×
Privacy

'iRecorder Screen Recorder' App Turns Malicious, Sends Mic Recordings Every 15 Minutes (arstechnica.com) 31

An anonymous reader quotes a report from Ars Technica: An app that had more than 50,000 downloads from Google Play surreptitiously recorded nearby audio every 15 minutes and sent it to the app developer, a researcher from security firm ESET said. The app, titled iRecorder Screen Recorder, started life on Google Play in September 2021 as a benign app that allowed users to record the screens of their Android devices, ESET researcher Lukas Stefanko said in a post published on Tuesday. Eleven months later, the legitimate app was updated to add entirely new functionality. It included the ability to remotely turn on the device mic and record sound, connect to an attacker-controlled server, and upload the audio and other sensitive files that were stored on the device.

The secret espionage functions were implemented using code from AhMyth, an open source RAT (remote access Trojan) that has been incorporated into several other Android apps in recent years. Once the RAT was added to iRecorder, all users of the previously benign app received updates that allowed their phones to record nearby audio and send it to a developer-designated server through an encrypted channel. As time went on, code taken from AhMyth was heavily modified, an indication that the developer became more adept with the open source RAT. ESET named the newly modified RAT in iRecorder AhRat.

Stefanko installed the app repeatedly on devices in his lab, and each time, the result was the same: The app received an instruction to record one minute of audio and send it to the attacker's command-and-control server, also known colloquially in security circles as a C&C or C2. Going forward, the app would receive the same instruction every 15 minutes indefinitely. [...] Stefanko said it's possible that iRecord is part of an active espionage campaign, but so far, he has been unable to determine if that's the case. "Unfortunately, we don't have any evidence that the app was pushed to a particular group of people, and from the app description and further research (possible app distribution vector), it isn't clear if a specific group of people was targeted or not," he wrote. "It seems very unusual, but we don't have evidence to say otherwise."

Security

Brute-Force Test Attack Bypasses Android Biometric Defense (techxplore.com) 35

schwit1 shares a report from TechXplore: Chinese researchers say they successfully bypassed fingerprint authentication safeguards on smartphones by staging a brute force attack. Researchers at Zhejiang University and Tencent Labs capitalized on vulnerabilities of modern smartphone fingerprint scanners to stage their break-in operation, which they named BrutePrint. Their findings are published on the arXiv preprint server.

A flaw in the Match-After-Lock feature, which is supposed to bar authentication activity once a device is in lockout mode, was overridden to allow a researcher to continue submitting an unlimited number of fingerprint samples. Inadequate protection of biometric data stored on the Serial Peripheral Interface of fingerprint sensors enables attackers to steal fingerprint images. Samples also can be easily obtained from academic datasets or from biometric data leaks.

And a feature designed to limit the number of unsuccessful fingerprint matching attempts -- Cancel-After-Match-Fail (CAMF) -- has a flaw that allowed researchers to inject a checksum error disabling CAMF protection. In addition, BrutePrint altered illicitly obtained fingerprint images to appear as though they were scanned by the targeted device. This step improved the chances that images would be deemed valid by fingerprint scanners. To launch a successful break-in, an attacker requires physical access to a targeted phone for several hours, a printed circuit board easily obtainable for $15, and access to fingerprint images.

Google

Google CEO: Building AI Responsibly is the Only Race That Really Matters (ft.com) 53

Sundar Pichai, CEO of Google and Alphabet, writing at Financial Times: While some have tried to reduce this moment to just a competitive AI race, we see it as so much more than that. At Google, we've been bringing AI into our products and services for over a decade and making them available to our users. We care deeply about this. Yet, what matters even more is the race to build AI responsibly and make sure that as a society we get it right. We're approaching this in three ways. First, by boldly pursuing innovations to make AI more helpful to everyone. We're continuing to use AI to significantly improve our products -- from Google Search and Gmail to Android and Maps. These advances mean that drivers across Europe can now find more fuel-efficient routes; tens of thousands of Ukrainian refugees are helped to communicate in their new homes; flood forecasting tools are able to predict floods further in advance. Google DeepMind's work on AlphaFold, in collaboration with the European Molecular Biology Laboratory, resulted in a groundbreaking understanding of over 200mn catalogued proteins known to science, opening up new healthcare possibilities.

