Despite recent watchOS dominance, Samsung hasn’t given up on Tizen. The OEM’s wearable operating system continues to power a bunch of devices made exclusively by Samsung, including the $249 (originally $299) Gear Sport. Introduced last year, the Gear Sport is the successor to the Gear S3 and the smartwatch cousin of the Gear Fit 2 Pro band.

It’s easy to forget about Tizen since it’s not as well known or well marketed as Android Wear or watchOS. But considering the Gear Sport can connect to both Android and iOS devices, users shouldn’t rule Tizen out of their smartwatch buying decisions. While the Gear Sport isn’t drastically different from the 2016 Gear S3, its updates make it a viable competitor to the top Android Wear devices and the latest Apple Watch.

Design

Here’s a controversial opinion: the Gear Sport is more attractive than the Apple Watch. From a pure design point of view, Samsung’s smartwatch looks more like a traditional watch than Apple’s wearable does, and Samsung did a good job marrying elements of regular timepieces and advanced smart wearables in one device.

The case is circular, but four slight corners give it a phantom square shape, with home and back buttons on its right edge. Attractiveness is ultimately subjective, but I give props to Samsung for making a smartwatch that looks so similar to a regular watch with less extra size and weight than its competitors.

Encircling the 1.2-inch Super AMOLED display is a textured bezel that you can rotate to scroll between options on the screen. Not only did I enjoy using this as an alternative to tapping and scrolling with my finger on the display, but its placement around the display makes it easier to use than Apple’s side-mounted digital crown. I defaulted to the rotating bezel over the touchscreen. Although the 360×360 full-color display is tempting to play around with since it is so crisp and bold.

Due to its shape and size, the Gear Sport is bulkier than the Apple Watch and even the Fitbit Ionic, but it doesn’t look as dramatic on my small wrist as other devices do. Samsung’s newest smartwatch is even smaller than its Gear S3 (lack of LTE support makes for a more compact device), and it could make a solid watch for most wrist sizes. Each model comes with a 20mm sport band that can easily be switched out or replaced thanks to quick-release pins at either end of the watch’s case.

Inside the Gear Sport is a dual-core processor, a slew of sensors, including an accelerometer, gyroscope, GPS, barometer, ambient light sensor, and heart-rate monitor. It has 768MB of RAM and 4GB of storage for music. It also has a 300mAh battery that should last about two days on a single charge. The entire watch is water-resistant up to 50 meters, making it capable of tracking swim exercises.

The battery life pleasantly surprised me: my Gear Sport lasted nearly three full days and two full nights before needing to be charged. This time included three recorded workouts and a decent number of notifications coming through to my wrist. I only put the watch in Do Not Disturb mode while sleeping so email notifications wouldn’t wake me up at 2am.

Fitness chops

The device’s name signals the Gear Sport’s emphasis on fitness. Six out of the 10 preset widgets on the watch are health-related as well: calories burned, steps taken, floors climbed, heart-rate, workout, and quick-access exercise widgets immediately follow the watch face when you rotate the textured bezel. There are also a few watch faces that show fitness stats in small numbers and icons around the time, making that fitness information glanceable.

The workout widget summarizes the number of minutes you spent exercising that day and lets you begin a new workout. The Gear Sport has 17 workout profiles to choose from—the basics, including running, walking, and cycling are covered, as well as options like treadmill, elliptical, pilates, rowing machine, and others. While there aren’t as many available workout profiles as there are on the Apple Watch or the Garmin Vivoactive 3, the Gear Sport still offers enough to suit most people.

The rotating bezel allows you to select the workout you want to begin. Before doing so, you can change your target goal, the stats appearing on the workout screen, and the minute interval for guidance. Some exercises can have more than one workout screen due to the number of stats the Gear Sport can collect—running can have up to three screens to show pace, duration, heart rate, speed, distance, cadence, and more. The Gear Sport can only track so much during other activities, like those on an elliptical trainer, so they only have one available workout screen. However, you can rearrange the order in which the stats appear on those screens, regardless of whether one or more screens are available.

All-day tracking

Exercise tracking is simple and effective once you set your preferences. If you forget to start a workout manually, the Gear Sport can automatically recognize and record some exercises, like running, after 10 minutes of activity. Aside from smartphone notification or goal alerts, the Gear Sport won’t interrupt you during a workout. I loved how the time flashed at the top of the screen every time I turned my wrist up while exercising. Often, I’m using my smartwatch to check the time rather than my current exercise stats, so it’s helpful that Samsung found a way to include it on the workout screens without having it take up an entire section.

The Gear Sport’s heart-rate monitor is accurate, measuring my pulse within three BPM of Polar’s H10 chest strap at both high and low rates. I care most about recording my heart rate during exercise, but it’s possible to take a pulse measurement at any point throughout the day. The Gear Sport even lets you label these heart-rate measurements with categories like “resting,” “after exercise,” “fearful,” “sick,” and others so you can keep track of pulse changes as they relate to your state of being.

The GPS is just as accurate, and it’s quick as well. It took seconds for the GPS to locate me as I started a recorded walk around the block. A tiny GPS icon at the top of the Gear Sport’s display flashes green when it’s locating you and remains green when it’s tracking you. After an outdoor workout, a tiny map of your route appears at the end of the workout summary on the watch, and a larger map will accompany the workout notes in the Samsung Health mobile app.

