11 September 2019

Daily Crunch: Apple unveils new iPhones


The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 9am Pacific, you can subscribe here.

1. Here’s everything Apple announced today at the iPhone 11 event

The biggest announcement was a new lineup of iPhones, including the iPhone 11, with a new dual-camera system, as well as two iPhone Pro models with three cameras each. Cameras galore!

In addition, the company announced new iPads and Apple Watches, as well as pricing and launch dates for Apple Arcade (launching September 19) and Apple TV+ (November 1).

2. California passes landmark bill that requires Uber and Lyft to treat their drivers as employees

The bill says that if a contractor’s work is part of a company’s regular business, then they must be designated as employees. And thus, these workers will get access to more protections such as minimum wage, the right to unionize and overtime.

3. Peloton plots $1.2B Nasdaq IPO

In an amended S-1 filing released Tuesday afternoon, the developer of internet-connected stationary bikes and treadmills announced a proposed price range of $26 to $29 per share, allowing the company to raise as much as $1.2 billion in its public offering.

4. Uber lays off 435 people across engineering and product teams

Speaking of Uber, the company laid off about 8% of the workforce, with 170 people leaving the product team and 265 people leaving the engineering team.

5. Mozilla launches a VPN, brings back the Firefox Test Pilot program

The Test Pilot program allows users to try out new features before they are ready for mainstream usage.

6. Aerospace Corp CEO Steve Isakowitz to talk how to raise non-dilutive capital at Disrupt SF

Aerospace Corp is not that widely known outside space circles, but its 59-year-old R&D legacy is remarkable. The nonprofit works with the U.S. Air Force and other government space programs to identify emerging technologies from the commercial sector that could apply to future space programs.

7. What the iPhone 11 says about Apple’s present — and future

Let’s wrap this up with some thoughts on what yesterday’s announcements mean for Apple’s strategy — particularly the company’s growing focus on content and services, and its new thinking on how to position the iPhone. (Extra Crunch membership required.)


Read Full Article

Despite Brexit, UK startups can compete with Silicon Valley to win tech talent

The Best Mic for Podcasting

SpaceTalk: A Kid’s Phone Watch for Privacy


image of spacetalk watch for tracking kids

Tracking your kids will become more private, secure, and safe when SpaceTalk, a 3G, GPS-equipped phone-watch for communicating with your kids, releases in the United States or United Kingdom in late 2019.

The SpaceTalk kid-tracking watch features all the basics, such as a torch light, and weather forecasts. For many, the higher attention paid to privacy may prove a key selling point. SpaceTalk specifically designed their device to keep your kid’s data from being sent across the ocean to remote servers. But there’s a lot more going on than just privacy.

SpaceTalk Watch: Safety and Security

image of spacetalk app

SpaceTalk comes with an application for ease of use.

The SpaceTalk app allows parents to remotely interface with their children through the smartwatch. It works like this, parents access the application in order to find their child’s whereabouts. If they want to update the watch’s firmware, they can also shoot off a remote update using the SpaceTalk application, which is available in the Google Play Store and Apple App Store.

Battery Life

While the watch doesn’t come with a lot of applications by design, it also gets longer battery life than you might expect. The SpaceTalk watch gets around two-days of battery life. But users can stretch the battery life out even longer if they decrease the GPS polling rate.

SpaceTalk’s SOS Button

spacetalk is a smartwatch for kids

Like many assistive technologies for kids (and equally appropriate for seniors), the SpaceTalk watch also permits the user to emit a SOS distress call through triggering a special button on the side of the watch. The SOS button works like similar devices. All the child needs to do is press the button and the SpaceTalk watch fires out a call, SMS, and notification to a pre-approved list of contacts.

SpaceTalk Watch Cost and Availability

The SpaceTalk watch is already available in Australia and New Zealand. It should release in the United States and elsewhere before the end of the year. The price in the UK will be GBP 199. It’s currently selling for 349 in Australian dollars.

Read the full article: SpaceTalk: A Kid’s Phone Watch for Privacy


Read Full Article

Check Website Traffic With These 7 Top Tools


Checking your website’s traffic isn’t hard with the right tools. But checking another website’s traffic? A lot more difficult.

Most sites don’t publish their stats for public viewing, so accurate traffic numbers are hard to come by. At best, you can look for a website’s “advertising page,” which may include marketing materials, demographic information, and yes, monthly traffic data.