Our focus is also on enabling others outside of our company to innovate with AI, whether through our cloud offerings and APIs, or with new initiatives like the Google for Startups Growth program, which supports European entrepreneurs using AI to benefit people's health and wellbeing. We're launching a social innovation fund on AI to help social enterprises solve some of Europe's most pressing challenges. Second, we are making sure we develop and deploy the technology responsibly, reflecting our deep commitment to earning the trust of our users. That's why we published AI principles in 2018, rooted in a belief that AI should be developed to benefit society while avoiding harmful applications. We have many examples of putting those principles into practice, such as building in guardrails to limit misuse of our Universal Translator. This experimental AI video dubbing service helps experts translate a speaker's voice and match their lip movements. It holds enormous potential for increasing learning comprehension but we know the risks it could pose in the hands of bad actors and so have made it accessible to authorised partners only. As AI evolves, so does our approach: this month we announced we'll provide ways to identify when we've used it to generate content in our services.

Android

Lawsuit Accuses DoorDash of Charging iPhone Users More For Identical Orders (arstechnica.com) 77

A class-action lawsuit has been filed against DoorDash, alleging that the company uses deceptive and fraudulent practices to charge higher delivery fees to iPhone users compared to Android users. Ars Technica reports: The lawsuit (PDF), filed May 5 in the District of Maryland, came in hot. Plaintiff Ross Hecox, in addition to his two children and a presumptive class of similarly situated customers, briefly defines DoorDash as an online marketplace with 32 million users and billions of dollars in annual revenue. "Yet, DoorDash generates its revenues not only through heavy-handed tactics that take advantage of struggling merchants and a significant immigrant driver workforce, but also through deceptive, misleading, and fraudulent practices that illegally deprive consumers of millions, if not billions, of dollars annually," the suit adds. "This lawsuit details DoorDash's illegal pricing scheme and seeks to hold DoorDash accountable for its massive fraud on consumers, including one of the most vulnerable segments of society, minor children."

Specifically, the suit claims that DoorDash misleads and defrauds customers by

- Making its "Delivery Fee" seem related to distance or demand, even though none of it goes to the delivery person.
- Offering an "Express" option that implies faster delivery, but then changing the wording to "Priority" in billing so it is not held to delivery times.
- Charging an "Expanded Range Delivery" fee that seems based on distance but is really based on a restaurant's subscription level and demand.
- Adding an undisclosed 99 cent "marketing fee," paid by the customer rather than the restaurant, to promote menu items that customers add to their carts.
- Obscuring minimum order amounts attached to its "zero-fee" DashPass memberships and coupon offers.
- Generally manipulating DashPass subscriptions to appear like substantial savings, when the company is "engineering" fees to seem reduced.

One of the more interesting and provocative claims is that DoorDash's fees, based in part on "other factors," continually charge iPhone users of its app more than Android users placing the same orders. The plaintiffs and their law firm conducted a few tests of DoorDash's system, using different accounts to order the same food, from the same restaurant, at almost the same exact time, delivered to the same address, with the same account type, delivery speed, and tip. [...] The plaintiffs are asking for $1 billion in damages for those who "fell prey to DoorDash's illegal pricing" over the past four years. The suit also includes allegations that DoorDash improperly allows children to enter into contract with the company without proper vetting.
"The claims put forward in the amended complaint are baseless and simply without merit," said a DoorDash spokesperson in a statement. "We ensure fees are disclosed throughout the customer experience, including on each restaurant storepage and before checkout. Building this trust is essential, and it's why the majority of delivery orders on our platform are placed by return customers. We will continue to strive to make our platform work even better for customers, and will vigorously fight these allegations."
Chrome

Google Chrome Will Now Detect Typos in Your URLs (blog.google) 47

"Google Chrome will now check for typos in your URLs and display suggested websites based on what it thinks you meant," reports the Verge.

