Google announced this week that it released an Android update to patch shedloads of vulnerabilities, but the advisory mentioned an information disclosure vulnerability in the Qualcomm tethering controller (CVE-2016-2060) that allows a malicious application to access user information.

FireEye said that this vulnerablity is “high severity,” but Google noted that it does not affect Nexus devices. The patch for the issue is not in the Android Open Source Project (AOSP) repository but might make it in the  latest driver updates for affected devices.

The security outfit said that researchers informed Qualcomm about the vulnerability in January and the vendor developed a fix by early March, when it started reaching out to OEMs to let them know about the issue. Now it’s up to the device manufacturers to push out the patch to customers. So probably a long time then.

The flaw exists in an open source software package maintained by Qualcomm and is related to the Android network daemon (netd).

“The vulnerability was introduced when Qualcomm provided new APIs as part of the ‘network_manager’ system service, and subsequently the ‘netd’ daemon, that allow additional tethering capabilities, possibly among other things,” FireEye said.

The flaw has been confirmed to affect devices running Android 5.0 Lollipop and earlier, which currently account for roughly three-quarters of Android devices. Researchers noted that the affected Qualcomm software package is used in a variety of projects, including the popular CyanogenMod, and the vulnerable APIs appear to have been around since at least 2011.

The vulnerability can be exploited to escalate privileges to the built-in “radio” user, which has permissions that are normally not available to a third-party app. The most efficient way to exploit CVE-2016-2060 is via a malicious application that is granted the “ACCESS_NETWORK_STATE” permission.

Courtesy-Fud

Once a die-hard cloud holdout, Oracle has been making up for lost time by buying a foothold in specific industries through acquisitions such as this one. Last week’s Textura buy gave it a leg up in engineering and construction.

“It’s a good move on Oracle’s part, and it definitely strengthens Oracle’s cloud story,” said Frank Scavo, president of Computer Economics.

Opower’s big-data platform helps utilities improve customer service, reduce costs and meet regulatory requirements. It currently stores and analyzes more than 600 billion meter readings from 60 million end customers. Opower claims more than 100 global utilities among its clients, including PG&E, Exelon and National Grid.

Opower will continue to operate independently until the transaction closes, which is expected later this year. The union will create the largest provider of mission-critical cloud services to an industry that’s worth $2.3 trillion, Oracle said.

Oracle’s Utilities business delivers applications and cloud services that automate core operational processes and enable compliance for global electric, gas and water utilities.

“Oracle’s industry organizations maintain unique domain knowledge, specialized expertise and focused product investments,” said Rodger Smith, a senior vice president who leads the Utilities global business unit, in a letter to customers and partners. “This model has proven highly successful across several industries, and we look forward to bringing these same benefits to the customers of Opower.”

Source- http://www.thegurureview.net/aroundnet-category/oracle-pushes-deeper-into-cloud-computing-with-another-acquisition.html

Researchers from security firm PhishLabs claim that they’ve found 11 such applications since the beginning of 2016 hosted on Google Play, most of them created by the same group of attackers.

The apps are simple, yet effective. They load Web pages containing log-in forms that look like the target companies’ websites. These pages are loaded from domain names registered by the attackers, but because they are loaded inside the apps, users don’t see their actual location.

In some cases attackers registered domain names that are similar to those of the impersonated online payment services, PhishLab Security Threat Analyst Joshua Shilko said in a blog post.

More recently, attackers used domain names similar to those of cryptocurrency companies, suggesting that the cryptocurrency industry is also targeted.

PhishLabs did not name the exact payment card companies and online payment services whose users were targeted by these fake apps. However, most of those companies provide links to their official mobile applications on their websites and users should always use those links instead of manually searching for them on the Play store.

“In one case, a targeted company explicitly states on their website that no mobile application exists for their company and that users should be wary of any mobile application using their brand,” Shilko said.

The danger is that if phishers manage to routinely bypass Google’s review process and upload such apps to the Google Play store, their attacks might extend to other industries in the future.

Another problem is that even when these apps are detected by third-parties and reported, it can take several days for Google to remove them from the app store, leaving a sufficiently large window of opportunity for attackers. It’s not clear how attackers promote these fake apps or if they rely only on users finding them themselves, but in general phishing attacks are most effective during the first several hours after they’re launched.

