Google will lower its Play commissions globally for developers that sell in-app digital goods and services on its marquee store, the company said, following a similar move by rival Apple late last year. From a report: The Android-maker said on Tuesday that starting July 1, it is reducing the service fee for Google Play to 15% -- down from 30% -- for the first $1 million of revenue developers earn using Play billing system each year. The company will levy a 30% cut on every dollar developers generate through Google Play beyond the first $1 million in a year, it said. Citing its own estimates, Google said 99% of developers that sell goods and services with Play will see a 50% reduction in fees, and that 97% of apps globally do not sell digital goods or pay any service fee.

Google's new approach is slightly different from Apple, which last year said it would collect 15% rather than 30% of App Store sales from companies that generate no more than $1 million in revenue through the company's platform. That drop doesn't apply to iOS apps if a developer's revenue on Apple platform exceeds $1 million. "We've heard from our partners making $2 million, $5 million and even $10 million a year that their services are still on a path to self-sustaining orbit," wrote Sameer Samat, VP of Android and Google Play, in a blog post.

Apple says its App Store now supports more than 330,000 jobs in the U.K., a 10% increase over the past year, despite the pressures of the global health crisis on the nation's economy. From a report: According to Apple, 2020 was a "breakthrough year" for the iOS app economy, with developers in the U.K. generating more than $5 billion in total earnings, which represents 22% in growth compared to the previous year. The company says a similar trend was reflected in Europe, where the iOS app economy has grown to support 1.7 million jobs -- a 7% percent increase since 2019. Apple published similar press releases in Germany and France, claiming that the App Store supports over a quarter of a million jobs in each of those two countries.

A small change with a big impact: no more "subscribe: as podcasting moves to "follow." From a report: Apple Podcasts will no longer use the word "subscribe" in a few weeks. Listeners will be invited to "follow" their favourite podcasts instead. The new wording will be in iOS 14.5, which should be released later this month (and is available in beta). We expect Apple to communicate further with creators, and listeners, when this version of iOS is released. This seemingly small change could dramatically affect the industry. Tom Webster from Edison Research says 47% of people who don't currently listen to podcasts think that 'subscribing' to a podcast will cost money, describing it as a stone in the shoe of podcasting's growth run. He tells Podnews: "Today, Apple, Spotify, and YouTube are the three most widely used services to play podcasts, and now the word Subscribe means 'automatically download for free' in exactly none of them. Podcasters will have no choice but to adapt their language accordingly or risk confusing listeners."

A security vulnerability in a popular iPhone call recording app exposed thousands of users' recorded conversations. From a report: The flaw was discovered by Anand Prakash, a security researcher and founder of PingSafe AI, who found that the aptly named Call Recorder app allowed anyone to access the call recordings from other users -- by knowing their phone number. But using a readily available proxy tool like Burp Suite, Prakash could view and modify the network traffic going in and out of the app. That meant he could replace his phone number registered with the app with the phone number of another app user, and access their recordings on his phone. TechCrunch verified Prakash's findings using a spare phone with a dedicated account. The app stores its user's call recordings on a cloud storage bucket hosted on Amazon Web Services. Although the public was open and lists the files inside, the files could not be accessed or downloaded. The bucket was closed by press time.

France Digitale will file a complaint against iPhone maker Apple with data privacy watchdog CNIL on Tuesday over alleged breaches of European Union rules, France's leading startup lobby said in a statement. From a report: In the seven-page complaint seen by Reuters, the lobby, which represents the bulk of France's digital entrepreneurs and venture capitalists, alleges Apple's latest operating software, iOS 14, does not comply with EU privacy requirements. France Digitale argues that while iPhone owners are asked whether they are ready to allow installed mobile apps to gather a key identifier used to define campaign ads and send targeted ads, default settings allow Apple to carry its own targeted ad campaigns without clearly asking iPhone users for their prior consent. Under EU data privacy rules, all organisations must ask visitors online if they agree to have some of their data collected via trackers or other tools.

An anonymous reader quotes a report from ZDNet: Google has announced Flutter 2, a major upgrade to its framework for building user interfaces for mobile, the web and desktop. Flutter promises to allow developers to use the same codebase to build native apps for iOS, Android, Windows 10, macOS, and Linux and for the web on browsers including Chrome, Firefox, Safari or Edge. It can also be embedded in an IoT device with a screen, such as cars, TVs, and home appliances.

