DMA be damned, Apple cuts off path to Epic Games Store, Fortnite on EU iPhones

Extreme close-up photograph of a hand holding a smartphone.
Enlarge / A Fortnite loading screen displayed on an iPhone in 2018, when Apple and Epic weren’t at each other’s throats.

Last month, Epic announced that Apple had approved an iOS developer account for Epic Games Sweden, thus securing a path for Fortnite to return to the iOS App Store for the first time since 2020 (in Europe, at least). But Apple has now terminated that Swedish developer account in a move Epic says is a “serious violation of the DMA [that] shows Apple has no intention of allowing true competition on iOS devices.”

No competing App Store for you

Epic is referring there to the Digital Markets Act, the European regulation that has forced Apple to officially allow sideloaded apps on European iOS devices for the first time. Since Apple announced its DMA compliance plans in January, though, many third-party developers have loudly complained about the stringent terms Apple is imposing on companies that want to establish alternative App Stores on iOS devices. Epic Games was among those public complainants, with CEO Tim Sweeney publicly calling Apple’s policies “a devious new instance of Malicious Compliance” full of “hot garbage.”

Epic said Apple denied its request for a DMA consultation that could have helped streamline its plans to return to iOS. Despite this, in February, Epic signaled a willingness to jump through Apple’s hoops, using a newly approved developer account for Epic Games Sweden AB as a way to “start developing the Epic Games Store on iOS soon” ahead of a planned 2024 launch.

But Apple told Ars that Epic Games Sweden’s access to a developer account was granted through a “click through” agreement that was not evaluated by Apple management. Now that Apple management is aware of that approval, the company says it has terminated that agreement following the same logic that led the company to deny a 2021 request by Epic for reinstatement to the iOS developer program.

In a statement provided to Ars Technica, Apple cited “Epic’s egregious breach of its contractual obligations to Apple” in the past, which “led courts to determine that Apple has the right to terminate ‘any or all of Epic Games’ wholly owned subsidiaries, affiliates, and/or other entities under Epic Games’ control at any time and at Apple’s sole discretion.’ In light of Epic’s past and ongoing behavior, Apple chose to exercise that right.”

In terminating its Swedish developer account, Epic says Apple “is taking out one of the largest potential competitors to the Apple App Store. They are undermining our ability to be a viable competitor and they are showing other developers what happens when you try to compete with Apple or are critical of their unfair practices.”

Punished for speaking out?

Epic Games founder and CEO Tim Sweeney.
Enlarge / Epic Games founder and CEO Tim Sweeney.

Epic argues that Apple’s decision here was based at least in part on Epic “publicly criticiz[ing] their proposed DMA compliance plan.” To support this, Epic shared a copy of a March 2 letter from attorneys at Weil, Gotshal & Manges LLP, which states plainly that “given the past and current conduct of Epic, Apple cannot allow Epic Games Sweden AB to be part of its ecosystem.”

That letter directly cites a Sweeney tweet where he attacks “the contradictions between [Apple’s] stated principles and the intended and actual consequences of their present policies…” as well as an unspecified “litany of public attacks on Apple’s policies, compliance plan, and business model.”

“Apple is retaliating against Epic for speaking out against Apple’s unfair and illegal practices, just as they’ve done to other developers time and time again,” Epic said in its statement today.

But Sweeney also shared a February 23 email from Apple executive Phil Schiller in which Sweeney’s public criticism is cited as a potential warning sign of Epic’s bad faith.

“Your colorful criticism of our DMA compliance plan, coupled with Epic’s past practice of intentionally violating contractual provisions with which it disagrees, strongly suggest that Epic Sweden does not intend to follow the rules,” Schiller wrote. “Developers who are unable or unwilling to keep their promises can’t continue to participate in the Developer Program.”