But when that’s not available, your only option is to rely on a website traffic estimator. Since these are never 100 percent accurate, we only recommend using them to compare traffic of sites in relative terms—and even then, you should only compare estimates from the same tool.

1. Check Website Traffic With SimilarWeb

this is a screen capture of SimilarWeb a web traffic analyzer

SimilarWeb is my estimator of choice when I want to see what kind of traffic a website gets.

The real value of SimilarWeb is its Top Website Rankings page where you can see the top ranking sites according to category and country (limited to the top 50 for free users), but it also lets you search for a specific domain and see that particular site’s stats.

When you look up a site, you get three points of data right away: global rank, country rank, and category rank. These are awesome for website competition at a glance. But if you scroll down, you can see the engagement stats: monthly traffic, average visit duration, pages per visit, and bounce rate.

Keep scrolling and you’ll see a bunch of other details, such as traffic source breakdown, top referring sites, social media traffic, audience demographics, and more. All of it’s available for free, solidifying this as the best website traffic estimator tool.

2. The Most Accurate Website Stats: Quantcast

This is a screen capture of Quantcast which is a traffic analyzer

Quantcast is probably the most accurate traffic estimator tool currently available, but it comes with two important caveats: first, its accuracy is spotty from site to site, and second, its data set is severely limited compared to sites like SimilarWeb or Alexa.

This is due to how Quantcast works: a website must set up Quantcast’s data collection feed, which allows Quantcast to start collecting data and estimating traffic for that site. Quantcast cannot accurately estimate traffic for sites that don’t participate. Therefore, you won’t find stats for most lesser-known websites on Quantcast.

That being said, when a site is tracked, Quantcast offers a lot of amazing data to pore over. The demographic breakdown is especially insightful, which includes visitor ethnicity, shopping interests, media interests, occupations, and political affiliations.

3. The Best Website Traffic Checker: Ahrefs

This is a screen capture of Ahrefs

Ahrefs is a powerful search engine optimization tool for webmasters and is mainly used for mining all kinds of search traffic-related data—both for your own sites and for competitors’ sites.

Not only can you see accurate measures of a site’s monthly search traffic, but you can see detailed breakdowns of where that traffic is coming from and what kinds of keywords are bringing the traffic. You can also see backlink information, such as which other sites are linking to the site, how often they’re linking, and how that data changes over time.

Unfortunately, while Ahrefs is the most powerful tool in this list, that power comes at a price. There’s no free plan, but you can try a seven-day no-restrictions trial for $7. After that, it costs at least $99 per month for the lowest plan. It’s expensive, but the data is good.

4. Track Website Traffic With SEMRush

This is a screen capture of SEMRush which is a traffic analysis website

SEMRush is primarily a search engine optimization tool, meaning you’d use it as a website owner to help find and target keywords that bring you more search engine traffic. However, as a regular web surfer, you can use it to see what kind of search traffic a site gets.

Just to be clear, SEMRush won’t give you absolute traffic numbers—if that’s what you’re looking for, turn to SimilarWeb or Quantcast. SEMRush is best when you only care about search traffic and you want to compare search traffic patterns between sites. For that, SEMRush tends to be the most accurate.

SEMRush shows you top keywords for a given site, but on top of that, you can see actual numbers and search engine positions for those keywords. You can also filter the stats by country, allowing you to see search patterns on a regional basis.

Note that SEMRush is a freemium tool. As a free user, you get 10 free searches per day and only get access to a basic overview. You’ll need a paid plan to unlock higher limits and more data, and they start at $100 per month.

5. See Basic Site Traffic With Alexa

This is a screen capture of Alexa which can track web traffic

Alexa is probably the first tool that popped into mind when you went looking for a website traffic estimation. Unfortunately, Alexa has dumbed down its free option so much over the years that it’s almost useless now.

Search for any website and you’ll see its Global Alexa Rank and Country Alexa Rank, plus a simple chart showing its rise and fall in ranking over the past year. You’ll also see limited demographics and keywords information. It’s quite stingy but suffices if you just want to compare two sites and see which one is more popular.

If you want to see more than the limited data you get as a free Alexa user, you’ll need to upgrade to the Insight plan—and that costs $79 per month. You can sign up for a seven-day free trial, but you’ll have to enter your credit card details and make sure you cancel before the free trial ends.

6. SitePrice

This is a screen capture of SitePrice a website traffic analyzer

SitePrice is actually a website value calculator and not a traffic estimator, but it does include traffic estimates in its value calculations. When you look up a site, just scroll down to see the estimated traffic and revenue stats, including daily pageviews, daily unique visitors, and daily ad revenues.

