Apple announced on Friday that it's once again updated its rules about how Dutch dating apps can use third-party payment systems, after the company had "productive conversations with the Netherlands Authority for Consumers and Markets (ACM)." From a report: The updated rules give developers more flexibility about which payment systems they use, change the language users see when they go to pay, and remove other restrictions that the previous rules put in place. While the rules aren't wide-reaching (again, they only apply to Dutch dating apps), they do show what Apple's willing to do to comply with government regulation -- which it could be facing a lot more of as the EU and US gear up to fight tech monopolies, and potentially even force the company to ditch the iPhone's Lightning port.

In December the ACM announced a ruling that Apple had to let dating apps use payment services besides the one built into iOS, after the regulator received a complaint from Match Group, the company behind dating services like Tinder, Match.com, and OkCupid. Since then, Apple has proposed a variety of solutions for complying with the order, which the regulator has said aren't good enough. In May, the ACM said that Apple's most recent rules, the ones prior to the Friday update, were improvements over its past ideas, but that they still didn't comply with Dutch and European laws. There's been increasing pressure for Apple to comply: even while the company works on changes, it's been racking up tens of millions of Euros in fines.

The UK's Competition and Markets Authority (CMA) has concluded that Google and Apple "hold all the cards" when it comes to mobile phones a year after taking a closer look at their "duopoly." It's now consulting on the launch of a market investigation into the tech giants' market power in mobile browsers, as well as into Apple's cloud gaming restrictions. From a report: In addition, the CMA has launched a separate investigation into Google's Play Store rules -- the one that requires certain app developers to use the tech giant's payment system for in-app purchases, in particular. The CMA has concluded after its year-long study that the tech giants do indeed exhibit an "effective duopoly" on mobile ecosystems. A total of 97 percent of all mobile web browsing in the UK is powered by Apple's and Google's browser engines. iPhones and Android devices typically come with Safari and Chrome pre-installed, which means their browsers have the advantage from the start. Further, Apple requires developers to make sure their iOS and iPadOS apps are using its WebKit engine to browse the web. That limits the incentives Apple may have to invest in Safari, the CMA said.

Several US federal agencies today revealed that Chinese-backed threat actors have targeted and compromised major telecommunications companies and network service providers to steal credentials and harvest data. BleepingComputer reports: As the NSA, CISA, and the FBI said in a joint cybersecurity advisory published on Tuesday, Chinese hacking groups have exploited publicly known vulnerabilities to breach anything from unpatched small office/home office (SOHO) routers to medium and even large enterprise networks. Once compromised, the threat actors used the devices as part of their own attack infrastructure as command-and-control servers and proxy systems they could use to breach more networks.

"Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting," the advisory explains. The attackers then stole credentials to access underlying SQL databases and used SQL commands to dump user and admin credentials from critical Remote Authentication Dial-In User Service (RADIUS) servers.

"Armed with valid accounts and credentials from the compromised RADIUS server and the router configurations, the cyber actors returned to the network and used their access and knowledge to successfully authenticate and execute router commands to surreptitiously route, capture, and exfiltrate traffic out of the network to actor-controlled infrastructure," the federal agencies added. The three federal agencies said the following common vulnerabilities and exposures (CVEs) are the network device CVEs most frequently exploited by Chinese-backed state hackers since 2020. "The PRC has been exploiting specific techniques and common vulnerabilities since 2020 to use to their advantage in cyber campaigns," the NSA added. Organizations can protect their networks by applying security patches as soon as possible, disabling unnecessary ports and protocols to shrink their attack surface, and replacing end-of-life network infrastructure that no longer receives security patches.

The agencies "also recommend networks to block lateral movement attempts and enabling robust logging and internet-exposed services to detect attack attempts as soon as possible," adds BleepingComputer.

