Long-time Slashdot reader couchslug shares a report from Ars Technica, writing: "A new attack on the right to do with one's property as the owner sees fit. First step, threaten without providing evidence." From the report: Before last week, owners of certain Mazda vehicles who also had a Home Assistant setup could create some handy connections for their car. One CX60 driver had a charger that would only power on when it confirmed his car was plugged in and would alert him if he left the trunk open. Another used Home Assistant to control their charger based on the dynamic prices of an Agile Octopus energy plan. Yet another had really thought it through, using Home Assistant to check the gas before their morning commute, alert them if their windows were down before rain was forecast, and remotely unlock and start the car in cold conditions. The possibilities were vast, and purportedly beyond what Mazda's official app offered.

Mazda, however, had issues with the project, which was largely the free-time work of one software developer, Brandon Rothweiler. In a Digital Millennium Copyright Act (DMCA) notice sent to GitHub, Mazda (or an authorized agent) alleges that Rothweiler's integration: contains code that "is violating [Mazda's] copyright ownership"; used "certain Mazda information, including proprietary API information," to "create code and information"; and contained code that "provides functionality same as what is currently" in Mazda's apps posted to the Apple App Store and Google Play Store for Android.

One day later, Rothweiler made a pull request to the Home Assistant core project: "I'm removing the Mazda integration due to a legal notice sent to me by Mazda." The Home Assistant project pushed an update to remove the integration, posted about the removal, and noted that they were "disappointed that Mazda has decided to take this position" and that "Mazda's first recourse was not to reach out to us and the maintainer but to send a cease and desist letter instead." One of the many commenters confused by Mazda's code claims said they couldn't find any of the copyrighted code the company referenced. Additionally, Ars Technica suggests the project "could be considered a fair use exception to the DMCA, as explained by the Electronic Frontier Foundation."

"When Mazda contacted me, my options were to either comply or open myself up to potential legal risk," said Rothweiler. "Even if I believe that what I'm doing is morally correct and legally protected, legal processes still have a financial cost. I can't afford to take on that financial risk for something that I do in my spare time to help others."

The Android ecosystem is hurtling toward a RISC-V future. From a report: The puzzle pieces for the up-and-coming CPU architecture started falling into place this past year when Google announced official RISC-V support in Android and plans to make it a "tier 1 platform" on equal footing with Arm. With the OS support underway, what we need now is hardware, and Qualcomm is stepping up to announce the first-ever mass-market RISC-V Android SoC. It doesn't have a name yet, but Qualcomm says it's developing a "RISC-V Snapdragon Wear" chip in collaboration with Google. The company says it plans to "commercialize the RISC-V based wearables solution globally including the US." For Google and Qualcomm, this chip represents everyone's first swing at a commercial RISC-V Android project, and as far as we can tell, it's the first announced mass-market RISC-V Android chip ever. Qualcomm says the groundwork it and Google lay out "will help pave the way for more products within the Android ecosystem to take advantage of custom CPUs that are low power and high performance."

RISC-V represents a big threat to the Arm CPU architecture that currently dominates all mobile devices. RISC-V architecture is open source, which can make it cheaper and more flexible than Arm. If companies want to design their own chips, they can do that without paying a licensing fee to Arm. Since the architecture is open source, it's possible to create a fully open source chip. If you're a chip-design firm, you can make your own proprietary chip designs and license them, making you a competitor to Arm's chip-design business. RISC-V is also a way to sidestep all of the various problems with Arm.

According to a report from Jefferies analysts, Huawei has overtaken Apple's iPhone as the smartphone market share leader in China. CNBC reports: The analysts said smartphone sales in China have showed positive growth year over year, driven primarily by high double-digit growth in Android sales led by Huawei, Xiaomi and Honor devices. But Apple's iPhone has seen a significant, double-digit decline, and its volume growth year over year has been negative since the iPhone 15 launched, according to the analysts.

"We believe weak demand in China would eventually lead to lower-than-expected global shipments of iPhone 15 in 2023," the analysts wrote, adding that the trend suggests the iPhone will "lose" to Huawei next year. The Jefferies analysts wrote that Android's volume growth can't be chalked up to discounts and that discounts on iPhones, excluding the iPhone 15 models, have been stable, while the average discount for Android "is not high." The analysts noted that resale iPhone 15 devices are all "trading at discounts to official selling prices," which also reflects the weak demand in China.

