLED Display

6GB + 128 GB or 8GB + 128GB RAM and storage configurations

Snapdragon 855 or Exynos 9610

7,040 mAh battery (15 hours battery life claimed)

8MP front camera

13MP + 5MP rear cameras

Four AKG speakers with Dolby Atmos technology

Optical fingerprint sensor

New Bluetooth S-Pen

It’s the usual spec bump here – smartphone specs stuffed into a larger frame. That’s one advantage Apple has: it’s iPad Pros are always significantly more powerful than its iPhones, allowing you to manage significantly greater workloads on its tablet.

That’s not to say the Tab S6 is a slouch – are smartphones specs are plenty powerful as it is, and a tablet’s true power comes from the larger frame. Samsung is known for stuffing its devices with features, and the Tab S6 is no different.

Key among the improvements over the Tab S4 (there was no Tab S5, only a midrange Tab S5e) is the new remote control S-Pen Samsung first introduced with the Galaxy Note 9. This allows you to do things use the S-Pen as a remote shutter or skip songs. The S-Pen does need to be charged now, but it does so when attached to the body magnetically, and a 10-minute charge will get you through a full day of use.

Speaking of the body, the Tab S6 has an all-new design that takes a page out of the new iPad Pro’s book with sharper edges and a boxier look. but the more meaningful improvement is in the keyboard cover, which now has a – gasp – touchpad. When you use the Tab S6 in DeX mode – basically a desktop UI for Android – you’ll definitely see the benefits of having a proper mouse. The cover also now includes a kickstand, giving you Surface-like positioning flexibility.

More puzzling is the new S-Pen placement. It attached magnetically to the back of the tablet, which seems like awkward ergonomics and an easy way to lose the pen, so I hope Samsung has some strong magnets. The keyboard cover does include a flap that covers the pen more securely though.

It’s hard to say whether the Tab S6 is worth your hard-earned money until we spend some quality time with it, but I’ve got to give Samsung some kudos for keeping the Android tablet alive. The Tab S6 will be available to pre-order on August 23 and will be released on September 6. Prices are $650 for the 6GB/128GB version and $730 for the 8GB/256GB model. The S-Pen is thrown in the box, but you’ll have to pay $180 for the keyboard cover.

Apple is now selling a new generation of the 5K LG UltraFine display. For the first time, the 5K UltraFine is now compatible with the iPad Pro, finally offering a 5K display option for 2018 iPad Pro users.

Previously, the 5K UltraFine display would only work over Thunderbolt. Now, it can output 5K over USB-C DisplayPort, which means it can now work with any of Apple’s current Mac and iPad Pro lineup.

Up to now, it has been basically impossible to find a compatible display that the iPad Pro can drive at full 5K resolution. The USB-C port enables a wide range of connectivity, but the market of 5K USB-C DisplayPort monitors was very scarce. The new LG UltraFine display is effectively the only option.

Unfortunately, that’s where the fanfare appears to end. The new 5K UltraFine display appears otherwise identical to the previous generation model. It features the same 27-inch 5120×2880 resolution panel in the same ugly chassis.

The UltraFine has built-in speakers, webcam and mic, as well as three USB-C ports for connecting wired accessories. The UltraFine lets you connect a single cable to your MacBook Pro to enable display output, access to wired accessories, and full-speed charging up to 94W thanks to Thunderbolt 3 power pass-through.

The new 5K display is now available to order from the Apple Store, for $1299. High-end professional Mac users (with deeper pockets nonetheless) may want to consider waiting for the Apple Pro Display, coming later this year. LG updated the 4K version of its UltraFine display series earlier this year.

This week, Hulu announced that Android TV will soon be a supported platform for its Hulu + Live TV service.

Detailed by Hulu, “Starting in early August, Hulu + Live TV and our updated UI will be available across a variety of Android TV devices, including Sony’s Android TVs, NVIDIA SHIELD, Xiaomi Mi Box, and Hisense Android TVs.”

Hulu says that in order to get some Live TV action fired up on your Android TV, keep checking this Google Play listing for when it’s compatible with your Android TV device.

As Samsung expected, its Q2 profit is off from last year’s by about 56 percent. An operating profit of $5.6 billion (6.6 trillion Korean won) is no small figure, but obviously not up to par for the electronics giant, and follow a similar result in Q1 of this year. A big reason for the fall is a drop in prices for memory chips, which Samsung is a major supplier of for products like smartphones and servers. It’s also negatively affected by weak iPhone sales since it supplies Apple with parts, and is facing slower sales for its own high-end phone models.

Last year Samsung was looking toward foldable devices to help turn around the trend, and after a delay it’s still expecting the Galaxy Fold to join its Galaxy Note 10 as an “innovative” new product launch. According to the company’s report, it’s also pushing ahead on 5G.

Also, as “protective global trade practices” increase and customers are increasingly reluctant to buy new high-priced phones, Samsung will “introduce more competitive A series models in the second half” to take advantage of interest in the midrange models. It already announced plans to bring the Galaxy A50 and a few others to the US, and if that pace increases then we’d expect to see more models like its A70 (pictured above) that puts many of the Galaxy S10’s features in a cheaper package. In an accompanying slide it specifically called out the Galaxy A80, which combines a motorized slide mechanism and rotating camera.

