Author: batteryforpc

Apple is now selling a new generation of the 5K LG UltraFine display. For the first time, the 5K UltraFine is now compatible with the iPad Pro, finally offering a 5K display option for 2018 iPad Pro users.

Previously, the 5K UltraFine display would only work over Thunderbolt. Now, it can output 5K over USB-C DisplayPort, which means it can now work with any of Apple’s current Mac and iPad Pro lineup.

Up to now, it has been basically impossible to find a compatible display that the iPad Pro can drive at full 5K resolution. The USB-C port enables a wide range of connectivity, but the market of 5K USB-C DisplayPort monitors was very scarce. The new LG UltraFine display is effectively the only option.

Unfortunately, that’s where the fanfare appears to end. The new 5K UltraFine display appears otherwise identical to the previous generation model. It features the same 27-inch 5120×2880 resolution panel in the same ugly chassis.

The UltraFine has built-in speakers, webcam and mic, as well as three USB-C ports for connecting wired accessories. The UltraFine lets you connect a single cable to your MacBook Pro to enable display output, access to wired accessories, and full-speed charging up to 94W thanks to Thunderbolt 3 power pass-through.

The new 5K display is now available to order from the Apple Store, for $1299. High-end professional Mac users (with deeper pockets nonetheless) may want to consider waiting for the Apple Pro Display, coming later this year. LG updated the 4K version of its UltraFine display series earlier this year.

This week, Hulu announced that Android TV will soon be a supported platform for its Hulu + Live TV service.

Detailed by Hulu, “Starting in early August, Hulu + Live TV and our updated UI will be available across a variety of Android TV devices, including Sony’s Android TVs, NVIDIA SHIELD, Xiaomi Mi Box, and Hisense Android TVs.”

Hulu says that in order to get some Live TV action fired up on your Android TV, keep checking this Google Play listing for when it’s compatible with your Android TV device.

As Samsung expected, its Q2 profit is off from last year’s by about 56 percent. An operating profit of $5.6 billion (6.6 trillion Korean won) is no small figure, but obviously not up to par for the electronics giant, and follow a similar result in Q1 of this year. A big reason for the fall is a drop in prices for memory chips, which Samsung is a major supplier of for products like smartphones and servers. It’s also negatively affected by weak iPhone sales since it supplies Apple with parts, and is facing slower sales for its own high-end phone models.

Last year Samsung was looking toward foldable devices to help turn around the trend, and after a delay it’s still expecting the Galaxy Fold to join its Galaxy Note 10 as an “innovative” new product launch. According to the company’s report, it’s also pushing ahead on 5G.

Also, as “protective global trade practices” increase and customers are increasingly reluctant to buy new high-priced phones, Samsung will “introduce more competitive A series models in the second half” to take advantage of interest in the midrange models. It already announced plans to bring the Galaxy A50 and a few others to the US, and if that pace increases then we’d expect to see more models like its A70 (pictured above) that puts many of the Galaxy S10’s features in a cheaper package. In an accompanying slide it specifically called out the Galaxy A80, which combines a motorized slide mechanism and rotating camera.

Similarly, it’s not expecting to see the TV market change much in the near future, but it will try to increase profits by pushing its latest technology: 8K. According to Samsung, it’s time to take the lead by “positioning QLED 8K TVs as mainstream TVs.” We’ll see if mainstream consumers are ready to bring that monster 98-inch Q900 set home.

If you happen to own Nintendo’s new VR Kit, Captain Toad has an adventure for you. Nintendo Europe has announced that Captain Toad: Treasure Tracker has a free software update which uses the virtual reality goggles–and it’s available now.

Captain Toad’s new mini VR adventure lets you view courses in 360 degrees and explore four courses in virtual reality. One lets you pan around the stage to better gauge what’s around pillars and obstacles, while another puts you in a minecart to hunt for treasure. Check out the announcement trailer below.

Treasure Tracker isn’t the only game with VR support. Nintendo America announced back in April 2019 that two of the company’s most popular Switch games–The Legend of Zelda: Breath of the Wild and Super Mario Odyssey–would receive VR support for free as software updates.

The VR Kit is part of Nintendo Labo, a sort of toys-to-life concept using cardboard to introduce new ways of interacting with the Nintendo Switch. Released throughout 2018, there are currently four Labo Kits available: Robot, Variety, Vehicle, and VR.

Treasure Tracker landed on Nintendo 3DS and Switch in July 2018, almost four years after its initial December 2014 launch. In our Treasure Tracker Switch review, we said, “Despite a smattering of minor complaints, Captain Toad stands as a pint-sized version of Nintendo’s stellar first party pedigree. It’s among the best Mario spin-offs around and a delightful iteration on old ideas.”

