Author: Mobile Syrup

Categories
Mobile Syrup

MediaTek fixed chip flaws that could allow apps to eavesdrop on users

Vulnerabilities in the artificial intelligence (AI) and audio processing components of recent MediaTek chips could have allowed eavesdropping on device owners. However, the flaw was reportedly never exploited in the wild.

MediaTek has fixed the vulnerabilities as of October, according to Check Point Research (via Android Police). While resolved, the vulnerabilities were quite serious and impacted a wide range of devices. As of Q2 2021, MediaTek powered about 43 percent of the worldwide smartphone market, making it the number one phone chip manufacturer by volume.

Although a list of impacted devices and/or chipsets wasn’t made available, Android Police reports that it sounds like the vulnerabilities affected modern MediaTek Dimensity chips and other MediaTek chips that use the ‘Tensilica’ APU platform.

In total, Check Point found four vulnerabilities that, when exploited together, could allow an app to pass commands to the audio interface. In other words, a malicious app could interact with the audio interface in ways that it shouldn’t be able to do and, in some cases, could even hide malicious code in the audio chip itself.

Researchers claim that malicious apps could have eavesdropped on customers using the vulnerability. Worse, device manufacturers could have used to create an eavesdropping campaign. However, the vulnerabilities weren’t caught being exploited in the wild.

In a statement to Android Police, MediaTek said:

“Regarding the Audio DSP vulnerability disclosed by Check Point, we worked diligently to validate the issue and make appropriate mitigations available to all OEMs. We have no evidence it is currently being exploited. We encourage end users to update their devices as patches become available and to only install applications from trusted locations such as the Google Play Store.”

If your phone has a MediaTek chip in it, you should make sure to install the latest security updates if you haven’t already.

Source: Check Point Research Via: Android Police

Categories
Mobile Syrup

Telus letting 300 lucky people finance a Nintendo Switch

In a strange move, Telus is now allowing 300 people to finance a Nintendo Switch as part of their internet package. Yes, you read that right. You don’t get the Switch as a free add-on. You just get to pay for it slowly over the course of two years.

Before we get too far into this, I should mention that this is only available to people in B.C. or Alberta that can get Telus Fibre internet.

The cheapest Switch plan costs $117 per month and includes unlimited Gigabit internet and two years of Switch Online services. A regular Fibre internet plan costs $99 per month, so this means that over two years, you’ll pay around $408 for the Switch on top of the $2,400 you’ll send Telus for your internet.

Since this is the older Switch, not even the new OLED model, you could buy a comparative model for $379. The two years of Switch Online is a nice add-on, but in the real world, that only costs $50, so it’s not worth that much. To be blunt, I think this is a pretty terrible deal, and anyone could likely find a better deal on both a Switch and a home internet plan that’s not going to lock you into a two-year-long payment program.

Anyways, if for some reason you still want to go for this deal, you can sign up here.

Source: Telus 

Categories
Mobile Syrup

Apple reportedly to have in-house 5G modem made by TSMC in 2023

Apple and Taiwan Semiconductor Manufacturing Company (TSMC) are reportedly forging a closer partnership that will see the latter make 5G modems for the California-based tech giant.

It’s been long-rumoured that Apple would develop its own modems for iPhones to reduce reliance on Qualcomm. Apple and Qualcomm previously faced off in a legal battle over how the latter priced its modem chips and licensing fees, which Apple settled in 2019. Since then, Apple has gone back to using Qualcomm’s modems in iPhones, particularly its 5G models. Before that, Apple used Intel-made modems in iPhones — the company acquired Intel’s modem division in 2019 following the Qualcomm settlement.

According to a new report from Nikkei Asia, Apple plans to have TSMC produce 5G modems for the 2023 iPhone. Four people familiar with the matter told the publication that Apple would leverage TSMC’s 4nm chip production technology for the chip. Additionally, Apple will develop its own radio frequency and millimetre wave (mmWave) components to complement the modem chip. Finally, the iPhone-maker reportedly will develop its own power management chip specifically for the modem.

In current iPhones, Qualcomm provides all those components.

Aside from saving money on licensing fees to Qualcomm, Apple’s in-house 5G modem could bring several other benefits. For one, it would allow for deeper hardware integration between the modem and Apple’s A-series chip, which could yield performance boosts and more power efficiency. It could potentially be a space-saving measure too, compared to having two separate components to handle processing and modem functionality.

However, there are several potential difficulties that come with making an in-house modem. For one, Apple’s modem has to support not just 5G but also 4G, 3G and 2G technologies. Moreover, the modem has to do this without infringing on Qualcomm’s patents.

With all the in mind, it’ll be interesting to see how Apple’s modem ambitions play out. Given how Apple has handled major hardware transitions before — a recent example being the Intel x86 to ARM-based Apple Silicon switch — I think Apple might be able to pull off the modem move. However, that depends if the company can make a competitive 5G modem.