From Google's announcement: When you type a website into the Chrome address bar, it will now detect URL typos and suggest websites based on the corrections. This increases accessibility for people with dyslexia, language learners, and anyone who makes typos by making it easier to get to previously visited websites despite spelling errors. This feature is now available on Chrome desktop and will roll out to mobile in the coming months.
It was one of several new and recently launched features Google touted as part of Thursday's Global Accessibility Awareness Day.

Google also announced its Lookout app (which provides audio cues for low-vision users) can now provide descriptions of images on web pages "powered by an advanced visual language model developed by Google DeepMind." And Chrome on Android recently updated its TalkBack screen reader so tab switching now also offers a tab grid with additional features like tab groups, bulk tab actions and reordering.
Android

Millions of Android Phones and TVs May Come with Preinstalled Malware (arstechnica.com) 19

"Multiple lines of Android devices came with preinstalled malware," reports Ars Technica, "that couldn't be removed without users taking heroic measures."

Their article cites two reports released Thursday — one from Trend Micro and one from TechCrunch: Trend Micro researchers following up on a presentation delivered at the Black Hat security conference in Singapore reported that as many as 8.9 million phones comprising as many as 50 different brands were infected with malware... ["It's highly likely that more devices have been preinfected," the report clarified, "but have not exchanged communication with the Command & Control server, have not been used or activated by the threat actor, or have yet to be distributed to the targeted country or market... The threat actor has spread this malware over the last five years. "]

"Guerrilla" opens a backdoor that causes infected devices to regularly communicate with a remote command-and-control server to check if there are any new malicious updates for them to install. These malicious updates collect data about the users that the threat actor, which Trend Micro calls the Lemon Group, can sell to advertisers. Guerrilla then surreptitiously installs aggressive ad platforms that can deplete battery reserves and degrade the user experience... Guerrilla is a massive platform with nearly a dozen plugins that can hijack users' WhatsApp sessions to send unwanted messages, establish a reverse proxy from an infected phone to use the network resources of the affected mobile device, and inject ads into legitimate apps...

TechCrunch detailed several lines of Android-based TV boxes sold through Amazon that are laced with malware. The TV boxes, reported to be T95 models with an h616, report to a command-and-control server that, just like the Guerrilla servers, can install any application the malware creators want. The default malware preinstalled on the boxes is known as a clickbot. It generates advertising revenue by surreptitiously tapping on ads in the background...

Android devices that come with malware straight out of the factory box are, unfortunately, nothing new. Ars has reported on such incidents at least five times in recent years (here, here, here, here, and here). All the affected models were in the budget tier.

People in the market for an Android phone should steer toward known brands like Samsung, Asus, or OnePlus, which generally have much more reliable quality assurance controls on their inventory. To date, there have never been reports of higher-end Android devices coming with malware preinstalled. There are similarly no such reports for iPhones.

The Courts

Lawsuit Alleges DoorDash Charges iPhone Users More Than Android (sfgate.com) 127

SFGate reports: A proposed class-action lawsuit levels broad allegations that DoorDash, the San Francisco-headquartered food delivery giant, is engaging in fraudulent behavior — in part by charging iPhone users more than Android havers.

The complaint, a hefty 134-page airing of grievances about the fees and upsells faced while ordering on the app, filed by Maryland resident Ross Hecox and his children, contends that DoorDash conducts "price discrimination" by allegedly charging iPhone users an "expanded range fee" more often than their Android counterparts.

According to the suit, posted by Gizmodo, the fee — a markup to any deliveries outside of the user's immediate radius set by DoorDash — is arbitrarily applied without actually taking into account users' locations. At least seven tests with separate iPhone and Android devices were conducted by the plaintiffs to prove this point in the suit.