Schiller went on to ask Sweeney for “written assurance that you are also acting in good faith,” which Sweeney provided in an email later that same day. To Apple’s lawyers, though, that short reply was an “insufficient” response that “boiled down to an unsupported ‘trust us.’ History shows, however, that Epic is verifiably untrustworthy…” What’s more, Apple argues that the new European iOS Games Store effort “is in fact a vehicle to manipulate proceedings in other jurisdictions,” such as ongoing litigation against Apple in Australia.

Given Epic’s long history of fighting Apple’s iOS policies in court (and the court of public opinion), it shouldn’t be surprising that the company says it won’t take Apple’s latest decision lying down. “The DMA was designed to eliminate the very power imbalance that Apple is proving exists today: they claim to have total control to block competing stores and apps. We will continue to fight to bring true competition and choice to iOS devices in Europe and around the world.”

https://arstechnica.com/?p=2008396




Apple sta pagando delle difficoltà sul mercato cinese

Pochi giorni dopo che Goldman ha rimosso Apple dalla sua “Conviction List”, la lista dei titoli da tenere prigionieri, ed Evercore ISI ha eliminato Apple dalla sua lista “Tactical Outperform”, entrambe le banche hanno citato le crescenti preoccupazioni per un rallentamento delle vendite di iPhone, in particolare con l’aggravarsi dei problemi economici della Cina. Un nuovo rapporto mostra che le vendite cinesi di iPhone sono crollate.

I nuovi dati di Counterpoint Research, citati per la prima volta da Bloomberg, mostrano che le vendite di iPhone nella Cina continentale sono crollate del 24% nelle prime sei settimane dell’anno. Il rapporto alimenta le preoccupazioni sul calo della domanda di iPhone nel più grande mercato di smartphone del mondo.

Counterpoint mostra che il mercato complessivo degli smartphone in Cina si è ridotto del 7% nelle prime sei settimane dell’anno. Vivo, con sede a Dongguan, ha registrato la quota più alta delle vendite di telefoni.

La scorsa settimana, Bloomberg ha riportato che i telefoni iPhone 15 Pro Max sono stati messi in vendita su Tmall di Alibaba Group Holding Ltd. a un prezzo inferiore di circa 1.300 yuan (180 dollari) rispetto al prezzo di vendita suggerito, indicando che questi telefoni sono stati fortemente scontati per stimolare la domanda. Sicuramente il commerciante non è 

L’iPhone 15 non è più popolare in Cina da quando Huawei Technologies Co. ha lanciato il Mate Pro 60 lo scorso agosto.

Huawei è stata una spina nel fianco di Apple dal sorprendente debutto dei suoi dispositivi Mate 60 Pro, che hanno scatenato un’ondata di acquisti patriottici e sottratto quote all’azienda statunitense. Huawei ha raggiunto una quota di mercato cinese del 16,5% nelle prime sei settimane, rispetto al 9,4% precedente. L’azienda che si è separata da Huawei nel 2020, Honor Device Co. è stato l’unico altro grande produttore a registrare una crescita delle vendite di unità, pari al 2%. Apple è scesa sotto il 16% di quota di mercato, dal 19% di un anno fa, secondo i ricercatori. –Bloomberg

“Nonostante il calo della fiducia dei consumatori, i miglioramenti di Huawei nella produzione hanno permesso all’azienda di soddisfare la domanda della sua popolare serie Mate 60”, ha dichiarato Ivan Lam, analista di Counterpoint. Non dimentichiamo che in Cina poi c’è stata una vera e propria campagna nazionalista a favore del telefono prodotto dall’azienda nazionale che ha avuto un proprio peso nel successo di Huawei.

Lam ha continuato: “Il periodo dell’anno precedente era già abbastanza depresso, ma per quanto riguarda Apple, c’è più margine di manovra nel breve termine. Le promozioni aggressive prima della festa della donna sono solo un esempio”.  Quindi la campagna di Apple per riconquistare la Cina potrebbe passare da un calo dei prezzi che segua il cammino deflazionistico del paese. Un cammino logico, ma irto di problemi, fra margini di contribuzione che si riducono e il rischio di differenziali di prezzo eccessivi.