You’ll notice that these values are way off from what you’d find on, say, SimilarWeb or Quantcast. That’s because SitePrice pulls its data from several sources (including SimilarWeb and Quantcast) and averages them to get a more “accurate” reading. It’s up to you whether you trust it more or less.

Other nifty stats include search engine visibility, backlink counts, domain age, and top competitors. Also, remember that this tool is just an estimator so don’t take its website valuations at face value.

7. Traffic Estimate

This is a screen capture of Traffic Estimate which is a traffic analyzer

Traffic Estimate may not be the best-looking estimator tool, but it serves its purpose in a pinch. The estimation graph shows you a website’s traffic patterns over the past year, and you get a numerical traffic value for the past 30 days. It’s pretty simplistic—perhaps too much.

Scroll down and you’ll see data on which keywords are targeted by the site. This is helpful to explore which other sites are the main competitors for this site. There isn’t much beyond that. For best results, use Traffic Estimate as a supplementary tool in conjunction with the others on this list.

How Popular Are Your Favorite Websites?

You’ll notice that two oft-recommended tools are missing from this list: Alexa and Compete.

If you want to see traffic estimates for websites using Alexa, you’ll need to sign up for the Advanced plan which costs $149 per month, and that’s way too expensive when you can get similar estimates elsewhere for free. As for Compete, it was shut down at the end of 2016.

Now that you know how to estimate a website’s traffic, why not check out our roundup of the best websites on the internet and see how popular they are?

Image Credit: Rawpixel/Depositphotos

Read the full article: Check Website Traffic With These 7 Top Tools


Read Full Article

Doro 8080: High-End Phone for Seniors


this is a photo from IFA 2019 of the Doro 8080 smartphone for seniors

The first high-end phone designed for seniors is coming to Europe and the United States in 2019. The phone includes such features as a special launcher, an SOS button, and a user interface designed for those with visual impairment, cognitive decline associated with dementia, and other disabilities associated with age.

this is a shot from the side of the doro 8080 smartphone

Unique among senior phones, Doro’s newest model, the Doro 8080, offers premium specifications and a beautiful iPhone-like design aesthetic. It also comes with Android 9.0, the latest version of Google’s operating system. Doro also produces a semi-smart flip phone called the Doro 7060 which includes LTE-network connectivity, a 2.8-inch color display, 3MP camera, and social media features. But it otherwise does not offer smart features.

How Do Doro Phones Work?

It works like this: all the user needs to do is tap on the Search icon. The interface then switches from the Doro launcher into a simplified interface that can assist the user with various applications. Within the simplified launcher are a messaging, email, call log, and media sub-sections that sport increased text and icon sizes for those with imperfect eyesight.

Doro phones include a search feature that breaks apps down into easier to use and read elements

Like some of Doro’s other models, the 8080 also includes augmented audio frequencies, specifically designed to be heard by those with some forms of hearing impairment. Generally speaking, as we age, the higher frequencies tend to become less audible. Doro solves this issue by ramping up the higher frequencies.

This photo shows the audio augmentation that doro packs in its phones for seniors

Doro makes a lot of devices and offers an entire range of phones for seniors, such as the Doro 8035 and 8040. They’re both fully smart, with assistive features for using applications.

Doro also makes “dumb phones” (also known as feature phones) that cater to a less sophisticated audience.

Who (or What) Is Doro?

Doro is a Swedish startup specializing in making assistive cellular phones for seniors. Their products in the past focused mostly on rugged models flip phones, candy bar-styled designs, and clam-shell retro models, all without the now ubiquitous smart features we take for granted in modern designs.

The Doro 8035 and 8040 smart phones are essentially the same phone but with slightly different hardware configurations. Both phones include assistive features which make using the phone a snap for both the elderly and children.

Read the full article: Doro 8080: High-End Phone for Seniors


Read Full Article

15 Custom Keyboard Shortcuts for Mac You Should Start Using


mac-custom-shortcuts

Keyboard shortcuts provide some of the fastest ways to perform actions on your Mac. Often, though, the problem is that there are way too many to remember. So unless you use the same shortcuts over and over each day, you probably end up turning to your mouse or trackpad instead.

On macOS, you can create custom keyboard shortcuts to help solve this problem. This way, you have shortcuts for actions that you regularly perform using keys that you pick out, making them easier to remember.

Here are 15 cool custom keyboard shortcuts for Mac that you can use or easily adjust for your own needs.