In one set of tests, an Android phone and an iPhone were used to place the same order — a breakfast sandwich with avocado and egg whites and a chocolate chip bagel from a nearby Panera Bread — to the same address simultaneously. In the first order, according to the suit, the iPhone was at the delivery location and the Android was 15 miles away; the iPhone user received the expanded range fee. In the second, the phones' locations were reversed, with the iPhone being used 15 miles away from the delivery site; the iPhone user, the suit alleges, was still charged the fee. In a third test involving Panera, the phones were both at the delivery location — the iPhone not only allegedly received the expanded range fee but was charged an additional dollar in delivery fees. Other tests allege that delivery fees on iPhone orders are "greatly" inflated.

DoorDash called the complaints "baseless and simply without merit," in a statement to Gizmodo.
Open Source

Bluesky Social Just Took a Big Open-Source Step Forward (zdnet.com) 17

An anonymous reader quotes a report from ZDNet: Bluesky Social, the popular new beta social network, is taking a big open-source step forward. On May 15th, 2023, it open-sourced the codebase for its Bluesky Social app on GitHub. This fits well with its plans. From the start, its owner, BlueSky Public Benefit LLC, a public benefit corporation, was building an "open and decentralized" social network.

Unlike Twitter, which is still tripping over its own open source feet, Bluesky client code is for anyone who wants to work on improving the code or use it as the basis for their own social network. Twitter's recommendation code, on the other hand, is essentially unusable. The Bluesky code, licensed under the MIT License, can be used now. Indeed, while it's been out for only about 24 hours, it's already been forked 88 times and has earned over 1,300 GitHub Stars.

While it's specifically the Bluesky Social app's codebase, it's also a resource for AT Protocol programmers. This protocol supports a decentralized social network. Its features include connecting with anyone on a server that supports AT Protocol; controlling how users see the world via an open algorithm market; and enabling users to change hosts without losing their content, followers, or identity. The code itself is written in React Native. This is an open-source, user-interface JavaScript software framework. It's used primarily to build applications that run on both iOS and Android devices.

AI

OpenAI Launches Free ChatGPT App For iOS 15

An official ChatGPT app is now available for iOS, with an Android version coming "soon." It can be downloaded from the App Store here. The Verge reports: The app is free to use, syncs chat history with the web, and features voice input, supported by OpenAI's open-source speech recognition model Whisper. The app works on both iPhones and iPads and can be downloaded from the App Store. OpenAI says it's rolling out the app in the US first and will expand to other countries "in the coming weeks."

OpenAI didn't previously hint that a mobile app was coming, but it makes sense given the incredible popularity of ChatGPT. The AI chatbot launched last November but rocketed in use. Some outside estimates suggest the app attracted 100 million users by January this year, though OpenAI has never confirmed these figures.
Android

Google Will Soon Let Pixel Phones Double As Dashcams (9to5google.com) 35

Google mistakenly released a test version of its Personal Safety app that includes a new feature called "Dashcam" on select Android devices. As the name suggests, it allows users to record video and audio while driving in the event of an accident or unexpected situation, with automatic recording triggered when connecting to a specific Bluetooth device and videos automatically deleted after three days unless saved. 9to5Google reports: Once available, the feature can be launched through a new "Dashcam" shortcut in the "Be prepared" section of the home page. Here, you can begin recording manually or view your recent videos. While Dashcam is recording, your phone is still fully usable, including for navigating with Google Maps. Alternatively, you can save power by locking your screen, and the recording will continue. More importantly, Google has built this feature to work without you needing to think much about it. When setting up, you can choose to have recordings begin automatically when you connect to a particular Bluetooth device (e.g., your car stereo or infotainment system) and end when you disconnect.

To conserve storage space, your recordings are automatically deleted after three days unless you save them. Additionally, the app says that the videos themselves are compressed, averaging "30 MB per minute," with a maximum recording length of 24 hours. Overall, this feature seems to be impressively well thought out and looks essentially ready to launch. Using a smartphone as a dashcam also makes quite a bit of sense, as your phone probably has a better camera than some cheaper dashcams would offer.
It's unclear if this feature will be available on other phones with Google's Personal Safety or exclusive to Pixel phones.
Google

Pixel Users are Reporting Newest Google App Causes Overheating, Battery Drain (engadget.com) 47

One cellphone owner reports their Pixel 6 Pro "has recently been overheating and excessively draining its battery," reports Endgadget.

