Connect with us

Biz & IT

The top smartphone trends to watch in 2019



This was a bad year for the smartphone. For the first time, its seemingly unstoppable growth began to slow.

Things started off on a bad note in February, when Gartner recorded its first year-over-year decline since it began tracking the category. Not even the mighty Apple was immune from the trend. Last week, stocks took a hit as influential analyst Ming-Chi Kuo downgraded sales expectations for 2019.

People simply aren’t upgrading as fast as they used to. This is due in part to the fact that flagship phones are pretty good across the board. Manufacturers have painted themselves into a corner as they’ve battled it out over specs. There just aren’t as many compelling reasons to continually upgrade.

Of course, that’s not going to stop them from trying. Along with the standard upgrades to things like cameras, you can expect some radical rethinks of smartphone form factors, along with the first few pushes into 5G in the next calendar year.

If we’re lucky, there will be a few surprises along the way as well, but the following trends all look like no-brainers for 2019.


GUANGZHOU, CHINA – DECEMBER 06: Attendees look at 5G mobile phones at the Qualcomm stand during China Mobile Global Partner Conference 2018 at Poly World Trade Center Exhibition Hall on December 6, 2018 in Guangzhou, Guangdong Province of China. The three-day conference opened on Thursday, with the theme of 5G network. (Photo by VCG/VCG via Getty Images)

Let’s get this one out of the way, shall we? It’s a bit tricky — after all, plenty of publications are going to claim 2019 as “The Year of 5G,” but they’re all jumping the gun. It’s true that we’re going to see the first wave of 5G handsets appearing next year.

OnePlus and LG have committed to a handset and Samsung, being Samsung, has since committed to two. We’ve also seen promises of a Verizon 5G MiFi and whatever the hell this thing is from HTC and Sprint.

Others, most notably Apple, are absent from the list. The company is not expected to release a 5G handset until 2020. While that’s going to put it behind the curve, the truth of the matter is that 5G will arrive into this world as a marketing gimmick. When it does fully roll out, 5G has the potential to be a great, gaming-changing technology for smartphones and beyond. And while carriers have promised to begin rolling out the technology in the States early next year (AT&T even got a jump start), the fact of the matter is that your handset will likely spend a lot more time using 4G.

That is to say, until 5G becomes more ubiquitous, you’re going to be paying a hefty premium for a feature you barely use. Of course, that’s not going to stop hardware makers, component manufacturers and their carrier partners from rushing these devices to market as quickly as possible. Just be aware of your chosen carrier’s coverage map before shelling out that extra cash.


We’ve already seen two — well, one-and-a-half, really. And you can be sure we’ll see even more as smartphone manufacturers scramble to figure out the next big thing. After years of waiting, we’ve been pretty unimpressed with the foldable smartphone we’ve seen so far.

The Royole is fascinating, but its execution leaves something to be desired. Samsung’s prototype, meanwhile, is just that. The company made it the centerpiece of its recent developer conference, but didn’t really step out of the shadows with the product — almost certainly because they’re not ready to show off the full product.

Now that the long-promised technology is ready in consumer form, it’s a safe bet we’ll be seeing a number of companies exploring the form factor. That will no doubt be helped along by the fact that Google partnered with Samsung to create a version of Android tailored to the form factor — similar to its embrace of the top notch with Android Pie.

Of course, like 5G, these designs are going to come at a major premium. Once the initial novelty has worn off, the hardest task of all will be convincing consumers they need one in their life.


Bezels be damned. For better or worse, the notch has been a mainstay of flagship smartphones. Practically everyone (save for Samsung) has embraced the cutout in an attempt to go edge to edge. Even Google made it a part of Android (while giving the world a notch you can see from space with the Pixel 3 XL).

We’ve already seen (and will continue to see) a number of clever workarounds like Oppo’s pop-up. The pin hole/hole punch design found on the Huawei Nova 4 seems like a more reasonable route for a majority of camera manufacturers.

Embedded Fingerprint Readers

The flip side of the race to infinite displays is what to do with the fingerprint reader. Some moved it to the rear, while others, like Apple, did away with it in favor of face scanning. Of course, for those unable to register a full 3D face scan, that tech is pretty easy to spoof. For that reason, fingerprint scanners aren’t going away any time soon.

