Categories
Mobile Syrup

Exploit with Pixel screenshot editor lets you un-crop images

The March security update that rolled out earlier this month included some fixes for major vulnerabilities on Google’s Pixel smartphone line.

There was a patch for an exploit with Samsung-made modems that could allow attackers to access data like phone calls or text messages using only the victim’s phone number. However, that wasn’t the only major vulnerability. The March update also includes a fix for a high-severity flaw with the Pixel Markup tool for editing screenshots. In short, the flaw leaves data in the image file that could allow malicious actors to partially restore images that were cropped or edited.

Dubbed ‘aCropalypse,’ details emerged over the weekend courtesy of Simon Aarons and David Buchanan, reverse engineers who uncovered the flaw. Aarons posted an image showing how aCropalypse can be used to recover an image on Twitter — the image shows a cropped, redacted photo of a credit card shared in a chat, and then the recovered image that includes the unredacted credit card number. Meanwhile, Buchanan posted a blog post with a technical breakdown of the exploit — if you’re curious how, exactly, aCropalype works, it’s worth a read.

The flaw has existed for about five years. Markup was released in 2018 as part of Android 9 Pie, so it seems like aCropalypse has been around basically since the beginning. Although the March security patch fixes the problem for future images, edited screenshots taken prior to the patch are still vulnerable.

However, it’s hard to say just how worried Pixel owners should be. Aarons and Buchanan have a FAQ page coming — though at the time of writing, it wasn’t live — that should help explain some of the details. One important piece of information the duo shared with The Verge and 9to5Google is that some websites, like Twitter, process images in such a way that they aren’t vulnerable to aCropalypse. Not everything is like this, though — the pair pointed out Discord as an example, which didn’t patch out the vulnerability until January 17th.

With that in mind, it’s probably best to assume any screenshot you’ve taken and edited on a Pixel phone in the last five or so years could be reverse-engineered to recover the edited parts of the image.

Moreover, the March patch only rolled out to the Pixel 4a, 5a, 7 and 7 Pro, with the update delayed for the Pixel 6 series (though it’s supposed to roll out on March 20th).

You can learn more about the aCropalypse exploit here or try a demo of it here.

Source: Aarons, Buchanan, Via: The Verge

Categories
Mobile Syrup

Samsung, Pixel devices vulnerable to exploits that expose calls and texts

Google’s ‘Project Zero,’ an in-house team of cybersecurity experts and analysts, warned in a new blog post of 18 different potential exploits in some phones using Samsung’s Exynos modems. That includes devices from Samsung, Vivo and Google’s own Pixel line (more on the specific devices below).

Project Zero warns that the exploits are severe and should be treated as zero-day vulnerabilities — the term ‘zero-day’ refers to recently-discovered exploits that software makers and manufacturers have zero days to fix. The exploits could allow malicious actors to compromise a device just by knowing the associated phone number, and the device’s owner wouldn’t notice a thing.

Specifically, four of the 18 exploits could allow a malicious actor to gain access to the data coming in and out of a device’s modem using just the phone number. That data includes things like phone calls and text messages. Particularly concerning is that this could be done remotely, while some of the other vulnerabilities would require local access to a device.

Project Zero recommends that people with affected devices install upcoming security updates as soon as possible to protect themselves from the vulnerability, though when those updates will arrive varies by manufacturer. Google included a patch for some of the flaws in its March 2023 security update for Pixel phones, for example. Impacted devices include:

  • Samsung phones including the Galaxy S22 series, the Galaxy M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04
  • Vivo phones including the S16, S15, S6, X70, X60 and X30
  • Google Pixel 6 and 7 series
  • Wearables using the Exynos W920 chipset
  • Vehicles that use the Exynos Auto T5123 chipset

Those with an affected device will want to take a few steps to mitigate risks until patches arrive. Project Zero advises people to turn off Wi-Fi calling and Voice-over-LTE (VoLTE) — you should be able to find both of these in the Settings menu under Network & internet > SIMs, though the exact location may vary from device to device.