"They suspect the culprit is the Google app and an update that began rolling out on May 12th..." And they're not the only ones, judging by comments left in the Reddit and Google support forums. "It just started yesterday. Massive battery usage from Google app and to a lesser degree Android System Intelligence...." one Reddit user wrote. Beyond the battery not lasting the phone is getting really warm so I know it's harming the battery and potentially the CPU."

Those who have tried contacting Google report the company's support staff haven't been very helpful. Some users say rolling back to an older version of the Google app hasn't fixed the problem for them. "Actually ended up with an even older version from May 10, still draining the battery," writes one Redditor. The reader who contacted us suspects the problem may be server-side. "Google app keeps wrecking the battery regardless of version, and I've rolled all the way back to May 1st," they write. "I don't know how to see if the app is trying to call home or on a loop with something like that, but the symptoms remain the same."

Google did not immediately respond to Engadget's comment request.

AI

Google Makes Its Text-To-Music AI Public (techcrunch.com) 16

An anonymous reader quotes a report from TechCrunch: Google [on Wednesday] released MusicLM, a new experimental AI tool that can turn text descriptions into music. Available in the AI Test Kitchen app on the web, Android or iOS, MusicLM lets users type in a prompt like "soulful jazz for a dinner party" or "create an industrial techno sound that is hypnotic" and have the tool create several versions of the song. Users can specify instruments like "electronic" or "classical," as well as the "vibe, mood, or emotion" they're aiming for, as they refine their MusicLM-generated creations.

When Google previewed MusicLM in an academic paper in January, it said that it had "no immediate plans" to release it. The coauthors of the paper noted the many ethical challenges posed by a system like MusicLM, including a tendency to incorporate copyrighted material from training data into the generated songs. But in the intervening months, Google says it's been working with musicians and hosting workshops to "see how [the] technology can empower the creative process." One of the outcomes? The version of MusicLM in AI Test Kitchen won't generate music with specific artists or vocals. Make of that what you will. It seems unlikely, in any case, that the broader challenges around generative music will be easily remedied.
You can sign up to try MusicLM here.
Cellphones

Millions of Mobile Phones Come Pre-Infected With Malware, Say Researchers (theregister.com) 45

Trend Micro researchers at Black Hat Asia are warning that millions of Android devices worldwide come pre-infected with malicious firmware before the devices leave their factories. "This hardware is mainly cheapo Android mobile devices, though smartwatches, TVs, and other things are caught up in it," reports The Register. From the report: This insertion of malware began as the price of mobile phone firmware dropped, we're told. Competition between firmware distributors became so furious that eventually the providers could not charge money for their product. "But of course there's no free stuff," said [Trend Micro researcher Fyodor Yarochkin], who explained that, as a result of this cut-throat situation, firmware started to come with an undesirable feature -- silent plugins. The team analyzed dozens of firmware images looking for malicious software. They found over 80 different plugins, although many of those were not widely distributed. The plugins that were the most impactful were those that had a business model built around them, were sold on the underground, and marketed in the open on places like Facebook, blogs, and YouTube.

The objective of the malware is to steal info or make money from information collected or delivered. The malware turns the devices into proxies which are used to steal and sell SMS messages, take over social media and online messaging accounts, and used as monetization opportunities via adverts and click fraud. One type of plugin, proxy plugins, allow the criminal to rent out devices for up to around five minutes at a time. For example, those renting the control of the device could acquire data on keystrokes, geographical location, IP address and more. "The user of the proxy will be able to use someone else's phone for a period of 1200 seconds as an exit node," said Yarochkin. He also said the team found a Facebook cookie plugin that was used to harvest activity from the Facebook app.