An anonymous reader quotes a report from The Verge: Apple is adding native support for the Nintendo Switch Pro and Joy-Con controllers in iOS 16. Riley Testut, one of the iOS developers behind AltStore, discovered the new controller support in a developer beta of iOS 16 that was released yesterday. The Nintendo Switch Pro Controller works "perfectly" according to Testut, and both Joy-Con controllers show up as a single device for apps and games to take advantage of. Nat Brown, an engineering manager at Apple, has confirmed the new controller support and even revealed there's a neat method to switch how the Joy-Cons work in iOS 16. You can dynamically switch between using both Joy-Cons as a single controller or two separate ones by holding the screenshot and home buttons for a few seconds.

An anonymous reader quotes a report from CNET: The next generation of CarPlay will be compatible with a variety of aspect ratios -- from portrait to landscape -- and can even adapt to multidisplay dashboards, including vehicles with digital instrument clusters or with ultrawide pillar-to-pillar displays. CarPlay will be more integrated with all the host vehicle's systems. Beyond its current navigation and media consumption functionalities, Apple CarPlay will handle traditional instrumentation like speedometer, tachometer, temperature gauges and fuel or EV battery level displays. Users will be able to adjust their climate controls, activate seat heaters, monitor air quality and even tie into Apple's smart home technologies directly from the CarPlay interface.

As with the next generation of iOS on the phone, Apple is also giving CarPlay users the ability to customize how CarPlay looks with selectable themes, backgrounds and widgets. From loud pink analog-style gauges to slick numerical displays and bar graphs, CarPlay will be able to match a wide range of vehicle interior designs and personal aesthetic tastes. Perhaps most interestingly, Apple says that this new full-fat approach to CarPlay as a complete vehicle interface will continue to be powered entirely by the connected iPhone, giving Apple an unprecedented amount of control over the vehicle's operation as well as access to data generated by each host vehicle. According to Apple, the first vehicles to support the new CarPlay update should be announced in late 2023. It lists Acura, Audi, Ford, Honda, Jaguar-Land Rover, Lincoln, Mercedes-Benz, Nissan, Porsche, Volvo and Polestar as partners that are "excited to bring this new vision of CarPlay to customers."

At its WWDC event today, Apple previewed several new features coming with iOS 16, which will debut this fall after spending the summer in beta testing. An anonymous reader quotes a report from The Verge: The lock screen is at the center of Apple's iOS 16 updates, starting with the ability to customize fonts and colors used. It will be possible to add widgets and configure multiple lock screens that you can switch between by swiping across the screen. Different focus modes can also be assigned to different lock screens. Apple-supplied wallpapers get a refresh too, with animated and Pride-themed choices. Notifications appear on the lock screen differently, too. Instead of piling up across the screen, they "roll in" at the bottom of the screen. There's also a "live activities" feature to display notifications associated with an event like an Uber ride or sporting event in a single tile. There's a major update coming to messages, too: iOS 16 adds the ability to edit typos out of sent messages, recall messages that you didn't mean to send, and the ability to mark a message thread as unread so you can come back to it later. SharePlay is also coming to messages.

Apple's powerful Live Text feature will be coming to video. Additionally, there will be more actions available when you use Live Text in photos or videos. Wallet gets some expanded features too, with a way to share saved IDs securely by supplying only necessary information. It'll be easier to share saved keys, too. Apple Pay gets a new "Pay Later" feature, adding the option to split a bill into four equal payments without interest or fees. Apple Maps will get multi-stop routing in iOS 16, and six more cities will be added to the "detailed city experience" introduced in iOS 15. Apple is also adding shared iCloud photo libraries, in an effort to make it easier to share certain photos across family and friends' accounts. Up to six users can access a shared library. Photos will include sharing suggestions, and image edits and keywords will be synced for all users. There's also a new feature called Safety Check, which is aimed to protect people in abusive situations. It allows you to easily revoke access to certain information, like location, that you may have shared with someone else previously. In order to download iOS 16, you'll need an iPhone 8 or later, meaning Apple is "more or less ending support for the iPhone 6S, iPhone 7, and original iPhone SE," reports The Verge.