Microsoft has seemingly abandoned the idea of rolling out new distinct versions of Windows every couple of years. Instead, it just releases more updates for Windows 10. It let one update sneak out before it was ready last week, showing off a revised Start menu. That build also has another secret to spill. Microsoft is apparently working on cloud recovery options in Windows 10, PCMag reports.

We’ve all been there: some horrible, data-destroying thing has happened to your computer, and you need to reinstall Windows. At times like that, the last thing you want to do is dig through boxes and manuals to find your Windows install media. If you find it, the system image on it might be years old. With your computer incapacitated, you might not even have a way to make a new, up-to-date installation drive.

The leaked Windows build has a simple solution to that vexing problem. It offers the option of downloading a fresh copy of Windows from the cloud alongside the option to “reset locally” and reinstall the version you already have. Downloading a fresh build of Windows from the cloud has the potential to save hours of downloading and installing patches for an old version.

For this feature to work seamlessly, Microsoft would need its hardware partners to provide drivers or rely on the generic ones already bundled in Windows. Otherwise, users would have a fresh, new version of Windows and a bunch of non-functional hardware. That’s a problem most casual users wouldn’t know how to solve. Microsoft has the pull in the industry to make hardware vendors get in line, but it has to be serious about the effort. If OEMs are allowed to ignore the cloud restore option, no one is going to use it. Apple has a similar feature on Macs, but it has complete control over the hardware. So, there are no OEMs to strongarm.

Microsoft hasn’t commented on any features from the leaked build. It never intended to send that version of Windows 10 out to the Insider program, but the cat is out of the bag. If cloud downloads become an official feature, we should see them in the upcoming 20H1 update in spring of next year. As always, this is a leaked version of non-final software. The cloud download feature may end up delayed or altogether canceled.

Remote exploitation can be achieved with no user interaction.

Five bugs in Apple’s iMessage service for the iPhone have been uncovered that require no user interaction to exploit, including one that would allow remote attackers to access content stored on iOS devices.

First discovered by Google Project Zero security researcher Natalie Silvanovich, Apple has fully patched four of the flaws as part of the 12.4 iOS update.

CVE-2019-8646 is the bug that allows an attacker to read files off a remote device with no user interaction. An exploit could leak the SMS database, binary files like images and more. Silvanovich has made a proof-of-concept public for the flaw.

In the bug description, the researcher explained where the issue lies: “The class _NSDataFileBackedFuture can be deserialized even if secure encoding is enabled. This class is a file-backed NSData object that loads a local file into memory when the [NSData bytes] selector is called.”

This presents two problems, she added: opening up access to local files if the code deserializing the buffer ever shares it; and, it allows an NSData object to be created with a length that is different than the length of its byte array.

In the latter case, “this violates a very basic property that should always be true of NSData objects,” Silvanovich explained. “This can allow out-of-bounds reads, and could also potentially lead to out-of-bounds writes, as it is now possible to create NSData objects with very large sizes that would not be possible if the buffer was backed.”

Since the potential for information exfiltration is significant, iOS users should take care to upgrade to the latest version as soon as possible.

“Apple publishes less granular details about the distribution of iOS versions than Google does for Android,” OneSpan senior product marketing manager Sam Bakken told Threatpost in an email interview. “Apple data from May 2019 reports that 85 percent of all devices use iOS 12. But, depending on what minor version of iOS 12 they are on (12.0, 12.1, 12.2, 12.3, etc.) a lot of those users will be vulnerable to this seemingly very dangerous vulnerability.”

Other Bugs

As for the other issues, CVE-2019-8647 is a remote, interactionless use-after-free vulnerability that can crash SpringBoard, the standard application that manages the iOS home screen, with no user interaction.

Silvanovich explained in the bug description that when deserializing a class with initWithCoder, subclasses can also be deserialized “so long as they do not override initWithCoder and implement all methods that require a concrete implementation.”

When_PFArray, which is a subclass of NSArray, is deserialized that way, it eventually calls [_PFArray initWithObjects:count:].

“This method initializes the array with the objects provided by the NSKeyedUnarchiver, but does not retain references to these objects, so when the NSKeyedUnarchiver is released, the objects in the array will also be released, even though the user of the deserialized objects could still be using them,” she explained.

The third bug is CVE-2019-8660 – a remote, interactionless memory corruption flaw that crops up when decoding an object of class NSKnownKeysDictionary1.