Through telemetry data, the researchers estimated that at least millions of infected devices exist globally, but are centralized in Southeast Asia and Eastern Europe. A statistic self-reported by the criminals themselves, said the researchers, was around 8.9 million. As for where the threats are coming from, the duo wouldn't say specifically, although the word "China" showed up multiple times in the presentation, including in an origin story related to the development of the dodgy firmware. Yarochkin said the audience should consider where most of the world's OEMs are located and make their own deductions.

The team confirmed the malware was found in the phones of at least 10 vendors, but that there was possibly around 40 more affected. For those seeking to avoid infected mobile phones, they could go some way of protecting themselves by going high end. That is to say, you'll find this sort of bad firmware in the cheaper end of the Android ecosystem, and sticking to bigger brands is a good idea though not necessarily a guarantee of safety. "Big brands like Samsung, like Google took care of their supply chain security relatively well, but for threat actors, this is still a very lucrative market," said Yarochkin.

Android

Bluetooth Tags For Android's 3 Billion-Strong Tracking Network Are Here (arstechnica.com) 23

An anonymous reader quotes a report from Ars Technica: After the release of Apple's AirTags, Google suddenly has interest in the Bluetooth tracker market. The company has already quietly rolled out what must be the world's largest Bluetooth tracking network via Android's 3 billion active devices, and now trackers are starting to plug in to that network. Google is taking the ecosystem approach and letting various companies plug in to the Android Bluetooth tracking network, which has the very derivative name of "Find My Device." While these Bluetooth trackers are great for finding your lost car keys on a messy desk, they can also work as worldwide GPS trackers and locate items much farther away, even though they don't have GPS. The IDs of Bluetooth devices are public, so Tile started this whole idea of crowdsourced Bluetooth tracker location, called the "Tile Network." Every phone with the Tile app installed scans Bluetooth devices in the background and, using the phone GPS, uploads their last seen location to the cloud. This location data is only available to the person who owns the Tile, but every Tile user works to scan the environment and upload any Tiles the app can see. [...]

Now, third-party Bluetooth trackers for Android's network are starting to arrive. The two companies that have announced products are Chipolo and Pebblebee, both of which seem to be cloning the Tile line of products. Both offer normal keychain tracker tags and slim credit card format trackers. The worst habits of Tile include making completely disposable products because the batteries can't be changed, but it looks like our clones have mostly avoided that. All of Pebblebee's Find My Device products are rechargeable, which is great, while the Chipolo keychain tracker has a replaceable CR2032 battery. Only the Chipolo wallet tracker is disposable (boo!). All these tags will show up in the Find My Device app, right alongside your Android phones, headphones, and whatever else you have that plugs in to the network. They also have a speaker, like normal, so you can make them ring when you're near them. Both sets of products are up for preorder now.

Firefox

Microsoft Wants Firefox To Make Bing Its Default Search Engine (androidpolice.com) 52

According to The Information, Microsoft wants to bid to make Bing Firefox's default search engine. Android Police reports: The browser's contract with Google is set to expire this year, at which point Mozilla could either renew it or switch to a different search engine. Microsoft would very much like to take Google's place in Firefox. It's not a guarantee that it will actually help boost Bing's usage -- after all, Firefox users who don't want to use Bing could just switch to a different search engine, as Yahoo found out a few years ago -- but Microsoft sees potential in such a deal.

The report also notes that there's also a potentially more juicy opportunity coming up for Microsoft if it really wants to get serious about pushing Bing. Apple's Safari browser, which is the main web browser on Apple devices, will have its Google contract expire next year. Despite throwing shade constantly, Google really benefits from the deal it currently has with Apple, and Microsoft could sweep in and try to get Bing to become the main browser on iPhones.