Viewing the Current Keyboard Shortcuts

The location you must visit to create custom keyboard shortcuts is the same location that holds all current custom shortcuts on your Mac. So before making your own, it’s a great idea to see which ones are already in place that you might not know about.

Open your System Preferences by clicking Apple menu > System Preferences from the menu bar. You can also use Spotlight to search for “System Preferences,” or click the System Preferences icon in your Dock, if you prefer.

Select Keyboard from the list, then in the preferences window, click Shortcuts at the top.

Current Keyboard Shortcuts Mac

On the left, you’ll see list of locations, services, and apps that have keyboard shortcuts. And to the right, you’ll see what those shortcuts are for each. Only those with a checkmark are enabled; you can disable those you don’t want to use by unchecking them.

Editing Current Keyboard Shortcuts

You can edit global shortcuts that already exist to make them work for you. And if the custom shortcut you plan to create is already in the list, then you’re one step ahead!

For example, maybe you want a keyboard shortcut to show the Launchpad utility. On the left side of the preferences window, select Launchpad & Dock. And look at that; there’s already a shortcut for Show Launchpad that’s not in use.

Show Launchpad Keyboard Shortcut Mac

Now all you have to do is enable the shortcut by marking the checkbox and addding the key combination you want to use to the right of it. We’ll enter Cmd + Option + Space.

After this, you might run into a small issue. That yellow symbol that appears means there’s an error with the key combination you entered. It’s already being used by another action; this appears to be in the Spotlight section.

Current Keyboard Shortcuts Error Mac

If you click Spotlight to the left, you’ll see an indicator showing what that keyboard shortcut already does. This is a helpful way for you to make sure that you don’t set up a duplication key combo.

To fix it, go back to the section you changed. This is Launchpad & Dock in our example. Double-click the key combination and enter a new one; Cmd + Option + N looks good.

Successful Edit of Keyboard Shortcut Mac

This illustrates an important point: if you edit existing keyboard shortcuts, make sure the key combination is not already in use. If you want to go beyond what the built-in panel provides, you should look at third-party apps to change your Mac’s keyboard behavior.

Creating Custom Keyboard Shortcuts on Mac

Now it’s time to create your own custom keyboard shortcuts. On the left of the preferences window, click App Shortcuts. Then, click the plus sign button toward the bottom to add a shortcut.

A small window will pop open for you to create the shortcut. To do so:

  1. Choose an option in the Application dropdown box.
  2. Enter the name of the command in the Menu Title
  3. Add your key combination in the Keyboard Shortcut. Try to use keys you’ll remember and that have some relation to the command.
  4. Click Add.

Create Custom Keyboard Shortcut Mac

You’ll need to perform the same steps for each custom keyboard shortcut that you create from this tutorial. Each shortcut includes the Application, Menu Title, and a recommended Keyboard Shortcut.

Important Notes for Creating Shortcuts

The Menu Title for your shortcut must have the exact name as the menu command. So if the command has an ellipsis at the end, add it. And if the command is in a submenu, you’ll use Hyphen + Greater Than (->) with no spaces to denote a submenu.

You’ll see examples of both of these in the custom shortcuts below.

Also, unlike editing existing shortcuts, if you create a new shortcut with a key combination that’s already in use, the shortcut will simply not work. So it’s important to test your shortcut as soon as you create it and change the key combination if needed. See Apple’s page on custom keyboard shortcuts for more info.

App-Specific Keyboard Shortcuts

Let’s get started by creating shortcuts for apps and actions for them that you’ll use most often.

Mail Shortcut Add Sender to Contacts Mac

Mail App

1. Add the sender to your contact list
Application: Mail
Menu Title: Add Sender to Contacts
Keyboard Shortcut: Shift + Command + A

2. Mark all messages in a mailbox as read
Application: Mail
Menu Title: Mark All Messages as Read
Keyboard Shortcut: Shift + Command + R

Notes App

3. Pin a note to the top
Application: Notes
Menu Title: Pin Note
Keyboard Shortcut: Shift + Command + P

4. Lock a note (prompts you to create a password)
Application: Notes
Menu Title: Lock Note
Keyboard Shortcut: Shift + Command + L

Safari

5. Close the current tab
Application: Safari
Menu Title: Close Tab
Keyboard Shortcut: Shift + Command + X

6. Clear your browsing history (prompts you to choose how far back)
Application: Safari
Menu Title: Clear History…
Keyboard Shortcut: Shift + Command + B

