Tag Archives: pr

Start up: Coolpad’s built-in malware backdoor, LG v Samsung, Rockstar’s patent fizzle, Google’s PR spin game, and more

Posted on by
Reply


A Coolpad smartphone. Back door not shown.

++++++++++++++++++++++
This is the last collection of Overspill links until next week (at least). Have a great Christmas – and thanks to the hundreds of people who are coming to read every day. You’re always welcome.
++++++++++++++++++++++

A selection of 11 links for you. I’m charlesarthur on Twitter. Observations and links welcome.

SuperBeam Pro: easy & fast WiFi direct file sharing >> iTunes App Store

Works by Wi-Fi Direct (aka p2p sharing). Seems to be superfast, but one also wonders if Apple is going to be entirely happy about this. (Found via Producthunt.)

Rockstar consortium to sell 4,000 patents to RPX Corp. for $900m >> WSJ

Starting late last year, Rockstar sued several companies for allegedly infringing their patents, including Google and Cisco. Last month, Rockstar settled its suits against Google and Cisco. Financial details weren’t disclosed, but Cisco told investors in early November that it had recorded a pretax charge of $188 million to settle the Rockstar litigation.

As part of the deal with RPX, Rockstar will drop the remainder of its suits, which include claims against Samsung Electronics, LG, HTC and Huawei.

The settlements follow others in the long-running smartphone patent wars.

For instance, in May, Apple and Google agreed to drop all lawsuits between the two companies, and in August, Apple and Samsung agreed to end all litigation between the two companies outside the U.S. Apple and Samsung are still battling in federal court in California, where Apple has won two jury verdicts finding that Samsung infringed its designs for the iPhone.

Whether the Rockstar companies recouped its $4.5bn investment is an open question. In the minds of some experts, the $4.5bn figure reflected the high point of a frothy market that developed for patents in the earlier days of the smartphone industry.

The Rockstar companies squeezed more than three years of use out of the 4,000 patents, and will keep licenses going forward. The 2,000 patents they held back from Rockstar—and aren’t part of the sale to RPX—were among some of the most valuable in the Nortel portfolio.

Turns out that smartphone patents were just a sideline which led both Google and its rivals to drop huge amounts. (Google rather more than the others, through Motorola’s continued losses until it could sell it off. But nobody won.)

CoolReaper revealed: a backdoor in Coolpad Android devices >> Palo Alto Networks Blog

Claud Xiao and Ryan Olson:

Coolpad is the sixth largest manufacturer of smartphones in the world, and the third largest in China. We recently discovered that the software installed on many of Coolpad’s high-end Android phones includes a backdoor which was installed and operated by Coolpad itself. Today we released a new report detailing the backdoor, which we’ve named “CoolReaper.”
After reviewing Coolpad complaints on message boards about suspicious activities on Coolpad devices, we downloaded multiple copies of the stock ROMs used by Coolpad phones sold in China. We found the majority of the ROMs contained the CoolReaper backdoor.

CoolReaper can perform the following tasks:
• Download, install, or activate any Android application without user consent or notification
• Clear user data, uninstall existing applications, or disable system applications
• Notify users of a fake over-the-air (OTA) update that doesn’t update the device, but installs unwanted applications
• Send or insert arbitrary SMS or MMS messages into the phone.
• Dial arbitrary phone numbers
• Upload information about device, its location, application usage, calling and SMS history to a Coolpad server.

Fabulous! All that extra software for no charge! (Coolpad is on sale in the west, by the way.)

They say it’s specifically tailored to hide what it does, and that Coolpad has ignored customer complaints about unwanted app installs. Their conclusion:

CoolReaper is the first malware we have seen that was built and operated by an Android manufacturer. The changes Coolpad made to the Android OS to hide the backdoor from users and antivirus programs are unique and should make people think twice about the integrity of their mobile devices.