Android

Android 14 Will Add More Customization To Your Home and Lock Screens 21

At Google I/O on Wednesday, VP of Engineering at Android David Burke new customization features coming to Android 14 later this year. Engadget reports: The tools build on the Material You design system Google introduced in 2021 by allowing users to create a custom wallpaper by picking a few of their favorite emojis. One of the new tools allows you to add up to 14 emojis to a single wallpaper. You can then pick a pattern and a color to bring everything together. Once the wallpaper is on your home screen, the characters will react when you tap on them. If you want something more sentimental, there's a separate option to create "Cinematic" wallpapers. The feature uses on-device neural networks to animate your favorite photos. Once the photo is on your home screen, tilting your device will cause it to move, giving the image more depth and life than it would have had you not used the new feature. Burke said both cinematic and emoji wallpapers would arrive on Pixel devices next month.

Come the fall, Google will also introduce a built-in AI image generator within Android's customization menu. You can use the tool to create wallpapers you can't find online. It comes with pre-populated prompts you can tweak to make the process of guiding the AI easier. Once you add an AI wallpaper to your home screen, Android's Material You system will automatically color-match all the user interface elements, including any app icons, so they don't clash with one another. Android 14 will further augment those tools with the addition of new clocks and shortcuts you can add to your lock screen. And if colors aren't your thing, Google also plans to add a new monochromatic theme for those who prefer a more understated look. At I/O, Burke also previewed Magic Compose, a Messages feature that will use Google's generative AI technology to write texts for you. The tool comes with multiple style settings you can use to give your messages a different flair. Google plans to beta test Magic Compose this summer. Separately, Google said after the keynote that Android 14 will add support for Ultra HDR, allowing for photos that feature more vivid colors and detailed shadows.
Android

Google Launches an AI Coding Bot For Android Developers (theverge.com) 16

An anonymous reader quotes a report from TechCrunch: Google is launching a new AI-powered coding bot for Android developers. During its I/O event on Wednesday, Google announced that the tool, called Studio Bot, will help developers build apps by generating code, fixing errors, and answering questions about Android. According to Google, the bot is built on Codey, the company's new foundational coding model that stems from its updated PaLM 2 large language model (LLM). Studio Bot supports both the Kotlin and Java programming languages and will live directly in the toolbar on Android Studio. There, developers can get quick answers to their questions or even have the bot debug a portion of their code.

While Google notes that developers don't need to share their source code with Google in order to use Studio Bot, the company will receive data on the conversations they have with the tool. Google says the bot is still in "very early days" but that it will continue training it to improve its answers. It's also currently only available to developers in the US for now via the Canary channel, and there's no word on when it will see a global launch.

Android

Google's New Pixel Tablet Is a $500 Slate For the Home (theverge.com) 81

Google has announced the Pixel Tablet after teasing it during last year's Google I/O conference. The Verge reports: The Pixel Tablet is designed from the ground up to be good at what people typically use tablets for: watching video or playing games in the comfort of their own home. It is not, however, making any statements about the future of computing. The looks of the Pixel Tablet are relatively generic. It has an 11-inch, 16:10, 2560 x 1600 pixel LCD display, even bezels all around, and a matte back. It comes in three colors: white, dark green, and light pink, with the dark green model featuring a black bezel. Though it looks like plastic from a distance, the Pixel Tablet has an aluminum frame with a nanotexture coating, not unlike what Google did with the Pixel 5 smartphone.

Bundled in the box with the Pixel Tablet is a magnetic speaker dock. This serves multiple purposes and is meant to prevent the dreaded "dead tablet in a drawer" syndrome: it's a place to store the Pixel Tablet when it's not in use; it charges the battery; and it has a louder, fuller speaker better suited for communal listening than the speakers that are built into the tablet. If you're playing music or watching a video on the tablet when you put it on the dock, it will seamlessly transfer the audio to the dock's speaker. Pull the tablet off the dock while something is playing, and it will instantly switch to the tablet's speakers.

