The UpStream

Samsung is About to Disable Remaining Note7 Devices

posted Sunday Dec 11, 2016 by Scott Ertz

Samsung is About to Disable Remaining Note7 Devices

It's hard to believe that after more than 3 months and all the negative publicity over Galaxy Note7 handsets catching fire or exploding that there are any devices out in the wild, but there are. Samsung in also surprised, being as the company has had a recall program in place, and a software update that prevented the devices from charging fully. But that is about to come to an end.

In an update, which will begin to roll out on December 19, Samsung will prevent the remaining Note7 handsets from charging at all. That means that, if you still own one and are still using it after the update, once the phone's battery dies, you're done. No charging and, most importantly, no getting remaining data off of the phone without being tethered to a power source. The game will have ended for the Note7 as a phone.

Most of the industry believes this to be a smart and appropriate move from the phone maker. The devices pose a potential risk to users' health and safety and Samsung is trying to ensure that a mistake on their end does not ultimately cause harm to their customers. There is one major holdout, though, and it is Verizon. The company believes that the update actually causes risk to customers. In a statement, the carrier said,

Today, Samsung announced an update to the Galaxy Note 7 that would stop the smartphone from charging, rendering it useless unless attached to a power charger. Verizon will not be taking part in this update because of the added risk this could pose to Galaxy Note 7 users that do not have another device to switch to. We will not push a software upgrade that will eliminate the ability for the Note 7 to work as a mobile device in the heart of the holiday travel season. We do not want to make it impossible to contact family, first responders or medical professionals in an emergency situation.

If that sounds reasonable to you, let me remind you that the recall has been going on for months, and Verizon had an in-store trade-in program, where an owner could walk out with a new device in their possession. The people who are still holding on to these potentially dangerous devices made the decision that responding to the recall in a timely manner was not important to their own cellular usage, because if the phone self-destructs, they will still be without a phone.

For Samsung, the important distinction here is that the responsibility for customer safety has officially shifted from them to Verizon. If something goes wrong with one of the handsets that Verizon did not require users to return, it will be their fault and not Samsung's, who has created steps to prevent the devices from going bad.

Whether you are on Verizon or another carrier and you still have a Note7, GET RID OF IT. There is absolutely no reason to still have one in your possession at this point. Give it back, take the credit, move on with your day.

Windows Coming Back to ARM, Now With x86 App Support

posted Sunday Dec 11, 2016 by Scott Ertz

Windows Coming Back to ARM, Now With x86 App Support

When Microsoft introduced Windows 8, it came with another operating system: Windows RT. The poorly named offshoot of the prime Windows product was designed to run on ARM processors with the intention of creating a market for less expensive Windows tablets. Windows RT had one limitation that was outside of the control of Microsoft, and that was adaptation of Windows Store apps. Windows RT could not run traditional desktop apps, but was limited to the new style of distribution.

While many large software platforms got onboard, others skipped Windows Store entirely, like Instagram and Snapchat. This made it not a great platform for consumption, which is one of two main usages for tablets. The other is enterprise usage, which often relies on antiquated desktop apps, which were also incapable of existing on the platform.

It was no surprise, then, when Microsoft discontinued Windows RT at the introduction of Windows 10. This left Windows RT owners feeling unloved and ARM left in the dark. It also created the question as to how Microsoft would treat ARM in the future. Windows 10 mobile supports the processors, but is once again limited to apps coming from the Windows Store (for both Windows Phone and Windows 10). This has limited the appeal of Windows 10 mobile's Continuum as a business platform.

That is until now. Microsoft and Qualcomm have announced a partnership which has brought an x86 processor emulator to ARM processors. The emulator allows Windows to translate Intel-style software into ARM-style software as it runs. This means that software intended for x86 processors (built for Win32, or 32-bit processors) will soon be able to run on ARM-powered Windows devices.

This new capability will theoretically allow traditional Windows desktop apps to run in two new spaces: Windows 10 mobile devices, like small tablets and phone, particularly while in Continuum mode. It will also allow Windows laptops to compete on spec and price with Chrome and Android powered computers, while allowing people to continue using the software they already know and own.

Windows 10 for ARM is an important and exciting development for the Windows landscape, and could certainly pose a problem for Google's ambitions, but create a lot of new opportunity for hardware partners. Check after the break to see a video of Windows 10 on ARM in action.

