For its 60th anniversary, Fisher-Price announced a special edition Chatter telephone that can make and receive real phone calls. Engadget reports: Before you start planning on where to display it at your home, know that it doesn't work as a landline unit. It connects to your iOS or Android phone via Bluetooth instead and has to be within 15 feet of your mobile device to work. You'll get nine hours of talk time on the Chatter phone on a single charge, and it comes with a speakerphone button. Other than the features that make it a working device, this Chatter for grown-ups looks just like its toy counterpart with its rotary dial, red handset and wheels. [...] You can get the fully functional Chatter for $60 exclusively from Best Buy's website, starting today until supplies last.

Along with new MacBook Pro models, Apple announced during its Mac event today that macOS Monterey will be available on Monday, Oct. 25. Gizmodo reports: As with macOS Big Sur before it, Monterey represents a renewed effort by Apple to streamline its operating systems, with new Focus profiles for limiting notifications and helping you be more productive just like in iOS 15 and iPadOS 15. Shortcuts, Apple's automation app, is now available on desktop for the first time. Monterey also represents the first time users will be able to AirPlay content from a Mac, a function that iPhone users have long enjoyed. If you've already downloaded iOS 15, updating to Monterey just makes sense -- these devices are so much more functional when they work seamlessly with each other.

But perhaps the most anticipated feature Monterey is supposed to bring us is Universal Control, which allows you to use a single mouse/trackpad and keyboard to control multiple Macs and iPads simultaneously. While the new feature wasn't initially included in the public beta rollout of Monterey, that omission has only allowed the hype to grow. It's unclear when Universal Control will come to macOS, only that it won't be available to use at launch. FaceTime's new SharePlay feature, which is also expected to arrive in iOS 15, will also not be ready to try at launch. That feature will allow you to share music or watch shows with folks over FaceTime. The devices that support macOS Monterey include: iMac (late 2015 and newer), iMac Pro (2017 and newer), Mac Pro (late 2013 and newer), Mac Mini (late 2014 and newer), MacBook Pro (early 2015 and newer), MacBook Air (early 2015 and newer), and MacBook (early 2016 and newer).

Further reading: macOS Monterey Release Candidate Undoes Safari Changes, Reintroduces Old Tab Design

Pine64 today announced its latest Linux-powered device, the PinePhone Pro, an update to the original PinePhone which sees a more powerful device running mainline Linux (Manjaro in this case) on a mobile device that works as a cellphone and a desktop computer. Tom's Hardware reports: This combination of hardware and software makes the still slightly futuristic idea of confluence between mobile and desktop devices seem a step closer. Carry it around with you, and it's a phone. Plug it into a monitor, and it's a desktop PC. The KDE Plasma Mobile front-end adapts to the circumstances. Inside, it's much like any other phone, with a Rockchip RK3399S six-core SoC operating at 1.5GHz, 4GB of dual-channel LPDDR4 RAM, and 128GB of internal eMMC flash storage. It features a 13MP main camera sensor and a 5MP front-facing camera. There's a Micro-SD slot for expanded storage, and a six-inch 1440 x 720 IPS touchscreen. The PinePhone Pro is not a typical cell phone, rather the concept of convergence, the ability to use your phone as a computer is intriguing. Plug your PinePhone Pro into an external display and use it as a low-power desktop computer is something that has been attempted by a number of companies, including Canonical's attempt with Ubuntu Edge.

PinePhone Pro offers something that is missing from the majority of phones, privacy. A series of hardware DIP-switches, hidden under a rear cover, cut off access to the cameras, microphone, Wi-Fi 5 and Bluetooth 4.1 chips, headphone jack, and LTE modem (including GPS) should you ever need to. The layout and Pogo Pins of the new phone are identical to the original PinePhone, so all existing accessories should work. Retailing at $399, the PinePhone Pro's makers are realistic about the challenges of putting desktop Linux on a mobile device, especially in an ecosystem dominated by iOS and Android.

Google has announced that it's changing the way search works on mobile devices, initially in the U.S. From a report: Now, when you reach the bottom of a set of search results on your phone, you won't have to tap to go to the next page. Instead, the next set of results will automatically load so you can continuously scroll down to see more information. The change will roll out on the mobile web and will be supported on the Google mobile app for both iOS and Android in the U.S. for most English-language searches for the time being. Because it's a staggered release, you may initially encounter some results which scroll and others that do not.