When mounted on the speaker dock, the Pixel Tablet looks an awful lot like the Nest Hub Max, a $250 smart display that Google released back in 2019. But make no mistake, the Pixel Tablet is an Android tablet and not a smart display -- it runs completely different software and has different capabilities compared to the Nest Hub. That said, when the tablet is docked on the speaker, it can show a slideshow of images from your Google Photos albums just like the Nest Hub. It also has a quick access button to the Google Home app so you can control smart home devices, and it can accept voice commands from a distance for hands-free Google Assistant queries. The lock screen won't show any personal information like notifications -- for that, you'll have to unlock the tablet to access the accounts that are set up on it.
The $499 slab is available for preorder starting today, and will begin shipping on June 20th.
Businesses

Amazon In Talks To Buy Indian Video Giant MX Player (techcrunch.com) 5

An anonymous reader quotes a report from TechCrunch: Amazon is engaging with Times Internet to explore the acquisition of MX Player, one of the largest on-demand video streaming services in India, according to four sources familiar with the matter, as the American e-commerce group eyes expanding its entertainment ambitions in the key overseas market. The deliberations are remarkable for MX Player, which was acquired by the Indian conglomerate Times Internet for $140 million in 2018. The video app, popular for supporting a wide range of video formats and reliability on low-cost Android smartphones, has expanded to original content in recent years and has amassed more than 300 million users globally.

MX Player has gained wide adoption in markets such as India in part by offering its wide video catalog that includes access to live cable TV channels at no charge to consumers. Instead the service makes most of its revenue through ads. MX Player was one of the earliest video apps to expand into short-video format, cashing in on an opportunity created in the aftermath of New Delhi banning TikTok in the country in mid-2020. MX Player eventually merged that business with ShareChat's short-video offering Moj in a deal worth $900 million. [...] MX Player, which offers its premium offerings in many international markets, claims it has over 150 million active users in India. The firm last raised a venture round in 2019, when it received an investment of $110.8 million in a funding round led by Tencent. That round valued MX Player at $500 million.

Android

Google Unveils Pixel 7a With Tensor G2, 90Hz Display and 64MP Camera (gsmarena.com) 16

Google has launched the Pixel 7a for $499, featuring a 6.1-inch OLED display at 90Hz, Tensor G2 chip with 8GB RAM, and 64MP main camera. The Pixel 7a nearly matches the flagship Pixel 7 on specs but starts at a lower price. GSMArena.com reports: Yes, the 7a marks several firsts for the Pixel a series. For starters, its 6.1" OLED display now runs at 90Hz, the same refresh rate as the Pixel 7 (though that one has a slightly larger 6.3" display). The resolution is FHD+ and you get Gorilla Glass 3 protection. Speaking of protection, the phone is rated IP67 for dust and water resistance. It has a metal frame and a plastic back -- Google notes that it used recycled aluminum, glass and plastic to build the phone. For example, the visor is 100% recycled aluminum. Available colors are Charcoal, Sea and Snow.

Another major upgrade is the switch to the Tensor G2 chipset, which is now paired with 8GB of LPDDR RAM (up from 6GB on the 6a) and 128GB UFS 3.1 storage. This is the same configuration as the Pixel 7, so the a-phone will be just as fast at the various computational tasks. Also, note that Google is promising 5 years of security updates. Among them is the Super Res Zoom (up to 8x), which is enabled by the new 64MP camera (up from 12MP). The ultra wide camera has a 13MP sensor and a f/2.2 lens that is blessed with Dual Pixel autofocus. The front-facing camera was also bumped up to 13MP with a fixed-focus lens (f/2.2). The rear camera can record 5K video at up to 60fps, the front one tops out at 4K at 30fps.

The Pixel 7a supports sub-6GHz and mmWave flavors of 5G, though only models for select regions will have mmWave enabled. This is a dual-SIM device with one physical nano-SIM and one eSIM. The 7a is powered by a 4,385mAh battery that supports up to 18W wired charging and for the first time on an a-phone wireless charging is available too -- also at 18W. Note that the port on the bottom is USB-C 3.2 Gen 2, but the retail box comes only with a USB C-to-C cable with USB 2.0 wiring (and you have to supply your own charger).
You can order the Pixel 7a via the Google Store.

Slashdot Top Deals