An anonymous reader quotes a report from The Economist: Pop-up notifications are often annoying. For Meta, one in Apple's iOS operating system, which powers iPhones, is a particular headache. On February 2nd Meta, which owns Facebook and Instagram, told investors that privacy-focused changes to iOS, including the "ask app not to track" notification, would cost the company around $10 billion in 2022. That revelation, along with growing competition and sluggish growth in user numbers, helped to prompt a 23% plunge in Meta's share price and showed Apple's might. But what did Apple actually do, and why was it so costly?

The promise of digital advertising has always been its ability to precisely target people. Before the digital age, companies placed ads in places where they expected potential customers would see them, such as a newspaper, and hoped for the best. Online, companies could instead target ads based on people's browsing history and interests. This fueled the profits of companies like Meta, which held vast amounts of data on their users. For years, Apple helped by offering an "identifier for advertisers" (IDFA), giving advertisers a way to track people's behavior on its devices. Users have long been able to disable IDFA in their phones' settings. But last year, citing privacy concerns, Apple turned off IDFA by default and forced apps to ask people if they want to be tracked. It seems most do not: a study in December by AppsFlyer, an ad-tech company, suggested that 54% of Apple users who saw the prompt opted out.

This change has made digital advertising much trickier. Sheryl Sandberg, Meta's chief operating officer, told investors that the change decreased the accuracy of ad targeting and slowed the collection of data showing whether ads work. Both of these changes make "direct-response ads," which encourage consumers to take an action like clicking or purchasing, less appealing to advertisers. The financial impact on ad-sellers like Meta has been painful. The $10 billion hit estimated by Meta amounts to over 8% of its revenue in 2021. Snap, another social-media company, and Unity, a games engine which operates an ad network, also expect Apple's changes to hurt their businesses. Apple, meanwhile, is doing well: estimates suggest its own ad business has grown significantly since it introduced the app tracking pop-up. (A different pop-up, with a more persuasive sales pitch for opting-in to tracking, appears on Apple's own apps.)

To make it harder for stalkers to abuse them, Apple included (and has since upgraded) several safety features that will alert someone to the presence of a nearby AirTag that's not their own, including an audible beep. But according to PCMag, one Etsy seller was, up until very recently, selling AirTags with the speaker physically disabled, raising privacy concerns once again. From a report: The AirTag, a small, easy-to-carry device about the size of a quarter, relies on Apple's Find My network which leverages millions of Apple devices to discreetly keep tabs on the location of the trackers and report that information back to each tag's registered user. The general idea behind the AirTag was that users could attach one to their keys, their backpack, or to other valuable items, and be able to quickly locate them if lost. To prevent their misuse, such as using an AirTag to track someone without their knowledge, iOS users would be eventually notified if a tracker registered to someone else was nearby, while Android users would have to rely on an audible beep that would start chirping three days after an AirTag was separated from its owner.

The product was ripe for abuse -- a concern we emphasized in our initial review of the AirTags -- and a couple of months after their debut Apple addressed those concerns with promised updates that would see Android users getting similar notifications as iOS users when an AirTag was nearby through a new Tracker Detect app that allowed Android users to more easily spot the devices. And the timeframe for when the trackers would start beeping after being away from its registered owner was shortened to a "random time inside a window that lasts between 8 and 24 hours," according to a CNET report.

joshuark writes: Microsoft has filed an amicus brief supporting Epic Games in its appeal against Apple, and argues that, "the potential antitrust issues stretch far beyond gaming." As Epic Games continues to file its appeal against the 2021 ruling that chiefly favored Apple, interested parties have been contributing supporting filings to the court. Notably, those have included US attorneys general, but now Microsoft has also joined in on the side of Epic Games. Microsoft's amicus filing included below, sets out what it describes as its own "unique -- and balanced -- perspective to the legal, economic, and technological issues this case implicates." As a firm which, like Apple, sells both hardware and software, Microsoft says it "has an interest" in supporting antitrust law. Describing what it calls Apple's "extraordinary gatekeeper power," Microsoft joins Epic Games in criticizing alleged errors in the original trial judge's conclusions. "Online commerce and interpersonal connection funnels significantly, and sometimes predominantly, through iOS devices," says Microsoft. "Few companies, perhaps none since AT&T... at the height of its telephone monopoly, have controlled the pipe through which such an enormous range of economic activity flows." To support its claim that the Epic Games vs Apple ruling has "potential antitrust issues [that] stretch far beyond gaming," Microsoft describes what else it sees as this "enormous range of economic activity." "Beyond app distribution and in-app payment solutions - the adjacent markets directly at issue in this case," says Microsoft's filing, "Apple offers mobile payments, music, movies and television, advertising, games, health tracking, web browsing, messaging, video chat, news, cloud storage, e-books, smart-home devices, wearables, and more besides."