Project Zero reported the exploits to manufacturers in late 2022 and early 2024, but the team withheld publication for four other vulnerabilities due to the ongoing severity.

Source: Project Zero Via: CNET

Categories
Mobile Syrup

Google kills Glass for good

Nearly a decade ago, Google unveiled Glass, one of the first major augmented reality (AR) devices and the catalyst for significant controversy. Now, Google is killing Glass for good.

As reported by 9to5Google, Google announced it will no longer sell the Glass Enterprise Edition 2 headsets. Moreover, the company will support existing headsets until September 15th, 2023, support meaning that customers can get replacement devices under existing programs until the deadline. Google said it doesn’t have any software updates planned for Glass.

Existing headsets will continue to work as normal after the deadline, and developers will still be able to update their apps. Of course, that doesn’t mean everything will keep working — notably, Google warned that its ‘Meet on Glass’ app — which launched less than a year ago — isn’t guaranteed to work beyond September 15th.

Google Glass had an interesting journey. Google first unveiled Glass in April 2012 and started selling a prototype of the headset to qualified ‘Glass Explorers’ in the U.S. a year later. Except, the prototypes cost $1,500 USD at the time (about $1,937.10 USD in 2023, or roughly $2,663.32 CAD) and the headsets weren’t exactly billed as prototypes.

Moreover, the headsets went on to cause several controversies, particularly around privacy, since Glass had built-in cameras. Some businesses even put up anti-Glass signs and Glass owners were called ‘Glassholes.’ Google later killed the Glass Explorer program.

In 2017, Google went all-in on business with Glass Enterprise Edition and in 2019, released an updated Enterprise Edition 2. The Enterprise headsets proved useful in some applications, such as in hospitals and surgeries.

Interestingly, 9to5 notes that Google recently started testing some integrations between Glass and its Pixel phones. It seems somewhat odd that Google would suddenly kill off the product amid testing new applications, but perhaps it’s paving way for something new.

Android Police pointed out that Google teased a new AR glasses product at Google I/O 2022 and with I/O 2023 right around the corner, maybe we’ll see the spiritual successor to Glass (with new branding, of course — can’t be associated with those Glassholes anymore).

Source: 9to5Google Via: Android Police

Categories
Mobile Syrup

Unofficial Pixel 8 renders reveal few significant changes from the Pixel 7

Pixel leak season is in full swing now. Following information revealed about the Pixel Fold and Pixel 7a through leaked retail listings, someone went hands-on with a whole Pixel 7a and unofficial renders of the Pixel 8 Pro, now the Pixel 8 is getting its turn in the spotlight.

Leaker OnLeaks partnered with MySmartPrice to share unofficial renders showing off what could be the design of Google’s Pixel 8 flagship. Assuming the renders and corresponding details are accurate, the Pixel 8 will sport a slightly smaller 6.2-inch screen (MySmartPrice listed it as 5.8 inches, but OnLeaks noted in a tweet that he got the measurements wrong). The Pixel 7, on the other hand, had a 6.3-inch screen.

Along with the smaller display, the Pixel 8 will have thinner bezels and more rounded corners than its predecessor. In the renders, the Pixel 8 looks superb with the nearly edge-to-edge display.

Plus, the Pixel 8 continues Google’s recent Pixel design trends with a prominent camera bar sporting two cameras. That likely means the Pixel 8 won’t sport any fancy new sensors and stick with the regular and ultrawide camera setup featured on the Pixel 7, though rumours point to an upgraded sensor. Interestingly, the mystery sensor featured on the Pixel 8 Pro renders doesn’t appear to be on the Pixel 8.

The dimensions of the Pixel 8 reportedly measure in at 150.5 x 70.8 x 8.9mm, with the camera bar bringing it up to 12mm. That would make it slightly smaller and thicker than the Pixel 7’s 155.6 x 73.2 x 8.7mm dimensions.