Apple today announced a major update to Apple Pay, called Apple Pay Later, which will allow users to split the cost of an Apple Pay purchase into four equal payments without interest or late fees. From a report: The new financial product -- which was rumored ahead of its debut at Apple's 2022 Worldwide Developers Conference -- marks Apple's move into the enormous and growing buy now, pay later industry. Apple Pay Later is available everywhere Apple Pay is available, both in apps and on the web -- it requires no additional integration from the developer or merchant side. Upcoming payments are made, and can be tracked or managed, through Apple Wallet on iOS.

Older iPads with the Apple A7- and A8-based chips may soon be able to run Linux. "Developer Konrad Dybcio and a Linux enthusiast going by "quaack723" have collaborated to get Linux kernel version 5.18 booting on an old iPad Air 2, a major feat for a device that was designed to never run any operating system other than Apple's," reports Ars Technica. From the report: The project appears to use an Alpine Linux-based distribution called "postmarketOS," a relatively small but actively developed distribution made primarily for Android devices. Dybcio used a "checkm8" hashtag in his initial tweet about the project, strongly implying that they used the "Checkm8" bootrom exploit published back in 2019 to access the hardware. For now, the developers only have Linux running on some older iPad hardware using A7 and A8-based chips -- this includes the iPad Air, iPad Air 2, and a few generations of iPad mini. But subsequent tweets imply that it will be possible to get Linux up and running on any device with an A7 or A8 in it, including the iPhone 5S and the original HomePod.

Development work on this latest Linux-on-iDevices effort is still in its early days. The photos that the developers shared both show a basic boot process that fails because it can't mount a filesystem, and Dybcio notes that basic things like USB and Bluetooth support aren't working. Getting networking, audio, and graphics acceleration all working properly will also be a tall order. But being able to boot Linux at all could draw the attention of other developers who want to help the project.

Compared to modern hardware with an Apple M1 chip, A7 and A8-powered devices wouldn't be great as general-purpose Linux machines. While impressive at the time, their CPUs and GPUs are considerably slower than modern Apple devices, and they all shipped with either 1GB or 2GB of RAM. But their performance still stacks up well next to the slow processors in devices like the Raspberry Pi 4, and most (though not all) A7 and A8 hardware has stopped getting new iOS and iPadOS updates from Apple at this point; Linux support could give some of these devices a second life as retro game consoles, simple home servers, or other things that low-power Arm hardware is good for. Further reading: Linux For M1 Macs? First Alpha Release Announced for Asahi Linux

The /e/OS-powered Murena One is the first smartphone from Murena that does its best to free you from Google without sacrificing too many core features. There are no Google apps, Google Play Services, or even the Google Assistant. It's all been replaced by open-source software alternatives with privacy-respecting features. ZDNet's Steven Vaughan-Nichols reports: Murena and Mandrake Linux founder Gael Duval was sick of it by 2017. He wanted his data to be his data, and he wanted open-source software. Almost five years later, Duval and his co-developers launched the Murena One X2. It's the first high-end Android phone using the open-source /e/OS Android fork to arrive on the market. The privacy heart of the Murena One is /e/OS V1. There have been many attempts to create an alternative to Google-based Android and Apple's iOS -- Ubuntu One, FirefoxOS, and Windows Mobile -- but all failed. Duval's approach isn't to reinvent the mobile operating system wheel, but to clean up Android of its squeaky Google privacy-invading features and replace them with privacy-respecting ones. To make this happen, Duval started with LineageOS -- an Android-based operating system, which is descended from the failed CyanogenMod Android fork. It also blends in features from the Android Open Source Project (AOSP) source-code trees.