Mozilla is rolling out new updates to its mobile and desktop VPN offerings, the company announced on Tuesday. From a report: With the launch of Mozilla VPN 2.7, the company is bringing one of Firefox's popular add-ons, Multi-Account Containers, to the desktop platform and also introducing a multi-hop feature to the Android and iOS version of the VPN service. Firefox's Multi-Account Containers allow users to separate different parts of their online activities, such as work, shopping and banking. Instead of having to open a new window or different browser to check your work email, you can isolate that activity in a container tab, which prevents other sites from tracking your activity across the web. The company says combining the add-on with Mozilla's VPN adds an extra layer of protection to users' compartmentalized browsing activity and also adds extra protection to their locational information.

Google is widely rolling out a new Google Messages feature to beta users that allows the Android messaging app to correctly interpret emoji reactions sent from the iOS Messages app, 9to5Google reports. From a report: The feature appears to be live in version 20220121_02_RC00 of the app, according to Droid-Life, but not for every user. Although it didn't work on every phone we tried, we were able to get it working on an Oppo Find X3 Pro, which is more than can be said for when the feature initially started appearing last November. The feature fixes a long-standing issue that can affect SMS chats between iPhone and Android users. When an iPhone user reacts to an Android message with emoji, the Android user typically sees this reaction sent as an entirely separate text message, resulting in confusion and lots of unnecessary clutter.

Apple appears to be testing a feature that will let you use Face ID to unlock the phone even when wearing a mask. From a report: The first developer beta for iOS 15.4 has a screen that asks if you want to be able to use Face ID while wearing a mask, at the cost of reduced security, according to photos from Brandon Butch on Twitter and MacRumors. According to pictures of the screen, Apple says that "iPhone can recognize the unique features around the eye area to authenticate" but warns that Face ID is going to be more accurate if you have it set to not work with a mask.

An anonymous reader quotes a report from Motherboard, written by Aaron Gordon: Not quite three years ago, I bought a Pixel 3, Google's flagship phone at the time. It has been a good phone. I like that it's not too big. I dropped it a bunch, but it didn't break. And the battery life has not noticeably changed since the day I got it. I think of phones in much the same way I think of refrigerators or stoves. It's an appliance, something I need but feel no attachment to, and as long as it keeps fulfilling that need, I don't want to spend money replacing it for no real reason. The Pixel 3 fulfills my needs, so I don't want to spend $600 on the Pixel 6, which seems to be just another phone that does all the phone things.

But I have to get rid of it because Google has stopped supporting all Pixel 3s. Despite being just three years old, no Pixel 3 will ever receive another official security update. Installing security updates is the one basic thing everyone needs to do for their own digital security. If you don't even get them, then you're vulnerable to every security flaw discovered since your last patch. In response to an email asking Google why it stopped supporting the Pixel 3, a Googles spokesperson said, "We find that three years of security and OS updates still provides users with a great experience for their device."

This has been a problem with Android for as long as Android has existed. In 2015, my colleague Lorenzo Franceschi-Bicchierai wrote a farewell to Android because of its terrible software support and spotty upgrade rollouts. Android has long blamed this obvious issue on the fact that updates need to run through the cellphone company and phone manufacturer before being pushed to the user. At the time, Google didn't make any Android phones; the Nexus line was the closest thing, a partnership with other manufacturers like Motorola and HTC (I had one of those, too). But for the past six years, Google has made the Pixel line of phones. They are Google-made phones, meaning Google can't blame discontinuing security updates on other manufacturers, and yet, it announced that's exactly what it would do. Gordon goes on to say that he's "switching to an iPhone for the first time," noting how the most recent version of iOS can be installed on phones going as far back as the iPhone 6s, which was released more than six years ago.