Samsung makes good use of the Gear Sport’s display by putting nearly full workout details on the watch, ready for you to review any time after recording. Some devices force you to go to its companion mobile app to see full stats, graphs, and other data, but the Gear Sport includes a log of each recorded workout for that week with duration, calories, and heart-rate graphs and zone details on-screen. The same summary pops up immediately after you finish a workout, but it’s convenient to be able to review it again in full detail at any time.

For the few single-move workouts on the Gear Sport (jumping-jacks, crunches, etc.), a small human icon does the exercise on the Gear Sport’s display to show you the correct positioning before starting. While the device can count reps for these exercises, the numbers are hit or miss. Garmin still holds the crown for rep-counting accuracy on its wearables like the Vivosmart 3, but it’s a feature that Samsung was smart to include, and hopefully it will get more accurate with future Tizen software updates.

The Gear Sport also tracks sleep, but I wouldn’t wear it to bed every night considering its size. It was less obtrusive than I anticipated during the few nights I slept with it on, but it doesn’t help that its sleep tracking isn’t the best. On a night that I slept about eight hours, the Gear Sport measured just over eight hours the next morning—but things got weird when I checked out the stats in Samsung Health. My total sleep time was eight hours and fifteen minutes, according to the app, but a bar graph of my sleep stages showed data for just five of those hours.

It also listed my “actual sleep time” as just under four-and-a-half hours. There aren’t any explainers in the app as to what Samsung Health classifies as “actual sleep time” or “motionless” time (I assume the latter is deep sleep, but your guess is as good as mine), making the Samsung Health sleep page one of the more peculiar pages in the app.

As for the three-hour discrepancy in the sleep graphs, a Samsung representative could only chalk it up to a break during sleep (one that could be triggered by getting up for water or going to the bathroom). I didn’t get up from bed at all that night, but I do move around a lot and wake up while doing so. The next night, my sleep numbers and graphs matched up and correctly listed the number of total hours I slept, so it’s possible that the confusing first night was just a fluke.

Samsung Health mobile app

In general, the Samsung Health mobile app is a confusing amalgamation of different aspects of other fitness apps. It borrows bits and pieces from other programs (its customizable square “items” sections on the home page look nearly identical to those in Fitbit’s mobile app) to make a one-stop shop for reviewing exercise, daily activity, and workout routine data. I can’t get over simple oversights like this: when tapping on your daily activity bar graph, a steps figure page comes up with total steps taken today, total distance, and calories burned, but no workout data. Any exercise activity must be reviewed by tapping the running-man circle under the Goals section on the homepage. I’d much rather have a bar graph showing my activity levels by hour with both step and exercise data included on the same page.

Samsung Health also doesn’t integrate with Google Fit or Apple Health—a big drawback if you’re using the Gear Sport on a device that’s not made by Samsung. The app does connect to other third-party fitness programs like Fitbit, Strava, and MyFitnessPal, so you may find that one of your preferred fitness programs is compatible. But for anyone relying on Google’s or Apple’s health ecosystem, you’ll be out of luck.

Samsung Health does have one thing going for it: Programs. Although hidden in the app (in the triple-dot, right-corner settings menu and in the “manage items” tab at the bottom of the homepage), the Programs page lets you choose from a variety of exercise routines to follow. Everything from weight loss to endurance training, muscle-building, and running has a number of branded workout routines that you can add to your profile and complete at your own pace. Most of them clearly list the number of workouts in the program, how long the program lasts (some are just one week long, while others are multiple weeks), and a difficulty level. Many strength-based programs also have downloadable previews of exercises like squats and mountain climbers to show you how to properly complete them.

Programs are Samsung’s version of Fitbit Coach, but they are more like Microsoft’s guided workouts on the now-defunct Microsoft Band because they’re all accessible for free. Using a Samsung smartphone or a TV, you can watch the guided portions of the workout while you complete them and see real-time heart rate without looking at the Gear Sport every few minutes.

https://arstechnica.com/?p=1266441

For years now, gamers have gotten used to popular, big-budget console and PC games coming to mobile phones in the form of cheesy, heavily scaled-down “companion experiences” like match-three games or mindless screen-tappers. So it was a bit surprising late last night when Epic Games announced that the upcoming mobile and tablet versions of Fortnite: Battle Royale would be “the same 100-player game you know from PlayStation 4, Xbox One, PC, and Mac. Same gameplay, same map, same content, same weekly updates.”

As if to emphasize the identical nature of this mobile port, Sony will enable Cross Play and Cross Progression between the PS4 and mobile/tablet versions, as well as with the existing PC and Mac versions (which used to require some workarounds to play with the PS4). It’s an interesting move from a console maker that continues to stand in the way of cross-console play between the PS4 and Xbox One or Switch. Fortnite briefly and accidentally proved such cross-console play was possible back in September, and Epic Games later said players “deserve” such features.