Numbers

7. Show the sorting options in the sidebar
Application: Numbers
Menu Title: Show Sort Options
Keyboard Shortcut: Shift + Command + O

8. Show warnings in the sheet
Application: Numbers
Menu Title: View->Show Warnings
Keyboard Shortcut: Shift + Command + W

Pages

9. Add an Image Gallery to the document
Application: Pages
Menu Title: Insert->Image Gallery
Keyboard Shortcut: Shift + Command + I

10. View and hide the Format sidebar
Application: Pages
Menu Title: View->Inspector->Format
Keyboard Shortcut: Shift + Command + F

System-Wide Keyboard Shortcuts

Some apps that you use on your Mac have commands in common on the menu bar. So if you use an action often across several apps, try a handy shortcut.

All Application Shortcut for Export as PDF Mac

11. Export the item as a PDF
Application: All Applications
Menu Title: Export as PDF…
Keyboard Shortcut: Shift + Command + E

12. Flip the item horizontally
Application: All Applications
Menu Title: Flip Horizontal
Keyboard Shortcut: Shift + Command + Z

13. Flip the item vertically
Application: All Applications
Menu Title: Flip Vertical
Keyboard Shortcut: Shift + Command + V

14. Set a password for the document (prompts you to create and verify a password)
Application: All Applications
Menu Title: File->Set Password…
Keyboard Shortcut: Shift + Command + P

15. Zoom in and out of the current window
Application: All Applications
Menu Title: Window->Zoom
Keyboard Shortcut: Shift + Command + U

Save Time Without Your Fingers Leaving the Keyboard

You likely won’t use all these custom keyboard shortcuts, and can probably think of many others. But hopefully this gives you a good idea of how you can save time with faster access to menu commands for the apps you use each day.

For additional help, check out keyboard shortcuts for Microsoft Office on your Mac along with more useful Mac keyboard shortcuts to know.

Read the full article: 15 Custom Keyboard Shortcuts for Mac You Should Start Using


Read Full Article

10 Amazing Discounts You Can Get With a Free EDU Email Address


edu-email-discounts

If you’ve studied or worked at a higher education institution in the United States, there’s a good chance you’ve held an email address from your school at some point your life. If you’re lucky, you still might have access to your EDU email account.

Because of its association with students and education, having an email from your school or college offers many perks. But what are those perks? Keep reading to discover the benefits you can tap into with your EDU email account.

Note: There are some ways to bag yourself an EDU email even if you’re not involved with a school or college, but they might be a touch shady!

1. Amazon Prime

amazon prime student discount

If you have an EDU email, you can grab a six-month free trial of Amazon Prime in the United States. The standard trial length is 30 days.

After the trial period ends, you automatically become eligible for the Amazon Prime student discount. It entitles you to 50 percent off the cost of Prime for the duration of your subscription.

While using the Amazon Prime student discount, you get access to all Prime’s features. There are no restrictions or limits.

And, unlike some other services which offer EDU benefits, Amazon Prime does not use SheerID verification. It means anyone with an EDU email can take advantage of the cheaper rate, even if they are not a student.

2. Adobe Creative Cloud

adobe student discount

Another service that doesn’t use SheerID verification is Adobe Creative Cloud.

All EDU email holders are eligible for a 60 percent discount in the first year and a 40 percent discount thereafter. That means you’ll only pay $20/month for 12 months, then $30/month following the initial period. The regular price for non-EDU email users is $53/month.

Like with Amazon Prime, you’ll have access to the entire Creative Cloud suite. That includes Photoshop, Lightroom, Spark, Premiere Rush, XD, Illustrator, InDesign, Premiere Pro, and Acrobat Pro.

3. Spotify

spotify student discount

Spotify offers a student discount to students with an EDU email. The discount is not available to teachers with an EDU email, nor anyone else who cannot be verified as a student via SheerID.

The Spotify student discount is 50 percent. That means you will only pay $4.99 per month for the duration of your study period, up to a maximum of four years. You can maintain your discount until the end of a 12-month billing cycle if you graduate mid-way through your plan.

As a bonus, you also get Hulu and SHOWTIME thrown in for free, meaning you’ll have access to all three apps for the single low price.

Spotify does not apply the student discount to its family plans. If you live in a student house with several people and only want a music plan, a family plan may still prove to be more economical.

4. Office 365

office365 student discount prices

Microsoft doesn’t use SheerID, so anyone with an EDU email can sign up to receive the basic version of Office 365 Education for free.