Keumars Afifi-sabet reports via TechRadar: Lenovo has the green light to see a portfolio of new enterprise-focused devices powered by Esper Foundation -- a custom Android operating system -- and bundled with a complementary mobile device management (MDM) platform. The firm's first device running Esper Foundation is the Lenovo ThinkCentre M70a, an all-in-one desktop PC fitted with an up to 12th-Gen Intel Core i9 CPU, alongside 16GB DDR4 RAM and up to 512GB SSD. It'll be followed by the Lenovo ThinkCentre M70q, M90n-1 IoT, and the ThinkEdge SE30 v2 machines by the end of 2023. Esper Foundation is based on Android 11 and has customizable branding, peripheral compatibility, quarterly security patches, and three years of support. The MDM system, meanwhile, remotely deploys, manages, and updates devices from a single view.

By integrating a custom version of Android in its PCs, Lenovo is banking on the Esper Foundation OS appealing to businesses as an alternative to Windows, as well as Google's own ChromeOS. With platforms like Esper's, there may well be a means to find a rival to compete with Windows in the enterprise, particularly in highly niche industries such as the retail, hospitality, and healthcare industries -- at which Esper Foundation is directed. "This collaboration is another step forward in Lenovo's drive to meet changing customer demand across retail, hospitality, healthcare, and other industries," said Johanny Payero, Lenovo's director of global advanced solutions marketing and strategy. "Dedicated devices are proliferating across several key industries, and our new joint solution with Esper allows us to deliver the best of Android with the consistency and predictability of Lenovo's x86 devices."

Since 2012, Google Pixel phones have had a Photo Sphere Mode, allowing users to capture 360-degree images. Now, according to Android Authority, Google has dropped the feature from the Pixel 8 series with no explanation given. From the report: Photo Sphere Mode allowed you to capture panoramic 360-degree pictures by stitching multiple images together. The feature was first introduced back in 2012 on the Nexus 4 and persisted well into the Pixel era, with the likes of the Pixel Fold and Pixel 7a still offering it. The act of capturing a Photo Sphere wasn't exactly seamless owing to the sheer number of images required, although it had an admittedly intuitive UI. Significant stitching issues and exposure/white balance differences were also very common.

We're therefore not surprised Google has decided to drop the feature. Even without taking the aforementioned issues into account, the mode's utility seemed limited beyond some scenarios like mapping purposes (e.g. viewing environments in Google Maps) and VR. In saying so, we hope the company rebounds with a more polished take on 360-degree photos in the future.

The Street argues that Satya Nadella "has transformed Microsoft since taking over for former CEO Steve Ballmer. Instead of closing the company off from its rivals, Nadella has been open to working with companies that are also competitors like Apple." But they added that Nadella "remains at odds" with Google's parent company Alphabet, even testifying in the antitrust lawsuit against the company.

They highlight another example from Nadella's testimony (first spotted by GeekWire). Nadella also believes that Alphabet sells a false narrative that OEM partners have a choice when in reality they don't. "Google has carrots and it has massive sticks...'We'll remove Google Play if you don't have us as the primary browser.' And without Google Play, an Android phone is a brick. And so that is the type of stuff that is impossible to overcome. No OEM is going to do that," he said.
GeekWire also notes Nadella's comments about the U.S. government's antitrust case against Microsoft in 1998: "Google exists because of two things. One is because of our consent decree, where we had to put a lot of limits on what we could distribute and not distribute by default. And, second, because [of] the fact that you could distribute anything you wanted on Windows, and it's still the case, right, it's not just Google. ... The largest marketplace on Windows happens to be not from Microsoft, it's Steam. And so it's an open platform on which anybody can distribute anything."

An anonymous reader shared this report from Reuters: In a new front in the U.S.-China tech war, President Joe Biden's administration is facing pressure from some lawmakers to restrict American companies from working on a freely available chip technology widely used in China — a move that could upend how the global technology industry collaborates across borders...

