close
  • chevron_right

    Huawei’s foldable is thinner, lighter, and has more battery than Samsung

    news.movim.eu / ArsTechnica · 4 days ago - 21:56 · 1 minute

Giant Huawei logo onstage.

Enlarge (credit: Huawei )

Huawei is still making phones, even if the US-China trade war puts most of the stalwart Android component vendors in a complicated relationship with the Chinese tech company. Huawei's new phones are the flagship Huawei P60 Pro slab phone and a flagship foldable, the Huawei Mate X3 .

The trade war makes these phones unique in the world of Android. First, it has a Qualcomm chip, but Huawei isn't allowed to use the latest technology from Qualcomm, so the chip in both of these phones is the "Snapdragon 8+ Gen 1 4G Mobile Platform." Besides being last year's chip, this is a special, Huawei-only version of the chip that is branded as "4G." It has had the 5G bands stripped out of it—both mmWave and sub 6 GHz.

The other oddity is the lack of Google Play apps internationally. Huawei isn't allowed to ship the Google apps due to the export ban. While that's normal in China (where Google Play isn't available), internationally it means the phone is missing standard Google apps like YouTube, Gmail, Google Maps, the Google Assistant, Docs, Search, Photos, and other apps that make Android a competitive consumer OS. Instead of the Google ecosystem, you'll be getting the OS with Huawei Mobile Services , which includes the Huawei AppGallery, Huawei Petal Maps , the Huawei Assistant (which appears just to be a search tool and some widgets, not a voice assistant), Huawei Pay, and Huawei apps for books, music, and video.

Read 10 remaining paragraphs | Comments

  • chevron_right

    Tech makers must provide repairs for up to 10 years under proposed EU law

    news.movim.eu / ArsTechnica · Thursday, 23 March - 18:37

DIY repair mobile phone at home. Woman repairing mobile phone at home, changing damaged part.

Enlarge / Smartphone repairs could be required for up to five years, while other products, like washing machines, may require up to a decade of vendor repairs. (credit: Getty )

Makers of numerous product categories, including TVs, vacuums, smartphones, and tablets, could be required to enable repairs for their products for up to 10 years after purchase, depending on the device type. The European Commission on Wednesday announced a proposal it has adopted that would implement long-term repair requirements on electronics makers, if the European Parliament and Council approve it.

The regulation would apply to any devices with repairability requirements in the EU, including vacuum cleaners, washer-dryers, welding equipment, servers, and data-storage devices. The EU is currently hammering out right to repair requirements for smartphones and tablets.

Already, the EU requires vendors to repair or replace products within two years of purchase for free if the product is defective. The new regulation would require companies to provide a free repair (instead of replacing the product) if doing so would be the same price or cheaper than replacing it.

Read 17 remaining paragraphs | Comments

  • Sc chevron_right

    Ukraine Intercepting Russian Soldiers’ Cell Phone Calls

    news.movim.eu / Schneier · Tuesday, 20 December - 23:04

They’re using commercial phones, which go through the Ukrainian telecom network :

“You still have a lot of soldiers bringing cellphones to the frontline who want to talk to their families and they are either being intercepted as they go through a Ukrainian telecommunications provider or intercepted over the air,” said Alperovitch. “That doesn’t pose too much difficulty for the Ukrainian security services.”

[…]

“Security has always been a mess, both in the army and among defence officials,” the source said. “For example, in 2013 they tried to get all the staff at the ministry of defence to replace our iPhones with Russian-made Yoto smartphones.

“But everyone just kept using the iPhone as a second mobile because it was much better. We would just keep the iPhone in the car’s glove compartment for when we got back from work. In the end, the ministry gave up and stopped caring. If the top doesn’t take security very seriously, how can you expect any discipline in the regular army?”

This isn’t a new problem and it isn’t a Russian problem. Here’s a more general article on the problem from 2020.

  • Sc chevron_right

    Using Pupil Reflection in Smartphone Camera Selfies

    news.movim.eu / Schneier · Tuesday, 3 May, 2022 - 16:17

Researchers are using the reflection of the smartphone in the pupils of faces taken as selfies to infer information about how the phone is being used:

For now, the research is focusing on six different ways a user can hold a device like a smartphone: with both hands, just the left, or just the right in portrait mode, and the same options in horizontal mode.

It’s not a lot of information, but it’s a start. (It’ll be a while before we can reproduce these results from Blade Runner .)

Research paper .

  • Sc chevron_right

    Samsung Encryption Flaw

    news.movim.eu / Schneier · Wednesday, 2 March, 2022 - 20:45 · 1 minute

Researchers have found a major encryption flaw in 100 million Samsung Galaxy phones.

From the abstract:

In this work, we expose the cryptographic design and implementation of Android’s Hardware-Backed Keystore in Samsung’s Galaxy S8, S9, S10, S20, and S21 flagship devices. We reversed-engineered and provide a detailed description of the cryptographic design and code structure, and we unveil severe design flaws. We present an IV reuse attack on AES-GCM that allows an attacker to extract hardware-protected key material, and a downgrade attack that makes even the latest Samsung devices vulnerable to the IV reuse attack. We demonstrate working key extraction attacks on the latest devices. We also show the implications of our attacks on two higher-level cryptographic protocols between the TrustZone and a remote server: we demonstrate a working FIDO2 WebAuthn login bypass and a compromise of Google’s Secure Key Import.

Here are the details:

As we discussed in Section 3, the wrapping key used to encrypt the key blobs (HDK) is derived using a salt value computed by the Keymaster TA. In v15 and v20-s9 blobs, the salt is a deterministic function that depends only on the application ID and application data (and constant strings), which the Normal World client fully controls. This means that for a given application, all key blobs will be encrypted using the same key. As the blobs are encrypted in AES-GCM mode-of-operation, the security of the resulting encryption scheme depends on its IV values never being reused.

Gadzooks. That’s a really embarrassing mistake. GSM needs a new nonce for every encryption. Samsung took a secure cipher mode and implemented it insecurely.

News article .

Dans les smartphones des collégiens

  • Dans les smartphones des collégiens

    Scènes de torture, débats enflammés sur le blasphème, obsession pour la répression de la minorité ouïghoure en Chine : en passant presque trois mois avec des collégiens français, je ne pensais pas découvrir de telles choses dans leurs smartphones sur leurs pratiques informationnelles. Et être si loin d’eux.

  • chevron_right

    Mathias Poujol-Rost ✅ · Thursday, 18 November, 2021 - 10:25 edit

    Fairphone is challenging the industry by creating #smartphones that are sustainable, ethical and built to last.

    #Fairphone is a proud #FairTEC member. Find their offering at www.fairtec.io

FairTEC (@fairtecEU@mastodon.social)

  • FairTEC (@fairtecEU@mastodon.social)

    Who are the different organisations that make FairTEC? The fact is, the longer you keep your smartphone, the smaller it's environmental footprint. Fairphone is challenging the industry by creating smartphones that are sustainable, ethical and built to last. Fairphone is a proud FairTEC member. Find their offering at www.fairtec.io #partofFairTEC Discover more: https://bit.ly/2LrI82r