Google adds song lyrics to search results but it feels like a cheap cash grab >> PCWorld

Ian Paul:

Google has figured out a way to deliver more instant answers in search results and boost music sales on Google Play simultaneously: song lyrics. Following Bing’s lead from October, Google is now surfacing lyrics for a limited number of songs when you search for “[song title] lyrics.”

Unlike Bing, however, you won’t see the full list of song lyrics in your search results. To see the complete lyrics you have to click a link to Google Play. There you’ll also have options to buy the track or subscribe to Google Play’s All Access subscription service.

If Bing’s song lyrics roll out convinced you to switch to Microsoft’s search engine, however, don’t bother switching back. Google’s song lyric catalog is extremely limited compared to its competitor. In fact, the new feature seems like more of a ploy to push people to Google Play than a truly helpful search function.

I hadn’t noted that Bing was already doing song lyrics. Google says it has licensed the lyrics it displays. But – as this article notes, and Techcrunch points out – it’s another annexation by Google of a content business.

LG boss may miss CES due to washing machine fiasco >> CNET

Cho Mu-Hyun:

South Korean prosecutors have imposed a travel ban on Jo Seong-jin, head of LG’s Home Appliance and Air Solution Company, who had been slated to represent LG at the upcoming Consumer Electronics Show 2015 in Las Vegas.

Samsung earlier this year filed a lawsuit for property damages and defamation against Jo and four other LG Electronics executives after the IFA tradeshow in Berlin, Germany, claiming that the LG execs intentionally sabotaged the door hinges of one of its washing machines at an electronics store there. Samsung provided as evidence the damaged washing machine and CCTV footage allegedly showing Jo “willfully” damaging the appliance.

Who knew bathos could be so hilarious.

Xiaomi may adopt sapphire for covers of 5.7in smartphone >> Digitimes

China-based smartphone vendor Xiaomi Technology is likely to adopt sapphire for protective covers of Xiaomi 5, its 5.7-inch flagship model that will be showcased at the 2015 Consumer Electronics Show, Taiwan-based supply chain makers cited industry sources in China as indicating.

Japan-based Kyocera in early 2014 launched smartphones with protective covers made from internally-produced sapphire in the US market through cooperation with Verizon Wireless, while China-based Vivo and Huawei Device also launched smartphones with sapphire covers, the sources said.

If Xiaomi decides to adopt sapphire, existing sapphire production capacity is not sufficient to meet the demand, according to sources with Taiwan-based sapphire wafer makers.

Even with Xiaomi’s smartphone volumes, this probably isn’t possible. Maybe a high-end model?

Why Sony’s breach matters >> Learning by Shipping

Steve Sinofsky, who (of course) used to be at Microsoft:

in late 1996, seemingly all at once everyone started opening Word documents to a mysterious alert like the one below.

This annoying but benign development was actually a virus. The Word Concept virus (technically a worm, which at the time was a big debate) was spreading wildly. It attached itself to an incredibly useful feature of Word called the AutoOpen macro. Basically Word had a snazzy macro language that could do anything automatically that you could do in Word just sitting in front typing (more on this later). AutoOpen allowed these macros to run as soon as you opened a document. You’d receive a document with Concept code in AutoOpen and upon opening the document it would infect the default (and incredibly useful) template Normal.dot and then from then on every document you opened or created was subsequently infected. When you mailed a document or placed it on a file server, everyone opening that document would become infected the same way. This mechanism would become very useful for future viruses.

Looking at this on the team we were rather consternated. Here was a core business use case. For example, AutoOpen would trigger all sorts of business processes such as creating a standard document with the right formats and metadata or checking for certain conditions in a document management system. These capabilities were key to Word winning in the marketplace. Yet clearly something had to be done.

And that was just the start of a long run of malware. But he thinks we’re better off now.