RISC-V can be used as a key ingredient for anything from a smartphone chip to advanced processors for artificial intelligence... The lawmakers expressed concerns that Beijing is exploiting a culture of open collaboration among American companies to advance its own semiconductor industry, which could erode the current U.S. lead in the chip field and help China modernize its military. Their comments represent the first major effort to put constraints on work by U.S. companies on RISC-V...

Executives from China's Huawei Technologies have embraced RISC-V as a pillar of that nation's progress in developing its own chips. But the United States and its allies also have jumped on the technology, with chip giant Qualcomm working with a group of European automotive firms on RISC-V chips and Alphabet's Google saying it will make Android, the world's most popular mobile operating system, work on RISC-V chips...

Jack Kang, vice president of business development at SiFive, a Santa Clara, California-based startup using RISC-V, said potential U.S. government restrictions on American companies regarding RISC-V would be a "tremendous tragedy." "It would be like banning us from working on the internet," Kang said. "It would be a huge mistake in terms of technology, leadership, innovation and companies and jobs that are being created."
One U.S. Representative said the Chinese Communist Party was "abusing RISC-V to get around U.S. dominance of the intellectual property needed to design chips.

"U.S. persons should not be supporting a PRC tech transfer strategy that serves to degrade U.S. export control laws."

An anonymous reader quotes a report from SecurityWeek: Tens of thousands of Android devices have been shipped to end-users with backdoored firmware, according to a warning from cybersecurity vendor Human Security. As part of the global cybercriminal operation called BadBox (PDF), Human Security found a threat actor relied on supply chain compromise to infect the firmware of more than 70,000 Android smartphones, CTV boxes, and tablet devices with the Triada malware. The infected devices come from at least one Chinese manufacturer but, before they are delivered to resellers, physical retail stores, and e-commerce warehouses, a backdoor was injected into their firmware. "Products known to contain the backdoor have been found on public school networks throughout the United States," Human says.

Discovered in 2016, Triada is a modular trojan residing in a device's RAM, relying on the Zygote process to hook all applications on Android, actively using root privileges to substitute system files. Over time, the malware went through various iterations and was found pre-installed on low-cost Android devices on at least two occasions. As part of the BadBox operation that Human Security discovered, the infected low-cost Android devices allow threat actors to carry out various ad-fraud schemes, including one named PeachPit, which at its peak relied on 121,000 Android and 159,000 iOS devices infected with malware, and on 39 Android, iOS, and CTV-centric apps designed to connect to a fake supply-side platform (SSP).

One of the modules delivered to the infected devices from the command-and-control (C&C) server allows the creation of WebViews that are fully hidden from the user, but which "are used to request, render, and click on ads, spoofing the ad requests to look like they're coming from certain apps, referred by certain websites, and rendered" on specific devices. BadBox, Human Security notes, also includes a residential proxy module that allows the threat actors to sell access to the victim's network. Furthermore, they can create WhatsApp messaging accounts and Gmail accounts they can then use for other malicious activities. "Finally, because of the backdoor's connection to C2 servers on BadBox-infected smartphones, tablets, and CTV boxes, new apps or code can be remotely installed by the threat actors without the device owner's permission. The threat actors behind BadBox could develop entirely new schemes and deploy them on BadBox-infected devices without any interaction from the devices' owners," Human notes.

Simon Sharwood writes via The Register: The Chinese manufacturer that took over IBM's PC business announced on Thursday that it's teamed with an outfit named Esper that specializes in custom cuts of Android, plus device management offerings. Android is most commonly used in handheld devices. Lenovo's taking it in an entirely different direction by making the ThinkCentre M70a: a desktop all-in-one.

The first fruit of the collaboration with Esper, the ThinkCentre M70a boasts a 21 -- inch touch screen and offers a choice of 12th-gen Intel core CPUs from the Core i3 to the almost workstation-grade Core i9, at prices from $889 to beyond $1250. What could you do with Android on a Corei9, plus the maximum 16GB DDR4 3200MHz and 512GB PCIe SSD Lenovo's machines allow? Almost anything -- but Lenovo thinks its Android effort will first be appreciated by customers in the retail, hospitality, and healthcare industries. Esper pitches its wares as ideal for point-of-sale systems, kiosks, and digital signage -- environments where users don't need to access diverse apps but do need a machine that reliably boots into custom environments.