Epic Community Manager Nick Chester clarified in a tweet that players will be able to opt into cross-platform matchmaking queues or stick with players on the same platform. That’s probably a good thing, because Chester also confirmed that mobile players will be stuck with touchscreen controls initially, with controller support planned for “later.” Though we haven’t seen Fortnite‘s planned mobile control scheme yet, we’d imagine it will end up being a significant handicap compared to players with controllers or a mouse/keyboard setup.

After a slow start in its original form, Fortnite debuted its more competitive “Battle Royale” mode in September and quickly surged to a massive 40 million downloads as of January. That mode is an obvious nod to the previous success of the similar Player Unknown’s Battlegrounds, but Fortnite’s version brings its own twists that have proved endearing to legions of fans thus far.

An authentic mobile port for Fortnite: Battle Royale makes sense as the market of potential players on consoles and gaming PCs starts to get saturated. The port also highlights the steadily increasing power of mobile phones and tablets, which can now match the performance of at least the lower end of major 3D console games without issue.

With literally billions of potential players to be found exclusively on such mobile devices, Fortnite could help pave the way for other major 3D games to make the leap to a mobile market that is often unjustly seen as an indie-and-puzzle game backwater.

“We believe this is the future of games,” Epic writes in its announcement. “The same game on all platforms. Console quality graphics and action. Play when you want, where you want.”

Players with an iPhone 6S or iPad Air 2 (or greater) and iOS 11 can sign up for an invite-only beta starting on Monday, with invites going out soon after. Android support will come in “the next few months” according to the announcement.

https://arstechnica.com/?p=1272763

Last year, researchers discovered 132 Android apps in the Google Play market that lamely attempted to infect users with… Windows malware. On Wednesday, researchers with a different security company reported finding 150 more.

The latest batch of apps, like the ones 12 months ago, were spawned from a variety of different developers. The common thread among all the apps: their code was written on programming platforms infected with malware known as Ramnit. Although the Ramnit botnet of 3.2 million computers was dismantled in 2015, infections on local machines live on.

The malware adds malicious iframes to every HTML file stored on an infected computer. Those iframes then got appended to files that were included in the Android apps. Researchers at security firm Zscaler said almost all of the 150 infected apps were detected using common antivirus engines.

The two domains in the iframes were neutralized years ago through a process known as sinkholing. And even if the domains had been active, they would have been unable to infect an Android device. Still, Google’s inability to detect obviously infected apps on at least two occasions over 12 months is a problem.

“This trend of cross-platform infection propagation should be concerning for Android users as the malware author can easily serve platform-specific malicious content based on the device making the connection to the attacker controlled URLs from such infected apps,” Zscaler researcher Deepen Desai told Ars. Google removed the apps after being notified of them.

Zscaler has a list of all 150 infected apps here.

https://arstechnica.com/?p=1271735

Cortana is coming to the Outlook email and calendar app for iOS and Android, according to The Verge. The publication cites sources “familiar with Microsoft’s Outlook plans.”

Microsoft is reportedly testing a feature internally that would allow users to verbally ask the virtual assistant Cortana to read their emails to them in both iOS and Android. This would be particularly useful for commuters who depend on Outlook for their email and who want to get caught up while driving into work.

Google Assistant does not offer similar functionality with Outlook. Siri, Apple’s own digital assistant built into iOS, already does this, but not with the Outlook app. In most cases, you must use Apple’s own Mail app to access these kinds of features.

Microsoft CEO Satya Nadella has previously described the company’s mobile strategy as one in which the Windows experience comes first, but features and experiences can be translated across additional platforms as needed, like iOS and Android. As such, Cortana has previously been available as a standalone app on iOS and Android, and it still is.

If this feature survives the internal testing process, it may graduate to a public test and eventual release. It’s not the only Outlook initiative Microsoft is working on, of course; the company is also overhauling the user interface for Outlook on the Mac, to bring it more in line with Mac UX conventions and aesthetics.

Just a few weeks before we learned of this feature, Microsoft placed Javier Soltero in charge of Cortana’s development. Soltero had joined the company when it acquired his email startup Acompli. That acquisition led to the Outlook app for iOS and Android, with Soltero leading that project.

https://arstechnica.com/?p=1269669

Samsung’s next big phone is nearly upon us. At first blush, the Galaxy S9 looks to be a decent, if unremarkable, update. The fingerprint scanner isn’t as awkward to reach as it was on the Galaxy S8, the speakers should be louder, and the adjustable aperture of the new camera could allow for better photos in low light. The Galaxy S9 won’t be a revelation when it arrives on March 16, but then again the Galaxy S8 wasn’t exactly a bad phone to begin with.

One thing that’s all but guaranteed, though, is that the Galaxy S9 will be very popular. The reach of Samsung’s advertising and sales channel in America remains unmatched by any smartphone maker that isn’t named Apple. Given the modest sales of Google’s Pixel phones, there’s little reason to think the Galaxy S9 won’t be far and away the highest-selling Android flagship of 2018, just as the last several Galaxy S phones have been.

That means plenty of people will be looking to get the new phone when pre-orders go live at 12am EST on Friday, March 2. The good news is that many of those Samsung fans will be able to save a little bit of cash by ordering early. The bad news is that, per usual, the mobile carriers of America haven’t made buying the phone an entirely uniform process. Shocking, I know.