Source: Nikkei Asia Via: 9to5Mac

Categories
Mobile Syrup

Amazon ‘nearing’ deal with EA to develop series based on Canadian-made Mass Effect

Amazon is close to signing a deal with Electronic Arts to develop a TV series based on BioWare Edmonton’s massively popular Mass Effect franchise.

As first reported by Deadline, this is part of Prime Video’s larger effort to invest in big original programming alongside The Wheel of Time, which premiered last week, and its 2022 Lord of the Rings series.

No further details were revealed, so it’s not yet clear whether the Mass Effect show would even be live-action or animated. The original trilogy followed human soldier Commander Shepard as they assemble a team to stop an extinction-level threat from the machine race known as the Reapers. That said, 2017’s much-maligned Mass Effect: Andromeda was about a different cast of characters exploring a different galaxy. Presumably, the series would draw from Commander Shepard’s popular adventures, although it’s unclear at this time.

It’s also worth noting that Superman actor Henry Cavill seemingly teased his involvement in a Mass Effect project earlier this year. Of course, that’s by no means confirmation that he’s a part of this potential Prime Video series, but it certainly seems plausible. Cavill is a noted gamer, having landed the role of Geralt in Netflix’s The Witcher, in part, due to his love of CD Projekt’s eponymous video game series.

Mass Effect film adaptation was confirmed to be in development way back in 2010, the same year Mass Effect 2 was released. At the time, Legendary Pictures and Warner Bros. were working on the project, although it ultimately fell through. Speaking on that cancelled project earlier this year, Mass Effect Legendary Edition project director Mac Walters said BioWare believed that the property would be better suited for the TV format.

It makes sense that Hollywood has been trying to adapt Mass Effect for quite some time now. On the one hand, the series features incredibly rich lore that certainly befits a big-budget adaptation. It’s also a critical and commercial success, leading fans to clamor for details on the untitled next game in the series.

However, one of the key tenets of Mass Effect is the player’s ability to make a slew of choices that affect the outcome of the narrative. Naturally, that element would be lost in an adaptation, unless it were some Black Mirror: Bandersnatch-style “choose-your-own-adventure” experience. Even still, that would be practically impossible to sustain over the course of a series, especially on the level of Mass Effect, which features a litany of decisions both big and small to make.

Assuming the Amazon-EA deal goes through, it remains to be seen how a Mass Effect TV adaptation might be approached.

Image credit: EA

Source: Deadline

Categories
Mobile Syrup

Sign up for YouTube Premium and get three months free

‘Black Friday’ is almost here, and YouTube wants to make it special with this Cyber Week offer.

Between now and December 6th, you can get three months of YouTube Premium for absolutely nothing. YouTube Premium includes ad-free YouTube and YouTube Music and gives you access to play media in the background and offline downloads.

It’s worth noting that the promotion is available to new users only, and if you’ve claimed a free trial in the past, your mileage for the current promotion may vary. Head to Youtube.com/Premium to claim your first three months off, post which, you’ll be charged $11.99 per month.

Image credit: YouTube

Source: Youtube 

Categories
Mobile Syrup

Ford government says Ontario vaccine portal is still secure following data breach

The Ontario government says residents should still be confident in the province’s vaccine booking portal, even though the government failed to disclose a suspected security breach that resulted in a police investigation and charges against a government employee.

As reported by CTV News, the Ontario Provincial Police (OPP) cyber crimes unit was “immediately engaged” and quickly started an investigation after learning about the breach on November 17th. The government asked the OPP to investigate after it received reports that residents received spam text messages from people who had scheduled appointments are accessed their vaccine certificates through the provincial vaccine portal.

The spam messages were “financial in nature,” according to Ontario’s Solicitor General, who also said the investigation confirmed that no personal health information was accessed and that the COVID-19 vaccine booking system “remains secure.”

CTV News reports that multiple residents received text messages with either their full names or their children’s full names, all with slightly differing requests.

Investigators executed two search warrants on November 22nd, one in Ottawa and the other in Quebec, related to the security breach. 21-year-old Gloucester resident Ayoub Sayid — who police say was an employee of the Ontario Ministry of Government and Consumer Services in the vaccine contact centre — and 22-year-old Rahim Abdu from Vaudreuil-Dorio, Quebec, were taken into custody and charged with Unauthorized Use of a Computer contrary to s. 342.1(1)(c) of the Criminal Code. The charges have not been proven in court.

Despite the arrests, the Official Opposition has criticized Premier Doug Ford’s government for failing to notify the public. Instead, concerned residents shared reports about the breach on social media, and the Ford government only confirmed it after inquiries from the media.

“The government knew this was happening and they chose to keep it under wraps,” said NDP leader Andrea Horwath.