OnePlus’ 6T was among the first to bring the in-display fingerprint scanner to market, and it works like a charm. Here’s how the tech works (quoting from my own writeup from a few months ago):

When the screen is locked, a fingerprint icon pops up, showing you where to press. When the finger is in the right spot, the AMOLED display flashes a bright light to capture a scan of the surface from the reflected light. The company says it takes around a third of a second, though in my own testing, that number was closer to one second or sometimes longer as I negotiated my thumb into the right spot.

Samsung’s S10 is expected to bring that technology when it arrives around the February time frame, and I wouldn’t be surprised to see a lot of other manufacturers follow suit.

Cameras, cameras, cameras (also, cameras)

What’s the reasonable limit for rear-facing cameras? Two? Three? What about the five cameras on that leaked Nokia from a few months back? When does it stop being a phone back and start being a camera front? These are the sorts of existential crises we’ll have to grapple with as manufacturers continue to attempt differentiation through imagining.

Smartphone cameras are pretty good across the board these days, so one of the simple solutions has been simply adding more to the equation. LG’s latest offers a pretty reasonable example of how this will play out for many. The V40 ThinQ has two front and three rear-facing cameras. The three on the back are standard, super wide-angle and 2x optical zoom, offering a way to capture different types of images when a smartphone camera isn’t really capable of that kind of optical zoom in a thin form factor.

On the flip side, companies will also be investing a fair deal in software to help bring better shots to existing components. Apple and Google both demonstrated how a little AI and ML can go a long way toward improving image capture on their last handsets. Expect much of that to be focused on ultra-low light and zoom.

Source link

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Biz & IT

Verizon will use Amazon’s low Earth orbit satellites to extend 4G and 5G



Enlarge / A Verizon booth at Mobile World Congress Americas in Los Angeles in September 2018.

Verizon has made a deal to use Amazon’s low Earth orbit (LEO) satellites to add capacity to the Verizon cellular network and provide fixed-wireless Internet service in rural parts of the US. Verizon said it will use Amazon satellite connectivity for both consumers and large businesses.

There won’t be any immediate change to Verizon’s services because Amazon has said its Project Kuiper division won’t launch any satellites until at least 2023. The companies yesterday announced a “strategic collaboration” in which they “have begun to develop technical specifications and define preliminary commercial models for a range of connectivity services for US consumers and global enterprise customers operating in rural and remote locations around the world.”

Verizon already provides LTE home-Internet service in rural areas and 5G home-Internet service in urban areas. But availability is limited, and Verizon plans to use Amazon Kuiper to expand its fixed-wireless offerings.

“To begin, Amazon and Verizon will focus on expanding Verizon data networks using cellular backhaul solutions from Project Kuiper,” the Verizon announcement said. “The integration will leverage antenna development already in progress from the Project Kuiper team, and both engineering teams are now working together to define technical requirements to help extend fixed wireless coverage to rural and remote communities across the United States.” Using Kuiper for cellular backhaul will “extend Verizon’s 4G/LTE and 5G data networks” in those rural and remote communities, Verizon said.

Service a “few years away”

Verizon told CNET that Kuiper-powered service for customers is a “few years away” and that the deal is nonexclusive for both Verizon and Amazon. Verizon could thus partner with additional satellite companies, and Amazon could offer its satellite connectivity to other cellular carriers. Verizon also said it intends to use Amazon Kuiper “to make the entire map of the US red”—in other words, to fill in coverage gaps where Verizon’s wireless connectivity is weak or nonexistent.

While the Verizon/Amazon plans are vague now since they’re still in an early stage, the companies said they will “explore joint connectivity solutions for domestic and global enterprises across agriculture, energy, manufacturing, education, emergency response, transportation and other industries.”

Amazon plans to use Kuiper to “serve individual households, as well as schools, hospitals, businesses and other organizations operating in places where Internet access is limited or unavailable,” the announcement noted. Amazon has US approval to launch 3,236 low-Earth-orbit satellites and says it plans to invest more than $10 billion in the project. By contrast, SpaceX Starlink has been providing LEO satellite Internet service in beta for about a year, and SpaceX CEO Elon Musk said the service will come out of beta this month.