"Unless you routinely destroy your phone within two or three years, there's no justification from a sustainability perspective to keep using Android phones," he adds. "Of course, Apple is only good by comparison, as it also manufactures devices that are difficult to repair with an artificially short shelf life. It just happens to have a longer shelf life than Google."

Washington DC, Texas, Washington state and Indiana announced the latest lawsuit against Big Tech Monday, alleging that Google deceived users by collecting their location data even when they believed that kind of tracking was disabled. TechCrunch reports: "Google falsely led consumers to believe that changing their account and device settings would allow customers to protect their privacy and control what personal data the company could access," DC Attorney General Karl Racine said. "The truth is that contrary to Google's representations it continues to systematically surveil customers and profit from customer data." Racine described Google's privacy practices as "bold misrepresentations" that undermine consumer privacy. His office began investigating how Google handles user location data after reporting from the Associated Press in 2018 found that many Google apps across iOS and Android recorded location data even when users have chosen privacy options that explicitly say they won't. The AP coordinated with computer science researchers at Princeton to verify its findings.

The lawsuit argues that Google created a location tracking system that's impossible for users to opt out of and that it misled users about how privacy settings could protect their data within apps and at the device level on Android. It also accuses Google of relying on deceptive dark pattern design to force users into making choices counter to their own interests. Racine's office is pursuing an injunction against Google as well as seeking to force the company to pay out profits that it made from user data collected by misleading consumers about their privacy.

"Qt, the framework that powers the KDE desktop, is announcing support for ads in client-side applications," reports Neowin: This means that application developers will now be able to serve ads in traditional desktop applications.... Windows users have been dealing with this in Metro UI apps since Windows 8 and it's something that's never gone over well on the desktop.

While it's doubtful you'll see ads in KDE's core applications, it would be possible for distributions that wish to further monetize their work to fork these applications, placing ads in them.... According to the documentation, the advertising plugin supports a variety of platforms. They are as follows:

- Windows 10
- Ubuntu 20.04
- Raspbian Buster
- macOS
- Android 7.0
— iOS

"Our offering aims to disrupt the IoT industry," explains Qt's press release, "enabling new business models and business cases that before were not possible."

Reactions have been mixed. Comments on Phoronix ranged from calling it "a great way for boost development on KDE" to "Not sure if I like this."

Thanks to Slashdot reader segaboy81 for sharing the story

An anonymous reader quotes a report from The Verge: Epic Games has filed its opening brief to the Ninth Circuit Court of Appeals, seeking to overturn the previous ruling that Apple's control over the iOS App Store does not qualify as a monopoly. The company first gave notice of it appeal in September, but Thursday's filing is the first time it has laid out its argument at length. "Epic proved at trial that Apple retrains trade...by contractually requiring developers to exclusively use Apple's App Store to distribute apps and Apple's IAP for payments for digital content within apps," the filing reads. "If not overturned, [the district court] decision would upend established principles of antitrust law and...undermine sound antitrust policy."

Epic's first legal challenge to Apple's App Store restrictions came to a finish in September, when a district court ordered Apple to roll back some restrictions on in-app payments, but otherwise cleared the company of antitrust charges. A separate appeal from Apple has been filed to reverse the new in-app payment rules.

In her ruling, Judge Gonzales Rogers was particularly ambiguous on the question of whether Apple held monopoly power over the mobile gaming market. "The evidence does suggest that Apple is near the precipice of substantial market power, or monopoly power, with its considerable market share," she wrote in the decision. "Apple is only saved by the fact that its share is not higher, that competitors from related submarkets are making inroads into the mobile gaming submarket, and, perhaps, because [Epic] did not focus on this topic." In the appeals brief, Epic seems determined to revisit that question, and draw a clearer link between the iPhone's success as a mobile gaming platform and a potential monopoly case against Apple. "The district court's factual findings make clear," the filing alleges, "that Apple's conduct is precisely what the antitrust laws prohibit." In response to the filing, Apple issued the following statement: "In its ruling last year, the district court confirmed that Apple is not a monopolist in any relevant market and that its agreements with app developers are legal under antitrust laws. We are confident that the rulings challenged by Epic will be affirmed on appeal."