Apple said today that one of the reasons it does not allow app sideloading or the use of third-party app stores on iOS is because of privacy and security reasons, pointing to the fact that Android sees between 15 to 47 times more malware compared to its app ecosystem. The Record reports: Apple says that the reason its iOS devices are locked into the App Store as the only way to install applications is for security reasons, as this allows its security teams to scan applications for malicious content before they reach users. Apple cited statements from multiple sources (DHS, ENISA, Europol, Interpol, NIST, Kaspersky, Wandera, and Norton), all of which had previously warned users against installing apps from outside official app stores, a process known as app sideloading.

Apple's report then goes on to list multiple malware campaigns targeting Android devices where the threat actors asked users to sideload malicious apps hosted on internet sites or third-party app stores. [...] The list includes a host of threats, such as mundane adware, dangerous ransomware, funds-stealing banking trojans, commercial spyware, and even nation-state malware, which Apple said threat actors have spread by exploiting the loophole in Android's app installation process that allows anyone to install apps from anywhere on the internet. Today's 31-page report (PDF) is the second iteration of the same report, with a first version (PDF) being published back in June, shortly after EU authorities announced their investigation.

Epic Games keeps piling up lawsuits with app store owners. This time, Google is countersuing Epic for breach of contract. From a report: Epic signed contracts with both Google and Apple, pledging to use the default payment systems for in-app purchases. As part of its push for more open payment systems, though (and to dodge each platform's 30 percent fee), Epic boldly pushed out updates to the Android and iOS apps that switched the payment processing from the platforms' in-app purchases to Epic's in-house system. Google and Apple both allege this action was a breach of their app store contracts with Epic.

Apple sued and got its ruling last month. Epic was ordered to pay $3.65 million in damages, covering Apple's lost revenue from Epic's three months of self-powered payments. Following that ruling, Google wants its missing money, too, and now it's countersuing Epic, hoping for a similar ruling. Google's suit reads, "Epic willfully breached the DDA [Developer Distribution Agreement] by submitting a version of Fortnite for publication on Google Play with a payment method other than Google Play Billing for purchases of in-app content. By doing this, Epic denied Google its service fee under the DDA for any purchases made through the app outside of Google Play Billing." Google continues: "The users that downloaded the non-compliant version of Fortnite before its removal from Google Play are still able to use Epic's hotfixed external payment mechanism to make in-app purchases -- allowing Epic to evade its contractually agreed service fee to Google for those purchases." Google argues that "Epic has alternatively been unjustly enriched at Google's expense" and is seeking restitution of its missing earnings and damages.

Apple wants another go in its legal battle against Epic Games. From a report: On Friday night, Apple announced it would ask for a stay on a judge's September order saying Apple would have to allow apps to direct customers to external websites. That ruling would let app businesses circumvent Apple's requirement to facilitate payments only inside of apps, where Apple takes up to a 30% cut. Apple is also appealing the ruling. Because Epic Games is also appealing the nine counts it lost, it could take years before the case is resolved and Apple is forced to make any changes to iOS, the operating system for iPhones, as the two companies wrangle through the appeals process in court. The judge is expected to rule on Apple's request for a stay next month.

Apple's move is a surprising turnaround from its tone following the decision in September. While the company always left open the possibility of an appeal, it portrayed the judge's ruling as a resounding legal win for its App Store business model, which has come under fire from technology rivals, international regulators and members of the U.S. Congress. "We are very pleased with the Court's ruling and we consider this a huge win for Apple," Kate Adams, Apple's lawyer, said in September following the ruling. The Friday night announcement inspired a torrent of commentary from Apple critics. They pointed out the move would preserve Apple's App Store profits by preventing apps from using alternative payment systems. One company announced last week that it was already working on a cheaper, web-based alternative to Apple's app payments -- a move made possible only by the ruling that Apple is now appealing.

It's kind of like an RSS feed — and kind of not. Google now lets you "follow" your favorite web sites with Android versions of Chrome, reports Gizmodo: The feature has a similar effect to following an account on Twitter or Instagram, except you get content updates through Chrome on the new tab page.