That means you’ll get the online versions of Outlook, Word, Excel, PowerPoint, OneNote, and Microsoft Teams, as well as some education-specific classroom tools that aren’t available in the regular versions of Office 365. All users also get 1TB of OneDrive space for free.

If you’re happy to pay $2.50 per month (billed annually), you’ll also get access to the desktop versions of the previously mentioned apps, as well as Publisher and Access.

5. GitHub Student Developer Pack

github developer pack students

GitHub offers its Student Developer Pack to all students who can authenticate themselves with SheerID. That means teachers and other EDU email owners are excluded.

The pack includes a huge suite of free and discounted tools to help out young coders and programmers, including Travis CI, AWS discount vouchers, Digital Ocean plans, Heroku, and a whole lot more.

6. The Washington Post

washington post student discount

It’s not only tech giants who offer benefits to students. Mainstream media companies have also gotten in on the act.

The Washington Post newspaper, for example, has an academic rate of $5/month for all students and teachers, and the first month is only $1. The regular piece of a plan is $10 per month.

7. The New York Times

new york times student discount

Similarly, there are also student discounts if you subscribe to The New York Times. Students receive a free month then pay $2 every four weeks. Teachers and other EDU email holders can enjoy the same service for $4/month.

Both plans allow subscribers to read an unlimited number of articles on any device.

8. Cell Phone Plans

The big four American cell phone carriers—AT&T, Sprint, Verizon, and T-Mobile—all offer student discounts for people with .EDU email addresses.

The exact discounts available vary considerably depending on the institution you attend and the type of plan you want. We recommend speaking to the carriers directly if you would like more information.

9. Google Drive

If your EDU email address belongs to a school or college that uses GSuite, you can grab yourself an unlimited amount of storage on Google Drive for free.

There is no other plan which offers unlimited Google Drive storage. If you don’t have an EDU email, Google’s top 30TB package costs $6 per month.

Keep in mind that if you lose access to your EDU email address, you will lose the benefit and return to the basic 15GB plan. You would not lose access to your data, but you would need to download it and get your usage below the 15GB limit before you could upload new data.

10. Apple

apple student discount

Apple offers student discounts on Apple Music, as well on its hardware such as MacBooks and iMacs and some its web services.

You can save $100 on a MacBook Pro. Other savings include $50 on an iPad, and you can pick up Apple’s Pro Apps Bundle (Final Cut Pro X, Logic Pro X, Motion 5, Compressor 4, and MainStage 3) for $199. You can also pick up iDrive storage with a 50 percent discount.

Apple Music is free for six months and will then cost you $4.99 per month. Unlike Spotify, Apple Music does not perform a SheerID scan, so anyone with an EDU email address can take advantage of the discount.

Grab Even More EDU Email Benefits

In truth, the benefits we’ve looked at barely scratch the surface of what’s available.

Some other noteworthy businesses and apps that provide student discounts to anyone with an EDU email address include Best Buy, Autodesk, LastPass, FedEx, Squarespace, Newegg, and Dell. Indeed, it’s always worth doing a quick search to see if there are EDU benefits before you buy or subscribe to anything on the web.

To learn more about saving money online, make sure you check out our other articles on the best price comparison apps and the best cashback sites.

Read the full article: 10 Amazing Discounts You Can Get With a Free EDU Email Address


Read Full Article

How to Earn Cash by Finding Security Issues in Android Apps


earn-cash-android-bugs

If you’re an Android app developer with a nose for hunting down security issues, you could get paid for loaning your skills to Google. Hackers have managed to plant malware-infected apps on the Google Play Store, some of which got millions of downloads.

In response, Google has opened up its bug bounty program which lets developers dig for security issues in common apps. Previously only a few apps were covered. Now, all popular Play Store apps are part of the program. The program pays out cash rewards for developers who find and report security issues.

Why Google Has a Bug Bounty Program

Google has had a bug bounty program for its own apps for a long time. Like many companies, Google offers rewards to developers who uncover issues in its websites. It also offers rewards for finding bugs its Chrome browser, or its Chrome operating system. But recently it has taken the more radical step of offering rewards for bugs found in other companies’ apps as well.

The first iteration of the Play Store bug bounty program only applied to a very small number of top apps. Now, Google has expanded the program to cover any app in the Play Store with more than 100 million installs. This means there are many more opportunities for bug hunters to discover issues in Play Store apps and get rewarded for reporting them, even if the app developers don’t offer their own bug bounty programs.