Apple's "Noise Cancellation" accessibility feature may have been permanently removed from the iPhone 13 series," according to Engadget, citing a report last week from 9to5Mac. The feature was designed to improve call quality by "[reducing] ambient noise on phone calls when you are holding the receiver to your ear." From the report: "Phone Noise Cancellation is not available on iPhone 13 models, which is why you do not see this option in [the Accessibility] settings," Apple support told one of 9to5Mac's readers. When the reader asked for clarification, the support team confirmed that the feature is "not supported." Questions about noise cancellation came up on Reddit and Apple support pages shortly after the phone went on sale, with readers noticing that it was no longer available on the Accessibility page. The feature is still available with iOS 15 on past iPhone models, but is nowhere to be found on the iPhone 13.

A serious Safari bug disclosed in this blog post from FingerprintJS can disclose information about your recent browsing history and even some info of the logged-in Google account. From a report: A bug in Safari's IndexedDB implementation on Mac and iOS means that a website can see the names of databases for any domain, not just its own. The database names can then be used to extract identifying information from a lookup table. For instance, Google services store an IndexedDB instance for each of your logged in accounts, with the name of the database corresponding to your Google User ID. Using the exploit described in the blog post, a nefarious site could scrape your Google User ID and then use that ID to find out other personal information about you, as the ID is used to make API requests to Google services. In the proof-of-concept demo, the user's profile picture is revealed. FingerprintJS says they reported the bug to Apple on November 28, but it has not yet been resolved.

It's been 518 days since Apple kicked Fortnite off of the App Store after Epic Games tried to bypass its payment system. Now the popular free-to-play battle royale is once again playable on iPhones, sort of. From a report: Starting next week, Fortnite will be available on iOS by way of streaming, as part of an upcoming closed beta for Nvidia's GeForce Now game streaming program. "Fortnite on GeForce NOW will launch in a limited-time closed beta for mobile, all streamed through the Safari web browser on iOS and the GeForce NOW Android app," Nvidia announced on its blog today. "The beta is open for registration for all GeForce NOW members, and will help test our server capacity, graphics delivery and new touch controls performance."

GeForce Now, subscriptions for which range from free to $200 a year for the premium tier, lets users stream games they already own to PCs, tablets, and smartphones. It's one way to make blockbuster PC games portable, or to play them on rigs with beefier specs than the ones people already have at home. In Fortnite's case, GeForce Now subscribers will soon be able to stream the shooter to iOS devices and play it using touch controls via Apple's Safari. The browser workaround is one way companies like Microsoft have been able to get their game streaming platforms on iPhones despite Apple's ban on allowing them inside its App Store. Now its bringing back the game that kicked off a massive, messy, year-long legal battle that's still raging to this day.

The many Wordle copycats that were flooding Apple's App Store seem to have disappeared. The apps appear to have been removed by Apple shortly after their existence caused a stir on social media. From a report: Wordle itself doesn't have an official iOS app so other developers looked to hop on the coattails of the game's success. But when one in particular started bragging on Twitter about the attention his version of the app was getting, he quickly caught heat, drawing attention to both his app and the many other Wordle clones on the App Store. While there are still a few five-letter word games on the store, they don't have the name Wordle attached like the most egregious ripoffs from the last few days have. Instead these games have named like PuzzWord. There are still a few games left on the App Store that are actually called Wordle, but one was released three years ago and the other was released five years ago with very different concepts from the surprise hit developed by Josh Wardle. While the apps are now gone from the store, the question of why they're gone remains open. There's been no official word from Apple on whether or not the apps were removed because they violated a store rule, or simply because Apple no longer wanted them on the App Store. Either way, for now the only way to play real Worlde on your phone is still to navigate to the website on a browser.

T-Mobile has officially acknowledged a bug that has blocked some subscribers from using iCloud Private Relay when connected to cellular networking. In a statement to 9to5Mac, T-Mobile blamed this situation on a bug in iOS 15.2 and said that it has "not broadly blocked" iCloud Private Relay. From the report: It's also important to note that this bug is not only affecting T-Mobile subscribers, as the company says in its statement. Instead, it's a bug that seems to affect iOS 15.2 broadly rather than T-Mobile specifically. The issue is also still present in the latest release of iOS 15.3 beta. The full statement reads: "Overnight our team identified that in the 15.2 iOS release, some device settings default to the feature being toggled off. We have shared this with Apple. This is not specific to T-Mobile. Again though, we have not broadly blocked iCloud Phone Relay."