The move to Flutter 2 promises to benefit the over 150,000 Flutter Android apps already available on the Play Store. Every app will get a free upgrade with Flutter 2 allowing developers to target desktop and web without rewriting them. Google apps now built with Flutter include Google Pay, Stadia and Google Nest Hub among others. Flutter 2 also brings production quality support for the web, with a focus on progressive web apps (PWAs) that behave like desktop apps, single page apps, and mobile apps on the web. Google has added a new CanvasKit-powered rendering engine built with WebAssembly. For mobile web apps, in recent months it's added autofill, control over address bar URLs and routing, and PWA manifests.

For desktop browsers, it has added interactive scrollbars and keyboard shortcuts, increased the default content density in desktop modes, and added screen reader support for accessibility on Windows, macOS and ChromeOS. Google has been working with Ubuntu maker Canonical to bring Flutter to the desktop. Canonical will make Flutter the default choice for future desktop and mobile apps it creates. Microsoft is also releasing contributions to the Flutter engine that supports foldable Android devices, such as the Microsoft Surface Duo.

It turns out that Apple's iOS 14.5 update won't actually let you change your default music service that you use with Siri. Engadget reports: Beta users had originally noticed that it appeared as if early versions of the update might allow you to change the default service that launches when you ask Siri to play a song. This meant that rather than specifying a third-party music app with each request, Siri would remember your preference and launch with the service you had originally specified.

While all that still seems to be the case, TechCrunch reports that Apple has apparently "clarified" that it "doesn't consider this feature the equivalent to 'setting a default.'" That's because the feature relies on "Siri intelligence," which can track your music-listening habits over time and predict which app you're more likely to want at that moment. For users, that may certainly feel as if you've changed your default music player, but there's still no way to do that on iOS.

Microsoft's newest Garage app, the company's brand for more experimental apps, is Group Transcribe, which lets groups of people capture real-time collective meeting transcriptions using their phones. It's available for free right now on iOS. From a report: "This app uses a multi-device approach to provide real-time, high quality transcription and translation, so users can be more present and productive during in-person meetings and conversations," Microsoft's Lainie Huston said in a blog post. Here's how it works. Everyone who wants to participate in the group transcription needs to download the Group Transcribe app. Then, one person kicks off a transcription, and they can invite others to join by sharing a five-letter conversation code, a QR code, or by joining the group transcription with nearby sharing over Bluetooth. Then, the app will begin transcribing the group's conversation, noting who said what. Group Transcribe can even also auto-translate things people say and show those translations in line as part of the transcription. Transcriptions are saved in the app so you can review or share them after a meeting.

An iPhone hacking team has released a new jailbreak tool for almost every iPhone, including the most recent models, by using the same vulnerability that Apple last month said was under active attack by hackers. TechCrunch reports: The Unc0ver team released its latest jailbreak this weekend, and says it works on iOS 11 (iPhone 5s and later) to iOS 14.3, which Apple released in December. In a tweet, the jailbreak group said it used its âoeown exploitâ for CVE-2021-1782, a kernel vulnerability that Apple said was one of three flaws that "may have been actively exploited" by hackers. By targeting the kernel, the hackers are able to get deep hooks into the underlying operating system.

Apple fixed the vulnerability in iOS 14.4, released last month, which also prevents the jailbreak from working on later versions. It was a rare admission that the iPhone was under active attack by hackers, but the company declined to say who the hackers were and who they were targeting. Apple also granted anonymity to the researcher who submitted the bug.

Dustin Curtis, writing on his blog: About ten days ago, when I went to update a few apps in the App Store on my Mac, I was met with a curious error: "Your account has been disabled in the App Store and iTunes." The internet is filled with stories from people whose Google accounts were locked for unexplained reasons, causing them to lose all of their data, including years of email, so I was somewhat concerned. But I'd never heard of similar cases involving Apple's services, and I wouldn't expect such behavior from a customer-focused company like Apple, so I figured it was a glitch and made a mental note to try again later. The next day, Music.app stopped working: "You cannot login because your account has been locked."

Now I was genuinely worried. I checked my phone and neither the App Store nor Apple Music would work there, either. A few minutes later, Calendar popped up an error â" it had stopped syncing. I immediately tried to call Apple Support from my Mac, but Apple's Handoff feature had been disabled as well. The first person I spoke to at Apple spent a while researching the issue and then told me there was nothing she could do but escalate the issue, and that I should expect a call "hopefully" within the next day. I asked what the problem might be, and she seemed as confused as I was. Although some Apple services were still working, like iMessage (thank God) and Photos, I was terrified that more services would suddenly become inaccessible or that I would lose the considerable amount of data I have stored in iCloud.