The ability is widely available to anyone on Android running the latest version of Chrome 94 that was pushed out to the Play Store at the end of September.

Google introduced the ability earlier this year through the experimental Canary version of Chrome on Android. A Google spokesperson said at the time that the company planned to return to surfacing content through RSS feeds so that it could populate the aforementioned Following section for its users. The ability shows up in the overflow menu on the stable version of Chrome for Android. But since it's still rolling out, you might need to enable it manually. In Chrome for Android, type in chrome://flags in the link bar to reveal the browser's hidden settings. Then, search for web feed and select the singular enabled option to turn it on....

Chrome's director of engineering Adrienne Porter Felt tweeted on Friday that iOS users should expect the feature sometime next year.

An anonymous reader quotes a report from Tom's Guide: A new survey has reached a startling conclusion: iPhone apps tend to violate your privacy just as often as Android apps do. "Overall, we find that neither platform is clearly better than the other for privacy across the dimensions we studied," say the academic paper entitled "Are iPhones Really Better for Privacy?" and presented by researchers from the University of Oxford. "While it has been argued that the choice of smartphone architecture might protect user privacy, no clear winner between iOS and Android emerges from our analysis," the paper adds. "Data sharing for tracking purposes was common on both platforms." There's one big caveat regarding the new study: It was conducted before the introduction of iOS 14.5 in April 2021, which made opt-in to tracking and app privacy labels mandatory on iPhones.

The researchers analyzed the code, permissions and network traffic of 12,000 randomly selected free apps from each platform that had been updated or released in 2018 or later. Each app was run on a real device, either a first-generation iPhone SE running iOS 14.2 or a Google Nexus 5 running Android 7 Nougat. They found that nearly all (89%) of the Android apps contained at least one tracking library, which was almost always Google Play Services. The numbers weren't much lower on iOS, where 79% of apps had at least one tracking library, most likely Apple's own SKADNetwork, which tracks which ads a user clicks on. However, 62% of iOS apps also ran Google's AdMob ad tracking library, followed by 54% of iOS apps (and 58% of Android apps) running Google Firebase. Facebook trackers were in 28% of Android apps and 26% of iOS ones. In fact, most apps on either platforms -- 90% of Android apps and more than 60% of iOS -- shared data with tracking companies owned by Google. Almost all tracking companies observed were based in the U.S. About 9.5% of iOS apps and 5% of Android ones used Chinese-based trackers; 7.5% of iOS apps and 2% of Android ones used Indian trackers. The team commended Apple for making it possible for iPhone users to block the temporary advertising IDs that flag your phone to advertisers, but the team also saw an ulterior motive on Apple's part. "Apple's crackdown on Ad ID use could be interpreted as an attempt to divert revenue from Google and other advertising providers, and motivate the use of alternative monetization models -- which are more lucrative for Apple," the Oxford research paper states. "Apple has arguably placed a larger emphasis on privacy, seeking to gain a competitive advantage by appealing to privacy-concerned consumers."

Epic Games CEO Tim Sweeney, whose high-profile antitrust lawsuit against Apple is now under appeal, is today calling out the iPhone maker for giving itself access to an advertising slot its competitors don't have: the iPhone's Settings screen. From a report: Some iOS 15 users noticed Apple is now advertising its own services at the top of their Settings, just below their Apple ID. The services being suggested are personalized to the device owner, based on which ones they already subscribe to, it appears. For example, those without an Apple Music subscription may see an ad offering a free six-month trial. However, current Apple Music subscribers may instead see a prompt to add on a service they don't yet have, like AppleCare coverage for their devices.

Sweeney suggests this sort of first-party advertising is an anticompetitive risk for Apple, as some of the services it's pushing here are those that directly compete with third-party apps published on its App Store. But those third-party apps can't gain access to the iPhone's Settings screen, of course --- they can only bid for ad slots within the App Store itself. Writes Sweeney: "New from the guys who banned Fortnite: settings-screen ads for their own music service, which come before the actual settings, and which aren't available to other advertisers like Spotify or Sound Cloud."