Source: CTV News

Categories
Mobile Syrup

iRobot’s Black Friday sale discounts several vacuum and mop bundles

If you’ve been wanting to try a robot vacuum cleaner but the high price tag has been holding you off, this might be the deal for you.

iRobot is offering Black Friday discounts on several of its vacuum and mop bundles.

Check out the deals below:

Complete clean bundles

Check out all current iRobot deals here, and expect the company to release more offers as we approach Black Friday.

Image credit: iRobot

Source: iRobot

Categories
Mobile Syrup

Samsung bumps One UI 4.0 update to December 6 for Canadians

If you’ve been patiently waiting for Samsung’s One UI 4.0 update to roll out to your Samsung phone, looks like you’ll need to wait longer.

With the November 23rd release date come and gone now, Samsung Canada’s blog post points to December 6th, 2021 as the new release date for One UI 4.0 The update will start rolling out to Canadian Samsung Galaxy S21, S21+ and S21 Ultra devices on that day (assuming there are no more delays).

“We are committed to giving everyone access to the best mobile experiences possible, as soon as possible,” said Janghyun Yoon, executive vice president and head of the software platform team at Samsung’s mobile communications business. However, the company didn’t give a reason for the delayed One UI 4.0 launch in Canada.

The One UI 4.0 update will bring new theming options, a refreshed keyboard, new privacy settings, new emoji, GIFs, stickers and more. Plus, there will be new home screen icons, menus, buttons and backgrounds. Moreover, One UI 4.0 runs on top of Android 12.

Previously, Samsung released One UI 4.0 on November 15th, but update schedules published by Telus and Rogers indicated the update wouldn’t arrive until November 23rd in Canada.

Source: Samsung

Categories
Mobile Syrup

Apple will send threat notifications to potential spyware targets

Following Apple’s announcement that it will sue NSO for attacking iOS users, the iPhone-maker also revealed its monitoring devices for signs of compromise and will alert users with affected devices.

As a refresher, NSO is an Israel-based company that developed the ‘Pegasus‘ spyware used to compromise iPhones. NSO claims it only sells the tool to governments and law enforcement agencies, but reports show that Pegasus was used against activists, journalists and even Jeff Bezos (just to name a few targets).

According to a new support document from Apple, the company will deliver threat notifications to people potentially targeted by Pegasus in three ways: via iMessage, email and an alert on the Apple ID website (pictured below).

Further, Apple says that these threat notifications will never ask users to click on any links or install anything. If you receive a threat notification and aren’t sure about its validity, Apple suggests you sign into ‘appleid.apple.com’ to check.

Apple ID threat notifications

However, the company also acknowledges that things can change quickly, and says it cannot guarantee it will detect all attacks. Apple warns that false alarms are possible as well.

Finally, Apple lays out several steps iPhone owners should take to further protect themselves from potential attacks. Steps include updating devices to the latest software and security fices, protecting devices with a passcode, using two-factor authentication (2FA) and a strong password for their Apple ID, only installing apps from the App Store (where else would you get them?), using strong passwords for online services and finally, Apple warns not to click on links or attachments from unknown senders.

That last one is particularly important when it comes to Pegasus. One of the main ways attackers deliver spyware is by sending links or files to targets. When clicked, these links or files can install Pegasus without the target’s knowledge.

It might also be wise to avoid clicking links or files sent by people in your contacts too. It’s entirely possible for attackers to spoof sender details to make it look like something’s coming from a familiar source.

All that said, most people probably don’t need to worry about Pegasus on their phones. The tool is often deployed against journalists, activists, politicians and other public or important figures, not average people. Still, at least now there’s some reassurance that if an attacker used Pegasus against you, Apple might be able to warn you about it.

Those interested can learn more about Apple’s threat notifications here.

Source: Apple Via: 9to5Mac

Categories
Mobile Syrup

Sirius XM celebrates Black Friday with over a week of free music

Do you hate Spotify, Apple Music and YouTube Music? Well, if you do, this one is for you.

SiriusXM — yes, the satellite radio company — is offering up an outstanding 13 days of free music.

The only catch is, of course, that you need to use SiriusXM and once you sign up for this trial, you’ll likely get blasted with calls and emails asking you to sign up for the full service for at least the next six months, to six years.

Another fun bonus of Sirius radio is that you can use it in your car without your phone; a very futuristic feature, for sure. However, you’ll need to steam it through a phone or a laptop anywhere else. Some smart speakers can also tap into this legacy radio service.

If you want to check out the free stations you’ll get with this deal, you can do so here, but I will mention that ‘Diplo’s Revolution,’ ‘The Garth Channel,’ and ‘Dave Matthews Band Radio’ are all included.

All jokes aside, if you actually like Sirius Radio, please comment below and let me know why?

Source: SiriusXM Radio