Despite Initial Dismissal, Offline Viewing Comes to Netflix

posted Saturday Dec 3, 2016 by Scott Ertz

Despite Initial Dismissal, Offline Viewing Comes to Netflix

The topic of offline viewing has been a complex one for Netflix. For several years, it has been a feature that users have been asking for. Music streaming services, such as Groove Music, have offered the ability to download music to your device to listen offline. This allows you to listen on an airplane or other places where reception is questionable. Users have questioned why they cannot do the same for their favorite movies and television shows.

In 2015, Amazon Instant Video implemented the ability to download video for offline viewing. This brought the topic back into the foreground, as Netflix has always had a larger catalog, and is where users want to be. The company continued to insist that it was not a feature that enough of their users wanted, and was more complicated to bring to reality than was worth the expense.

In June of this year, a report suggested that Netflix was finally giving in and bringing offline to the platform. It was suggested that the feature would be released before the end of 2016 - and then there was nothing. No real word from Netflix, no follow-up from the sources, just silence. That is until this week.

It is official - Netflix has brought offline viewing to their platform - kind of. The feature is only available on some of their mobile apps - namely iOS and Android. If you have a Windows Phone or tablet, you are out of luck, despite the fact that Windows devices usually get preferential treatment from Netflix. You also won't be able to use the feature on any laptop or desktop platform, including Windows, macOS and Linux, though we have not tested whether the Android app allows for it on Chrome OS.

In addition, not everything is available to download. Some of the most popular Netflix Originals, like Stranger Things and House of Cards are eligible for offline viewing, while others, like Daredevil are not. Netflix licensed content is also spotty, though the company promises that more content will be coming in the future. Just like with Hulu's ad-free option, contracts have to be signed to allow for the feature.

To take advantage of the new feature, make sure you have the most recent version of the Netflix app on a compatible device and look for the download arrow next to content.

Twitter Purchases a Startup and a New VP of Product

posted Saturday Dec 3, 2016 by Scott Ertz

Twitter Purchases a Startup and a New VP of Product

2016 has certainly not been the Year of Twitter. Product shutdowns and layoffs followed an attempted corporate sale, which ended with all parties walking away from the conversation. It looked like the year was going to end on that note, but then Chief Operating Officer Adam Bain left the company, and he was not the first.

Before Bain, VP of Product Kevin Weil left the company, the sixth person to walk away from that post since 2007. With that much turnover in the person who decides the direction of the product, it raises an interesting question about why the company is having trouble. Is Twitter flailing because they can't find someone who understands the idea of the product, or is the upper management so overbearing that the director is incapable of directing the product?

It is likely that we are going to find out soon, as Twitter announced this week that they have purchased their next VP of Product through the acquisition of a startup. The company, Yes Inc., produced apps that, like Twitter, enforce a random and unnecessary content limitation. That is not why Twitter purchased them, however, as the founder of Yes, Keith Coleman, will be Twitter's VP of Product effective Monday morning.

Coleman worked at Google before leaving to found Yes. Twitter is hoping to leverage that knowledge, and the success of a company in a similar space, to drive success in the position. This will mean that he and his employees will no longer be able to focus their energies on their previous product offerings, and within the next few weeks, Yes's products will shut down.

It will be interesting to see if, over time, Coleman is able to take his previous experiences and use them to bring some sort of focus to Twitter, possibly even forcing the company to decide who they are and what it is that their product does. On the other hand, Twitter may always become part of the Disney behemoth, so it may not matter.

ASA Investigation Into No Man's Sky Ends in Success for Developer

posted Saturday Dec 3, 2016 by Scott Ertz

ASA Investigation Into No Man's Sky Ends in Success for Developer

Hello Games' No Man's Sky appears to be a rollercoaster whose breaks have failed. When it was first announced, the game had the promise to be both a market success and a fan favorite. The visuals were stunning and the gameplay looked beyond fun. With so much promise, it seemed like there no way the company could screw it up.

As if taking that as a challenge instead of confidence in the company, Hello Games began a spiral down the drain just as the game came out. The game that was released did not resemble the game that was first shown off. The visuals were stunning, but stunningly bad. The gameplay appeared to be that of an unrelated game. Unfortunately, the photos and videos shown on the game's Steam page were from the original presentation and not from the final game.