Google says it introduced this program in hopes of “encouraging the community to help us improve security for everyone”. Therefore, it encourages bug hunters who do discover a bug to report it to the app developers as well as to Google. This gives the original app developers the chance to fix the bug quickly. And that means better security for everyone who uses Android apps.

How to Get Involved in the Bug Bounty Program

Earn Money Finding Security Issues in Google Play Apps - Play Store

The Play Store bug bounty scheme is called the Google Play Security Reward Program (GPSRP). Google invites security researchers and app developers to participate. The first step is to fill out an application to join the program. You can look for security issues in any eligible app on the Play Store once you have been approved.

There are three types of vulnerability which participants look for. Firstly, Remote Code Execution vulnerabilities are those which allow a hacker to access a user’s device and make changes. These are very serious security issues.

Secondly, there is the issue of theft of insecure private data. This is where a vulnerability allows a hacker to steal personal information such as login information, web history, or contact lists.

Thirdly, there is access to protected app components. This refers to apps which perform functions which they do not have permission for. For example, an app which sends SMS messages even if it does not have permission from the user to do so.

The program does not cover some security issues. For example, phishing attacks, while potentially dangerous, do not qualify. This is because they work by deceiving the user and not by running malicious code. The program also does not cover attacks which require physical access to a device.

Once you discover a bug, you should contact the app’s developer to let them know. Then you can work together with the developer to fix the issue. Once the vulnerability has been resolved, you can claim your cash reward from Google.

Earn Bounties for Discovering Data Abuses by Apps

Earn Money Finding Security Issues in Google Play Apps - Data Abuse

Google is not only offering rewards for finding security bugs. It is trying to crack down on apps which steal user data as well. Recently, the company launched its Developer Data Protection Reward Program (DDPRP) which offers similar rewards for developers who uncover data abuse by apps.

The types of data abuse that the program is looking for are apps which collect and sell user data in a way which is against Google’s privacy policies. For example, this could be an app which collects data from users’ contact books such as metadata showing who they called and when, without protecting this as sensitive data.

It would also cover apps which violate rules about permissions, such as an app which does have access to SMS permissions, but uses this to collect data about users’ SMS messages to sell on to third parties. Alternatively, it would cover an app which asks for permission to access contact data and then reuses that data for an unrelated app.

To see more details of exactly what kinds of data abuse qualify for the program, you can look on the DDPRP website. As with the bug bounty program, any app on the Play Store with more than 100 million installs is eligible.

The Rewards on Offer for Discovering Bugs

There are cash rewards on offer for both the bug bounty and the data abuse programs. The amount paid out for any one report depends on the severity of the issue. It also depends on the quality of the report submitted to Google.

The rewards for the Google Play Security Reward Program range from $5,000 to $20,000 for remote code execution bugs, from $1,000 to $3,000 for theft of insecure private data, and from $1,000 to $3,000 for access to protected app components. In addition, there are bonuses for disclosing the vulnerabilities to the apps developers in a responsible way. This gives the developers the opportunity to patch the issue.

The rewards for the Developer Data Protection Reward Program range from $100 to $1000. To claim the reward, you will need to submit a report. You should write information on which data policy was violated, how data was abused, and a list of times when the app violated the policies.

Earn Cash by Hunting Security Vulnerabilities

Google’s bug bounty and data abuse bounty programs give you the chance to earn money. They also let you help to improve the security of apps distributed through the Play Store. If you’re interested in more bug hunting opportunities, you can check out other companies’ programs too. For some examples, see our list of awesome bug bounty programs for earning pocket money.

Read the full article: How to Earn Cash by Finding Security Issues in Android Apps


Read Full Article

Learning Cross-Modal Temporal Representations from Unlabeled Videos




While people can easily recognize what activities are taking place in videos and anticipate what events may happen next, it is much more difficult for machines. Yet, increasingly, it is important for machines to understand the contents and dynamics of videos for applications, such as temporal localization, action detection and navigation for self-driving cars. In order to train neural networks to perform such tasks, it is common to use supervised training, in which the training data consists of videos that have been meticulously labeled by people on a frame-by-frame basis. Such annotations are hard to acquire at scale. Consequently, there is much interest in self-supervised learning, in which models are trained on various proxy tasks, and the supervision of those tasks naturally resides in the data itself.