That’s about it in terms of new information shared by MySmartPrice. Beyond that, it’s a safe bet that the Pixel 8 will sport a new Tensor G3 processor and that it will likely launch in the fall alongside the Pixel 8 Pro. However, we could see the Pixel 8 teased at Google’s upcoming I/O developer conference in May, but it sounds like I/O will prominently feature other much-hyped Pixel phones too.

Images credit: MySmartPrice

Source: MySmartPrice

Categories
Mobile Syrup

Google’s Pixel Fold could land on store shelves sooner than expected

According to a bunch of new information about the Google Pixel Fold and Pixel 7a scrounged from retail sources, the devices could arrive after Google I/O in mid-June.

The information comes from WinFuture and 9to5Google (via Android Police). The two publications reported on leaked retail listings for the phones that include information about colourways, storage options and, importantly, the launch window.

For the Pixel Fold, it will reportedly land on store shelves in mid-June. That’s a surprising departure from previous leaks that pegged the foldable for a fall launch alongside the Pixel 8 series (speaking of which, renders of the 8 Pro surfaced online, check ’em out here).

However, it makes sense when you think about it. The Pixel Fold will reportedly rock the Tensor G2, so it might seem odd launching alongside the Pixel 8 with its Tensor G3 chip. Plus, launching the foldable in the summer means it won’t overshadow Google’s fall flagships.

Beyond the June release, the retail listing revealed there will be a 256GB Pixel Fold, though it’s unclear if there will be other storage options. The Fold will also have cases in ‘Haze Midtone,’ ‘Porcelain’ and ‘Sky’ colours.

As for the Pixel 7a — which also just had a massive leak — it will also be available in mid-June. However, it’s less surprising than the Fold since Google typically launches the A-series Pixel in the summer following a reveal at I/O.

The Pixel 7a will reportedly have three colour options, ‘Carbon,’ ‘Cotton’ and ‘Artic Blue.’ The first two are your typical run-of-the-mill black and white options, while Artic Blue sounds more interesting.

WinFuture reportedly saw a Jade-coloured case for the Pixel 7a, though it’s unclear if there will be a matching Jade-coloured phone. The Pixel 7a will reportedly offer one storage option at 128GB — the same as previous leaks.

All this points to an exciting Google I/O in May. We’ll likely learn lots more about the Pixel Fold and Pixel 7a at the event (assuming it doesn’t all leak before then).

Image credit: Howtoisolve

Source: WinFuture, 9to5Google Via: Android Police

Categories
Mobile Syrup

Unofficial Pixel 8 Pro renders give us a first look at Google’s upcoming flagship

Pixel leaks season is upon us.

Following a recent hands-on with a prototype Pixel 7a, OnLeaks and SmartPrix partnered to reveal unofficial renders of Google’s upcoming Pixel flagship based on “exclusive information on the design of the Pixel 8 Pro.”

Generally, it looks like the Pixel 8 Pro will maintain a similar style to the 7 Pro and 6 Pro that came before — assuming the renders are accurate. That means the camera visor will return (love it or hate it), though this time the renders show all three rear cameras housed in one glass oval, rather than the ‘i’ shaped cutouts on the 7 Pro.

Next to the cutouts for the camera are two small cutouts, one for a flash and another for an unknown sensor. SmartPrix suspects it could be a depth or macro sensor, but we likely won’t know for sure without more leaked info, or until the phone launches.

Beyond that, it appears the Pixel 8 Pro will offer a flat display instead of a curved display like what was on the predecessors. Fans of curved displays may lament the change, but I think this is the right move.

The display bezels also look pretty small, save for a slight chin at the bottom. The screen will reportedly measure in at 6.52-inches, slightly smaller than the 6.7-inch panel on the 7 Pro. The phone’s overall dimensions will allegedly be 162.6×76.5×8.7mm, and the camera bar will bring the thickness up to 12mm.