A couple of days later, I became impatient and contacted Apple Support again. This time, the representative mumbled something about Apple Card before saying that he also had no power to help me. Apple ID was a different department, he said, and they could only be contacted by email. He emailed them. I continued to wait. The next time I tried to use my Apple Card, it was declined. Strange. I checked the Wallet app, and the balance was below the limit. I remembered the Apple support representative mumbling about Apple Card, so I did some digging through my email to see if I could find a connection. As it turns out, my bank account number changed in January, causing Apple Card autopay to fail. Then the Apple Store made a charge on the card. Less than fifteen days after that, my App Store, iCloud, Apple Music, and Apple ID accounts had all been disabled by Apple Card. Tim Sweeney, CEO of Epic Games, which is fighting a legal battle with Apple, offered some commentary on this: "It's terrifying how much leverage Apple has over consumers and developers by integrating everything, locking us all in, and exerting total control. Normal companies respect the natural boundaries that exist between platforms and services. Apple does not! For Apple, every choke point they create is both a profit center and a lever to exert control. After blocking Fortnite updates from over a billion iOS users, Apple threatened to block Sign in With Apple -- which they forced us to adopt -- affecting Fortnite players on 7 platforms."

John Gruber, writing at DaringFireball: In my piece yesterday about email tracking images ("spy pixels" or "spy trackers"), I complained about the fact that Apple -- a company that rightfully prides itself for its numerous features protecting user privacy -- offers no built-in defenses for email tracking. A slew of readers wrote to argue that Apple Mail does offer such a feature: the option not to load any remote resources at all. It's a setting for Mail on both Mac and iOS, and I know about it -- I've had it enabled for years. But this is a throwing-the-baby-out-with-bath-water approach. What Hey offers -- by default -- is the ability to load regular images automatically, so your messages look "right", but block all known images from tracking sources (which are generally 1 x 1 px invisible GIFs).

Typical users are never going to enable Mail's option not to load remote content. It renders nearly all marketing messages and newsletters as weird-looking at best, unreadable at worst. And when you get a message whose images you do want to see, when you tell Mail to load them, it loads all of them -- including trackers. Apple Mail has no knowledge of spy trackers at all, just an all-or-nothing ability to turn off all remote images and load them manually. Mail's "Load remote content in messages" option is a great solution to bandwidth problems -- remember to turn it on the next time you're using Wi-Fi on an airplane, for example. It's a terrible solution to tracking. No one would call it a good solution to tracking if Safari's only defense were an option not to load any images at all until you manually click a button in each tab to load them all. But that's exactly what Apple offers with Mail. "Don't get me started on how predictable this entire privacy disaster was, once we lost the war over whether email messages should be plain text only or could contain embedded HTML. Effectively all email clients are web browsers now, yet don't have any of the privacy protection features actual browsers do," he adds.

A US magistrate judge has ordered Valve to provide sales data to Apple in response to a subpoena issued amid Apple's continuing legal fight with Epic Games. From a report: In addition to some aggregate sales data for the entirety of Steam, Valve will only have to provide specific, per-title pricing and sales data for "436 specific apps that are available on both Steam and the Epic Games Store," according to the order. That's a significant decrease from the 30,000+ titles Apple for which Apple originally requested data. In resisting the subpoena, Valve argued that its Steam sales data was irrelevant to questions about the purely mobile app marketplaces at issue in the case. Refocusing the request only on games available on both Steam and the Epic Games Store makes it more directly relevant to the questions of mobile competition in the case, Judge Thomas Hixson writes in his order.

"Recall that in these related cases, [Epic] allege that Apple's 30% commission on sales through its App Store is anti-competitive and that allowing iOS apps to be sold through other stores would force Apple to reduce its commission to a more competitive level," Hixson writes in the order. "By focusing... on 436 specific games that are sold in both Steam and Epic's store, Apple seeks to take discovery into whether the availability of other stores does in fact affect commissions in the way [Epic] allege." The California judge overseeing Apple's attempts to drag Valve into an ongoing beef with Epic Games admitted that Apple "salted the Earth with subpoenas, so don't worry, it's not just you."

Google today quietly added App Privacy labels to its Gmail app, marking the first of its major apps to receive the privacy details aside from YouTube. From a report: Though App Privacy information has been added to Gmail, Google has done so server side and has yet to issue an update to the Gmail app. It has been two months since the Gmail app last saw an update. Earlier in February, the Gmail app was displaying warnings about the app being out of date as it has been so long since new security features were added, but Google eliminated that messaging without pushing an update to the app. Apple has been enforcing App Privacy labels since December, and Google has been slow to support the feature. Google said in early January that it would add privacy data to its app catalog "this week or next week," but by January 20, most apps still had not been updated with the App Privacy. Google has since been adding App Privacy labels to apps like YouTube and some of its smaller apps, but of major apps like Google Search, Google Photos, and Google Maps, Gmail is the first to get the new labeling.