Nel frattempo il titolo Apple non sta brillando:

E nonostante l’utile per azione sia ancorsa piuttosto elevato


Telegram

Telegram
Grazie al nostro canale Telegram potete rimanere aggiornati sulla pubblicazione di nuovi articoli di Scenari Economici.

⇒ Iscrivetevi subito


MindsMinds

https://scenarieconomici.it/apple-sta-pagando-delle-difficolta-sul-mercato-cinese/




Report: Apple is testing foldable iPhones, having the same problems as everyone else

Report: Apple is testing foldable iPhones, having the same problems as everyone else
Samuel Axon

Apple is purportedly working on a foldable iPhone internally, according to “a person with direct knowledge of the situation” speaking to The Information. They’re said to be clamshell-style devices that fold like Samsung’s Galaxy Z Flip series rather than phones that become tablets like the Galaxy Z Fold or Google’s Pixel Fold.

The phones are also said to be “in early development” or “could be canceled.” If they do make it to market, it likely wouldn’t be until after 2025.

The report has a long list of design challenges that Apple has faced in developing foldable phones: they’re too thick when folded up; they’re easily broken; they would cost more than non-foldable versions; the seam in the middle of the display tends to be both visible and feel-able; and the hinge on an iPad-sized device would prevent the device from sitting flat on a table (though this concern hasn’t stopped Apple from introducing substantial camera bumps on many of its tablets and all of its phones).

If many of those challenges sound familiar, it’s because it’s a detailed list of virtually every bad thing you could say about current foldable Android phones, even after multiple hardware generations. Our first Pixel Fold didn’t even survive the pre-release review period, and those well-earned durability concerns plus the relatively high cost have limited foldable phones to roughly 1.6 percent of all smartphone sales, according to recent analyst estimates.

It makes sense that Apple would be testing some big swings as it thinks about the next era of iPhone design; our iPhone 15 review called them the iPhone’s “final form,” insofar as it feels like there’s not much room to continue to improve on the iPhone X-style full-screen design that Apple has been iterating on since 2017. It sounds like foldable phones will only be in Apple’s future if the company can manage to overcome the same issues that have tripped up other foldables—though to be fair, the company does have a pretty good decadeslong track record on that front.

https://arstechnica.com/?p=2001782




Clicks is a $139 iPhone case for people who hate touchscreen typing

Clicks keyboard
There’s an app for the keyboard promising new features, but it’s not mandatory for the keyboard to work.
Clicks Technology

I used to be a speed demon on phone keyboards. Similar to when I use a mechanical keyboard, I could type with so much ease that during their early days of text messaging, people in my household would ask me to write out their longer messages. Those days of carefree cell phone typing hit a rut when I got my first iPhone.

Now, I can’t start without first looking at my touchscreen keyboard. And I almost always make at least one typo when writing long texts, emails, or documents. That’s why I’m intrigued by the latest attempt to bring old-school physical keyboards to iPhones.

A snap-on keyboard for the iPhone

On Thursday, Clicks Technology unveiled Clicks, a keyboard available for the iPhone 14 Pro, iPhone 15 Pro, and iPhone 15 Pro Max that snaps to the phone like a case. But instead of adding protection, it adds a physical keyboard. Each key boasts 0.22 mm of travel, Jeff Gadway, SVP of product marketing at Clicks, told Ars via email. That seems like miles compared to the flat nature of touchscreens.

Clicks Technology has hinted at plans for releasing Clicks in additional colors beyond what's seen here.
Clicks Technology has hinted at plans for releasing Clicks in additional colors beyond what’s seen here.
Clicks Technology

The keyboard connects via the iPhone’s Lightning or USB-C port (whichever the iPhone has). It uses iOS’s support for external keyboards, leveraging the human interface devices (HID) protocol. According to Clicks’ FAQ page, the company decided to forego Bluetooth to avoid pairing complications and latency. Users are supposed to still be able to charge their phones, including with wireless chargers, with Clicks connected.