So, to help you make sense of how much the Galaxy S9 will actually set you back, we’ve dug through the fine print and rounded up what you need to know below.

Note: Ars Technica may earn compensation for sales from links on this post through affiliate programs.

Samsung

For most people in a vacuum, buying an unlocked model directly from Samsung is the best value. The company will sell the Galaxy S9 for $719.99 outright, or $30 a month over the course of a 24-month installment plan. For the larger, dual-camera sporting Galaxy S9+, those prices jump to $839.99 outright and $35 a month for 24 months. Neither installment plan carries any special discount; they’re just options for those who can’t foot the bill upfront.

This is as cheap as either phone gets without additional promotions. And while this may go without saying, it’s worth remembering that buying unlocked allows you to take the phone to whichever carrier and whichever plan you want, rather than being locked into one service. An unlocked phone also means cleaner software, with no extraneous apps pre-installed by your carrier.

Throughout this roundup, you’ll see a recurring limited-time deal in which those who trade in select phones can receive “up to $350” in credit toward the purchase of a Galaxy S9 or Galaxy S9+.

Again, Samsung’s take on this seems the most straightforward: you just select the phone you plan to trade in with your purchase online, reserve your new device, and send the old one back to Samsung within 15 days. You’ll just have to create a Samsung account and make sure your old phone isn’t busted first. A Samsung representative says the company will apply the trade-in credit in the form of one instant payment, instead of splitting it up into monthly installment discounts.

Here is Samsung’s list of eligible trade-in devices and how much cash they’ll save:

• Galaxy S8/ S8+, iPhone X, iPhone 8/8 Plus: $350
• Galaxy S7/S7 Edge, iPhone 7/7 Plus, LG V30, Pixel 2/2 XL: $300
• Galaxy S6/S6 Edge/S6 Edge+, Galaxy Note 5, iPhone 6/6 Plus, iPhone 6S/6S Plus, LG G6, LG V20, Google Pixel/Pixel XL: $150
• Most other smartphones: $50

Best Buy

Samsung plans to sell the Galaxy S9 through Amazon, Walmart, Target, and the usual slate of big-name retailers, but Best Buy is the only one we’ve seen advertising a notable pre-order deal.

Like Samsung, Best Buy will offer the unlocked Galaxy S9 and Galaxy S9+ for $719.99 and $839.99, respectively. You can also buy either phone on a two-year monthly payment plan using a Best Buy credit card.

Beyond that, the retailer will sell each phone through Verizon, AT&T, and Sprint. On Friday, Best Buy says it will take $100 off either phone—but only if you pre-order through one of those three carriers. An unlocked phone won’t be eligible. The discount won’t be applied all at once, either; instead, it’ll be spread out over the course of a 24-month installment plan.

A Best Buy representative said the company will then offer “up to $100” off for those who pre-order through Verizon, Sprint, or AT&T from March 3 to March 15. The “up to” bit means the discount will vary based on which device you go with, but the Best Buy representative could not give further specifics.

In any case, the retailer says it will offer the aforementioned “up to $350” trade-in deal, too. Its list of eligible phones is exactly the same as Samsung’s above, only it includes the Galaxy S8 Active at a $350 value, the Galaxy S7 Active at a $300 value, and the Galaxy S6 active for a $150 value. There’s also no fourth tier of “other smartphones” for a $50 credit.

T-Mobile

T-Mobile is the only one of the big four carriers that will sell the Galaxy S9 at its standard retail price. There, the Galaxy S9 will cost $720 outright or $30 a month on a 24-month installment plan, while the Galaxy S9+ will cost $840 outright or $120 down plus $30 a month over the same 24-month plan. Again, you’ll pay the same amount either way.

The magenta carrier says it will offer up to $360 off the Galaxy S9 or Galaxy S9+ through trade-ins. That’s $10 more than elsewhere. The discount is applied in the form of monthly bill credits spread out over 24 months, not a one-time payment. It only applies to those who use one of T-Mobile’s postpaid or business plans, too, not prepaid customers.

T-Mobile’s list of eligible trade-in devices is a little more generous than Samsung’s, though. Here’s how it breaks down, according to a T-Mobile representative:

• $360 off: Galaxy S8/S8+/S8 Active, Galaxy S7/S7 Edge/S7 Active, Galaxy Note 8, iPhone 8/8 Plus, iPhone 7/7 Plus, iPhone 6s/6s Plus, LG V30, LG V30+
• $200 off: Galaxy S4, Galaxy S5, Galaxy S6/S6 Edge/S6 Edge+/S6 Active, Galaxy Note 4, Galaxy Note 5, iPhone 6/6 Plus, iPhone SE, iPhone 5s, LG V20, LG G6, LG G5

Verizon

Here is where things get dicier. Verizon will sell the Galaxy S9 for $799.99 outright or $33.33 a month for 24 months and the Galaxy S9+ for $929.99 outright or $38.74 a month for 24 months. Those are fairly significant price hikes for phones that will probably come with more bloatware. (Though, if history is any indication, these carrier-exclusive models will likely be updated faster than their unlocked counterparts.)

