Mobile Digest: Samsung security breach could impact 600 million users

Apple unveils a new Apple Watch operating system and music streaming platform at its Worldwide Developers Conference, as researchers highlight a gaping security flaw in Samsung smartphone keyboards. Andrew Tolve reports.

In this week’s Digest: Samsung, NowSecure, Blackhat Security Summit, AT&T, Federal Communications Commission, Worldwide Developers Conference, Apple, Google, Apple Watch, Apple Music, Apple CarPlay, GM, Chevrolet, Cadillac, PSA, Android Auto, Facebook, HP, Rebecca Minkoff, Nest and Dropcam.

In the news

Six hundred million Samsung phone owners awoke to the news that the keyboards in their smartphones made them vulnerable to a cyber attack. It’s a sad state of affairs when such scares have become commonplace, even if they largely originate with benign researchers, as was the case here. Ryan Welton of mobile security firm NowSecure announced the security flaw at the Blackhat Security Summit in London. Samsung’s pre-installed SwiftKey keyboards continuously request language pack updates over HTTP. Welton’s team was able to intercept the requests and send malicious security updates in return. The security flaw impacts many Samsung Android devices, from the Galaxy S6 on down to the S3 to the Galaxy Note 4 and 3. Samsung says it is aware and is working on a fix. How reassuring.

In the money

A bad week for AT&T. First, the company paid up a $25 million fine to the Federal Communications Commission for data breaches at call centers in the Philippines, Colombia, and Mexico, where workers sold personal information of nearly 300,000 US customers to third parties. Then, the FCC slapped AT&T with a $100 million fine for misleading customers about unlimited data plans. The FCC claims, as have thousands of customers since 2011, that AT&T dupes customers with data plans advertised as unlimited when in fact they throttle back data speeds once customers reach a certain quota. That in turn impacts app functionality and internet access. AT&T says that it informs its customers about the so-called Maximum Bit Rate policy.

In other news

At its annual Worldwide Developers Conference, Apple released its new mobile operating system, iOS 9, which is set to compete with Google’s new mobile operating system, Android M. As an answer to Android M’s new Now on Tap feature that can anticipate user needs, iOS 9 has a beefed up Siri and search function that learn from user habits and proactively offer advice about places to eat, directions, and upcoming calendar events.

Three other interesting items from WWDC:

First, an updated Apple Watch operating system. The biggest change is that watchOS 2 tries to untether the smartwatch from smartphones by allowing more native apps to run without needing iPhone pairing. watchOS 2 also includes a new Time Travel feature to reveal upcoming calendar events on the watch face.

Second, a new music streaming service called Apple Music. Think of it as a mashup of all 30 million tracks in the iTunes library with your personal music collection, all available for streaming across all your digital devices all the time. Plans vary between $9.99/month for solo users and $14.99 for family plans.

Third, an improved Apple CarPlay. Apple says that its automotive smartphone pairing platform will now accommodate carmaker apps, eliminating the need for drivers to switch back and forth between CarPlay and native dashboard apps. Carmaker apps will range from climate control to radio tunes.

Sticking with connected car news, GM said that it would integrate Apple CarPlay across many of its car brands in 2016, starting with Chevrolet and Cadillac. Carmaker PSA meanwhile plans to integrate Android Auto into its 2016 lineup, with Apple CarPlay compatibility likely to follow.

On the location-based services front, Facebook announced that it will start allowing businesses to reach out to customers in or near their stores via a new feature called Place Tips. Those businesses that sign up for free bluetooth beacons will be able to display banners at the top of a user’s news feed — so long as the user has the Place Tips app enabled. The banners can display everything from menus at a brick oven pizza joint to store hours at a department store.

HP is catering to mobile enterprise users with a new tablet computer, the Pro Tablet 608. The device was built with every facet of modern business in mind, from an aspect ratio that optimises business apps to front-facing speakers and noise canceling software for optimal web conferencing to — breathe a sigh of relief IT folks — easily customised and implemented security and management tools. Pricing starts at $479. The device debuts in July.

Back to wearables, the number of players and individual offerings in the wearables space continues to grow. The latest additions come from AT&T, headlined by a designer Rebecca Minkoff bracelet that vibrates whenever a user gets a text or call from an important contact. Seems a bit redundant with the vibrations one tends to feel through a purse or a pocket, but we’ll see how it sells. AT&T also unveiled a new fitness tracker (the Healbe GoBe automatic body manager), heart rate tracker (Mio Fuse wristband), and luxury smartwatch (Withings Activité analog smartwatch).

Finally, Google continued its push into the smarthome space with updated products from Nest. Top of the list is a new connected camera called Nest Cam — if you own a Dropcam, this is the new generation with a magnetised stand for easier mounting, infrared camera for better nighttime vision and high-definition video. Google also unveiled the Nest smoke detector, which has a speaker to audibly alert people in the room to a fire before belting out the alarm. It also connects with a smartphone to ping owners.

The Mobile Digest is a biweekly lowdown on the world of mobile, combining Open Mobile Media analysis with information from industry press releases.

Andrew Tolve is a regular contributor to Open Mobile Media.