But if you’re hoping to pair a traditional-style phone keyboard with traditional wired headphones, you’re out of luck. The company’s website says Clicks Technology is “working on a solution” to allow the keyboard and wired headphones to work simultaneously, but you have to pick one or the other for now. Clicks also isn’t considered compatible with MagSafe accessories, though the makers hope to change that eventually.

One look at Clicks’ layout, and I already see appeal in there being a Tab key, which the standard integrated iPhone keyboard lacks. Further, the keyboard is also supposed to make it easier to leverage keyboard shortcuts using its Command (CMD) key. Clicks’ makers highlight shortcuts like launching search (CMD + Space), getting to the home screen (CMD + H), and scrolling through web pages with the space key. Clicks claims to support keyboard shortcuts across “many” third-party apps, according to Thursday’s announcement.

Should the keyboard prove to work well and feel good, it could be a clever way to add more screen real estate for some iPhones since users won’t have a touchscreen keyboard hogging screen space at times. However, I’m curious to see how hard it is to hold and navigate a Clicks-equipped iPhone, including going from the physical keyboard to touchscreen as needed, for longer periods.

But Clicks also impacts iPhone battery life, even though the startup claims the effect is minimal.

“When the backlight is turned off, even on a heavy use day, battery usage will typically be less than ~2 percent. If the backlight is on, usage may increase up to another ~2 percent,” Clicks’ FAQ page, which we’ll have to take with a grain of salt, reads. The keyboard’s backlight turns off automatically after 5 seconds of the keyboard not being used and can be disabled. The keyboard also has an off switch.

When asked for further information, Gadway said the keyboard uses about 4.4 mAh when on but not in use.

“The background Wh consumption when the backlight is off is approximately 0.01628 Wh. It’s important to note that Wh is dependent on the voltage the battery uses, therefore we take the average of 3.7V,” he added.

Some might also be disappointed to notice that Clicks lacks a key for emojis, which have become so prominent in today’s culture that some mechanical keyboards and mice have started including integrated emoji buttons. Clicks says the keyboard doesn’t have an emoji button because iOS external keyboards do not currently support the feature. But there are still ways for Clicks users to bring up the emoji menu, including by pressing multiple keys that the keyboard does have. 

https://arstechnica.com/?p=1993862




Apple wants AI to run directly on its hardware instead of in the cloud

The iPhone 15 Pro.
Enlarge / The iPhone 15 Pro.

Apple’s latest research about running large language models on smartphones offers the clearest signal yet that the iPhone maker plans to catch up with its Silicon Valley rivals in generative artificial intelligence.

The paper, entitled “LLM in a Flash,” offers a “solution to a current computational bottleneck,” its researchers write.

Its approach “paves the way for effective inference of LLMs on devices with limited memory,” they said. Inference refers to how large language models, the large data repositories that power apps like ChatGPT, respond to users’ queries. Chatbots and LLMs normally run in vast data centers with much greater computing power than an iPhone.

The paper was published on December 12 but caught wider attention after Hugging Face, a popular site for AI researchers to showcase their work, highlighted it late on Wednesday. It is the second Apple paper on generative AI this month and follows earlier moves to enable image-generating models such as Stable Diffusion to run on its custom chips.

Device manufacturers and chipmakers are hoping that new AI features will help revive the smartphone market, which has had its worst year in a decade, with shipments falling an estimated 5 percent, according to Counterpoint Research.

Despite launching one of the first virtual assistants, Siri, back in 2011, Apple has been largely left out of the wave of excitement about generative AI that has swept through Silicon Valley in the year since OpenAI launched its breakthrough chatbot ChatGPT. Apple has been viewed by many in the AI community as lagging behind its Big Tech rivals, despite hiring Google’s top AI executive, John Giannandrea, in 2018.