A week after popular audio chatroom app Clubhouse said it was taking steps to ensure user data couldn't be stolen by malicious hackers or spies, at least one attacker has proven the platform's live audio can be siphoned. From a report: An unidentified user was able to stream Clubhouse audio feeds this weekend from "multiple rooms" into their own third-party website, said Reema Bahnasy, a spokeswoman for Clubhouse. While the company says it's "permanently banned" that particular user and installed new "safeguards" to prevent a repeat, researchers contend the platform may not be in a position to make such promises. Users of the invitation-only iOS app should assume all conversations are being recorded, the Stanford Internet Observatory, which was first to publicly raise security concerns on Feb. 13, said late Sunday. "Clubhouse cannot provide any privacy promises for conversations held anywhere around the world," said Alex Stamos, director of the SIO and Facebook's former security chief. Stamos and his team were also able to confirm that Clubhouse relies on a Shanghai-based startup called Agora to handle much of its back-end operations. While Clubhouse is responsible for its user experience, like adding new friends and finding rooms, the platform relies on the Chinese company to process its data traffic and audio production, he said.

Apple is going to make one of the most powerful types of attacks on iPhones much harder to pull off in an upcoming update of iOS. From a report: The company quietly made a new change in the way it secures the code running in its mobile operating system. The change is in the beta version of the next iOS version, 14.5, meaning it is currently slated to be added to the final release. Several security researchers who specialize in finding vulnerabilities in and crafting exploits for iOS believe this new mitigation will make it much harder for hackers to take control of an iPhone with a technique known as a zero-click (or 0-click) exploit, which allows a hacker to take over an iPhone with no interaction from the target. Apple also told Motherboard it believes the changes will impact 0-click attacks.

"It will definitely make 0-clicks harder. Sandbox escapes too. Significantly harder," a source who develops exploits for government customers told Motherboard, referring to "sandboxes" which isolate applications from each other in an attempt to stop code from one program interacting with the wider operating system. Motherboard granted multiple exploit developers anonymity to speak more candidly about sensitive industry issues. Like the name suggests, zero-click attacks allow hackers to break into a target without needing the victim to interact with anything, such as a malicious phishing link. This means that the attack is generally harder for the targeted user to detect. These are generally very sophisticated attacks. These attacks may now become much rarer, according to several security researchers who look for vulnerabilities in iOS.

A new court filing has revealed that, as part of the ongoing legal battle between Apple and Epic Games, Apple subpoenaed Valve Software in November 2020, demanding it provide huge amounts of commercial data about Steam sales and operations going over multiple years. From a report: Apple subpoenaed Valve under the basic argument that certain Steam information would be crucial to building its case against Epic, which is all about competitive practices. Yesterday a joint discovery letter was filed to the District court in Northern California relating to the subpoena, which contains a summary of the behind-the-scenes tussles thus far, and both sides' arguments about where to go from here.

[...] Apple wants Valve to provide the names, prices, configurations and dates of every product on Steam, as well as detailed accounts of exactly how much money Steam makes and how it is all divvied-up. Apple argues that this information is necessary for its case against Epic, is not available elsewhere, and "does not raise risk of any competitive harm." Needless to say, Valve does not agree. Its counter-argument to the above says that Valve has co-operated to what it believes to be a reasonable extent -- "Valve already produced documents regarding its revenue share, competition with Epic, Steam distribution contracts, and other documents" -- before going on to outline the nature of Apple's requests: "that Valve (i) recreate six years' worth of PC game and item sales for hundreds of third party video games, then (ii) produce a massive amount of confidential information about these games and Valve's revenues." In a masterpiece of understatement, Valve's legal counsel writes: "Apple wrongly claims those requests are narrow. They are not." Apple apparently demanded data on 30,000+ games initially, before narrowing its focus to around 600. Request 32 gets incredibly granular, Valve explains: Apple is demanding information about every version of a given product, all digital content and items, sale dates and every price change from 2015 to the present day, the gross revenues for each version, broken down individually, and all of Valve's revenues from it.

Valve says it does not "in the ordinary course of business keep the information Apple seeks for a simple reason: Valve doesn't need it." Valve's argument goes on to explain to the court that it is not a competitor in the mobile space (this is, after all, a dispute that began with Fortnite on iOS), and makes the point that "Valve is not Epic, and Fortnite is not available on Steam." It further says that Apple is using Valve as a shortcut to a huge amount of third party data that rightfully belongs to those third parties. The conclusion of Valve's argument calls for the court to throw Apple's subpoena out. "Somehow, in a dispute over mobile apps, a maker of PC games that does not compete in the mobile market or sell 'apps' is being portrayed as a key figure. It's not. The extensive and highly confidential information Apple demands about a subset of the PC games available on Steam does not show the size or parameters of the relevant market and would be massively burdensome to pull together. Apple's demands for further production should be rejected."

