3D-printed heads let hackers – and cops – unlock your phone

There’s a lot you can make with a 3D printer: from prosthetics, corneas, and firearms — even an Olympic-standard luge. You can even 3D print a life-size replica of a human head — and not just for Hollywood. Forbes reporter Thomas Brewster commissioned a 3D printed model of his own head to test the face unlocking systems on a range of phones — four Android models and an iPhone X. Bad news if you’re an Android user: all four phones unlocked with the 3D printed head. Gone, it seems, are the days of the trusty passcode, which many still find cumbersome, fiddly, and inconvenient — especially when you unlock your phone dozens of times a day. Phone makers are taking to the more convenient unlock methods. Even if Google’s latest Pixel 3 shunned facial recognition, many Android models — including popular Samsung devices — are relying more on your facial biometrics. In its latest models, Apple effectively killed its fingerprint-reading Touch ID in favor of its newer Face ID. But that poses a problem for your data if a mere 3D-printed model can trick your phone into giving up your secrets. That makes life much easier for hackers, who have no rulebook to go from. But what about the police or the feds, who do? It’s no secret that biometrics — your fingerprints and your face — aren’t protected under the Fifth Amendment. That means police can’t compel you to give up your passcode, but they can forcibly depress your fingerprint to unlock your phone, or hold it to your face while you’re looking at it. And the police know it — it happens more often than you might realize. But there’s also little in the way of stopping police from 3D printing or replicating a set of biometrics to break into a phone. “Legally, it’s no different from using fingerprints to unlock a device,” said Orin Kerr, professor at USC Gould School of Law, in an email. “The government needs to get the biometric unlocking information somehow,” by either the finger pattern shape or the head shape, he said. Although a warrant “wouldn’t necessarily be a requirement” to get the biometric data, one would be needed to use the data to unlock a device, he said. Jake Laperruque, senior counsel at the Project On Government Oversight, said it was doable but isn’t the most practical or cost-effective way for cops to get access to phone data. “A situation where you couldn’t get the actual person but could use a 3D print model may exist,” he said. “I think the big threat is that a system where anyone — cops or criminals — can get into your phone by holding your face up to it is a system with serious security limits.” The FBI alone has thousands of devices in its custody — even after admitting the number of encrypted devices is far lower than first reported. With the ubiquitous nature of surveillance, now even more powerful with high-resolution cameras and facial recognition software, it’s easier than ever for police to obtain our biometric data as we go about our everyday lives. Those cheering on the “death of the password” might want to think again. They’re still the only thing that’s keeping your data safe from the law. FBI reportedly overestimated inaccessible encrypted phones by thousands