Lenovo's not just doing desktop PCs. The number one PC maker by market share has promised it will also ship Esper's wares on the small form factor ThinkCentre M70q -- a machine designed to be bolted to the back of monitors. The ThinkEdge SE30 -- a ruggedized and fanless edge client -- will also have an Android option. So will the ThinkCentre M90n-1 IoT [PDF] -- another rugged client for edge applications.

An anonymous reader quotes a report from TechCrunch: Following preliminary objections over Google's data terms, set out back in January by Germany's antitrust watchdog, the tech giant has agreed to make changes that will give users a better choice over its use of their information, the country's Federal Cartel Office (FCO) said today. The commitments cover situations where Google would like to combine personal data from one Google service with personal data from other Google or non-Google sources or cross-use these data in Google services that are provided separately, per the authority.

Per the FCO decision document (PDF): "The Commitments cover in principle all services operated by Google and directed to end users in Germany with more than one million monthly active users (MAU) in Germany [and Android Automotive whether it meets that threshold or not]." But, as we report below, Google's core platform services designated under the EU's DMA are not covered -- nor is Fitbit, which the document notes is already subject to "far-reaching obligations regarding the cross-service processing of health and wellness data" as a result of EU merger control. [...]

Per the FCO decision document, the implementation date (in principle) for Google's commitments is September 30, 2024 — with an earlier date of March 6, 2024 for commitments covering Google Assistant and Contacts. But the FCO notes that it may provide Google with an extension upon "substantiated request". Once implemented, the commitments will have a five year duration from their start date. The document also notes that if, in the future, a Google service falls out of the DMA designation as a core platform service and meets the FCO usage threshold then these local commitments will be applied to it. The converse will also apply; meaning if the European Commission designates one of the Google services covered by this commitments to the DMA list of core platform services it would no longer fall under this arrangement. Gmail is an interesting example here as the EU recently accepted Google's arguments to exclude the web mail service from the DMA list of core platform services -- but the tech giant is facing future restrictions on how it can use Gmail users' data under the FCO commitments (even if these will only apply in Germany). Commenting in a statement, Andreas Mundt, president of the Bundeskartellamt, said: "Data are key for many business models used by large digital companies. The market power of large digital companies is based on the collection, processing and combination of data. Google's competitors do not have these data and are thus faced with serious competitive disadvantages. In the future users of Google services will have a much better choice as to what happens to their data, how Google can use them and whether their data may be used across services. This not only protects the users' right to determine the use of their data but also curbs Google's data-driven market power. Large digital companies offer a wide range of different digital services. Without the users' free and informed consent the data from Google's services and third-party services can no longer be cross-used in separate services offered by Google or even be combined. We have made sure that Google will provide a separate choice option in the future."

An anonymous reader quotes a report from ZDNet: Microsoft's proprietary protocol, Remote Network Driver Interface Specification (RNDIS), started with a good idea. It would enable hardware vendors to add networking support to USB devices without having to build them from scratch. There was only one little problem. RNDIS has no security to speak of. As Greg Kroah-Hartman, the Linux Foundation fellow responsible for stable Linux kernel releases, wrote in November 2022 on the Linux Kernel Mailing List (LKML), "The Microsoft RNDIS protocol is, as designed, insecure and vulnerable on any system that uses it with untrusted hosts or devices. Because the protocol is impossible to make secure, just disable all RNDIS drivers to prevent anyone from using them again."

He added, in another message, "The protocol was never designed to be used with untrusted devices. It was created, and we implemented support for it, when we trusted USB devices that we plugged into our systems, AND we trusted the systems we plugged our USB devices into." That's no longer the case. Kroah-Hartman concluded, "Today, with untrusted hosts and devices, it's time just to retire this protocol. As I mentioned in the patch comments, Android disabled this many years ago in their devices, with no loss of functionality."