In the /e/OS, most (but not all) Google services have been removed and replaced with MicroG services. MicroG replaces Google's libraries with purely open-source implementations without hooks to Google's services. This includes libraries and apps which provide Google Play, Maps, Geolocation, and Messaging services for Android applications. In addition, /e/OS does its best to free you from higher-level Google services. For instance, Google's default search engine has been replaced with Murena's own meta-search engine. Other internet-based services, such as Domain Name Server (DNS) and Network Time Protocol (NTP), use non-Google servers. Above the operating system, you'll find Google-free applications. This includes a web browser; an e-mail client; a messaging app; a calendar; a contact manager; and a maps app that relies on Mozilla Location Service and OpenStreetMap. While it's not here yet, Murena is also working on its own take on Google Assistant, Elivia-AI. You can also run many, but not all Android apps. You'll find these apps on the operating system's App Lounge. [...]

There's still one big problem: the App Lounge still relies on you logging in with your Google account. In short, the App Lounge is mainly a gateway to Google Store apps. Munera assures me that the Lounge anonymizes your data -- except if you use apps that require payment. Still, this is annoying for people who want to cut all their ties with Google. The fundamental problem is this: Muena does all it can to separate its operating system and applications from Google, but it can't -- yet -- replace Google's e-commerce and software store system. As for hardware specs, the $379 Murena One features a 6.5-inch IPS LCD display, eight-core MediaTek Helio P60 processor, side-mounted fingerprint scanner, three rear cameras (48MP + 8MP + 5MP) and 25MP front camera, and 4,500mAh battery. It also features a microSD card slot for expandable storage and headphone port.

Researchers suspect the checkm8[dot]info service is used by criminals to launder stolen iPhones. The tool's administrator claims the service is just a response to Apple's poor right to repair policies. From a report: "Activation Lock," a message displayed across the iPhone's screen read. "This iPhone is linked to an Apple ID. Enter the Apple ID and password that were used to set up this iPhone." This lock essentially turns iPhones into very expensive paperweights until the owner enters the requested credentials. The feature is designed to stop anyone else from using the phone if it's lost, or thieves from making money by reselling a stolen device. In part, Activation Lock is intended to make iPhones less attractive to thieves because stolen devices can't be used.

Now, an underground group is offering people a way to strip that lock from certain iPhones with its pay-for-hacking service. iOS security experts suspect it is being used to remove protections from stolen iPhones. The hacking group called Checkm8[dot]info offering the service, which lifts its name from a popular free-to-use jailbreak, insists its tool cannot be used by thieves. "Our goal is the ability to repair electronics as it's the key to saving resources, tackling e-waste and environmental damage," the administrator of Checkm8[dot]info told Motherboard in an email. Motherboard has previously written about how criminals have used phishing emails to grab necessary login credentials to remove the Activation Lock. Checkm8[dot]info provides a much easier method, and appears to streamline what is ordinarily a complicated process into one that non-technical users can follow. Checkm8[dot]info is correct in that Activation Lock can be frustrating to iPhone repair professionals, electronic waste facilities, and refurbishers, and has caused many perfectly good phones obtained through legal means to be shredded or destroyed. A user of the Checkm8[dot]info site told Motherboard they used the service as part of their legal phone reselling business.

In 2018, Engadget described Cydia as the maker of an app store for jailbroken iPhones that shut down claiming it just wasn't profitable (after operating for nearly a decade).

But now Cydia has filed an antitrust case against Apple, Engadget reports: On Thursday, Judge Yvonne Gonzalez Rogers, the same judge that oversaw the case between Apple and Epic Games, ruled Cydia's creator, Jay "Saurik" Freeman, could present his claim against the company after rejecting a bid by Apple to dismiss the complaint. [According to a paywalled article from Reuters.]

Freeman first sued Apple at the end of 2020, alleging the company had an "illegal monopoly over iOS app distribution." Judge Gonzalez Rogers dismissed Cydia's initial complaint against Apple, ruling the suit fell outside the statute of limitations. But she also granted Freeman leave to amend his case, which is what he did. In its latest complaint, Cydia argues that iOS updates Apple released between 2018 and 2021 constituted "overt" acts that harmed distributors like itself. That's a claim Judge Gonzalez Rogers found credible enough to explore.