Similarly, it’s not expecting to see the TV market change much in the near future, but it will try to increase profits by pushing its latest technology: 8K. According to Samsung, it’s time to take the lead by “positioning QLED 8K TVs as mainstream TVs.” We’ll see if mainstream consumers are ready to bring that monster 98-inch Q900 set home.

If you happen to own Nintendo’s new VR Kit, Captain Toad has an adventure for you. Nintendo Europe has announced that Captain Toad: Treasure Tracker has a free software update which uses the virtual reality goggles–and it’s available now.

Captain Toad’s new mini VR adventure lets you view courses in 360 degrees and explore four courses in virtual reality. One lets you pan around the stage to better gauge what’s around pillars and obstacles, while another puts you in a minecart to hunt for treasure. Check out the announcement trailer below.

Treasure Tracker isn’t the only game with VR support. Nintendo America announced back in April 2019 that two of the company’s most popular Switch games–The Legend of Zelda: Breath of the Wild and Super Mario Odyssey–would receive VR support for free as software updates.

The VR Kit is part of Nintendo Labo, a sort of toys-to-life concept using cardboard to introduce new ways of interacting with the Nintendo Switch. Released throughout 2018, there are currently four Labo Kits available: Robot, Variety, Vehicle, and VR.

Treasure Tracker landed on Nintendo 3DS and Switch in July 2018, almost four years after its initial December 2014 launch. In our Treasure Tracker Switch review, we said, “Despite a smattering of minor complaints, Captain Toad stands as a pint-sized version of Nintendo’s stellar first party pedigree. It’s among the best Mario spin-offs around and a delightful iteration on old ideas.”

Microsoft has seemingly abandoned the idea of rolling out new distinct versions of Windows every couple of years. Instead, it just releases more updates for Windows 10. It let one update sneak out before it was ready last week, showing off a revised Start menu. That build also has another secret to spill. Microsoft is apparently working on cloud recovery options in Windows 10, PCMag reports.

We’ve all been there: some horrible, data-destroying thing has happened to your computer, and you need to reinstall Windows. At times like that, the last thing you want to do is dig through boxes and manuals to find your Windows install media. If you find it, the system image on it might be years old. With your computer incapacitated, you might not even have a way to make a new, up-to-date installation drive.

The leaked Windows build has a simple solution to that vexing problem. It offers the option of downloading a fresh copy of Windows from the cloud alongside the option to “reset locally” and reinstall the version you already have. Downloading a fresh build of Windows from the cloud has the potential to save hours of downloading and installing patches for an old version.

For this feature to work seamlessly, Microsoft would need its hardware partners to provide drivers or rely on the generic ones already bundled in Windows. Otherwise, users would have a fresh, new version of Windows and a bunch of non-functional hardware. That’s a problem most casual users wouldn’t know how to solve. Microsoft has the pull in the industry to make hardware vendors get in line, but it has to be serious about the effort. If OEMs are allowed to ignore the cloud restore option, no one is going to use it. Apple has a similar feature on Macs, but it has complete control over the hardware. So, there are no OEMs to strongarm.

Microsoft hasn’t commented on any features from the leaked build. It never intended to send that version of Windows 10 out to the Insider program, but the cat is out of the bag. If cloud downloads become an official feature, we should see them in the upcoming 20H1 update in spring of next year. As always, this is a leaked version of non-final software. The cloud download feature may end up delayed or altogether canceled.

Remote exploitation can be achieved with no user interaction.

Five bugs in Apple’s iMessage service for the iPhone have been uncovered that require no user interaction to exploit, including one that would allow remote attackers to access content stored on iOS devices.

First discovered by Google Project Zero security researcher Natalie Silvanovich, Apple has fully patched four of the flaws as part of the 12.4 iOS update.

CVE-2019-8646 is the bug that allows an attacker to read files off a remote device with no user interaction. An exploit could leak the SMS database, binary files like images and more. Silvanovich has made a proof-of-concept public for the flaw.

In the bug description, the researcher explained where the issue lies: “The class _NSDataFileBackedFuture can be deserialized even if secure encoding is enabled. This class is a file-backed NSData object that loads a local file into memory when the [NSData bytes] selector is called.”

This presents two problems, she added: opening up access to local files if the code deserializing the buffer ever shares it; and, it allows an NSData object to be created with a length that is different than the length of its byte array.

In the latter case, “this violates a very basic property that should always be true of NSData objects,” Silvanovich explained. “This can allow out-of-bounds reads, and could also potentially lead to out-of-bounds writes, as it is now possible to create NSData objects with very large sizes that would not be possible if the buffer was backed.”

Since the potential for information exfiltration is significant, iOS users should take care to upgrade to the latest version as soon as possible.