A solution to the problem that has worked for 9to5Mac in testing is to go to Settings, then choose Cellular, then choose your plan, and ensure that "Limit IP Address Tracking" is enabled. Make sure to complete these steps while WiFi is disabled and you are connected to your cellular network. T-Mobile has, however, acknowledged that are situations in which it is required to block iCloud Private Relay due to technical reasons. Namely, if your account or line has content moderation features or parental controls enabled, you will be unable to use iCloud Private Relay when connected to cellular. [...] A source has also confirmed to 9to5Mac that this also applies to certain legacy plans that include the Netflix on Us perk and have Family Allowances enabled.

Some European carriers, including T-Mobile/Sprint in the United States, are blocking iCloud Private Relay access when connected to cellular data. As 9to5Mac reports, "This feature is designed to give users an additional layer of privacy by ensuring that no one can view the websites that they visit." From the report: Apple says that Private Relay is a feature designed to give users another layer of privacy when browsing the web. The first relay is sent through a server maintained by Apple, and the second is a third-party operator. The feature was announced at WWDC last June and initially slated for inclusion in iOS 15. Apple ultimately shipped the feature as a "public beta," meaning that it is disabled by default in the newest iOS 15 and macOS Monterey releases. You can manually enable it by going to Settings on your iPhone, tapping your name at the top, choosing iCloud, and choosing "Private Relay."

T-Mobile was among the carriers in Europe that signed an open letter expressing concern about the impact of Private Relay. The carriers wrote that the feature cuts off networks and servers from accessing "vital network data and metadata and could impact "operator's ability to efficiently manage telecommunication networks." In the UK, carriers including T-Mobile, EE, and others have already started blocking Private Relay usage when connected to cellular data. 9to5Mac has also now confirmed that T-Mobile is extending this policy to the United States. This means that T-Mobile and Sprint users in the United States can no longer use the privacy-preserving iCloud Private Relay feature when connected to cellular data. The report notes that T-Mobile appears to be "in the process of rolling it out," so some users might still be able to use the feature -- at least for now. "The situation could also could vary based on your location or plan," the report adds.

UPDATE: T-Mobile Says It Has 'Not Broadly Blocked' iCloud Private Relay, Blames iOS 15.2 Bug For Errors

An anonymous reader quotes The Record: In a piece of groundbreaking research published on Tuesday night, security firm ZecOps said that it found a way to block and then simulate an iOS restart operation, a technique that they believe could be extremely useful to attackers who may want to trick users into thinking they rebooted their device and as a result, maintain access for their malware on that infected system.

The technique is of extreme importance and gravity because of the way the iPhone malware landscape has evolved in recent years, where, due to advances in the security of the iOS operating system, malware can't achieve boot persistence as easily as it once did.... As a result, many security experts have recommended over the past year that users who might be the target of malicious threat actors regularly reboot devices in order to remove backdoors or other implants.... But in a blog post on Tuesday, ZecOps said that the iOS restart process isn't immune to being hijacked once an attacker has gained access to a device, in a way to perform a fake restart where the user's device only has its UI turned off, instead of the entire OS.

The programming language of the year has been announced by the TIOBE Index: Python!

But noting that the TIOBE index is based on the number of search results for a programming language across popular search engines, a headline at The Next Web asks: "What does this title even mean?" [TIOBE] takes services such as Google, QQ, Sohu, Amazon, and Wikipedia to calculate the results. TIOBE uses "+" programming" query and a special formula to devise these ratings that change every month. You can read more about the whole process here. The programming language of the year title is decided by the jump in ratings year-on-year. Python overtook C# by a margin of 0.13% — almost a photo finish.

The index doesn't indicate the best or most efficient programming language, nor does it measure the amount of code written in a language across the internet. It simply gives us a high-level understanding of resources and pages available on the web related to them.