"Let's popularize image-based OSes," writes Lennart Poettering, "with modernized security properties built around immutability, SecureBoot, TPM2, adaptability, auto-updating, factory reset, uniformity — built from traditional distribution packages, but deployed via images."

Or, as the Register puts it, the Systemd Linux init system "continues to grow and develop, as does Linux itself." They delve into the rationale for the new systemd-sysupdate and kernel-install features, noting "The former is still described as an experimental feature, so relax — for now." No, this does not mean that systemd is becoming a package manager. Like it or not, though, the nature of operating systems is changing. Modern ones are large, complex, and need regular updates, and as The Register has examined in depth recently, this means that the design of Linux distributions is changing radically....

ChromeOS doesn't have a package manager; neither do Fedora's Silverblue and Kinoite versions. You get a tested, known-good image of the OS. Updates are distributed as a complete image, like they are today with Android or iOS. ChromeOS has two root partitions: one live and one spare. The currently running OS updates the spare partition, then you reboot into that one. If everything works, it updates the now-idle second root partition. If it doesn't all work perfectly, then you still have the previous version available to use, and you can just reboot into that again. When a fixed image becomes available, the OS automatically tries again on the spare instance.

The idea is that you always have a known-good OS partition available, which sounds like a benefit to us. Presumably the users are happy too: Chromebook sales may be down, and they only have a fixed lifespan, but there are still well over a hundred million of them out there.

So, no, systemd is not going to become a package manager, because ordinary distros won't have a package manager at all, except maybe Flatpak, or Snap or something similar. The new functionality, including managing installed kernels, is to facilitate A/B type dual-live-system partitions.

For some insight into this vision, Lennart Poettering, lead architect of systemd, has described this in a blog post titled "Bringing Everything Together."
Other updates include "changes to systemd-networkd, such as systemd-resolved starting earlier in the boot sequence, and more cautious allocation of default routes," the article points out, adding that new releases of systemd "ppear roughly twice a year, so the chances are that this will appear in the fall releases of Ubuntu and Fedora...

"If you still prefer to avoid systemd, don't despair. There are still a selection of distros that eschew it altogether, including Devuan GNU+Linux, Alpine Linux, and Void Linux.

In a new court filing, Epic Games challenges Apple's position that third-party app stores would compromise the iPhone's security. And it points to Apple's macOS as an example of how the process of "sideloading" apps -- installing apps outside of Apple's own App Store, that is -- doesn't have to be the threat Apple describes it to be. From a report: Apple's Mac, explains Epic, doesn't have the same constraints as found in the iPhone operating system, iOS, and yet Apple touts the operating system used in Mac computers, macOS, as secure. The Cary, N.C.-based Fortnite maker made these points in its latest brief, among several others, related to its ongoing legal battle with Apple over its control of the App Store. Epic Games wants to earn the right to deliver Fortnite to iPhone users outside the App Store, or at the very least, be able to use its own payment processing system so it can stop paying Apple commissions for the ability to deliver its software to iPhone users.

Microsoft Dev Box is intended to simplify the process of getting new developer workstations up and running quickly, with all necessary tools and dependencies installed and working out-of-the-box (so to speak), along with access to up-to-date source code and fresh copies of any nightly builds. Ars Technica reports: Dev Box is built on Windows 365, a service that IT admins can use to provide preconfigured virtual PCs to users. Admins can build operating system images and offer hardware configurations with different amounts of CPU power, storage, and RAM based on what particular users (or workloads) need. Windows 365 virtual machines, including but not limited to Dev Box VMs, can be accessed from other Windows PCs, or devices running macOS, iOS, Android, Linux, or ChromeOS.