That’s about it for what the renders reveal. So far, we don’t know a lot about the Pixel 8 series, although it’s expected the phones will run on a Tensor G3 chip, likely based on a Samsung Exynos chip again. There’s also a rumour the Pixel 8 line will use an updated camera sensor, the Samsung ISOCELL GN2 with support for staggered HDR.

Once again, the Pixel series is expected to launch later in the year, likely in October or November. However, the phones could be teased at Google’s upcoming I/O developer conference, which kicks off May 10th. We might also see the launch of another Google phone — the Pixel 7a — as well as reveal new details about Android 14, which will likely run on the Pixel 8 series.

Images credit: SmartPrix

Source: SmartPrix

Categories
Mobile Syrup

Google pushes out first Feature Drop of 2023

Google has released its first Pixel Feature Drop of 2023 rolling out to devices now and over the next few weeks.

Faster ‘Night Sight,’ a previously Pixel 7 and 7 Pro exclusive feature, is making its way to the Pixel 6 and 6 Pro. Google says it can do this thanks to the power of its Tensor chip.

Magic Eraser is coming to more Pixel phones as well. The feature allows users to remove distractions like photo bombers, and lets you change the colour of an object to make it blend in with the image better. Oddly, Google doesn’t state what Pixel devices are getting the feature.

The Pixel now has Health Connect built-in, which allows users to store, connect and share data from compatible health and fitness apps. Health Connect lets users store data on-device and provides a central set of controls to manage health and fitness data.

Further, users can see timers across all their Pixel devices without unlocking the handset. This means if you set a timer on your Nest Hub, ‘At a Glance’ will also show the countdown on your Pixel device.

The Pixel Watch now has fall detection, which can detect if you’ve taken a hard fall and then connect users to emergency services. Once connected to emergency services, the watch will play an automated message to request help wherever you are. It’s worth noting that the Apple Watch also offers similar features.

In the coming weeks, the Pixel Watch will offer new sound and display settings on Wear OS 3+, making it easier to customize audio and visual experiences on the Pixel Watch.

Google is also bringing existing features to more regions, languages and devices.

For instance, Fast Pair is now available on select Chromebooks, Hold for Me is now available in Japan, you can now use two eSIMs on the Pixel 7 and 7 Pro.

Source: Google Blog 

Categories
Mobile Syrup

Hands-on with prototype Pixel 7a reveals specs, detailed photos

Over the weekend, a hands-on leak of Google’s upcoming Pixel 7a surfaced online, giving us specs and a detailed look at the smartphone.

Vietnamese news site Zing News published the Pixel 7a hands-on, noting that the phone was remotely locked and isn’t able to fully turn on. However, Zing was able to learn several details about the phone and some specs from the fastboot screen, which reveals the 7a has 128GB of storage and 8GB of RAM. That’s up from 6GB of RAM on the Pixel 6a. The Pixel 7a as reportedly has a 90Hz display, another big upgrade for the A-series.

Other specs include the use of Google’s Tensor G2 chip — the same one used in the current Pixel 7 and 7 Pro — as well as support for 5W wireless charging, a first for the A-series Pixel line. Zing News also reported that the Pixel 7a sports two 12-megapixel rear cameras, which goes against previous rumours that the 7a would sport an upgraded camera sensor matching the primary sensor used in the Pixel 7 and 7 Pro.

Beyond the specs, the Zing News hands-on gives us our best look at the Pixel 7a yet. Unsurprisingly, the design is very similar to the Pixel 7 and Pixel 6 series, sporting a glossy back panel with a ‘G’ logo and a camera bar, though this time around, Google used a metal bar instead of glass like on the 6a. This brings the 7a in line with the Pixel 7 and 7 Pro design.

Aside from the camera bar, there doesn’t appear to be any other significant changes in design with the Pixel 7a. Like with the move from the Pixel 6 series to the 7 series, the Pixel 7a will likely offer minor polish and quality improvements compared to last year’s 6a.