Verizon says it will take “up to $500 off” either device, but, naturally, it’s not just a straight discount. The company says $150 of that $500 will come in the form of a prepaid MasterCard card, but only those who switch service to Verizon with their purchase will be eligible. You’ll have to claim the card online here, then the carrier will mail it sometime “within eight weeks.”

The other $350 refers to Verizon’s take on the trade-in offers noted above. This, too, will be paid back in the form of monthly bill credits, not as a one-time payment. Here’s what a Verizon representative said the company will accept for trade-ins:

• Galaxy S8/S8+, Galaxy Note 8, iPhone X, iPhone 8/8 Plus: $350
• Galaxy S7/S7 Edge/S7 Active, iPhone 7/7 Plus, iPhone 6s/6s Plus, Google Pixel 2/2 XL, Google Pixel/Pixel XL, LG G6, LG V30, Motorola Z2 Force, Motorola Z Force: $300
• Galaxy S6/S6 Edge/S6 Edge+/S6 Active, Galaxy Note 5, iPhone 6/6 Plus, HTC 10, LG G5, LG V20, Motorola Z Droid, Motorola Z2 Play: $200
• Galaxy S5, Galaxy Note 4, Galaxy Note Edge, iPhone SE, HTC M9/M9+, LG G4, LG V10, Motorola Z Play, Motorola Turbo 2: $100

Verizon is advertising other deals beyond that. It says those who buy a Galaxy S9 can also get 50% off a Samsung Tab E or Tab S3 tablet with a two-year payment plan. It’ll also take $150 off one of Samsung’s Gear S3 smartwatches, again provided you buy the watch on a two-year payment plan. The latter deal does come in the form of a one-time instant discount.

AT&T

AT&T’s offers follow a similar path as Verizon’s. The company will sell the Galaxy S9 for $790.20 outright or $26.34 a month on a 30-month AT&T Next plan and the Galaxy S9+ for $915 outright or $30.50 a month on that same 30-month plan. So, again, you’ll pay more here than you do with Samsung. That 30-month plan is a half-year longer than most other installment plans, too.

Like Verizon, AT&T says it’ll give a $150 bill credit to those who port over a new line from another carrier with their purchase. (So, it’s a no-go for existing AT&T users.) It says business plan customers can get a $150 credit by purchasing a Galaxy S9 with a new line of service, too.

The $350 trade-in deal applies here as well, but an AT&T representative says the carrier will apply that credit all at once, not through ongoing monthly installments. The carrier also says it’ll take at least $200 off if you trade in any smartphone with a “catalog value” greater than $20, which the AT&T representative described as “almost any phone released in the past two years or so.”

Here’s how the whole thing breaks down:

• Any Samsung Galaxy S8 phone, Galaxy Note 8, iPhone X, iPhone 8/8 Plus, LG V30, Google Pixel 2/2 XL: $350
• Any Samsung Galaxy S7 phone: $300
• Any smartphone with a “catalog value of at least $20:” $200

AT&T says new customers can stack the trade-in credit with that $150 bill credit.

Sprint

Sprint will charge $792 for the Galaxy S9 and $912 for the Galaxy S9+ outright. Those prices move to $33 a month and $38 a month, respectively, if you choose to pay in a 24-month installment plan. Again, you’ll give up a bit more than the standard price of the phones.

Much like Verizon and AT&T, Sprint says it’ll give a $150 Visa gift card to those who switch their number to the carrier with their pre-order.

And much like everyone else, Sprint says it’ll give up to $350 in trade-in credit with a pre-order. That will be paid back via monthly bill credits, only here it’s done over the course of 18 months rather than 24 or 30. Sprint’s list of eligible phones is about what you’d expect by now:

• Galaxy S8/S8+, iPhone 8/8 Plus, iPhone X: $350
• Galaxy S7S7 Edge/S7 Active, iPhone 7/7 Plus, LG V30+: $250
• Galaxy S6/S6 Edge/S6 Edge+/S6 Active, Galaxy Note 5, iPhone 6s, iPhone 6/6 Plus, LG G6, LG V20, Google Pixel/Pixel XL: $150

That trade-in credit can stack with the $150 gift card. For what it’s worth, Sprint also runs a “Galaxy Forever” program in which its Galaxy phone users can upgrade to a newer Galaxy model after 12 monthly payments. A Sprint representative said the cost of the Galaxy Forever program is part of the reason why it’s priced the Galaxy S9 a bit higher than Samsung and T-Mobile.

Others

Xfinity Mobile

Comcast’s nascent mobile service will sell the Galaxy S9 for $719.99 outright or $30 a month over $24 months and the Galaxy S9 for $839.99 outright or $35 a month over 24 months. That’s the same as Samsung’s own going rates.

Comcast says it’ll give a $250 Visa gift card to anyone who buys any new Samsung phone (not just the Galaxy S9 or S9+) through its service and opens up a new line. The company says it will also give $200 to those who trade-in an older phone toward the purchase of a Galaxy S9. A Comcast representative said this “could be more depending on the device,” though. The company did not specify exactly which devices are eligible for the promotion, but of note is that the trade-in value is returned in the form of a one-time check, not through monthly installments or a carrier credit.

