Epic is skipping Google’s Android app store (the advertising publisher calls it Google Play as if that meant anything) for their upcoming Android version of the free-to-play Fortnite (which is already on iOS and almost every gaming and computing platform.) There’s a beta signup here and the compatibility situation on Android is already a nightmare, check out the list of supported devices. It is extremely specific and the few Android devices I have aren’t supported.
There’s typically a 30/70 split, and from the 70 percent, the developer pays all the costs of developing the game, operating it, marketing it, acquiring users and everything else. For most developers that eats up the majority of their revenue. We’re trying to make our software available to users in as economically efficient a way as possible. That means distributing the software directly to them, taking payment through Mastercard, Visa, Paypal, and other options, and not having a store take 30 percent.
I’m not sure how well this is going to work out for people playing Fortnite. Google’s app store security is awful and routinely distributes software that compromises user privacy and security already, but at least they can moderate that. To get started with Fortnite on Android users are going to have to disable built-in security functionality that disallows third-party apps. Sideloading applications is useful and should be possible on any computer we use, but there are going to be negative consequences for users who don’t fully understand the risks involved.
Parents and tech savvy folks helping their friends and family are going to be busy when they realize their devices are compromised by installing a phony version of Fortnite, or a version that works but steals their credit card data. Try searching your favorite web search engine for the premium currency in the game, “Fortnite Free V-Bucks”, those scammers are oiled up and ready for anyone who falls into their trap.
Since Fortnite’s meteoric rise, there have been multiple YouTube videos running as ads that pitch Fortnite players easy ways to get free V-Bucks. (V-Bucks are Fortnite’s premium in-game currency, which lets them purchase limited-edition skins, gear and weapons.) Search “free V-Bucks” in YouTube’s search bar, and more than 4.3 million results will populate.
You can call it PUBG, you can call it plunkbat, but the mobile version of PlayerUnknown’s Battlegrounds is out on iOS and Android. Now we know what you’re paying for when you buy the $30 Windows version on Steam, pants, and a shirt and shoes. This free-to-play-as-heck mobile PUBG doesn’t include any of those to start, you’re going to have to find them in the game or in the exploitative loot boxes you get for playing it. At least if you don’t want to be an exhibitionist non-conformer, which if you do, go right ahead.
I’ve played one match and it was perfectly cromulent PUBGeeing, players are still getting used to the controls so I managed to get four small victories before losing in 16th place.
It’s out for free now on Android and iOS, it doesn’t cross-play with the Windows version at all.
Many people realize that smartphones track their locations. But what if you actively turn off location services, haven’t used any apps, and haven’t even inserted a carrier SIM card?
Even if you take all of those precautions, phones running Android software gather data about your location and send it back to Google when they’re connected to the internet, a Quartz investigation has revealed.
Since the beginning of 2017, Android phones have been collecting the addresses of nearby cellular towers—even when location services are disabled—and sending that data back to Google. The result is that Google, the unit of Alphabet behind Android, has access to data about individuals’ locations and their movements that go far beyond a reasonable consumer expectation of privacy.
Quartz observed the data collection occur and contacted Google, which confirmed the practice.
Google claimed they weren’t doing anything with the data received from Android devices, and says they’ll stop doing it (at the end of the month) now that they’ve been caught by Quartz.
I’m not sure why anyone should trust Google’s word about what they were doing with this information when they explicitly use location information to target ads and were pulling this shit with no way for a user to disable it.
You can bet that companies like Google (photos), Facebook and their subsidiaries such as Instagram, and Twitter, also scrape location information whenever you upload photos to their services by reading the EXIF data attached to every photo. You can download apps like Metapho on iOS to remove the EXIF information from your photos before you share them.
Yesterday, Gizmodo reported that Uber had been granted an entitlement for their iOS app that allowed them to capture an image of an iPhone’s screen at any time, even when the Uber app was not the active app on the phone. This is a big deal, because users don’t typically expect than an iPhone app that is not active might have the ability to eavesdrop on anything they are doing.
I have long felt that the sandboxing infrastructure on both iOS and Mac should be used to more accurately convey to users specifically what the apps they install are capable of doing. Currently the sandboxing system is used primarily to identify to Apple what a specific app’s privileges are. The requested entitlements are used to inform Apple’s decision to approve or reject an app, but the specific list of entitlements is not easily available to users, whose security is actually on the line.
This is absolutely fucking ridiculous. Fuck Uber. Apple should be ashamed for working with them at any level. Allowing an app to covertly record your screen without any prompting is exactly the kind of thing that Apple’s iOS app review process should prevent.
Uber claims they didn’t do anything wrong with this ability, the security researchers told Gizmodo that they didn’t detect anything going on with this code.
There are companies that are less trustworthy than Uber, but few have the opportunity to be as evil on such a large scale. Enabling them to do anything more than operate at a basic level on your platform is a mistake. At this point Apple should block them entirely and attempt to help the Taxi industry to reform and compete with Uber. Not that Apple would ever would, but still that would be the best thing to come out of this. The next best thing would be the improvements to the entitlement system that Jalkut suggests.
I wouldn’t even bother to wonder what Uber are doing on Android, where security is a fucking joke and carriers are still selling devices running ancient versions of that operating system that are affected by dozens of security vulnerabilities. This is especially true for pay-as-you-go phones sold cheaply at places like Walmart, Target, and so on. Those carriers and stores are endangering their customers by continuing to sell these devices.