While Microsoft and Google have largely focused on delivering chatbots and other generative AI services over the Internet from their vast cloud computing platforms, Apple’s research suggests that it will instead focus on AI that can run directly on an iPhone.

Apple’s rivals, such as Samsung, are gearing up to launch a new kind of “AI smartphone” next year. Counterpoint estimated more than 100 million AI-focused smartphones would be shipped in 2024, with 40 percent of new devices offering such capabilities by 2027.

The head of the world’s largest mobile chipmaker, Qualcomm chief executive Cristiano Amon, forecast that bringing AI to smartphones would create a whole new experience for consumers and reverse declining mobile sales.

“You’re going to see devices launch in early 2024 with a number of generative AI use cases,” he told the Financial Times in a recent interview. “As those things get scaled up, they start to make a meaningful change in the user experience and enable new innovation which has the potential to create a new upgrade cycle in smartphones.”

More sophisticated virtual assistants will be able to anticipate users’ actions such as texting or scheduling a meeting, he said, while devices will also be capable of new kinds of photo editing techniques.

Google this month unveiled a version of its new Gemini LLM that will run “natively” on its Pixel smartphones.

Running the kind of large AI model that powers ChatGPT or Google’s Bard on a personal device brings formidable technical challenges, because smartphones lack the huge computing resources and energy available in a data center. Solving this problem could mean that AI assistants respond more quickly than they do from the cloud and even work offline.

Ensuring that queries are answered on an individual’s own device without sending data to the cloud is also likely to bring privacy benefits, a key differentiator for Apple in recent years.

“Our experiment is designed to optimize inference efficiency on personal devices,” its researchers said. Apple tested its approach on models including Falcon 7B, a smaller version of an open source LLM originally developed by the Technology Innovation Institute in Abu Dhabi.

Optimizing LLMs to run on battery-powered devices has been a growing focus for AI researchers. Academic papers are not a direct indicator of how Apple intends to add new features to its products, but they offer a rare glimpse into its secretive research labs and the company’s latest technical breakthroughs.

“Our work not only provides a solution to a current computational bottleneck but also sets a precedent for future research,” wrote Apple’s researchers in the conclusion to their paper. “We believe as LLMs continue to grow in size and complexity, approaches like this work will be essential for harnessing their full potential in a wide range of devices and applications.”

Apple did not immediately respond to a request for comment.

https://arstechnica.com/?p=1992550




Apple exec departure leads to major iPhone, Apple Watch reshuffle

The iPhone 15 Pro.
Enlarge / The iPhone 15 Pro.
Samuel Axon

According to a report in Bloomberg, Tang Tan, vice president of Product Design, is leaving Apple, and his departure heralds a shuffle of executives heading up some of the company’s most important products.

Sometimes, you might wonder just how much a specific executive influences the grand scheme of things, but the report claims that people within Apple see Tan’s departure as “a blow,” clarifying that he “made critical decisions about Apple’s most important products.” His team reportedly had “tight control” over the look and functionality of those products.

Tan oversaw major aspects of iPhone and Apple Watch design, and he was the executive overseeing accessories and AirPods, as well. He reported to John Ternus, Apple’s senior vice president of Hardware Engineering, who is likely a more widely known name.

Richard Dinh, “Tan’s top lieutenant and head of iPhone product design,” will report directly to Ternus and take on some of Tan’s duties, while Kate Bergeron, previously involved in Mac hardware engineering, will take on the Apple Watch.

Apple has seen several executive departures from its product design and engineering groups recently, so many aspects of upcoming iPhones and other products will be designed with new eyes and perhaps new sensibilities, though what that might lead to remains to be seen.

Apple recently shifted the iPhone from the company’s proprietary Lightning port to a more standard USB-C, and it changed the materials for its Pro line of phones. Despite tweaks like that, the iPhone’s design and functionality has not changed significantly in the past five or so years.