Japan's Fair Trade Commission will investigate whether Apple and Google are leveraging their dominance in the smartphone operating system market to eliminate competition and severely limit options for consumers. From a report: The study will involve interviews and surveys with OS operators, app developers and smartphone users, commission Secretary-General Shuichi Sugahisa told reporters Wednesday. The initiative will explore market conditions not only for smartphones, but for smartwatches and other wearables. The antitrust watchdog will compile a report outlining OS market structure and the reason why competition has remained static. The commission will work with the central government's Digital Market Competition Council, which is moving forward with its own market probe. Practices found to be anticompetitive will be itemized in the report, along with possible violations of Japan's law against monopolies. In February, the government implemented the Act on Improving Transparency and Fairness of Digital Platforms. If officials decide that the law applies to the OS market, OS operators will be told to submit regular reports on transactions to the Ministry of Economy, Trade and Industry. In Japan, Apple's iOS commands a nearly 70% share among smartphone operating systems while Android's share stands at 30%. Any developer of apps -- whether they specialize in music, streaming videos, e-books or mobile games -- need to match the software with specifications of the operating systems if they want to appear on smartphones.

Apple says that as of January 31st, 2022, all applications will need to offer people a method of deleting their accounts. This applies to all iOS, iPadOS and macOS apps. Engadget reports: The company announced this requirement alongside other App Store guideline changes at the Apple Worldwide Developers Conference in June as part of a push to give users more control over their data. As The Verge notes, Apple is only requiring developers to let people "initiate deletion of their account from within the app," so apps might send you to a website or even a chat with an agent before you can actually close your account.

On Tuesday, Instagram announced that it will now combine IGTV's long-form video and Instagram Feed videos into a new format called simply "Instagram Video." TechCrunch reports: These videos, both longer and shorter, will be found on users' profiles in a new "Video" tab. Meanwhile, when people encounter videos on Instagram, they'll be able to tap anywhere on the video to enter into a fullscreen viewing mode. After watching, they can then choose to keep scrolling to discover more video content from creators or tap the back button to exit. None of these changes will impact what Instagram is doing with Reels, though. The company's short-form video platform and TikTok rival will continue to remain separate, we're told. They won't be mixed into this feed of videos, if users choose to scroll.

The IGTV app, however, isn't going away. Instagram tells us it will now be rebranded as "Instagram Video" and will host the "Instagram Video" formatted content, along with Instagram Live videos. But it will not host Reels videos. With today's update, users will still be able to upload their non-Reels videos in the same way as before -- by clicking on the plus sign (+) in the top-right corner of the Instagram home page and selecting "Post." Videos can be up to 60 minutes in length. Instagram is also adding new features like trimming, filters, and people and location tagging as part of the updated upload experience. [...] Instagram's goal with these changes will be a more streamlined video experience. Instagram says the changes are rolling out globally starting today across both iOS and Android.

Google is reminding us that it will enable two-factor authentication for 150 million more accounts by the end of this year. The Verge reports: In 2018, Google said that only 10 percent of its active accounts were using two-factor authentication. It has been pushing, prodding, and encouraging people to enable the setting ever since. Another prong of the effort will require more than 2 million YouTube creators to turn on two-factor authentication to protect their channels from takeover. Google says it has partnered with organizations to give away more than 10,000 hardware security keys every year. Its push for two-factor has made the technology readily available on your phone whether you use Android or iPhone.

A tool that also helps users keep their accounts secure is using a password manager, and Google now says that it checks over a billion passwords a day via its built-in manager for Chrome, Android, and the Google app. The password manager is also available on iOS, where Chrome can autofill logins for other apps. Google says that soon it will help you generate passwords for other apps, making things even more straightforward. Also coming soon is the ability to see all of your saved passwords directly from the Google app menu. Last but not least, Google is highlighting its Inactive Account Manager. This is a set of decisions to make about what happens to your account if you decide to stop using it or are no longer around and able to make those decisions.