Google just had to spin the Sony hack >> The Illusion of More

David Newhoff on Google’s PR spin around the “Goliath” emails uncovered by the Sony hack, which he calls a Pavlovian bell-ringing for its meme of “internet freedom”:

It’s no secret that motion picture producers and Google have an ongoing dispute with regard to piracy of filmed entertainment, and I think it’s a safe bet both parties regularly consult with counsel regarding their own interests. As such, I personally think one of the more serious results of this leak is the rather dramatic breach of attorney/client privilege. I don’t think we want a society in which hackers can arbitrarily violate this fundamental right in our legal system. Apparently, though, Google’s Sr VP and General Counsel, Kent Walker, was unfazed by this implication — perhaps Google is hacker proof — when he was quoted in Variety saying, “We are deeply concerned about recent reports that the Motion Picture Association of America (MPAA) led a secret, coordinated campaign to revive the failed SOPA legislation through other means.”  And as of this week, Google has launched a campaign it calls Zombie SOPA. Ding-a-ling!

Walker is not speaking as an attorney, but rather as a PR guy, when he plays the word secret like that in order to imply a conspiracy, knowing full well that communications between clients and attorneys are almost always secret. But near the end of the article, he is also quoted plaintively wondering why champions of the First Amendment like the MPAA would “want to censor the Internet.”  Hear them ring! Of course any discussion about legal remedies to mitigate piracy are tantamount to censorship, right?

Why Samsung is losing out to low cost rivals >> Jana Mobile

Samsung’s flagship Galaxy series is extremely popular among the emerging market smartphone users that make up mCent’s user base (eight of the top ten devices used to access the mCent app in November 2014 came from the Samsung Galaxy series). However, the Galaxy is likely to become less popular as lower-priced competitors enter the market. This is partly due to the total price of components and assembly for Galaxy devices, which have steadily risen in the face of prevailing market trends. If the current trend is sustained, manufacturing and component costs for a Samsung Galaxy [from 2010] will be higher than the global average selling price for a smartphone in 2015…

…In November 2014, Samsung accounted for 40% of sessions on the mCent app for Android. It has been the most popular smartphone brand among users in our markets since the launch of the mCent app in June 2014, yet its popularity has been waning. In the key markets of Brazil, Indonesia, and India, Motorola, Smartfren, and Micromax have become noticeably more popular. We expect this trend to continue into 2015.

With the caveat, however, that they’re talking about the flagship Galaxy phones, not the cheapo phones that it sells at rock-bottom prices.

Though this is becoming a story that everyone is telling: Samsung losing out to the low-cost rivals. Its earnings guidance for the fourth quarter will come out in early January.

Mathematicians have finally figured out how to tell correlation from causation >> Quartz

Zach Wener-Fligner:

determining causal relationships is really hard. But techniques outlined in a new paper promise to do just that. The basic intuition behind the method demonstrated by Prof. Joris Mooij of the University of Amsterdam and his co-authors is surprisingly simple: if one event influences another, then the random noise in the causing event will be reflected in the affected event.

For example, suppose we are trying to determine the relationship between the the amount of highway traffic, and the time it takes John to drive to work. Both John’s commute time and traffic on the highway will fluctuate somewhat randomly: sometimes John will hit the red light just around the corner, and lose five extra minutes; sometimes icy weather will slow down the roads.

But the key insight is that random fluctuation in traffic will affect John’s commute time, whereas random fluctuation in John’s commute time won’t affect the traffic.

Smart – watch for this to filter through into all sorts of everyday algorithms in the next few years.

Did North Korea really attack Sony? >> The Atlantic

Bruce Schneier:

Allan Friedman, a research scientist at George Washington University’s Cyber Security Policy Research Institute, told me that from a diplomatic perspective, it’s a smart strategy for the U.S. to be overconfident in assigning blame for the cyberattacks. Beyond the politics of this particular attack, the long-term U.S. interest is to discourage other nations from engaging in similar behavior. If the North Korean government continues denying its involvement no matter what the truth is, and the real attackers have gone underground, then the U.S. decision to claim omnipotent powers of attribution serves as a warning to others that they will get caught if they try something like this.