The iPhone 16 line in 2024 is expected to shake things up a little more, at least regarding the phone’s look and feel. Rumors have suggested that the new phones may have larger screens (and bigger chassis overall) and perhaps haptic buttons instead of the current physical buttons. Other changes could be in store, and Apple’s plans are likely not yet finalized.

https://arstechnica.com/?p=1989815




This 5-Piece, Apple-Compatible Accessory Bundle Will Save You $90

You won’t want to miss out on these accessories for your iPhone 15 Pro. https://www.entrepreneur.com/science-technology/this-5-piece-apple-compatible-accessory-bundle-will-save/464814




iPhones have been exposing your unique MAC despite Apple’s promises otherwise

Private Wi-Fi address setting on an iPhone.
Enlarge / Private Wi-Fi address setting on an iPhone.

Three years ago, Apple introduced a privacy-enhancing feature that hid the Wi-Fi address of iPhones and iPads when they joined a network. On Wednesday, the world learned that the feature has never worked as advertised. Despite promises that this never-changing address would be hidden and replaced with a private one that was unique to each SSID, Apple devices have continued to display the real one, which in turn got broadcast to every other connected device on the network.

The problem is that a Wi-Fi media access control address—typically called a media access control address or simply a MAC—can be used to track individuals from network to network, in much the way a license plate number can be used to track a vehicle as it moves around a city. Case in point: In 2013, a researcher unveiled a proof-of-concept device that logged the MAC of all devices it came into contact with. The idea was to distribute lots of them throughout a neighborhood or city and build a profile of iPhone users, including the social media sites they visited and the many locations they visited each day.

In the decade since, HTTPS-encrypted communications have become standard, so the ability of people on the same network to monitor other people’s traffic is generally not feasible. Still, a permanent MAC provides plenty of trackability, even now.

As I wrote at the time:

Enter CreepyDOL, a low-cost, distributed network of Wi-Fi sensors that stalks people as they move about neighborhoods or even entire cities. At 4.5 inches by 3.5 inches by 1.25 inches, each node is small enough to be slipped into a wall socket at the nearby gym, cafe, or break room. And with the ability for each one to share the Internet traffic it collects with every other node, the system can assemble a detailed dossier of personal data, including the schedules, e-mail addresses, personal photos, and current or past whereabouts of the person or people it monitors.

In 2020, Apple released iOS 14 with a feature that, by default, hid Wi-Fi MACs when devices connected to a network. Instead, the device displayed what Apple called a “private Wi-Fi address” that was different for each SSID. Over time, Apple has enhanced the feature, for instance, by allowing users to assign a new private Wi-Fi address for a given SSID.

On Wednesday, Apple released iOS 17.1. Among the various fixes was a patch for a vulnerability, tracked as CVE-2023-42846, which prevented the privacy feature from working. Tommy Mysk, one of the two security researchers Apple credited with discovering and reporting the vulnerability (Talal Haj Bakry was the other), told Ars that he tested all recent iOS releases and found the flaw dates back to version 14, released in September 2020.

“From the get-go, this feature was useless because of this bug,” he said. “We couldn’t stop the devices from sending these discovery requests, even with a VPN. Even in the Lockdown Mode.”

When an iPhone or any other device joins a network, it triggers a multicast message that is sent to all other devices on the network. By necessity, this message must include a MAC. Beginning with iOS 14, this value was, by default, different for each SSID.

To the casual observer, the feature appeared to work as advertised. The “source” listed in the request was the private Wi-Fi address. Digging in a little further, however, it became clear that the real, permanent MAC was still broadcast to all other connected devices, just in a different field of the request.

Mysk published a short video showing a Mac using the Wireshark packet sniffer to monitor traffic on the local network the Mac is connected to. When an iPhone running iOS prior to version 17.1 joins, it shares its real Wi-Fi MAC on port 5353/UDP.

[embedded content]
Upgrade to iOS 17.1 to prevent your iPhone from being tracked across Wi-Fi networks.