"Microsoft Dev Box supports any developer IDE, SDK, or internal tool that runs on Windows," writes Microsoft product manager Anthony Cangialosi [in a blog post introducing the service]. "Dev Boxes can target any development workload you can build from a Windows desktop and are particularly well-suited for desktop, mobile, IoT, and gaming. You can even build cross-platform apps using Windows Subsystem for Linux." Dev Box is currently available in a private preview. If you're interested in testing it when the preview goes public, you can sign up to learn more here.

Today is the 15th birthday of Google Maps Street View, Google's project to take ground-level, 360-degree photographs of the entire world. To celebrate, the company is rolling out a few new features. From a report: First up, Google is bringing historical Street View data to iOS and Android phones. The feature has long existed on desktop browsers, where you can click into Street View mode and then time travel through Google's image archives. When you tap on a place to see Street View imagery, a "see more dates" button will appear next to the current age of the photo, letting you browse all the photos for that area going back to 2007. Google says the feature will release "starting today on Android and iOS globally," though, like all Google product launches, it will take some time to fully roll out.

If you'd like to help Google with its plan to photograph the entire world, the company is launching "Street View Studio." Google calls this "a new platform with all the tools you need to publish 360 image sequences quickly and in bulk." The Street View app is still around for people who want to build a 360 photosphere from a regular smartphone camera, but Google imagines Street View Studio as a tool for people with consumer 360 cameras. Google has a store-style page that lists compatible 360 cameras; the options range from sub-$200 fisheye cameras to the $3,600, ball-shaped Insta360 Pro, which looks like something out of Star Wars.

Today at Build 2022, Microsoft unveiled Project Volterra, a device powered by Qualcomm's Snapdragon platform that's designed to let developers explore "AI scenarios" via Qualcomm's new Snapdragon Neural Processing Engine (SNPE) for Windows toolkit. From a report: The hardware arrives alongside support in Windows for neural processing units (NPUs), or dedicated chips tailored for AI- and machine learning-specific workloads. Dedicated AI chips, which speed up AI processing while reducing the impact on battery, have become common in mobile devices like smartphones. But as apps like AI-powered image upscalers come into wider use, manufacturers have been adding such chips to their laptop lineups. M1 Macs feature Apple's Neural Engine, for instance, and Microsoft's Surface Pro X has the SQ1 (which was co-developed with Qualcomm). Intel at one point signaled it would offer an AI chip solution for Windows PCs, but -- as the ecosystem of AI-powered Arm apps is well-established, thanks to iOS and Android -- Project Volterra appears to be an attempt to tap it rather than reinvent the wheel.

It's not the first time Microsoft has partnered with Qualcomm to launch AI developer hardware. In 2018, the companies jointly announced the Vision Intelligence Platform, which featured "fully integrated" support for computer vision algorithms running via Microsoft's Azure ML and Azure IoT Edge services. Project Volterra offers evidence that, four years later, Microsoft and Qualcomm remain bedfellows in this arena, even after the reported expiration of Qualcomm's exclusivity deal for Windows on Arm licenses. Arriving later this year, Microsoft says (somewhat hyperbolically) that Project Volterra will come with a neural processor that has "best-in-class" AI computing capacity and efficiency. The primary chip will be Arm-based, supplied by Qualcomm, and will enable developers to build and test Arm-native apps alongside tools including Visual Studio, VSCode, Microsoft Office and Teams. Project Volterra is the harbinger of an "end-to-end" developer toolchain for Arm-native apps from Microsoft, as it turns out, which will span the full Visual Studio 2022, VSCode, Visual C++, NET 6, Windows Terminal, Java, Windows Subsystem for Linux and Windows Subsystem for Android (for running Android apps).