Sony also has a vested interest in the hack being the work of North Korea. The company is going to be on the receiving end of a dozen or more lawsuits—from employees, ex-employees, investors, partners, and so on. Harvard Law professor Jonathan Zittrain opined that having this attack characterized as an act of terrorism or war, or the work of a foreign power, might earn the company some degree of immunity from these lawsuits.

I worry that this case echoes the “we have evidence — trust us” story that the Bush administration told in the run-up to the Iraq invasion.

Schneier is very sceptical of the US explanation. It’s noticeable how few security experts are on board with the US’s claims over this.

Start up: make like Apple?, Samsung sells off fibre optic, authors v Kindle Unlimited, Amazon’s PR push and more

Posted on by
Reply


Spring-making machine: photo by Mitch Altman, taken in Shenzhen, China, November 2014

A selection of 10 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

No, you can’t manufacture that like Apple does >> Medium

What happened when Apple wanted to CNC machine a million MacBook bodies a year? They bought 10k CNC machines to do it. How about when they wanted to laser drill holes in MacBook Pros for the sleep light but only one company made a machine that could drill those 20 µm holes in aluminum? It bought the company that made the machines and took all the inventory. And that time when they needed batteries to fit into a tiny machined housing but no manufacturer was willing to make batteries so thin? Apple made their own battery cells. From scratch.

Pretty much no company, big or small, can afford to do these things. Yes, Apple has done a great job building many of these products and yes, consumers have come to love many of these difficult-to-manufacture features. But you are not Apple. So long as you’re providing value to your customers, taking the fit and finish of your product down a notch is okay. Especially for your first few production runs.

So what should you avoid? Here’s a few things that Apple often does that can cause problems for a startup.

The “white plastic” one in the list that follows is so obvious when you think about it, but non-obvious until it’s pointed out (or seen).

Samsung Electronics exits fibre optics amid sharper focus on reviving smartphones >> Reuters

Samsung Electronics agreed to sell its fibre optics operations to US specialty glass maker Corning Inc, exiting another non-core business to focus on shoring up underperforming key areas like smartphones.

Terms of the sale, including plants in China and South Korea, weren’t disclosed. Announced by both parties on Tuesday, the South Korean firm’s second exit from a business line this quarter comes as it braces for its lowest annual profit in three years, squeezed by stiff competition…

…The firm also said in October it will halt its light emitting diode lighting business outside of its home country, which was also considered a non-core business.

Best >> stratechery

Ben Thompson on disruption, and what Clayton Christensen’s theory lacks because it doesn’t include user experience as a factor:

That’s the thing though: the quality of a user experience has no ceiling. As nearly every other consumer industry has shown, as long as there is a clear delineation between the top-of-the-line and everything else, some segment of the user base will pay a premium for the best. That’s the key to Apple’s future: they don’t need completely new products every other year (or half-decade); they just need to keep creating the best stuff in their categories. Easy, right?

He’s totally right that Apple should have bought Dropbox; but Steve Jobs couldn’t see the inherent, coming value of the cloud – even though it was Jobs, in 1997, who told developers about the importance of network computing and not having to worry about locally stored data.

Android 5.0 Lollipop delay for HTC One and One M8 Google Play Editions >> TechRadar

The reason for the first delay was pretty vague, with Google simply stating that it would “need to re-spin SW”. If we were to Google Translate that confusing statement into plain English, we’d guess that it meant Google needed time to tweak and update the Android 5.0 Lollipop software.

That delay pushed back the expected Lollipop update to December 1. However that date came and went with no sign of the update.
 
It soon emerged that the Lollipop Update has been delayed once again, with Mo Versi, HTC’s VP of Product Management, reporting that the delay this time is due to Google being too busy at the moment, but that we should expect the update soon.

Just to be clear – that’s for the stock Android versions of the HTC One and M8, not those with HTC’s Sense skin. “Too busy” is a great reason.

Author discontent grows as Kindle Unlimited enters its fifth month >> The Digital Reader

Nate Hoffelder:

When Kindle Unlimited launched in the US 4 months ago there were many questioning whether it was good or bad for authors, and if the chorus of complaints over the past few days are any indication then the answer will be no.