In fairness to Apple, the feature wasn’t useless, because it did prevent passive sniffing by devices such as the above-referended CreepyDOL. But the failure to remove the real MAC from the port 5353/UDP still meant that anyone connected to a network could pull the unique identifier with no trouble.

The fallout for most iPhone and iPad users is likely to be minimal, if at all. But for people with strict privacy threat models, the failure of these devices to hide real MACs for three years could be a real problem, particularly given Apple’s express promise that using the feature “helps reduce tracking of your iPhone across different Wi-Fi networks.”

Apple hasn’t explained how a failure as basic as this one escaped notice for so long. The advisory the company issued Wednesday said only that the fix worked by “removing the vulnerable code.”

This post has been updated to add paragraphs 3 and 11 to provide additional context.

https://arstechnica.com/?p=1979099




Researchers Extract Sounds From Still Images on Smartphone Cameras

A group of academic researchers has devised a technique to extract sounds from still images captured using smartphone cameras with rolling shutter and movable lens structures.

The movement of camera hardware, such as the Complementary Metal-oxide–Semiconductor (CMOS) rolling shutters and the moving lenses used for Optical Image Stabilization (OIS) and Auto Focus (AF), create sounds that are modulated into images as imperceptible distortions.

These types of smartphone cameras, the researchers explain in a research paper (PDF), create a “point-of-view (POV) optical-acoustic side channel for acoustic eavesdropping” that requires no line of sight, nor the presence of an object within the camera’s field of view.

Focusing on the limitations of this side channel – which relies on a “suitable mechanical path from the sound source to the smartphone” to support sound propagation, the researchers extract and analyze the leaked acoustic information identifying with high accuracy different speakers, genders, and spoken digits.

The academics relied on machine learning to recover information from human speech broadcast by speakers, in the context of an attacker that has a malicious application running on the smartphone but does not have access to the device’s microphone.

However, the threat model assumes that the attacker can captures a video with the victim’s camera and that they can acquire speech samples of the target individuals beforehand, to use them as part of the learning process.

Using a dataset of 10,000 samples of signal-digit utterances, the researchers performed three classification tasks (gender, identity, and digit recognition) and trained their model for each task. They used Google Pixel, Samsung Galaxy, and Apple iPhone devices for the experiments.

Advertisement. Scroll to continue reading.

“Our evaluation with 10 smartphones on a spoken digit dataset reports 80.66%, 91.28%, and 99.67% accuracies on recognizing 10 spoken digits, 20 speakers, and 2 genders respectively,” the academics say.

Lower quality cameras, the researchers say, would limit the potential information leakage associated with this type of attack. Keeping smartphones away from speakers and adding vibration-isolation dampening materials between the phone and the transmitting surface should also help.

Smartphone makers can mitigate the attack through higher rolling shutter frequencies, random-code rolling shutters, tougher lens suspension springs, and lens locking mechanisms.

“We believe the high classification accuracies obtained in our evaluation and the related work using motion sensors suggest this optical-acoustic side channel can support more diverse malicious applications by incorporating speech reconstruction functionality in the signal processing pipeline,” the researchers added.

Related: Researchers Demo Electromagnetic Fault Injection Attacks on Drones

Related: Open Source Tool For Hunting Node.js Security Flaws

Related: New Speculative Execution Attack Against Apple M1 Chips

https://www.securityweek.com/researchers-extract-sounds-from-still-images-on-smartphone-cameras/




3 iOS 0-days, a cellular network compromise, and HTTP used to infect an iPhone

3 iOS 0-days, a cellular network compromise, and HTTP used to infect an iPhone
Getty Images

Apple has patched a potent chain of iOS zero-days that were used to infect the iPhone of an Egyptian presidential candidate with sophisticated spyware developed by a commercial exploit seller, Google and researchers from Citizen Lab said Friday.