[...] But now, sick and tired of having a built-in Windows security exploit in Linux, Kroah-Hartman has decided that enough was enough. He's disabled all the RNDIS protocol drivers in Linux's Git repository. That means that while the RNDIS code is still in the Linux kernel, if you try to build Linux using this new patch, all your RNDIS drivers will be broken and won't build. This is one step short of purging RNDIS from Linux.

An anonymous reader quotes a report from Ars Technica: You can now reply to an email just like it's an instant messaging chat, tacking on a "crying laughing" emoji to an email instead of replying. Google has a whole support article detailing the new feature, which allows you to "express yourself and quickly respond to emails with emojis." Like a messaging app, a row of emoji reaction counts will appear below your email now, and other people on the thread can tap to add to the reaction count. Currently, it's only on the Android Gmail app, but it's presumably coming to other Gmail clients.

Of course, email is from the 1970s and does not natively support emoji reactions. That makes this a Gmail-proprietary feature, which is a problem for federated emails that are expected to work with a million different clients and providers. If you send an emoji reaction and someone on the email chain is not using an official Gmail client, they will get a new, additional email containing your singular reactive emoji. Google is not messing with the email standard, so people not using Gmail will be the most affected.

Another weird quirk is that because emoji reactions are just emails (that Gmail sends to other clients and hides for itself), any emoji reactions you send can't be taken back. There's only Gmail's "Undo send" feature for taking back reactions, which delays sending emails for about 30 seconds, so you can second-guess yourself. After that, you're creating a permanent emoji reaction paper trail. [...] If the idea of emoji reactions to email has you selecting the puke emoji, as far as we can tell, there's no way to just turn this off. The report notes that this new feature won't work on business or school accounts. "Emoji reactions also aren't available for group email lists, messages with more than 20 recipients, emails on which you're BCC'd, encrypted emails, and emails where the sender has a custom reply-to address."

Alongside the Pixel 8 and Android 14, Google today launched the new Pixel Watch 2 -- a $350 second-gen smartwatch featuring a faster processor, overhauled sensor array, and longer battery life. The Verge reports: At a glance, the main difference is that the screen sits flush with the digital crown, where the original had a slight cutout. Another change imperceptible to the naked eye: the body is now made of 100 percent recycled aluminum instead of stainless steel. The result is a slightly lighter watch, but not by much. The Pixel Watch weighed 36 grams, while the Pixel Watch 2 is 31g. That's a bit disappointing, considering the Watch 2's price remains the same as last year. We're looking at the same 41mm case size and OLED display on top. But flip the watch over, and you'll find a completely different sensor array. Instead of a single line of LEDs, there are now multiple LEDs and photodiodes to take measurements from several angles and positions. That then feeds into an algorithm that Fitbit CEO James Park says is 40 percent more accurate for vigorous activities.

This year, Google also added a skin temperature and continuous electrodermal activity (EDA) sensor. Both help enable proactive stress tracking, which Fitbit introduced with its Sense 2. The EDA sensor detects minuscule amounts of sweat, which can help determine bodily stress when combined with metrics like heart rate variability, heart rate, and skin temperature. As with the Sense 2, you're supposed to get a slightly delayed notification when a stressful event has been detected. You're then encouraged to log how that event made you feel. Battery life was a major pain point when the Pixel Watch first launched. Park acknowledges that you couldn't use the always-on display on the first-gen watch if you wanted that 24-hour battery life. This time around, he says that the team has worked hard to make sure the Pixel Watch 2's 306mAh battery can get 24 hours with the always-on display enabled. Users should also be able to get a 50 percent charge in 30 minutes and a full day's worth in 75 minutes. Helping that should be Wear OS 4 -- which Google says ought to extend battery life -- and the new, more power-efficient Qualcomm Snapdragon W5 processor. (Speaking of Wear OS 4, Google says that, at first, it'll be exclusive to Pixel Watch 2.) Other features include the ability to automatically record workouts and do heart rate zone training; a new Safety Check feature that will alert your loved ones of your location after a preset timer expires (e.g. taking an Uber across town or going on a late-night walk); and support for Google services like Gmail, Google Wallet, and Calendar.

You can learn more about the Pixel Watch 2 here.