HM Ward kicked off the discussion on Friday when she revealed that she was pulling out of KDP Select, the program Amazon uses to funnel indie ebooks into Kindle Unlimited.

Ward withdrew her books not because the average payment had dropped to only $1.33, but because her total revenues had fallen by 75%

Kindle Unlimited is Amazon’s ebook subscription service. All the news from authors seems not to be positive.

Apple had a rough morning >> Bloomberg View

Matt Levine with a terrific explanation of the “flash crash” of Apple stock, which seems to have mostly been driven by computer-based high-frequency trading. Because no human reacts that fast:

You’ve lost several thousand dollars on your Apple trades. Maybe you should cut your losses and get out? Again, you are not, like, pondering this in your heart of hearts: You are an algorithm, and you are programmed with some loss limits, so you cut your losses and start selling. So instead of dampening volatility, you actually start increasing it.

Chesterton’s Fence >> The Epicurean Dealmaker

GK Chesterton argued:

In the matter of reforming things, as distinct from deforming them, there is one plain and simple principle; a principle which will probably be called a paradox. There exists in such a case a certain institution or law; let us say, for the sake of simplicity, a fence or gate erected across a road. The more modern type of reformer goes gaily up to it and says, “I don’t see the use of this; let us clear it away.” To which the more intelligent type of reformer will do well to answer: “If you don’t see the use of it, I certainly won’t let you clear it away. Go away and think. Then, when you can come back and tell me that you do see the use of it, I may allow you to destroy it.”

This is clearly why Chesterton never got venture funding in Silicon Valley.

The real reason Amazon is telling us about its robots >> Huffington Post

Timothy Stenovec applies a suitably sceptical eye to the news, recalling how coincidentally a year ago Amazon told 60 Minutes about its drone plans:

This year, Amazon appears to be trying the same thing again – only this time, it’s with robots. The company recently invited a select group of journalists – I was not one of them – to tour one of its California warehouses and watch robots move 750-pound shelves of products. Amazon says it uses 15,000 such robots in its facilities, and that the machines, a result of Amazon’s $750m purchase of robot-maker Kiva Systems in 2012, will cut costs, save you money and help get products to you faster.

There was no news of Amazon’s robot fleet until just after midnight on Monday, when suddenly a flood of stories appeared – suggesting that the news was “embargoed,” a term for the common media practice of agreeing not to publish certain information until a certain time.

The robots are interesting, and every journalist knows about having something to please the editor for a Monday morning. Perhaps brick-and-mortar stores could start PR schemes where they show how they’re paying tax?

This “smart” ring is another reason to never trust Kickstarter videos >> Gizmodo

With $880,998 in funding, well exceeding its $250,000 asking price, Ring was a smart device that was meant to Bluetooth control everything in your life — except that it doesn’t. Not by a long shot.

We debunked the thing outright as soon as it showed up on Kickstarter in March, but that didn’t stop thousands of backers from signing up for the product and who are now probably regretting that $269 monetary decision. YouTube user Snazzy Labs breaks down every facet of the ring, and why it’s such a terrible, terrible waste of money.

“Comically unusable” is among the more generous phrases used by Snazzy Labs (cool name bro) in the video, which is worth watching just to see how wearables should not be done, ever.

Santa or the Grinch: Android tablet analysis for the 2014 holiday season >> Bluebox Security

Bluebox Labs purchased over a dozen of these Black Friday “bargain” Android tablets from big name retailers like Best Buy, Walmart, Target, Kmart, Kohl’s and Staples, and reviewed each of them for security. What we found was shocking: most of the devices ship with vulnerabilities and security misconfigurations; a few even include security backdoors. What seemed like great bargains turned out to be big security concerns. Unfortunately, unsuspecting consumers who purchase and use these devices will be putting their mobile data & passwords at risk.

(Via John Moltz.)