The previously unknown vulnerabilities, which Apple patched on Thursday, were exploited in clickless attacks, meaning they didn’t require a target to take any steps other than to visit a website that used the HTTP protocol rather than the safer HTTPS alternative. A packet inspection device sitting on a cellular network in Egypt kept an eye out for connections from the phone of the targeted candidate and, when spotted, redirected it to a site that delivered the exploit chain, according to Citizen Lab, a research group at the University of Toronto’s Munk School.

A cast of villains, 3 0-days, and a compromised cell network

Citizen Lab said the attack was made possible by participation from the Egyptian government, spyware known as Predator sold by a company known as Cytrox, and hardware sold by Egypt-based Sandvine. The campaign targeted Ahmed Eltantawy, a former member of the Egyptian Parliament who announced he was running for president in March. Citizen Lab said the recent attacks were at least the third time Eltantawy’s iPhone has been attacked. One of them, in 2021, was successful and also installed Predator.

“The use of mercenary spyware to target a senior member of a country’s democratic opposition after they had announced their intention to run for president is a clear interference in free and fair elections and violates the rights to freedom of expression, assembly, and privacy,” Citizen Lab researchers Bill Marczak, John Scott-Railton, Daniel Roethlisberger, Bahr Abdul Razzak, Siena Anstis, and Ron Deibert wrote in a 4,200-word report. “It also directly contradicts how mercenary spyware firms publicly justify their sales.”

The vulnerabilities, which are patched in iOS versions 16.7 and iOS 17.0.1, are tracked as:

  • CVE-2023-41993: Initial remote code execution in Safari
  • CVE-2023-41991: PAC bypass
  • CVE-2023-41992: Local privilege escalation in the XNU Kernel

According to research published Friday by members of Google’s Threat Analysis Group, the attackers who exploited the iOS vulnerabilities also had a separate exploit for installing the same Predator spyware on Android devices. Google patched the flaws on September 5 after receiving a report by a research group calling itself DarkNavy.

“TAG observed these exploits delivered in two different ways: the MITM injection and via one-time links sent directly to the target,” Maddie Stone, a researcher with the Google Threat Analysis Group wrote. “We were only able to obtain the initial renderer remote code execution vulnerability for Chrome, which was exploiting CVE-2023-4762.”

The attack was complex. Besides leveraging three separate iOS vulnerabilities, it also relied on hardware made by a manufacturer known as Sandvine. Sold under the brand umbrella PacketLogic, the hardware sat on the cellular network the targeted iPhone accessed and monitored traffic passing over it for his phone. Despite the precision, Citizen Lab said that the attack is blocked when users turn on a feature known as Lockdown, which Apple added to iOS last year. More about that later.

There’s little information about the iOS exploit chain other than it automatically triggered when a target visited a site hosting the malicious code. Once there, the exploits installed Predator with no further user action required.

To surreptitiously direct the iPhone to the attack site, it only needed to visit any HTTP site. Over the past five years or so, HTTPS has become the dominant means of connecting to websites because the encryption it uses prevents adversary-in-the-middle attackers from monitoring or manipulating data sent between the site and the visitor. HTTP sites still exist, and sometimes HTTPS connections can be downgraded to unencrypted HTTP ones.

Once Eltantawy visited an HTTP site, the PacketLogic device injected data into the traffic that surreptitiously connected the Apple device to a site that triggered the exploit chain.

Network diagram showing the Spyware Injection Middlebox located on a link between Telecom Egypt and Vodafone Egypt.
Enlarge / Network diagram showing the Spyware Injection Middlebox located on a link between Telecom Egypt and Vodafone Egypt.

Predator, the payload installed in the attack, is sold to a wide array of governments, including those of Armenia, Egypt, Greece, Indonesia, Madagascar, Oman, Saudi Arabia, and Serbia. Citizen Lab has said that Predator was used to target Ayman Nour, a member of the Egyptian political opposition living in exile in Turkey, and an Egyptian exiled journalist who hosts a popular news program and wishes to remain anonymous. Last year researchers from Cisco’s Talo security team exposed the inner workings of the malware after obtaining a binary of it. https://arstechnica.com/?p=1970625