Continue Reading

Biz & IT

Securing your digital life, part two: The bigger picture—and special circumstances




In the first half of this guide to personal digital security, I covered the basics of assessing digital risks and protecting what you can control: your devices. But the physical devices you use represent only a fraction of your overall digital exposure.

According to a report by Aite Group, nearly half of US consumers experienced some form of identity theft over the last two years. Losses from these thefts are expected to reach $721.3 billion for 2021—and that’s only counting cases where criminals take over and abuse online accounts. Other valuable parts of your digital life may not carry specific monetary risks to you but could still have a tangible impact on your privacy, safety, and overall financial health.

Case in point: last September, my Twitter account was targeted for takeover by an unidentified attacker. Even though I had taken multiple measures to prevent the theft of my account (including two-factor authentication), the attacker made it impossible for me to log in (though they were locked out of the account as well). It took several weeks and some high-level communication with Twitter to restore my account. As someone whose livelihood is tied to getting the word out about things with a verified Twitter account, this went beyond inconvenience and was really screwing with my job.

The attacker found the email address associated with my Twitter account through a breach at a data aggregator—information probably gleaned from other applications that I had linked to my Twitter account at some point. No financial damage was done, but it made me take a long, hard look at how I protect online accounts.

Oh hey, it's this guy again. (Maybe this is the guy who tried to get into my Twitter account?)
Enlarge / Oh hey, it’s this guy again. (Maybe this is the guy who tried to get into my Twitter account?)

Aitor Diago / Getty Images

Some of the risk tied to your digital life is taken on by service providers who are more directly impacted by fraud than you. Credit card companies, for example, have invested heavily in fraud detection because their business is built on mitigating the risk of financial transactions. But other organizations that handle your personal identifying information—information that proves you are you to the rest of the digitally connected world—are just as big a target for cyber crime but may not be as good at preventing fraud.

Everything counts in multiple accounts

You can do a number of things to reduce the risks posed by data breaches and identity fraud. The first is to avoid accidentally exposing the credentials you use with accounts. A data breach of one service provider is especially dangerous if you haven’t followed best practices in how you set up credentials. These are some best practices to consider:

  • Use a password manager that generates strong passwords you don’t have to remember. This can be the manager built into your browser of choice, or it can be a standalone app. Using a password manager ensures that you have a different password for every account, so a breach of one account won’t spill over into others. (Sorry to again call out the person reusing letmein123! for everything, but it’s time to face the music.)
  • When possible, use two-factor or multi-factor authentication (“2FA” or “MFA”). This combines a password with a second, temporary code or acknowledgment from someplace other than your web browser or app session. Two-factor authentication ensures that someone who steals your password can’t use it to log in. If at all possible, don’t use SMS-based 2FA, because this is more prone to interception (more on this in a minute). Applications like Authy, Duo, Google Authenticator, or Microsoft Authenticator can be paired with a wide variety of services to generate 2FA temporary passwords or to send “push” notifications to your device so that you can approve a login. You can also use a hardware key, such as a Yubico YubiKey, to further segment authentication from your devices.
Artist's impression of how to troll your IT department.
Enlarge / Artist’s impression of how to troll your IT department.

vinnstock / Getty Images

  • Set up a separate email address or email alias for your high-value web accounts so that all email regarding them is segmented off from your usual email address. This way, if your primary email address is caught up in a data leak, attackers won’t be able to use that address to try to log in to accounts you care about. Using separate addresses for each service also has the side benefit of letting you know if any of those services are selling your personal information—just look at where and when spam starts showing up.
  • If you’re a US resident, make sure to claim an account for your Social Security number from the IRS for tax information access and other purposes. Much of the refund and stimulus fraud over the past few years has been related to scammers “claiming” accounts for SSNs that were unregistered with the IRS, and untangling that sort of thing can be painful.
  • Register for account breach checkups, either through the service provided through your browser (Firefox or Chrome) or through Troy Hunt’s (or both!). The browser services will check stored passwords against breach lists using a secure protocol, and they can also point out risky reused credentials.
  • Consider locking your credit reports to reduce identity theft risks. Equifax provides an app called Lock & Alert that allows you to lock your credit report from all but existing creditors, then unlock it from the app before you apply for new credit. TransUnion has a similar free app called TrueIdentity. Experian charges $24.99 a month to lock your credit checks, and TransUnion has a “premium” version of its service that locks both TransUnion and Equifax reports on demand for $24.95 a month. In other words, if you want to have tight control over all your credit reports, you can do it for $300 a year. (You can, with some searching, find the free versions of those credit freeze services—here’s Experian’s and here’s TransUnion’s—but man, those companies really, really want to lift a giant pile of money out of your wallet in exchange for a bunch of highly dubious “value-adds.”)