Apple will now let you directly report a scammy app from its listing in the App Store with a new-and-improved version of its "Report a Problem" button. The Verge reports: As Richard Mazkewich and scam hunter Kosta Eleftheriou point out on Twitter, the button has not only returned to individual app listings for the first time in years, it now includes a dedicated "Report a scam or fraud" option in the drop-down menu. Until iOS 15, the only way you could find this button was to scroll all the way down to the bottom of the Apps or Games tab in the App Store, get kicked out to a website where you'd need to re-sign in. Then you could pick from "Report suspicious activity," "Report a quality issue," "Request a refundâ or "Find my content." None of the options offered a clear way to report a scam, and the "Report suspicious activity" would redirect you to Apple Support instead. To add insult to injury, Apple would only let you report "a quality issue" if you'd already paid money (and thus fallen for the scam). But now, it seems like every free app with in-app-purchases appears to offer the "Report a Problem" option. I checked a handful of apps I've never paid for (but could have) and they all displayed the button. You'll still get kicked out to a website where you'll need to sign in, but overall this seems like a step forward.

With the recent release of iOS 15, Apple appears to have made some changes to Siri functionality that have removed features relied on by low vision and blind iPhone users. MacRumors reports: Several Siri commands that provide details on phone calls, voicemails, and sending emails no longer appear to be working. The following commands used to be functional, but have recently been removed: Do I have any voicemails?, Play my voicemail messages, Check my call history, Check my recent calls, Who called me?, Send an email, and Send an email to [person]. Over the last two weeks, we've received several emails from iPhone users who are missing this key Siri functionality, or their relatives who are attempting to help them navigate the changes. The Siri feature removals have also been documented on the AppleVis forums for blind and low vision users of Apple products. Asking Siri to provide details on recent phone calls or voicemails results in the following response: "I can't help with that, but you can ask me to open the Phone app."

Asking about email garners a similar response about Siri being unable to help. It's worth noting that it's still possible to ask Siri to play the most recent voicemail message that's available, or a voicemail from a specific person, but Siri will not read out a list of all the available voicemails. The Siri commands seem to have disappeared when iOS 15 was released, but iOS 14 users are also not able to use them anymore so it's not an issue tied to iOS 15.

A serious bug in the iOS 15 Messages app can cause some saved photos to be deleted, according to multiple complaints reported by MacRumors readers and Twitter users. From the report: If you save a photo from a Messages thread and then go on to delete that thread, the next time an iCloud Backup is performed, the photo will disappear. Even though the image is saved to your personal iCloud Photo Library, it appears to still be linked to the Messages app in "iOS 15," and saving it does not persist through the deletion of the thread and an "iCloud" backup. This is a concern because most users keep the "iCloud" Backup feature enabled and it's something that happens automatically. If you're someone who regularly deletes message threads, if there's a photo that you want to keep, you won't be able to keep it with "iCloud" Backup turned on.

To replicate this bug, the following steps must be taken:
1. Save a photo from a Messages conversation to your Camera Roll.
2. Check to see that the photo has been saved.
3. Delete the Messages conversation the photo came from. The photo will still be in your "iCloud Photo Library" at this point.
4. Perform an "iCloud" Backup, and the photo disappears.

Google Maps is getting a few new features to help people better understand our burning planet. Ars Technica reports: The first is a new "fire" layer in the main map view, which will let you view the exact boundaries of a wildfire just as easily as you can look up the current traffic patterns. Google has done fire information before as part of the "crisis response" website, but with climate change making "Fire Season" a yearly occurrence in dry areas like Australia and the Western U.S., wildfires will now be a top-level Maps feature.

Google says the new fire level will bring "all of Google's wildfire information together" in an easy interface. In the US, it will also pull in data from the National Interagency Fire Center (NIFC), and the company says it wants to expand fire detail with other government agencies, starting with Australia in "the coming months." Wildfire boundaries should be updated on an hourly basis, and Google says you'll be able to tap on a fire to see information from local governments, like "emergency websites, phone numbers for help and information, and evacuation details. When available, you can also see important details about the fire, such as its containment, how many acres have burned, and when all this information was last reported." The fire layout is rolling out to Android this week, with iOS and desktop coming in October.

Google also announced it's going to expand the Tree Canopy tool it launched in 2020. This Google Maps tool combines Google's plethora of aerial imagery with computer vision AI to generate a map that shows tree cover in cities. Today's announced expansion will increase the Tree Canopy imagery from 15 cities to 100 cities worldwide. Google wants city planners to use the Tree Canopy tool to combat the phenomena of urban heat islands, where miles of asphalt and a dearth of shade from trees can cause cities to be significantly hotter than the surrounding areas. Google says heat islands "disproportionately impact lower-income communities and contribute to a number of public health concerns -- from poor air quality to dehydration. With Tree Canopy data, local governments have free access to insights about where to plant trees to increase shade, reduce heat and mitigate these adverse effects."