“This class decodes an object of type NSKnownKeysMappingStrategy1, which decodes a length member which is supposed to represent the length of the keys of the dictionary,” said Silvanovich, in the bulletin. “However, this member is decoded before the keys are decoded, so if a key is an instance of NSKnownKeysDictionary1 which also uses this instance of NSKnownKeysMappingStrategy1, the mapping strategy will be used before the length is checked.”

This is a problem because the NSKnownKeysDictionary1 instance uses this length to allocate a buffer, and the length is multiplied by eight during that allocation, without an integer overflow check. The code will then attempt to copy the values array (another decoded parameter) into the buffer using the unmultiplied length.

However, she said the issue would be fairly difficult to exploit due to the uncontrolled nature of the copies.

As for the other two, the researcher said that CVE-2019-8662 is similar to CVE-2019-8647, but access to the bug description is restricted. And, the team is withholding CVE-2019-8641 for now because Apple’s initial fix did not resolve the vulnerability, according to Silvanovich.

Overall, OneSpan’s Bakken noted that the finds highlight the fact that the mobile environment should be treated as “hostile.”

“Consider the mobile device a hostile environment and apply multiple controls and measures to keep your app safe and your users’ data secure,” he noted.

He added that developers should also take note.

“Mobile app developers and publishers need to constantly remind themselves that even if they think their mobile app is completely buttoned-up in terms of security (keeping in mind that 100 percent secure is impossible anyway), vulnerabilities in the OS, or other apps or malware on a users’ device can put their app and users at risk,” he said.

The new Android Auto started rolling out today (and it’s pretty good), but unfortunately, all of its various improvements are only coming to in-car displays. The version of Android Auto you can run on your phone’s screen standalone won’t be getting the same face lift — and as a matter of fact, it’s eventually going away entirely (though we’re not sure exactly when). Here’s what’s happening.

Why is Google phasing out Android Auto’s smartphone mode?

The short answer is that Google wants to get rid of the need for a discrete driving mode app on your phone. The long answer is, well, longer.

The Google Assistant — the one you already have installed — will be taking over for Android Auto as your phone-display driving companion, with an all new interface to boot. Android Auto is increasingly specialized for in-car dashboard displays, which are traditionally horizontally oriented, significantly larger than your phone, and fixed in the center of your car’s dash.

Your phone, on the other hand, can be mounted in any number of locations, and is usually fixed vertically to maximize navigation visibility. The new Assistant-based interface is tailored to work better on a phone-format display. Bonus: it doesn’t require any additional software. Once it’s available (more on that soon) if you’ve got the latest version of the Google app, you’re good to go.

What is the Assistant driving mode? What features does it add?

The official name of this new interface is “Google Assistant driving mode.” You’ll be able to turn it on by saying “let’s drive” to the Assistant (that phrase currently opens Google Maps to Driving Mode or just does a search, depending on what state your phone is in). It also stands to reason that, like Auto, you’ll be able to configure it launch automatically when your phone connects to your car by Bluetooth, but we haven’t heard anything official to that end just yet.

You’ll see large icons representing common actions people take while driving — navigation, phone, and media control — followed by a selection of specific things Google thinks you might want to do, like resuming playing media you’d started elsewhere, returning a missed call, or navigating to an appointment. If you get a call, the Assistant will ask aloud whether you’d like to answer, and you can verbally answer yes or no to take action.

It’s all similar to what Android Auto’s phone interface does now, just in a prettier, easier-to-use package with a bit more predictive Google Assistant magic and without the need for a separate app.

When does Assistant Driving Mode launch?

We’re not exactly sure. In May, Google said driving mode would be available on Android phones this summer, but the latest word is just “in the future.” It’s part of the “next-generation” Assistant announced at I/O this year. Parts of that new experience, like easier verbal control of Google Home alarms and Duplex on the web have already trickled out, so it could be any time now.

We’re just starting to see leaked images of the stylus-packing Samsung Galaxy Note 10 and its higher-specced Plus version, but there’s something new in the mix: leaked information on and images of the Samsung Galaxy Note 10 Plus 5G.

The first image came courtesy of reputable leaker Evan Blass (who supplied earlier leaks of the Note 10 Plus, among others), who tweeted out what appears to be ad copy pairing the new handset with Verizon’s next-generation network, which reads: “Galaxy Note10 Plus 5G meets Verizon 5G. Pre-order today and get a Note10 free.*” He followed it up with a tweet of another Verizon ad GIF.

What does the Note 10 Plus 5G look like? A bigger, wider version of the already-large Note 10, from the looks of the leaked image. True, we don’t see much from the ad – and like early images of the Note 10 Plus, our metric of comparison is really how tall it is compared to the stylus – but it simply looks like a sized-up version of the base model.