This move attracted the attention of gamers and regulators alike. People who purchased the game and then played it, resulting in widespread disappointment, responded by complaining. These complaints could be found on the game's Steam listing, social media and, more importantly, in the inbox of the Advertising Standards Authority. The organization, which is responsible for investigating false advertising in the UK, decided to look into the complaints.

While it looked like the developer was going to be held accountable for their actions, this week the ASA ended the investigation, finding the company had not falsely advertised their game.

Hello Games said that, as each user's experience would be very different, it would be difficult to recreate the exact scenes from the ad. However, they believed it was fairly straightforward to locate content of the type shown in the ad and to demonstrate that such content was commonly experienced by all users who played NMS for an average period of time.

They stated that all material features from the ad that had been challenged by complainants appeared in the NMS universe in abundance. While each player experienced different parts of the NMS universe, there was a low probability that anyone playing the game as intended would fail to encounter all these features in some form within an average play-through.

So, because the game changes as a user plays, that justified the fact that the game looked like it was modeled off of a 6-year-old's drawings, and that the game turned out to be no fun at all. While the developer will obviously not be held accountable for this particular game, it does seem guaranteed that any future product of the company, and possibly any future product from any of the individual developers, who appear to be jumping ship, will have any commercial success. You can't violate the trust of gamers and expect future successes.

A Week of Android Vulnerabilities

posted Saturday Dec 3, 2016 by Scott Ertz

A Week of Android Vulnerabilities

While Google's mobile operating system, Android, may be popular, it has one glaring problem: security. More often than not in a week, we hear about some problem that leaves Android users vulnerable to attack. Sometimes it comes from downloading apps outside of the Google Play Store and sometimes it comes from within. This week, we have one of each.


Gooligan, named by the security firm Check Point, is malware that closely resembles another recent issue: HummingBad. Found in apps downloaded through 3rd party stores, this malware roots your device, giving the software direct access to all of your data. The important data that this software is looking for is your Google security token. This is a small piece of text that allows applications on your phone, including malicious apps, to connect to the Google Play Store and download new apps in your name. It also gives the software the ability to write reviews about those apps, also in your name.

While it may seem odd to write software to download other software. There's a lot of financial gain to be had. Some apps offer affiliate programs, paying the refer to encourage new downloads. If the apps that are downloaded through Gooligan participate in the affiliate program, then the creator can get paid for every device that they infect.

As of right now nearly 1,000,000 accounts have been breached using this process. If each device generated only a single dollar in revenue, that's a million dollars in revenue for very little work. The real potential for harm, however, comes in the future. The security token gives access to more than just your Google Play account. In fact, it gives the developer access to anything Google related. This means that they could theoretically read your email, get your credit card information and anything else you store in Google. If the affiliate programs can generate this kind of revenue, imagine what they could make on your contact list or search history. Your Google account is a veritable treasure trove of information.

It's difficult to recover an infected device but it's even more difficult to recover a compromised account. Luckily Google is prepared for such an eventuality having a dedicated page for fixing this type of problem. If you believe that your account has been compromised, change your password, remove the device from your authorized devices and enable Verified Boot on the device..


Another problem that persists on Android and other operating systems is insecure communication. This happens when the application developer sends important information over insecure channels. Normally, this kind of mistake results in the compromise of an account. In the case of the popular Android app AirDroid, it can result in the compromise of your device.

Here's what they're doing: After you log in securely the same information is then sent to a statistics server over insecure communication. This means that another device on the same network could get in-between your phone and the router and steal the information as it's being sent. Since the data is not encrypted, it means that anybody could read it and get your username and password. Under normal circumstances this would allow them to just log into your account, but because of the nature of AirDroid, it gives the hacker the ability to take over your device and install malicious code without your knowledge. Once that code is on there, it could act similarly to Gooligan.

The researchers that discovered this problem, Zimperium, have been in communication with the developers, Sand Studio, since May, but they have not acted upon the information until now. Sand Studio's Chief Marketing Officer Betty Chen claims that the problem should be solved within the next 2 weeks.

As more advanced methods of security are developed, these types of problems should become more rare. Unfortunately, in the past couple of years, these types of problems have become more common. The idea that anybody can code and the hiring of untrained and untested developers for high-level positions often leads to these types of mistakes. Not everybody is able to code and even fewer are capable of architecting a full solution. These types of violations of trust should bring attention to the problem, but somehow they continue to persist.

We're live now - Join us!



Forgot password? Recover here.
Not a member? Register now.
Blog Meets Brand Stats