Source- http://www.thegurureview.net/mobile-category/phishing-apps-continue-to-play-google-play.html

IDC siad that for the first quarter of 2016, overall worldwide tablet shipments fell to 39.6 million, a 14.7 percent drop from the same period a year ago,  However the only part of the segment which did ok were tablets with keyboards – or as we used to call them, netbooks.

IDC said that the decline of ordinary tablets was partly due to traditional first-quarter slumps but also a complete lack of interest on the part of customers.

Traditional tablets accounted for 87.6 percent of all tablet shipments. But tablets that come with detachable keyboards increased of more than 4.9 million units last quarter. That was a gain of 120 percent from the same period last year and an all-time high for tablets with detachable keyboards.

Tablets are dying because more people are buying big-screened phones as an alternative. You remember Fablets? They were what Steve Jobs claimed would never work because they prefered smaller smartphones or bigger tablets. In fact he was talking rubbish and was trying to keep his keyboardless netbook idea going.

IDC said that the newer tablets don’t offer enough new features to entice people to upgrade. After all tablets were always looking for an app which made them useful, which never arrived.

To counteract the downturn, more manufacturers are turning to tablets with detachable keyboards that can thus serve as laptops – on otherwords returning to the netbooks that the Tablets were said to replace.

“With the PC industry in decline, the detachable market stands to benefit as consumers and enterprises seek to replace their aging PCs with detachables,” IDC senior research analyst Jitesh Ubrani said in a statement.

Apple saw its shipments and market share drop but remained in first place. Apple’s latest 9.7-inch iPad Pro and the new 256GB storage option for the 12.9-inch iPad Pro are “healthy additions” to the lineup, IDC said. Samsung also saw its shipments and market share decline. Though the Samsung Galaxy Tab lineup is still popular, its detachable TabPro S is dead in the water thanks to its $900 price tag.

Amazon has found success with its starting-at-$49 Fire, showing that consumers will still buy bargain-priced tablets. Missing from the list was Microsoft in spite of the popularity of its Surface Pro products, which start at $900.

IDC said:

“The Surface line is great. But it’s tough to drive volume in the first quarter. Prices of Surface products are fairly high, but Microsoft is in the top five list for tablets with detachable keyboards. The top five for tablets as a whole is a tougher nut to crack given the large slate volumes compared to detachables.”

Courtesy-Fud

T-Mobile has been offering cheaper leasing plans and free music and video streaming to lure customers away from larger rivals Verizon Communications Inc and AT&T Inc.

T-Mobile, controlled by Deutsche Telekom, said it added 2.2 million customers on a net basis in the first quarter ended March 31.

That easily topped the average analyst estimate of 1.72 million, according to research firm FactSet StreetAccount.

The company said it expected to add 3.2 million to 3.6 million postpaid customers on a net basis in 2016, compared with its previous forecast of 2.4 million to 3.4 million.

T-Mobile’s 10.6 percent jump in quarterly revenue to $8.6 billion suggested its strategy to boost revenue was working. Analysts on average had expected revenue of $8.43 billion, according to Thomson Reuters I/B/E/S.

In comparison, market leader Verizon’s operating revenue rose just 0.6 percent to $32.17 billion.

AT&T is scheduled to report results later on Tuesday.

T-Mobile reported net income of $479 million, or 56 cents per share, for the first quarter, compared with a loss of $63 million, or 9 cents per share, a year earlier.

Source-http://www.thegurureview.net/mobile-category/t-mobile-revenue-up-continues-attracting-new-customers.html

Mya Le Thai, a PhD candidate at the university, explained in a paper published this week that she and her colleagues used nanowires, a material that is several thousand times thinner than a human hair, extremely conductive and has a surface area large enough to support the storage and transfer of electrons.

Nanowires are extremely fragile and don’t usually hold up well to repeated discharging and recharging, or cycling. They expand and grow brittle in a typical lithium-ion battery, but Le Thai’s team fixed this by coating a gold nanowire in a manganese dioxide shell and then placing it in a Plexiglas-like gel to improve its reliability. All by accident.

The breakthrough could lead to laptop, smartphone and tablet batteries that last forever.

Reginald Penner, chairman of UCI’s chemistry department, said: “Mya was playing around and she coated this whole thing with a very thin gel layer and started to cycle it.