Something else has appeared supporting the existence of a 5G Note 10: a certification by China’s 3C authority, according to GizmoChina. The 3C database includes a listing for one SM-N9760, which other reports have tied to the Galaxy Note 10 Plus.

The entry in question prominently lists a “5G digital mobile phone,” which is very likely the 10 Plus 5G, suggesting Samsung views it as a variant rather than a standalone device.

A Note 10 … in 5G?

This isn’t a huge surprise, as Samsung released the Galaxy S10 5G some months after the base phone was released. That handset was bigger, slightly higher-specced, and had an extra ToF sensor. As expected, carriers with nascent 5G networks, like Verizon and later T-Mobile, have supported the S10 5G, which has been the best-performing 5G phone thus far.

A Note 10 Plus 5G will build on that path – though without more information on what’s packed in the phone, we can’t foretell which 5G networks it will be compatible with. For instance, will it follow the S10 5G and just work with hyperlocal millimeter wave setups, like Verizon 5G? Or will it work with the wider sub-6GHz networks coming from the merged T-Mobile 5G and Sprint 5G?

If it’s anything like the S10 5G, the Note 10 Plus 5G will be bigger and higher-specced than the base model – the ultimate version, you could say, for anyone who wants to buy a phone to flex with.

There’s no smartwatch as popular as the Apple Watch, and Apple keeps selling millions of units every quarter. Apple’s smartwatch is quite easy to tell apart from its main competitors, as its design is instantly recognizable. But come next week, Samsung will launch a Galaxy Watch 2 that looks very familiar.

“The best I can do is pass along details from trusted sources. Nothing I say should ever be taken as gospel until the press release is out,” prominent leaker Evan Blass commented on Twitter about a recent Galaxy Note 10 specs leak he posted. “Unless there are pictures,” he followed, sharing the image above.

This was a week ago, and, at the time, we didn’t know what to make of it. Blass didn’t explain what the smartwatch was, and it looked just like a round version of the Apple Watch rather than a Galaxy Watch. Just check out the colors, the metal and glass blend, the physical buttons, and, most importantly, the watchfaces. It all screams Apple Watch, and some people thought it was a press render of the Apple Watch Series 5.

The device Blass leaked could not be an Apple Watch, however, because, as other users observed, the image delivered two important clues. First of all, the watch shows the time as 10:08, which is one second earlier than Apple’s usual 10:09 time for the Watch. Moreover, the date was August 5th, and Apple doesn’t have any Watch events planned for August.

At the time, we thought the Galaxy Watch 2 would be introduced during the August 7th Galaxy Note 10 event, which made the press render even more puzzling. A few days later, leaked FCC documentation (via Droid-Life) revealed actual images of the Galaxy Watch 2. As it turns out, the circular watch design looked exactly like the device in Blass’s press render. However, the similarities with the Apple Watch were no longer obvious. After all, while it may be easy to replicate the Watch design and its watchfaces, it’s harder to copy the watchOS software. Not that Samsung would want to do that again, would they?

I’ll also point out that we saw several Note 10 preorder leaks that included Galaxy Watch 2 renders, but you can barely make out the device in these pics:

In other words, it sure looks like the Galaxy Watch 2 might have a design that could convince some people that they’re looking at an Apple Watch. I wouldn’t call it a blatant ripoff, because it’s not identical, but this Galaxy Watch 2 design looks like it drew its inspiration from Apple’s best-selling wearable.

Gears 5 is a third-person shooter that launches in September and The Coalition keeps on providing us with new details about the upcoming game. Recently, Gears 5 Multiplayer Design Director Ryan Cleven discussed servers and balance tuning. The franchise will feature 60 Hz servers for the first time with Gears 5 and there is one tuning setup across core and competitive multiplayer modes.

The servers that track action at 60 Hz should make shooting feel much more precise. This should give every shot more meaning. You can read Cleven’s comments on Twitter below.

The Coalition wanted to have the same balancing tuning for core and competitive modes. This means that weapons, recoil, and other attributes of the shooting mechanics should feel the same across all of the affected modes. Keep in mind that there is no aim assist for competitive modes so you’ll have to rely on your skills alone.

It’s unclear how these changes will be perceived by the community. Only time will tell once the game is in everyone’s hands. Hopefully, these changes will make the game fairer.

Gears 5 shines with Unreal Engine 4. The game looks stunning and should run at 4K resolution and 60 frames per second (FPS) on Xbox One X. Gears of War 4 ran at 4K 30 FPS during the campaign and 4K 60 FPS during multiplayer. This time around, both modes are the same frame rate.