US Cellular

If you fall within US Cellular’s coverage map, you can get the Galaxy S9 for $759 outright or $25.30 a month on a 30-month installment plan and the Galaxy S9+ for $919.50 outright or $30.65 a month on a 30-month plan. Again, there’s a premium there.

The regional carrier says it will give $350 in trade-in credit to those who send in a Samsung Galaxy S6 or higher, iPhone 6 or higher, Galaxy Note 8, Galaxy Note 5, LG, G6/G6+, LG V30/30+, or LG G20. There are no tiers—an iPhone 6 gets just as much credit as an iPhone 8, according to a US Cellular representative. All of this is paid back through monthly bill credits, though.

If you don’t use the trade-in deal, US Cellular says it’ll offer $250 off the price of the phone through monthly bill credits. You can’t stack the two offers. But to get either deal, you need to sign up for US Cellular’s unlimited plan and “Device Protection+” plan.

https://arstechnica.com/?p=1268325

A fast-moving botnet that appeared over the weekend has already infected thousands of Android devices with potentially destructive malware that mines digital coins on behalf of the unknown attackers, researchers said.

The previously unseen malware driving the botnet has worm-like capabilities that allow it to spread with little or no user interaction required, researchers with Chinese security firm Netlab wrote in a blog post published Sunday. Once infected, Android phones and TV boxes scan networks for other devices that have Internet port 5555 open. Port 5555 is normally closed, but a developer tool known as the Android Debug Bridge opens the port to perform a series of diagnostic tests. Netlab’s laboratory was scanned by infected devices from 2,750 unique IPs in the first 24 hours the botnet became active, a figure that led researchers to conclude that the malware is extremely fast moving.

“Overall, we think there is a new and active worm targeting Android systems’ ADB debug interface spreading, and this worm has probably infected more than 5,000 devices in just 24 hours,” Netlab researchers wrote. “Those infected devices are actively trying to spread malicious code.”

The researchers said they were withholding some information about the devices that are getting infected, presumably to make it harder for copycat attackers to exploit the same underlying weakness or vulnerability.

Once infected, devices are saddled with an app that causes them to mine the digital coin known as Monero. It’s not clear what precise effect this mining has on the devices. In past cases, however, Monero mining apps are so aggressive they physically damage the Android devices running them.

Information returned by Monero Hash Vault—the mining pool the malicious apps use to generate the digital coin—showed the attackers have a 24-hour average rate of 7,880 hashes per second. That’s a relatively small amount. So far, the attackers have generated 0.0171757089 XMR, which at current prices is worth about $3.

It’s not yet clear precisely how devices are getting infected. As noted earlier, Netlab researchers are withholding some details, but they did provide one potential clue when they said some of the infection code relies on Mirai, the malware that compromises routers and other Internet-of-Things devices by guessing default administrator passwords.

https://arstechnica.com/?p=1254677

Nearly a year ago, several people sued LG, claiming that numerous models that got caught in an endless “bootloop” error were unusable and therefore fatally defective.

The affected models—the G4, G5, V10, V20, and the Nexus 5X—represent all of LG’s flagship smartphones released in 2015 and 2016. LG contracted with Google in 2015 to manufacture the Nexus 5X, its inexpensive flagship phone.

In June 2017, the proposed class-action lawsuit was ordered to arbitration, according to the terms of sale. Many companies have similar language in their employment and sales contracts—arbitration nearly always benefits corporate interests over individual ones.

However, Ars has learned that LG has now privately settled the arbitration claims that stemmed from the original lawsuit, Chamberlain v. LG, which was first filed in federal court in Los Angeles.

Arbitration is a private, quasi-legal procedure originally designed to expedite disputes between corporations. Hearings have the trappings of a court hearing—arbitrators are often retired judges—except that they are wholly private. Even worse for consumers is that in the world of arbitration, there is no possibility of class-action claims. Arbitration proceedings are additionally nearly always shrouded from public view, so it is traditionally difficult to find out how many other people have been affected by the same issue.

Under the terms of the settlement, clients of the firm that filed Chamberlain, Girard Gibbs, will receive either $425 cash or a $700 rebate toward the purchase of a new phone.

Some media outlets erroneously reported on Thursday that this settlement is for all LG customers who bought the affected phones. As the lawsuit was never formally certified as a class-action by the judge, terms of the agreement likely remain limited to hundreds of people even though the estimated total of people who bought those five handsets is likely to be in the millions.

However, according to the Girard Gibbs website, LG will now extend the warranty for all customers who bought those specific models from 12 months since the date of purchase to 30 months.

LG did not immediately respond to Ars’ request for comment. Its customer service department can be reached here.

https://arstechnica.com/?p=1253129

Huawei is the world’s third biggest smartphone company—behind Samsung and Apple—and sells phones across the globe. But the Chinese company is virtually unknown in the US. Allegations of stolen intellectual property and spying have dogged Huawei, impeding its efforts to expand its US reach.

Earlier this month, “political pressure” was reported to have derailed an agreement between Huawei and AT&T that would have seen the carrier selling the smartphone company’s hardware. Bloomberg is now reporting that Verizon, too, has dropped its plans to sell Huawei phones, including the new Mate 10 Pro. Huawei will still sell phones directly to consumers, and they’ll work on US networks. But without the promotion and subsidy that carrier partnerships offer, significant sales volumes are unlikely.