“She discovered that just by using this gel she could cycle it hundreds of thousands of times without losing any capacity. That was crazy, because these things typically die in dramatic fashion after 5,000 or 6,000 or 7,000 cycles at most.”

The battery-like structure was tested more than 200,000 times over a three-month span, and the researchers reported no loss of capacity or power.

“The coated electrode holds its shape much better, making it a more reliable option,” Thai said. “This research proves that a nanowire-based battery electrode can have a long lifetime and that we can make these kinds of batteries a reality.”

The breakthrough also paves the way for commercial batteries that could last a lifetime in appliances, cars and spacecraft.

British fuel-cell maker Intelligent Energy Holdings announced earlier this year that it is working on a smartphone battery that will need to be charged only once a week.

The tear downs will start happening soon but our sources very close to the matter said with high certainly that all iPhone SE come with an updated Qualcomm modem.

Intel is still in the run but apparently Apple still felt confident to continue using Qualcomm even for this generation of the phone. A few analysts did suggested that iPhone 7 and beyond might get Intel LTE hardware, but not with iPhone SE.

Back in December, when we originally wrote that Intel got the iPhone SE deal, our sources did suggest that Apple can still change its mind if it doesn’t feel that Intel modem is ready. This might be the case, but in the future, we are quite confident that Apple will get a second LTE supplier at some point, just as it did with different manufacturing fabs.

Having two suppliers will drive the cost down, and for Apple every dollar or cent they save of components means millions more in its pocket. Apple claims “LTE up to 50 percent faster than iPhone 5s,” but it doesn’t give a real number. The iPhone 5S uses MDM9615 that was first introduced in 2011. This modem is at the technology range of Cat 4, X5 modem that Qualcomm ships in its entry level SoCs or as an external component.

We will have to wait for the first teardowns to appear as it is not easy to get to “ LTE up to 50 percent faster than iPhone 5s.” You would need a modem that is capable of 225 Mbps  and the next of potential candidates for the iPhone SE is the MDM 20nm 9×35. Qualcomm calls this modem X7 these days, it use to call it Gobi back in late 2014 and this is a Cat 6, 300 Mbit per second download and 50 Mbit per second upload capable chip.

The fact that Apple continues the exclusive deal with Qualcomm is bad news for Intel, but we are sure that the team blue will keep working on getting inside of iPhone.

Courtesy-Fud

We ain’t surprised, but it is quite a shocking and naked fact when you consider it. The naming and resulting shaming happens in the HPE Cyber Risk Report 2016, which HPE said “identifies the top security threats plaguing enterprises”.

Enterprises, it seems, have myriad problems, of which Microsoft is just one.

“In 2015, we saw attackers infiltrate networks at an alarming rate, leading to some of the largest data breaches to date, but now is not the time to take the foot off the gas and put the enterprise on lockdown,” said Sue Barsamian, senior vice president and general manager for security products at HPE.

“We must learn from these incidents, understand and monitor the risk environment, and build security into the fabric of the organisation to better mitigate known and unknown threats, which will enable companies to fearlessly innovate and accelerate business growth.”

Microsoft earned its place in the enterprise nightmare probably because of its ubiquity. Applications, malware and vulnerabilities are a real problem, and it is Windows that provides the platform for this havoc.

“Software vulnerability exploitation continues to be a primary vector for attack, with mobile exploits gaining traction. Similar to 2014, the top 10 vulnerabilities exploited in 2015 were more than one-year-old, with 68 percent being three years old or more,” explained the report.

“In 2015, Microsoft Windows represented the most targeted software platform, with 42 percent of the top 20 discovered exploits directed at Microsoft platforms and applications.”

It is not all bad news for Redmond, as the Google-operated Android is also put forward as a professional pain in the butt. So is iOS, before Apple users get any ideas.

“Malware has evolved from being simply disruptive to a revenue-generating activity for attackers. While the overall number of newly discovered malware samples declined 3.6 percent year over year, the attack targets shifted notably in line with evolving enterprise trends and focused heavily on monetisation,” added the firm.

“As the number of connected mobile devices expands, malware is diversifying to target the most popular mobile operating platforms. The number of Android threats, malware and potentially unwanted applications have grown to more than 10,000 new threats discovered daily, reaching a total year-over-year increase of 153 percent.

“Apple iOS represented the greatest growth rate with a malware sample increase of more than 230 percent.”

Courtesy-TheInq