“Apple publishes less granular details about the distribution of iOS versions than Google does for Android,” OneSpan senior product marketing manager Sam Bakken told Threatpost in an email interview. “Apple data from May 2019 reports that 85 percent of all devices use iOS 12. But, depending on what minor version of iOS 12 they are on (12.0, 12.1, 12.2, 12.3, etc.) a lot of those users will be vulnerable to this seemingly very dangerous vulnerability.”

Other Bugs

As for the other issues, CVE-2019-8647 is a remote, interactionless use-after-free vulnerability that can crash SpringBoard, the standard application that manages the iOS home screen, with no user interaction.

Silvanovich explained in the bug description that when deserializing a class with initWithCoder, subclasses can also be deserialized “so long as they do not override initWithCoder and implement all methods that require a concrete implementation.”

When_PFArray, which is a subclass of NSArray, is deserialized that way, it eventually calls [_PFArray initWithObjects:count:].

“This method initializes the array with the objects provided by the NSKeyedUnarchiver, but does not retain references to these objects, so when the NSKeyedUnarchiver is released, the objects in the array will also be released, even though the user of the deserialized objects could still be using them,” she explained.

The third bug is CVE-2019-8660 – a remote, interactionless memory corruption flaw that crops up when decoding an object of class NSKnownKeysDictionary1.

“This class decodes an object of type NSKnownKeysMappingStrategy1, which decodes a length member which is supposed to represent the length of the keys of the dictionary,” said Silvanovich, in the bulletin. “However, this member is decoded before the keys are decoded, so if a key is an instance of NSKnownKeysDictionary1 which also uses this instance of NSKnownKeysMappingStrategy1, the mapping strategy will be used before the length is checked.”

This is a problem because the NSKnownKeysDictionary1 instance uses this length to allocate a buffer, and the length is multiplied by eight during that allocation, without an integer overflow check. The code will then attempt to copy the values array (another decoded parameter) into the buffer using the unmultiplied length.

However, she said the issue would be fairly difficult to exploit due to the uncontrolled nature of the copies.

As for the other two, the researcher said that CVE-2019-8662 is similar to CVE-2019-8647, but access to the bug description is restricted. And, the team is withholding CVE-2019-8641 for now because Apple’s initial fix did not resolve the vulnerability, according to Silvanovich.

Overall, OneSpan’s Bakken noted that the finds highlight the fact that the mobile environment should be treated as “hostile.”

“Consider the mobile device a hostile environment and apply multiple controls and measures to keep your app safe and your users’ data secure,” he noted.

He added that developers should also take note.

“Mobile app developers and publishers need to constantly remind themselves that even if they think their mobile app is completely buttoned-up in terms of security (keeping in mind that 100 percent secure is impossible anyway), vulnerabilities in the OS, or other apps or malware on a users’ device can put their app and users at risk,” he said.

The new Android Auto started rolling out today (and it’s pretty good), but unfortunately, all of its various improvements are only coming to in-car displays. The version of Android Auto you can run on your phone’s screen standalone won’t be getting the same face lift — and as a matter of fact, it’s eventually going away entirely (though we’re not sure exactly when). Here’s what’s happening.

Why is Google phasing out Android Auto’s smartphone mode?

The short answer is that Google wants to get rid of the need for a discrete driving mode app on your phone. The long answer is, well, longer.

The Google Assistant — the one you already have installed — will be taking over for Android Auto as your phone-display driving companion, with an all new interface to boot. Android Auto is increasingly specialized for in-car dashboard displays, which are traditionally horizontally oriented, significantly larger than your phone, and fixed in the center of your car’s dash.

Your phone, on the other hand, can be mounted in any number of locations, and is usually fixed vertically to maximize navigation visibility. The new Assistant-based interface is tailored to work better on a phone-format display. Bonus: it doesn’t require any additional software. Once it’s available (more on that soon) if you’ve got the latest version of the Google app, you’re good to go.

What is the Assistant driving mode? What features does it add?

The official name of this new interface is “Google Assistant driving mode.” You’ll be able to turn it on by saying “let’s drive” to the Assistant (that phrase currently opens Google Maps to Driving Mode or just does a search, depending on what state your phone is in). It also stands to reason that, like Auto, you’ll be able to configure it launch automatically when your phone connects to your car by Bluetooth, but we haven’t heard anything official to that end just yet.

You’ll see large icons representing common actions people take while driving — navigation, phone, and media control — followed by a selection of specific things Google thinks you might want to do, like resuming playing media you’d started elsewhere, returning a missed call, or navigating to an appointment. If you get a call, the Assistant will ask aloud whether you’d like to answer, and you can verbally answer yes or no to take action.

It’s all similar to what Android Auto’s phone interface does now, just in a prettier, easier-to-use package with a bit more predictive Google Assistant magic and without the need for a separate app.

When does Assistant Driving Mode launch?

We’re not exactly sure. In May, Google said driving mode would be available on Android phones this summer, but the latest word is just “in the future.” It’s part of the “next-generation” Assistant announced at I/O this year. Parts of that new experience, like easier verbal control of Google Home alarms and Duplex on the web have already trickled out, so it could be any time now.