Twitter’s newest feature is reigniting the ‘iPhone vs Android’ war

Twitter’s newest feature is reigniting the flame war between iOS and Android owners. The U.S. social media company’s latest addition is a subtle piece of information that shows the client that each tweet is sent from. In doing so, the company now displays whether a user tweets from the web or mobile and, if they are on a phone, whether they used Twitter’s iOS or Android apps, or a third-party service. The feature — which was quietly enabled on Twitter’s mobile clients earlier this month; it has long been part of the TweetDeck app — has received a mixed response from users since CEO Jack Dorsey spotlighted it. Some are happy to have additional details to dig into for context, for example, whether a person is on mobile or using third-party apps, but others believe it is an unnecessary addition that is stoking the rivalry between iOS and Android fans. Source information back in the tweets pic.twitter.com/q5Qp7U8oS2 — jack (@jack) December 20, 2018 Interestingly, the app detail isn’t actually new. Way back in 2012 — some six years ago — Twitter stripped out the information as part of a series of changes to unify users across devices, focus on service’s reading experience and push people to its official apps where it could maximize advertising reach. That was a long time ago — so long that TechCrunch editor-in-chief Matthew Panzarino was still a reporter when he wrote about it; he and I were at another publication altogether — and much has changed at Twitter, which has grown massively in popularity to reach 330 million users. Back in 2012, Twitter was trying to reign in the mass of third-party apps that were popular with users in order to centralize its advertising to get itself, and its finances, together before going public. Twitter’s IPO happened in 2013 and it did migrate most users to its own apps, but it did a terrible job handling developers and thus, today, there are precious few third-party apps. That’s still a sore point with many users, since the independent apps were traditionally superior with better design and more functions. Most are dead now and Twitter’s official apps reign supreme. Many Twitter users may not be aware of the back story, so it is pretty fascinating to see some express uncertainty at displaying details of their phone. Indeed, a number of Android users lamented that the new detail is ‘exposing’ their devices. Here’s a selection of tweets: Thank god I switched to iPhone before this new twitter update cause chile, these android users are….. nvmd pic.twitter.com/5lkR2BGXbg — EFRAIN (@DOMXXXTOP) December 22, 2018 Twitter is trying to expose us android users — Marion (@bIackprincessa) December 22, 2018 twitter said: time to expose people with androids pic.twitter.com/ujl0WvTlzM — el ✰ vacation (@angeIichoney) December 22, 2018 Omg twitter! What a discrimination towards android users! Perlu ke cakap twitter for android or twitter for iphone?! Hina sangat ke pakai android?!! — (@hani_farisha22) December 21, 2018 Since Twitter can show what a person is tweeting with Android, iPhone etc.. We are going to be selective when we reply, can't be back chatting to someone who is using android. pic.twitter.com/FnxscpM7ah — Terry (@TENDANIL) December 22, 2018 So Twitter released a new update where you will see thee kinda phone someone is tweeting from, either iPhone or Android… I've been scrolling for five minutes and all the tweets are from iPhones… Except mine pic.twitter.com/mY0tGE5SVw — Your Class Rep (@DaRealSeguncool) December 22, 2018 twitter out here exposing ppl with this ‘twitter for iphone/android’ shit huh — nia (@farfromhcme) December 22, 2018 Twitter for iphoneTwitter for androidTwitter lite The iphone v samsung fights are about to turn savage — Nyasha (@NyashaSamsunga) December 8, 2018 Now Twitter let you know who uses IPhone and who uses Android and seems like I'm the only who uses Android here — Liya | (@xliamstanxx) December 8, 2018 So now twitter tells me who's tweeting from Android or Iphone? I guess all us Android peasents need to start stockpiling ammo and jarring our urine. — the_silver fox (@the_silverfox1) December 9, 2018 Twitter for iPhone / Twitter for Android pic.twitter.com/G6Rd208Qtp — Intrapiernoso (@INTRAPlERNOSO) December 22, 2018 I could go on — you can see more here — but it seems like, for many, iPhone is still the ultimate status symbol over Android despite the progress made by the likes of Samsung, Huawei and newer Android players Xiaomi and Oppo. While it may increase arguments between mobile’s two tribes, the feature has already called out brands and ambassadors using the ‘wrong’ device. Notable examples including a Korean boyband sponsored by LG using iPhones or the Apple Music team sending a tweet via an Android device. Suddenly spotting these mismatches is a whole lot easier.

The Huawei P20 is not coming to the U.S.

Meet the Huawei P20. It’s a pretty nice phone. I played around with it, and I can confirm that it is, indeed, a solid flagship with some suitably over-the-top features — what’s that you say? Three rear-facing cameras?! But all of this is kind of a moot point if you live here in the States. Sure, Huawei’s been having a lot of issues trying to sell its phones in America. In fact, just as I was playing around with the P20, news was breaking that Best Buy was planning to stop selling the company’s phones — it was a bit like finding out your starting pitcher needs Tommy John surgery before opening day. Only with, you know, lots more international espionage and such. Rather than deal with the rigmarole of getting shot down by carriers and retailers this time out, the company is simply making it clear right off the bat that the new flagship just won’t be available here — not through any sort of official channels. And honestly, it’s probably best for Huawei to just focus on those countries that have long stocked its phones — from the look of the FCC reports earlier this week, this situation is going to get worse long before it gets any better. For the rest of the world, there’s plenty to like here. The P20 looks like a cross between the iPhone X and HTC’s latest shiny metal phones. It’s got a 5.8-inch display (6.1 on the P20 Pro) and some crazy camera specs, including three rear lenses, including an eight-megapixel telephoto and 40-megapixel (!) RGP, coupled with a built-in color temperature sensor. There’s still a front-mounted fingerprint sensor and some strange choices, like a 2D face unlock function that makes do with the lack of depth sensing. No pricing or availability at press time, except here in the States, where the latter is just a picture of a big red circle with a line through it.

OnePlus 5

The OnePlus 5 is an attractive unlocked phone with fast performance, solid camera capabilities, and excellent battery life, but it's not as strong a value as previous models.

ZTE Blade Z Max

The ZTE Blade Z Max phablet brings a big screen, dual camera sensors, and solid performance to MetroPCS users for a very reasonable price.