There's a huge amount of criticism towards the TIOBE index, especially as it uses one query and doesn't consider non-English languages. The organization said that it's trying to introduce more parameters to calculate the ratings.
TIOBE's annual award is being called "prestigious" — by the announcement at TIOBE.com: The award is given to the programming language that has gained the highest increase in ratings in one year. C# was on its way to get the title for the first time in history, but Python surpassed C# in the last month.

Python started at position #3 of the TIOBE index at the beginning of 2021 and left both Java and C behind to become the number one of the TIOBE index. But Python's popularity didn't stop there. It is currently more than 1 percent ahead of the rest [with a "rating" of 13.58%]. Java's all time record of 26.49% ratings in 2001 is still far away, but Python has it all to become the de facto standard programming language for many domains. There are no signs that Python's triumphal march will stop soon.
In fact, this makes the second year in a row Python has won TIOBE's annual award.

But it's as good a conversation-starter as any. ZDNet reminds us that Microsoft hired Python creator Guido van Rossum in 2020 to work on improving Python's efficiency, while the second most popular language on TIOBE's annual list, C#, "is a language designed by Microsoft technical fellow Anders Hejlsberg for the .NET Framework and Microsoft's developer editing tool Visual Studio."

And ZDNet also spottted a few other patterns in TIOBE's year-end look at programming language popularity: There were several movers and shakers this year. Rust, a systems programming language that deals with memory safety flaws, is now in 26th position, ahead of MIT's Julia, and Kotlin, a language endorsed by Google for Android app development. Rust was a stand out language in 2021, gaining backing from Facebook, Amazon Web Services, Microsoft Azure and Google Cloud.

Apple's Swift for iOS and macOS app development jumped from 13th to 10th place, while Google's Go inched up from 14 to 13, according to Tiobe. Kotlin moved from 40th to 29th. Google's Dart dropped from 25th to 37th position, Julia fell from 23rd to 28th position, while Microsoft TypeScript dropped from from 42 to 49.

The top 10 languages in Tiobe's list for January 2022 were Python, C, Java, C++,C#, Visual Basic, JavaScript, Assembly Language, SQL, and Swift.

Security researcher Trevor Spiniolas has discovered a vulnerability "capable of locking iOS devices into a spiral of freezing, crashing, and rebooting if a user connects to a sabotaged Apple Home device," reports The Verge. From the report: The vulnerability [...] can be exploited through Apple's HomeKit API, the software interface that allows an iOS app to control compatible smart home devices. If an attacker creates a HomeKit device with an extremely long name -- around 500,000 characters -- then an iOS device that connects to it will become unresponsive once it reads the device name and enter a cycle of freezing and rebooting that can only be ended by wiping and restoring the iOS device. What's more, since HomeKit device names are backed up to iCloud, signing in to the same iCloud account with a restored device will trigger the crash again, with the cycle continuing until the device owner switches off the option to sync Home devices from iCloud.

Though it's possible that an attacker could compromise a user's existing HomeKit-enabled device, the most likely way the exploit would be triggered is if the attacker created a spoof Home network and tricked a user into joining via a phishing email. To guard against the attack, the main precaution for iOS users is to instantly reject any invitations to join an unfamiliar Home network. Additionally, iOS users who currently use smart home devices can protect themselves by entering the Control Center and disabling the setting "Show Home Controls." (This won't prevent Home devices from being used but limits which information is accessible through the Control Center.)

An update to Tumblr's iOS app censors a long list of tags to comply with Apple's strict safety guidelines. From a report: The platform explains that it's changing iOS users' ability to access sensitive content, affecting their experience when it comes to searching for content, scrolling through the "Stuff for You" and "Following" sections of the dashboard, and could even prevent access to blogs that are flagged. Tumblr says it has to "extend the definition of what sensitive content is" to "remain available within Apple's App Store," and it seems that Tumblr stretched it pretty far. Tags are what make posts searchable on Tumblr; posts with censored tags won't appear on a users' dashboard, nor will they show up on the platform's search page. A Twitter thread brought attention to some of the absurd tags that ended up getting filtered out on iOS, including the tag "submission." The interesting part, though, is that Tumblr applies that tag automatically when a post is submitted and then published to a blog on the platform. Users on iOS who receive a submission to their blog won't even be able to view it since the "submission" tag is already added, as shown in a post by one Tumblr user.