Finally, it’s worth noting that the Pixel 7a photographed by Zing News is reportedly a software prototype and isn’t an official model. That could mean certain things will change or may not be accurate to the final product. Interestingly, some of the images of the phone show a pattern on the back panel, which is likely intended to mark the phone as a prototype and won’t be featured on the launch product.

Google will likely unveil the Pixel 7a at its upcoming I/O developer conference in May, followed by a possible summer release window.

You can check out all the leaked hands-on images here.

Source: Zing News Via: 9to5Google

Categories
Mobile Syrup

Weird Pixel 7 series camera bug won’t save zoom photos

Google’s Pixel phones have a bit of a reputation for being buggy, though the Pixel 7 and 7 Pro have been less buggy than their predecessors. Less buggy doesn’t mean no bugs at all, however.

The latest bug plaguing Pixel 7 series devices is a bit of a head-scratcher: the phones won’t save close-up pictures captured in low light with the flash on at zoom levels between 2-5x. If that sounds oddly specific, well, you’re right.

Reddit user ‘u/MintySkyhawk‘ posted a video of the bug in action (via Android Police). MintySkyhawk was trying to take close-up pictures of his PC internals with a Pixel 7 Pro’s 5x periscope lens and noticed the photos weren’t being saved to his phone.

Another user responded that they were able to replicate the issue, and Android Police says it could replicate the problem on both a Pixel 7 and 7 Pro, including on one running Android 13 QPR2 and Android 14 DP2. In my testing, I couldn’t reliably replicate the bug on my Pixel 7, but it did happen to me a few times.

Based on details shared on Reddit, it seems the bug is related to the Google Camera app and, more specifically, likely a glitch with the app’s HDR. Outside of the specific circumstances listed above, Pixel 7 and 7 Pro devices seem to be taking photos just fine. My tests, as well as Android Police’s testing, used Google Camera version 8.7.250.494820638.44.

Hopefully, Google will get around to fixing this particular bug sooner rather than later. It’s a real strange one, though, so it might take a while to get it fixed. In the meantime, I guess avoid taking zoom pictures with the flash on, and when you do, always check to make sure it saves.

Source: Reddit Via: Android Police

Categories
Mobile Syrup

Android 14 might kill task killer apps claiming to speed up your phone

Android 14 may help crack down on scammy ‘task killer’ apps that misleadingly promise to speed up your smartphone.

According to information uncovered by Android expert Mishaal Rahman and shared in an Esper.io blog post (via Make Use Of), Google will change Android to prevent apps from killing other apps’ background processes.

The changes involve the ‘KILL_BACKGROUND_PROCESSES’ permission and the ‘ActivityManager.killBackgroundProcesses(String)’ API. These work basically exactly as they sound, allowing apps to leverage the permission to close apps running in the background.

Currently, task killer apps use the permission and API to shut down all background apps, claiming this will speed up your device. Of course, this isn’t true, and closing down background tasks may cause other problems down the line. Android 14, however, will only let apps kill their own background processes.

The problem with task killers is that they can conflict with Android’s resource management, which is already capable of closing down apps that aren’t needed. Plus, some apps are designed to run in the background and will just restart if a task killer app shuts down the apps’ background process, using more resources than if the app had been left alone.

Google echoes this in documentation that Rahman shared:

“Android is designed to keep cached apps in the background and kill them automatically when the system needs memory. If your app kills other apps unnecessarily, it can reduce system performance and increase battery consumption by requiring full restarts of those apps later, which takes significantly more resources than resuming an existing cached app.”

Along with tamping down on task killer apps by restricting the use of the permission and API, Google also seems to be gearing up to enforce a long-standing Play Store policy. Per a note at the end of the documentation shared by Rahman:

“It isn’t possible for a 3rd-party application to improve the memory, power, or thermal behavior of an Android device. You should ensure that your app is compliant with Google Play’s policy against misleading claims.”

As with any change in a pre-release version of Android, it’s possible things could change before the stable release. Hopefully, this change sticks. And for those still rocking a task killer app, you may want to get out ahead and uninstall it now.

Source: Esper.io Via: Make Use Of