Why you need to use a password manager

Getty If you thought passwords will soon be dead, think again. They’re here to stay — for now. Passwords are cumbersome and hard to remember — and just when you did, you’re told to change it again. And sometimes passwords can be guessed and are easily hackable. Nobody likes passwords but they’re a fact of life. And while some have tried to kill them off by replacing them with fingerprints and face-scanning technology, neither are perfect and many still resort back to the trusty (but frustrating) password. How do you make them better? You need a password manager. What is a password manager? Think of a password manager like a book of your passwords, locked by a master key that only you know. Some of you think that might sound bad. What if someone gets my master password? That’s a reasonable and rational fear. But assuming that you’ve chosen a strong and unique, but rememberable, master password that you’ve not used anywhere else is a near-perfect way to protect the rest of your passwords from improper access. Password managers don’t just store your passwords — they help you generate and save strong, unique passwords when you sign up to new websites. That means whenever you go to a website or app, you can pull up your password manager, copy your password, paste it into the login box, and you’re in. Often, password managers come with browser extensions that automatically fill in your password for you. And because many of the password managers out there have encrypted sync across devices, you can take your passwords anywhere with you — even on your phone. Why do you need to use one? Password managers take the hassle out of creating and remembering strong passwords. It’s that simple. But there are three good reasons why you should care. Passwords are stolen all the time. Sites and services are at risk of breaches as much as you are to phishing attacks that try to trick you into turning over your password. Although companies are meant to scramble your password whenever you enter it — known as hashing — not all use strong or modern algorithms, making it easy for hackers to reverse that hashing and read your password in plain text. Some companies don’t bother to hash at all! That puts your accounts at risk of fraud or your data at risk of being used against you for identity theft. But the longer and more complex your password is — a mix of uppercase and lowercase characters, numbers, symbols and punctuation — the longer it takes for hackers to unscramble your password. The other problem is the sheer number of passwords we have to remember. Banks, social media accounts, our email and utilities — it’s easy to just use one password across the board. But that makes “credential stuffing” easier. That’s when hackers take your password from one breached site and try to log in to your account on other sites. Using a password manager makes it so much easier to generate and store stronger passwords that are unique to each site, preventing credential stuffing attacks. And, for the times you’re in a crowded or busy place — like a coffee shop or an airplane — think of who is around you. Typing in passwords can be seen, copied and later used by nearby eavesdroppers. Using a password manager in many cases removes the need to type any passwords in at all. Gift Guide: The best security and privacy tech to keep your friends safe Which password manager should you use? The simple answer is that it’s up to you. All password managers perform largely the same duties — but different apps will have more or relevant features to you than others. Anyone running iOS 11 or later — which is most iPhone and iPad users — will have a password manager by default — so there’s no excuse. You can sync your passwords across devices using iCloud Keychain. For anyone else — most password managers are free, with the option to upgrade to get better features. If you want your passwords to sync across devices for example, LastPass is a good option. 1Password is widely used and integrates with Troy Hunt’s Pwned Passwords database, so you can tell if (and avoid!) a password that has been previously leaked or exposed in a data breach. Many password managers are cross-platform, like Dashlane, which also work on mobile devices, allowing you to take your passwords wherever you go. And, some are open source, like KeePass, allowing anyone to read the source code. KeePass doesn’t use the cloud so it never leaves your computer unless you move it. That’s much better for the super paranoid, but also for those who might face a wider range of threats — such as those who work in government. What you might find useful is this evaluation of five password managers, which offers a breakdown by features. Like all software, vulnerabilities and weaknesses in any password manager can make put your data at risk. But so long as you keep your password manager up to date — most browser extensions are automatically updated — your risk is significantly reduced. Simply put: using a password manager is far better for your overall security than not using one. Check out our full Cybersecurity 101 guide here.

Your next phone may have an ARM machine learning processor

ARM doesn’t build any chips itself, but its designs are at the core of virtually every CPU in modern smartphones, cameras and IoT devices. So far, the company’s partners have shipped more than 125 billion ARM-based chips. After moving into GPUs in recent years, the company today announced that it will now offer its partners machine learning and dedicated object detection processors. Read More

Sony Xperia XZ Premium

The Sony Xperia XZ Premium is a powerful unlocked phone that combines a vivid 4K HDR display with the latest Snapdragon processor and strong audio capabilities.

HTC Announces $1.1BN Cash Deal With Google

Google gets access to intellectual property and HTC talent joining its hardware team.

New iPhones courageously ditch including a free headphone dongle

Apple is under the impression that its “courage” has already paid off and that it no longer needs to ship a headphone dongle with its new phones. Mission accomplished! The new iPhone XS and XR models will not include the Lightning to 3.5mm headphone jack adapter, and users will have to buy it separately for $9. The iPhone 8 will also not include the dongle moving forward, The Verge reported. Courage. On the bright side, the dongle is only $9, and if you’ve been an iPhone owner for the past few years, you’ve got one already. To be clear, a lot of phones have been moving in the headphone jack-less direction and including the dongles with its past models was a nice precedent set by Apple. That said, the Pixel 2 included the dongle, so Apple is again leading the way here with an unpopular move.

HOT NEWS

- Advertisement -

RANDOM POSTS TODAY

KPGM to Work With Microsoft, Tomia and R3 on Blockchain Telecom...

Business advisory firm KPGM has partnered with tech companies Tomia, Microsoft and R3 to create a blockchain-based settlements solution for the telecom...