Huawei’s difficulties in the US started in 2003, when Cisco accused it of stealing code for router software. More trouble followed in 2008, when Huawei’s bid to buy 3Com was blocked. In 2011, the US Department of Defense reported to Congress that it was concerned about the company’s close ties to the Chinese military, and a 2012 House Intelligence report echoed these concerns.

In spite of all this, Huawei has subsequently become a major supplier of network and telecoms equipment around the world, especially in Europe and China. The continued pushback means that its networking hardware isn’t used by any of the big US carriers; in 2013, Sprint promised to cut its use of Huawei hardware, with the Chinese firm subsequently saying that it was no longer interested in the US market.

Similar spying concerns have been expressed over another Chinese telecoms firm, ZTE.

The US isn’t alone in its suspicions; Huawei was blocked from bidding to build Australia’s National Broadband Network in 2012, again over espionage fears. By contrast, the UK has deployed Huawei hardware in critical communication systems. To satisfy security concerns, the UK established a facility dedicated to assessing Huawei’s software called the Huawei Cyber Security Evaluation Centre, which is overseen from GCHQ.

The traffic isn’t all one way, either; in 2014, it was reported that the NSA hacked Huawei systems to find evidence that the company was working with the People’s Liberation Army. Huawei was started by a former PLA member, but the company maintains that it is independent of the Chinese government and has no ties to the PLA.

The imminent build-out of the 5G mobile network, offering new opportunities for both network hardware and handset sales, makes Huawei’s lack of market access more acute, and, at least among some members of the Trump administration, the move to 5G has further heightened concerns about spying. A proposal for the government to build a national 5G network—widely criticized by parts of the administration as well as the telecoms industry—expressed national security and a reduced reliance on Chinese equipment as its chief rationale.

https://arstechnica.com/?p=1251523

In 2016, researchers uncovered a botnet that turned infected Android phones into covert listening posts that could siphon sensitive data out of protected networks. Google at the time said it removed the 400 Google Play apps that installed the malicious botnet code and took other, unspecified “necessary actions” to protect infected users.

Now, roughly 16 months later, a hacker has provided evidence that the so-called DressCode botnet continues to flourish and may currently enslave as many as four million devices. The infections pose a significant risk because they cause phones to use the SOCKS protocol to open a direct connection to attacker servers. Attackers can then tunnel into home or corporate networks to which the phones belong in an attempt to steal router passwords and probe connected computers for vulnerabilities or unsecured data.

Even worse, a programming interface that the attacker’s command and control server uses to establish the connection is unencrypted and requires no authentication, a weakness that allows other attackers to independently abuse the infected phones.

“Since the device actively opens the connection to the C2 server, the connection will usually pass firewalls such as those found in home and SMB routers,” Christoph Hebeisen, a researcher at mobile security firm Lookout, said after reviewing the evidence. Hebeisen continued:

Once the connection is open, whoever controls the other end of it can now tunnel through the mobile device into the network to which the device is currently connected. Given the unprotected API [the hacker] found, it may well be possible for anybody with that information to access devices and services that are supposed to be limited to such private networks if a device with [malicious apps] on it is inside the network. Imagine a user using a device running one of these apps on the corporate Wi-Fi of their employer. The attacker might now have direct access to any resources that are usually protected by a firewall or an IPS (intrusion prevention system).

The botnet was publicly documented no later than August 2016, when researchers at security firm Check Point Software published this short post that highlighted the risk of the SOCKS-enabled malware. One month later, Trend Micro reported it found DressCode embedded in 3,000 Android apps, 400 of which were available in the official Play market until Google removed them.

Then in October 2017—more than 14 months after the botnet came to light—Symantec reported a new batch of malicious Google Play apps that had been downloaded as many as 2.6 million times. While Symantec dubbed the malware Sockbot, it used the same C2 server and publicly available, unauthenticated programming interfaces as DressCode for the same purpose of engaging in click fraud.

Evidence of the still-thriving botnet raises important questions about the effectiveness of Google incident responses to reports of malicious Android apps that wrangle phones into botnets. The evidence—which was provided by someone who claimed to have thoroughly hacked the C2 server and a private GitHub account that hosted C2 source code—suggests that code hidden deep inside the malicious titles continues to run on a significant number of devices despite repeated private notifications to Google from security researchers. It’s not clear if Google remotely removed the DressCode and Sockbot apps from infected phones and attackers managed to compromise a new set of devices or if Google allowed phones to remain infected.

The evidence also demonstrates a failure to dismantle an infrastructure researchers documented more than 16 months ago and that the hacker says has been in operation for five years. A common industry practice is for security companies or affected software companies to seize control of Internet domains and servers used to run botnets in a process known as sinkholing. It’s not clear what steps if any Google took to take down DressCode. The C2 server and two public APIs remained active at the time this post went live.

In an email, a Google spokesman wrote: “We’ve protected our users from DressCode and its variants since 2016. We are constantly monitoring this malware family, and will continue to take the appropriate actions to help secure Android users.” The statement didn’t respond to questions if Google was working to sinkhole the C2.