Video game publisher Electronic Arts (EA) is actively seeking a potential buyer or merger. Apple has reportedly been in talks with the company about buying EA out according to Puck. Disney and Amazon have also been in talks about purchasing the video game company. 9to5Mac reports: The Redwood City-based firm has published hits like Apex Legends, Madden, and The Sims franchise. According to Puck, EA ideally would like a merger so Andrew Wilson can remain CEO of the combined company. [...] EA's roots actually go back to Apple. Back in 1982, Apple's then Director of Strategy and Marketing, Trip Hawkins, left the company to start EA. A buyout wouldn't be Apple's first venture into gaming, however. The Cupertino company unveiled its gaming service Apple Arcade back in 2019. Through Apple Arcade, users can play ad-free games on their iOS, macOS, and tvOS devices.

After nearly 20 years, Hollywood Designer 6.0 is "very stable and mature", write its developers — envisioning both hobbyist and professional users (with its support for modern graphics-editing features like filter effects and vector graphics) in its massive new evolution.

Long-time Slashdot reader Mike Bouma explains: Airsoft Softwair has released Hollywood Designer 6.0, "a full-blown multimedia authoring system that runs on top of Hollywood and can be used to create all sorts of multimedia-based applications, for example presentations, slide shows, games, and applications. Thanks to Hollywood, all multimedia applications created using Hollywood Designer can be exported as stand-alone executables for the following systems: AmigaOS3, AmigaOS4, WarpOS, MorphOS, AROS, Windows, macOS, Linux, Android, and iOS."

The current version of Hollywood is v9.1 with various updated add-ons. To see earlier versions of Hollywood 9.0 & Designer 5.0 in action have a look at Kas1e's short demonstration on AmigaOS4 / AmigaOne X5000.

Munich-based developer Aaron Ardiri is Slashdot reader #245,358, with a profile that still identifies him as a Palm OS developer. Which surprised me, because Palm OS's last update was in 2007. (Then again, ardiri's Slashdot profile also still includes his screen name on AOL Instant Messenger.)

So, a long-time Slashdot reader. And this week he stopped by to share a little history — in more ways than one. ardiri writes: Before the iOS and Android entered the scene — heck, even before the smartphone concept — was the handheld personal digital assistant, with the likes of Newton, Palm OS, Windows Mobile and Symbian.

Palm OS had a thriving gaming scene; with the likes of emulators and implementations/clones of classics such as LodeRunner, Lemmings, and the classic Game and Watch.
But the real news of ardiri's original submission is hidden in its headline. "Palm OS developer releases source to classic games, 20+ years after release." Written mainly in C and optimizations in assembler — maybe these games will make their way to the various Arduino like micro-controllers out there; designed for low memory, low processing power environments they would port perfectly.

An anonymous reader quotes a report from Ars Technica: When you turn off an iPhone, it doesn't fully power down. Chips inside the device continue to run in a low-power mode that makes it possible to locate lost or stolen devices using the Find My feature or use credit cards and car keys after the battery dies. Now researchers have devised a way to abuse this always-on mechanism to run malware that remains active even when an iPhone appears to be powered down. It turns out that the iPhone's Bluetooth chip -- which is key to making features like Find My work -- has no mechanism for digitally signing or even encrypting the firmware it runs. Academics at Germany's Technical University of Darmstadt figured out how to exploit this lack of hardening to run malicious firmware that allows the attacker to track the phone's location or run new features when the device is turned off. This video provides a high overview of some of the ways an attack can work.

The findings (PDF) have limited real-world value since infections required a jailbroken iPhone, which in itself is a difficult task, particularly in an adversarial setting. Still, targeting the always-on feature in iOS could prove handy in post-exploit scenarios by malware such as Pegasus, the sophisticated smartphone exploit tool from Israel-based NSO Group, which governments worldwide routinely employ to spy on adversaries. Besides allowing malware to run while the iPhone is turned off, exploits targeting LPM could also allow malware to operate with much more stealth since LPM allows firmware to conserve battery power. And of course, firmware infections are already extremely difficult to detect since it requires significant expertise and expensive equipment.