When 2FA is not enough

Security measures vary. I discovered after my Twitter experience that setting up 2FA wasn’t enough to protect my account—there’s another setting called “password protection” that prevents password change requests without authentication through email. Sending a request to reset my password and change the email account associated with it disabled my 2FA and reset the password. Fortunately, the account was frozen after multiple reset requests, and the attacker couldn’t gain control.

Artist's impression of two-factor authentication. In this example, you can't log in without both a password <em>and</em> a code generated by your phone.
Enlarge / Artist’s impression of two-factor authentication. In this example, you can’t log in without both a password and a code generated by your phone.

dcdp / Getty Images

This is an example of a situation where “normal” risk mitigation measures don’t stack up. In this case, I was targeted because I had a verified account. You don’t necessarily have to be a celebrity to be targeted by an attacker (I certainly don’t think of myself as one)—you just need to have some information leaked that makes you a tempting target.

For example, earlier I mentioned that 2FA based on text messages is easier to bypass than app-based 2FA. One targeted scam we see frequently in the security world is SIM cloning—where an attacker convinces a mobile provider to send a new SIM card for an existing phone number and uses the new SIM to hijack the number. If you’re using SMS-based 2FA, a quick clone of your mobile number means that an attacker now receives all your two-factor codes.

Additionally, weaknesses in the way SMS messages are routed have been used in the past to send them to places they shouldn’t go. Until earlier this year, some services could hijack text messages, and all that was required was the destination phone number and $16. And there are still flaws in Signaling System 7 (SS7), a key telephone network protocol, that can result in text message rerouting if abused.

Continue Reading

Biz & IT

Securing your digital life, part one: The basics



Enlarge / Artist’s impression of how to keep your digital stuff safe from all kinds of threats.

Aurich Lawson | Getty Images

I spend most of my time these days investigating the uglier side of digital life—examining the techniques, tools, and practices of cyber criminals to help people better defend against them. It’s not entirely different from my days at Ars Technica, but it has given me a greater appreciation for just how hard it is for normal folks to stay “safe” digitally.

Even those who consider themselves well educated about cyber crime and security threats—and who do everything they’ve been taught to do—can (and do!) still end up as victims. The truth is that, with enough time, resources, and skill, everything can be hacked.

The key to protecting your digital life is to make it as expensive and impractical as possible for someone bent on mischief to steal the things most important to your safety, financial security, and privacy. If attackers find it too difficult or expensive to get your stuff, there’s a good chance they’ll simply move on to an easier target. For that reason, it’s important to assess the ways that vital information can be stolen or leaked—and understand the limits to protecting that information.

Did you really think we were going to be able to get through a cybersecurity article without at least one guy-in-a-ski-mask-with-a-laptop stock photo?
Enlarge / Did you really think we were going to be able to get through a cybersecurity article without at least one guy-in-a-ski-mask-with-a-laptop stock photo?

Pinopic / Getty Images

In part one of our guide to securing your digital life, we’ll talk briefly about that process and about basic measures anyone can take to reduce risks to their devices. In part two, coming in a few days, we’ll address wider digital identity protection measures, along with some special measures for people who may face elevated risks. But if you’re looking for tips about peanut butter sandwich dead drops to anonymously transfer data cards in exchange for cryptocurrency payments… we can’t help you, sorry.

You are not Batman

A while back, we covered threat modeling—a practice that encompasses some of what is described above. One of the most important aspects of threat modeling is defining your acceptable level of risk.