5,000 headless browsers

The hacker said the purpose of the botnet is to generate fraudulent ad revenue by causing the infected phones to collectively access thousands of ads every second. Here’s how it works: an attacker-controlled server runs huge numbers of headless browsers that click on webpages containing ads that pay commissions for referrals. To prevent advertisers from detecting the fake traffic, the server uses the SOCKS proxies to route traffic through the compromised devices, which are rotated every five seconds.

The hacker said his compromise of the C2 and his subsequent theft of the underlying source code showed that DressCode relies on five servers that run 1,000 threads on each server. As a result, it uses 5,000 proxied devices at any given moment, and then for only five seconds, before refreshing the pool with 5,000 new infected devices.

After spending months scouring source code and other private data used in the botnet, the hacker estimated the botnet has—or at least at one point had—about four million devices reporting to it. The hacker, citing detailed performance charts of more than 300 Android apps used to infect phones, also estimated the botnet has generated $20 million in fraudulent ad revenues in the past few years. He said the programming interfaces and the C2 source code show that one or more people with control over the adecosystems.com domain are actively maintaining the botnet.

Lookout’s Hebeisen said he was able to confirm the hacker’s claims that the C2 server is the one used by both DressCode and Sockbot and that it calls at least two public programming interfaces, including the one that establishes a SOCKS connection on infected devices. The APIs, Hebeisen confirmed, are hosted on servers belonging to adecosystems.com, a domain used by a provider of mobile services. He also confirmed that the second interface is used to provide user agents for use in click fraud. (Ars is declining to link to the APIs to prevent further abuse of them.) He said he also saw a “strong correlation” between the adecosystems.com servers and servers referenced in DressCode and Sockbot code. Because the Lookout researcher didn’t access private portions of the servers, he was unable to confirm that the SOCKS proxy was tied to the user agent interface, to specify the number of infected devices reporting to the C2, or to determine the amount of revenue the botnet has generated over the years.

Officials with Adeco Systems said that their company has no connection to the botnet and that they’re investigating how their servers were used to host the APIs.

By using a browser to visit the adecosystems.com links that hosted the APIs, it was possible to get snapshots of infected devices that included their IP address and geographic location. Refreshing the link would quickly provide the same details for a different compromised phone. Because the data isn’t protected by a password, it’s likely that anyone who knows the links can establish their own SOCKS connection with the devices, Hebeisen said.

The hacker also accessed a database containing the unique hardware identifier, carrier, MAC number address, and device ID for each infected device. He provided a single screenshot that appeared consistent with what he had described.

Many of the malicious apps, including many of these ones, remain available in third-party marketplaces such as APKPure. Neither Hebeisen nor the hacker said they have any evidence Google Play has hosted DressCode or Sockbot apps in recent months.

While Google has said it has the ability to remotely uninstall malicious apps from Android devices, some critics have argued that this level of control, particularly without end-user consent ahead of time, oversteps a red line. Google may therefore be reluctant to use it. Even assuming the remote capability is heavy-handed, the significant threat posed by the ease of establishing SOCKS connections with potentially millions of devices is arguably precisely the kind of outlier case that would justify Google using the tool. If possible, Google should additionally take steps to take down the C2 server and the adecosystems.com APIs it relies on.

At the moment, there is no known list of apps that install the DressCode and Sockbot code. People who think their phone may be infected should install an antivirus app from Check Point, Symantec, or Lookout and scan for malicious apps. (Each can initially be used for free.) To prevent devices from being compromised in the first place, people should be highly selective about the apps they install on their Android devices. They should download apps only from Play and even then only after doing research on both the app and the developer.

https://arstechnica.com/?p=1249921

DJ Koh, Samsung’s mobile boss, has confirmed that the company will launch its next flagship Galaxy S smartphone at Mobile World Congress in Barcelona next month, according to a ZDNet report.

The report says Koh made the announcement at a press conference during the CES trade show in Las Vegas. ZDNet does not explicitly confirm that the new phone will be called the “Galaxy S9,” but any name other than that would be a surprise. Earlier reports suggested that Samsung would show off the Galaxy S9 and the larger Galaxy S9+ at CES this week, but that hasn’t happened.

Samsung unveiled the current Samsung Galaxy S8 and Galaxy S8+ at its own “Galaxy Unpacked” event in March last year before putting the phones on sale in April. For several years prior to that, however, the company first revealed its latest top-end smartphones at Mobile World Congress, a major conference for the mobile industry. This year’s MWC takes place from February 26 to March 1.

History suggests that the Galaxy S9 (and, presumably, the Galaxy S9+) would then go on sale some time in late March or early April, though an exact release date is still unknown. Samsung did not immediately respond to a request for comment.

Details about the next Galaxy flagship are relatively scarce at this point, but the phone isn’t expected to be a radical departure from last year’s Galaxy S8, which featured a drastic redesign and was generally well-received by critics and consumers alike. Expect the US model to feature Qualcomm’s new Snapdragon 845 SoC.

Besides the Galaxy S9, Koh reportedly said that Samsung will launch the next iteration of its much-maligned Bixby voice assistant this year and that it’s looking to launch its long-rumored “foldable” smartphone some time in 2019.

https://arstechnica.com/?p=1242299