At its Search On event today, Google introduced several new features that, taken together, are its strongest attempts yet to get people to do more than type a few words into a search box. From a report: By leveraging its new Multitask Unified Model (MUM) machine learning technology in small ways, the company hopes to kick off a virtuous cycle: it will provide more detail and context-rich answers, and in return it hopes users will ask more detailed and context-rich questions. The end result, the company hopes, will be a richer and deeper search experience. Google SVP Prabhakar Raghavan oversees search alongside Assistant, ads, and other products. He likes to say -- and repeated in an interview this past Sunday -- that "search is not a solved problem." That may be true, but the problems he and his team are trying to solve now have less to do with wrangling the web and more to do with adding context to what they find there.

For its part, Google is going to begin flexing its ability to recognize constellations of related topics using machine learning and present them to you in an organized way. A coming redesign to Google search will begin showing "Things to know" boxes that send you off to different subtopics. When there's a section of a video that's relevant to the general topic -- even when the video as a whole is not -- it will send you there. Shopping results will begin to show inventory available in nearby stores, and even clothing in different styles associated with your search. For your part, Google is offering new ways to search that go beyond the text box. It's making an aggressive push to get its image recognition software Google Lens into more places. It will be built into the Google app on iOS and also the Chrome web browser on desktops. And with MUM, Google is hoping to get users to do more than just identify flowers or landmarks, but instead use Lens directly to ask questions and shop.

Thomas Claburn writes via The Register: Microsoft Exchange clients like Outlook have been supplying unprotected user credentials if you ask in a particular way since at least 2016. Though aware of this, Microsoft's advice continues to be that customers should communicate only with servers they trust. On August 10, 2016, Marco van Beek, managing director at UK-based IT consultancy Supporting Role, emailed the Microsoft Security Response Center to disclose an Autodiscover exploit that worked with multiple email clients, including Microsoft Outlook. "Basically, I have discovered that it is extremely easy to get access to Exchange (and therefore Active Directory) user passwords in plain text," he wrote. "It doesn't necessarily require any breach of corporate security, and at its most secure, is only as secure as file level access to the corporate website." His proof-of-concept exploit code, which affected Outlook (both Mac and PC), default email apps for Android and iOS, Apple Mail for Mac OS X, and others, consisted of 11 lines of PHP, though he insisted the exploit probably could have been reduced to three lines.

Microsoft acknowledged on August 11, 2016, that it had reproduced the issue in van Beek's report. Then on August 30, 2016, the Windows titan responded to van Beek by saying the report doesn't describe a genuine vulnerability: "Our security engineers and product team have reviewed this report and determined that it is not a security issue to be serviced as part of our monthly Patch Tuesday process. 'Never accept an SSL certificate without a matching host name' is already recommended for clients in the doc cited by your report: [link]. Before you send a request to a candidate, make sure it is trustworthy. Remember that you're sending the user's credentials, so it's important to make sure that you're only sharing them with a server you can trust. At a minimum, you should verify: That the endpoint is an HTTPS endpoint. Client applications should not authenticate or send data to a non-SSL endpoint. That the SSL certificate presented by the server is valid and from a trusted authority."

"This response casually forgets to consider that a hacked web server still retains a perfectly valid certificate -- it just happens to use that trusted tunnel to serve up problems," said van Beek. "Also, I have only found one Exchange client so far which actually checks the hostname against the certificate, which is Microsoft's own test tool." Van Beek said he thought it was incredible that Microsoft confirmed the behavior he reported within hours but does not consider it to be a problem. He suggested three mitigations: changing the order of operations so that DNS gets checked first; never accepting an SSL certificate without a matching host name; and reviewing why and when clients respond to authentication requests. When asked if the company plans to take any steps to address credential exposure and whether it believes its guidance adequately addresses the problem, a Microsoft spokesperson said: "We are continuing to investigate the specific scenario shared by the researcher."