We make risk-level assessments all the time, perhaps unconsciously—like judging whether it’s safe to cross the street. To totally remove the threat of being hit by a car, you’d either have to build a tunnel under or a bridge over the street, or you could completely ban cars. Such measures are overkill for a single person crossing the street when traffic is light, but they might be an appropriate risk mitigation when lots of people need to cross a street—or if the street is essentially a pedestrian mall.

This guy isn't actually Batman, either, but he's a lot closer to being Batman than we are. (This is cosplayer Auri Aminpour next to his Batmobile. Wicked!)
Enlarge / This guy isn’t actually Batman, either, but he’s a lot closer to being Batman than we are. (This is cosplayer Auri Aminpour next to his Batmobile. Wicked!)

The same goes for modeling the threats in your digital life. Unless you are Batman—with vast reserves of resources, a secret identity to protect from criminals and all but a select few members of law enforcement, and life-or-death consequences if your information gets exposed—you do not need Batman-esque security measures. (There are certainly times when you need additional security even if you’re not Batman, however; we’ll go into those special circumstances in the second half of this guide.)

For those who want to lock things down without going offline and moving to a bunker in New Zealand, the first step is to assess the following things:

  • What in my digital life can give away critical information tied to my finances, privacy, and safety?
  • What can I do to minimize those risks?
  • How much risk reduction effort is proportional to the risks I face?
  • How much effort can I actually afford?

Reducing your personal attack surface

The first question above is all about taking inventory of the bits of your digital life that could be exploited by a criminal (or an unscrupulous company, employer, or the like) for profit at your expense or could put you in a vulnerable position. A sample list might include your phone and other mobile devices, personal computer, home network, social media accounts, online banking and financial accounts, and your physical identification and credit cards. We’re going to cover the first few here; more will be covered in part two.

Each of these items offers an “attack surface”—an opportunity for someone to exploit that component to get to your personal data. Just how much of an attack surface you present depends on many factors, but you can significantly reduce opportunities for malicious exploitation of these things with some basic countermeasures.

Physical mobile threats

Smart phones and tablets carry a significant portion of our digital identities. They also have a habit of falling out of our direct physical control by being lost, stolen, or idly picked up by others while we’re not attending to them.

Defending against casual attempts to get at personal data on a smart phone (as opposed to attempts by law enforcement, sophisticated criminals, or state actors) is fairly straightforward.

First, if you’re not at home, you should always lock your device before you put it down, no exceptions. Your phone should be locked with the most secure method you’re comfortable with—as long as it’s not a 4-digit PIN, which isn’t exactly useless but is definitely adjacent to uselessness. For better security, use a password or a passcode that’s at least six characters long—and preferably longer. If you’re using facial recognition or a fingerprint unlock on your phone, this shouldn’t be too inconvenient.

Artist's impression of a person who has hacked a mobile phone. (In reality, phones don't actually say "HACKED!" to alert you that you've been hacked. Things would be a lot easier if they did.)
Enlarge / Artist’s impression of a person who has hacked a mobile phone. (In reality, phones don’t actually say “HACKED!” to alert you that you’ve been hacked. Things would be a lot easier if they did.)

D-Keine / Getty Images

Second, set your device to require a password immediately after it’s been locked. Delays mean someone who snatches your phone can get to your data if they bring up the screen in time. Additionally, make sure your device is set to erase its contents after 10 bad password attempts at maximum. This is especially important if you haven’t set a longer passcode.

Also, regularly back up your phone. The safest way to back up data if you’re concerned about privacy is an encrypted backup to your personal computer; however, most iOS device owners can back up their data to iCloud with confidence that it is end-to-end encrypted (as long as they have iOS 13 or later). Your mileage will vary with different Android implementations and backup apps.

Along the same lines, make sure you have installed the most recent version of the phone OS available to prevent someone from taking advantage of known security bypasses. For iOS, this is generally simple—when your device prompts you to upgrade, do it. The upgrade situation on Android is somewhat more complicated, but the same general advice holds true: upgrade ASAP, every time. (There is a school of thought that says you should hold off on the latest upgrades in order for bugs to be worked out, but adhering to that advice will put you in a position where your device might have exploitable vulnerabilities. You can mitigate those vulnerabilities by upgrading.)

Continue Reading