Android 14 is out today, along with a new Pixel phone. The OS is shipping to supported Pixel devices now, which means the Pixel 4a (5G) and every variant of the Pixel 5, 6, and 7, plus the Fold and Tablet. From a report: The big feature this year is a somewhat customizable home screen. You can pick from several different lock screen clock styles and customize the two bottom app shortcuts. This feels like a response to iOS 16's lock screen widgets (a feature Android used to have back in the 4.2 days) but not nearly as customizable. It's honestly hard to highlight a second Android 14 feature because this is one of the smallest Android releases ever. The first feature Google mentions in its blog post is a new wallpaper picker. On the Pixel 8, Android now has a built-in text-to-image AI wallpaper maker, presumably a feature that lets the Android team adhere to Google's "mandatory AI" company mandate. There's also a new monochrome theme if you're tired of all those "Material You" colors.

Google will soon release a version of its virtual assistant that is powered by the company's Bard artificial intelligence technology, helping users handle more complex tasks. From a report: The new offering, called Assistant with Bard, will be available in a test phase shortly and then roll out to the general public in the coming months, the company said Wednesday. The release will equip the Assistant, which helps users of Android and Google devices complete tasks and find information, with some of the capabilities of Bard, a chatbot that is the company's answer to OpenAI's wildly popular ChatGPT. "Generative AI is creating new opportunities to build a more intuitive, intelligent, personalized digital assistant," Sissie Hsiao, a Google vice president, wrote in a blog post accompanying the news.

An anonymous reader quotes a report from Ars Technica: Arm warned on Monday of active ongoing attacks targeting a vulnerability in device drivers for its Mali line of GPUs, which run on a host of devices, including Google Pixels and other Android handsets, Chromebooks, and hardware running Linux. "A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory," Arm officials wrote in an advisory. "This issue is fixed in Bifrost, Valhall and Arm 5th Gen GPU Architecture Kernel Driver r43p0. There is evidence that this vulnerability may be under limited, targeted exploitation. Users are recommended to upgrade if they are impacted by this issue."

The advisory continued: "A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system's memory is carefully prepared by the user, then this in turn could give them access to already freed memory." [...] Getting access to system memory that's no longer in use is a common mechanism for loading malicious code into a location an attacker can then execute. This code often allows them to exploit other vulnerabilities or to install malicious payloads for spying on the phone user. Attackers often gain local access to a mobile device by tricking users into downloading malicious applications from unofficial repositories. The advisory mentions drivers for the affected GPUs being vulnerable but makes no mention of microcode that runs inside the chips themselves.

The most prevalent platform affected by the vulnerability is Google's line of Pixels, which are one of the only Android models to receive security updates on a timely basis. Google patched Pixels in its September update against the vulnerability, which is tracked as CVE-2023-4211. Google has also patched Chromebooks that use the vulnerable GPUs. Any device that shows a patch level of 2023-09-01 or later is immune to attacks that exploit the vulnerability. The device driver on patched devices will show as version r44p1 or r45p0. CVE-2023-4211 is present in a range of Arm GPUs released over the past decade. The Arm chips affected are:

- Midgard GPU Kernel Driver: All versions from r12p0 - r32p0
- Bifrost GPU Kernel Driver: All versions from r0p0 - r42p0
- Valhall GPU Kernel Driver: All versions from r19p0 - r42p0
- Arm 5th Gen GPU Architecture Kernel Driver: All versions from r41p0 - r42p0

An anonymous reader quotes a report from Ars Technica: Even more Google products are getting the ax this week. Next up is Google Jamboard, a $5,000 digital whiteboard (and its $600-a-year fee) and software ecosystem marketed to schools and corporations. Google has a new post detailing the "Next phase of digital whiteboarding for Google Workspace," and the future for Jamboard is that there is no future. In "late 2024," the whole project will shut down, and we don't just mean the hardware will stop being for sale; the cloud-based apps will stop working, too.