Epic Games is taking its legal battle against Apple global, filing an antitrust complaint in Europe against the iPhone maker. From a report: The move adds another layer to the protracted dispute and brings it to a jurisdiction that has historically been tougher on U.S. tech companies. Last September, Epic added its own in-app purchase mechanism to Fortnite, knowingly setting up a confrontation with Apple, which doesn't allow payment systems other than its own. Apple removed Fortnite from the App Store and Epic immediately filed suit. A similar chain of events took place with Google on the Android side, though in that case, Epic can continue to distribute Fortnite on its own outside the Google Play store, while no similar option exists for iOS. Apple also countersued Epic in October, claiming breach of contract.

LastPass is adding new restrictions to its free subscription tier starting March 16th that'll only allow users to view and manage passwords on one category of devices: mobile or computer. From a report: Mobile users will be limited to iOS and Android phones, iPads, Android tablets, and smartwatches. Computer subscribers will be able to use their passwords from Windows, macOS, and Linux desktops and laptops, the LastPass browser extension, and Windows tablets. Users on LastPass' free tier will be asked to pick between the two options the first time they log in after March 16th, and the company says they'll be able to switch between categories up to three times after they've picked. Although customers are restricted to a single category of devices on the free tier, they'll still be able view and manage passwords from an unlimited number of devices within either the mobile or computer category. LastPass says no users will be locked out of their accounts or lose access to their passwords as a result of the changes. As well as restricting its device types, LastPass is also changing the kinds of customer support free tier users will be able to access. From May 17th, free users will lose access to email support, the company announced.

Apple's upcoming iOS 14.5 release will ship with a feature that will re-route all Safari's Safe Browsing traffic through Apple-controlled proxy servers as a workaround to preserve user privacy and prevent Google from learning the IP addresses of iOS users. From a report: The new feature will work only when users activate the "Fraudulent Website Warning" option in the iOS Safari app settings. This enables support for Google's Safe Browsing technology in Safari. The Safe Browsing technology works by taking an URL the user is trying to access, sending the URL in an anonymized state to Google's Safe Browsing servers, where Google accesses the site and scans for threats. If malware, phishing forms, or other threats are found on the site, Google tells the user's Safari browser to block access to the site and show a fullscreen red warning. While years ago, when Google launched the Safe Browsing API, the company knew what sites a user was accessing; in recent years, Google has taken several steps to anonymize data sent from user's devices via the Safe Browsing feature. But while Google has anonymized URL strings, by sending the link in a cropped and hashed state, Google still sees the IP address from where a Safe Browsing check comes through. Apple's new feature basically takes all these Safe Browsing checks and passes them through an Apple-owned proxy server, making all requests appear as coming from the same IP address.

The North Dakota Senate recently introduced a new bill that would prevent Apple and Google from requiring developers to use their respective app stores and payment methods, paving the way for alternative app store options.

In response, Apple Chief Privacy Engineer Erik Neuenschwander said that it "threatens to destroy the iPhone as you know it" by requiring changes that would "undermine the privacy, security, safety, and performance" of the iPhone. Neuenschwander said that Apple "works hard" to keep bad apps from the App Store, and North Dakota's bill would "require us to let them in." MacRumors reports: According to Senator Kyle Davison, who introduced Senate Bill 2333 yesterday, the legislation is designed to "level the playing field" for app developers in North Dakota and shield customers from "devastating, monopolistic fees imposed by big tech companies," which refers to the cut that Apple and Google take from developers. Specifically, the bill would prevent Apple from requiring a developer to use a digital application distribution platform as the exclusive mode of distributing a digital product, and it would keep the company from requiring developers to use in-app purchases as the exclusive mode of accepting payment from a user. There's also wording preventing Apple from retaliating against developers who choose alternate distribution and payment methods.

Apple does not allow apps to be installed on iOS devices outside of the "App Store" and there are no alternate app store options that are available. Apple reviews every app that is made available for its customers to download, something that would not happen with a third-party app store option. Apple also does not let app developers accept payments through methods other than in-app purchase except in select situations, a policy that has led to Apple's legal fight with Epic Games.

No federal legislation has been introduced as of yet, and the North Dakota Senate committee did not take action on the bill. Senator Jerry Klein said that there's "still some mulling to be done" in reference to the bill.