Most people probably haven't ever heard of Jamboard, but this was a giant 55-inch, 4K touchscreen on a rolling stand that launched in 2016. Like most Google touchscreens, this ran Android with a locked-down custom interface on top instead of the usual phone interface. The digital whiteboard could be drawn on using the included stylus or your fingers, and it even came with a big plastic "eraser" that would remove items. The SoC was an Nvidia Jetson TX1 (a quad-core Cortex-A57 CPU attached to a beefy Maxwell GPU), and it had a built-in camera, microphone, and speakers for video calls. There was HDMI input and Google cast support, and it came in whimsical colors like red, gray, and blue (it feels like Google was going for an iMac rainbow and quit halfway). "We're grateful to the consumers, educators, students, and businesses who have used Jamboard since its launch in 2016," says Google. "While Jamboard users make up a small portion of our Workspace customer base, we understand that this change will impact some of you, and we're committed to helping you transition..."

"Over the coming months, we'll provide Jamboard app users and admins clear paths to retain their Jamboard data or migrate it," Google tells users in its blog post. Third-party options include Figma's FigJam, Lucid Software's Lucidspark, and Miro.

Ars Technica notes: "[T]he whole cloud system is going down, too, so all of your existing $5,000 whiteboards will soon be useless, and you won't be able to open the cloud data on other devices."

An anonymous reader quotes a report from Ars Technica: Canalys has some gruesome new numbers out for the North American smartphone market in Q2 2023, detailing what it's calling the "worst quarterly performance for over a decade." Q2 has plummeted 22 percent, year over year, and with these numbers, Canalys is predicting the smartphone market will be down 12 percent overall in 2023.

Apple is down 20 percent for Q2 and still in a dominant position with 54 percent market share. Samsung is down 27 percent, in second place overall with 24 percent market share in Q2 2023. Motorola is next with a 25 percent decline and only 8 percent market share. TCL, a TV company that feels like it only briefly dabbled in smartphones, is the single biggest loser, down 30 percent, with 5 percent market share.

Only a single company survived this quarter unscathed, and it's actually Google! The company might be at the bottom of the smartphone charts, but Pixel phone sales are up 59 percent, earning Google 4 percent of the market. It was the same story last year, when Google jumped from 1 to 2 percent. In a few quarters, the company might hit fourth place. The biggest loss on the chart is actually "others," down 43 percent, likely representing the further consolidation of the Android market. These are your OnePluses, your HMD/Nokias, and trashy pre-paid vendors like Blu.

A company that acquires and sells zero-day exploits -- flaws in software that are unknown to the affected developer -- is now offering to pay researchers $20 million for hacking tools that would allow its customers to hack iPhones and Android devices. From a report: On Wednesday, Operation Zero announced on its Telegram accounts and on its official account on X, formerly Twitter, that it was increasing payments for zero-days in those platforms tenfold, from $200,000 to $20 million. "By increasing the premium and providing competitive plans and bonuses for contract works, we encourage the developer teams to work with our platform," the company wrote.

Operation Zero, which is based in Russia and launched in 2021, also added that "as always, the end user is a non-NATO country." On its official website, the company says that "our clients are Russian private and government organizations only." When asked why they only sell to non-NATO countries, Operation Zero CEO Sergey Zelenyuk declined to say. "No reasons other than obvious ones," he said. Zelenyuk also said that the bounties Operation Zero offer right now may be temporary, and a reflection of a particular time in the market, and the difficulty of hacking iOS and Android.

Google Podcasts is shutting down in 2024 after YouTube Music picks up full global availability of podcasts, which is expected before the end of 2023. As 9to5Google reports, YouTube Music "will be Google's one podcasting app and service going forward." From the report: The big advantage of Google Podcasts was its simplicity and wide availability on Android (through the Google Search app). A "simple migration tool" will move your existing subscriptions from Google Podcasts. Notably, there will be the ability in YouTube Music to add podcasts via RSS feeds, "including shows not currently hosted by YouTube." Google will also provide a non-YTM export option via "OPML file of their show subscriptions" that will work with other podcast players.

On the podcaster front, YouTube will allow for RSS uploads instead of requiring a video version. The next step over the coming weeks and months will see Google "gather feedback to make the migration process from Google Podcasts to YouTube Music as simple and easy as possible." "For now, nothing is changing and fans will continue to have access to YouTube, YouTube Music and Google Podcasts," says YouTube. "We're committed to being transparent in communicating future changes with our users and podcasters and will have more to share about this process in the coming months."