In “VideoBERT: A Joint Model for Video and Language Representation Learning” (VideoBERT) and “Contrastive Bidirectional Transformer for Temporal Representation Learning” (CBT), we propose to learn temporal representations from unlabeled videos. The goal is to discover high-level semantic features that correspond to actions and events that unfold over longer time scales. To accomplish this, we exploit the key insight that human language has evolved words to describe high-level objects and events. In videos, speech tends to be temporally aligned with the visual signals, and can be extracted by using off-the-shelf automatic speech recognition (ASR) systems, and thus provides a natural source of self-supervision. Our model is an example of cross-modal learning, as it jointly utilizes the signals from visual and audio (speech) modalities during training.
Image frames and human speech from the same video locations are often semantically aligned. The alignment is non-exhaustive and sometimes noisy, which we hope to mitigate by pretraining on larger datasets. For the left example, the ASR output is, “Keep rolling tight and squeeze the air out to its side and you can kind of pull a little bit.”, where the actions are captured by speech but the objects are not. For the right example, the ASR output is, “This is where you need to be patient patient patient,” which is not related to the visual content at all.
A BERT Model for Videos
The first step of representation learning is to define a proxy task that leads the model to learn temporal dynamics and cross-modal semantic correspondence from long, unlabeled videos. To this end, we generalize the Bidirectional Encoder Representations from Transformers (BERT) model. The BERT model has shown state-of-the-art performance on various natural language processing tasks, by applying the Transformer architecture to encode long sequences, and pretraining on a corpus containing a large amount of text. BERT uses the cloze test as its proxy task, in which the BERT model is forced to predict missing words from context bidirectionally, instead of just predicting the next word in a sequence.

To do this, we generalize the BERT training objective, using image frames combined with the ASR sentence output at the same locations to compose cross-modal “sentences”. The image frames are converted into visual tokens with durations of 1.5 seconds, based on visual feature similarities. They are then concatenated with the ASR word tokens. We train the VideoBERT model to fill out the missing tokens from the visual-text sentences. Our hypothesis, which our experiments support, is that by pretraining on this proxy task, the model learns to reason about longer-range temporal dynamics (visual cloze) and high-level semantics (visual-text cloze).
Illustration of VideoBERT in the context of a video and text masked token prediction, or cloze, task. Bottom: visual and text (ASR) tokens from the same locations of videos are concatenated to form the inputs to VideoBERT. Some visual and text tokens are masked out. Middle: VideoBERT applies the Transformer architecture to jointly encode bidirectional visual-text context. Yellow and pink boxes correspond to the input and output embeddings, respectively. Top: the training objective is to recover the correct tokens for the masked locations.
Inspecting the VideoBERT Model
We trained VideoBERT on over one million instructional videos, such as cooking, gardening and vehicle repair. Once trained, one can inspect what the VideoBERT model learns on a number of tasks to verify that the output accurately reflects the video content. For example, text-to-video prediction can be used to automatically generate a set of instructions (such as a recipe) from video, yielding video segments (tokens) that reflect what is described at each step. In addition, video-to-video prediction can be used to visualize possible future content based on an initial video token.
Qualitative results from VideoBERT, pretrained on cooking videos. Top: Given some recipe text, we generate a sequence of visual tokens. Bottom: Given a visual token, we show the top three future tokens forecast by VideoBERT at different time scales. In this case, the model predicts that a bowl of flour and cocoa powder may be baked in an oven, and may become a brownie or cupcake. We visualize the visual tokens using the images from the training set closest to the tokens in feature space.
To verify if VideoBERT learns semantic correspondences between videos and text, we tested its “zero-shot” classification accuracy on a cooking video dataset in which neither the videos nor annotations were used during pre-training. To perform classification, the video tokens were concatenated with a template sentence “now let me show you how to [MASK] the [MASK]” and the predicted verb and noun tokens were extracted. The VideoBERT model matched the top-5 accuracy of a fully-supervised baseline, indicating that the model is able to perform competitively in this “zero-shot” setting.

Transfer Learning with Contrastive Bidirectional Transformers
While VideoBERT showed impressive results in learning how to automatically label and predict video content, we noticed that the visual tokens used by VideoBERT can lose fine-grained visual information, such as smaller objects and subtle motions. To explore this, we propose the Contrastive Bidirectional Transformers (CBT) model which removes this tokenization step, and further evaluated the quality of learned representations by transfer learning on downstream tasks. CBT applies a different loss function, the contrastive loss, in order to maximize the mutual information between the masked positions and the rest of cross-modal sentences. We evaluated the learned representations for a diverse set of tasks (e.g., action segmentation, action anticipation and video captioning) and on various video datasets. The CBT approach outperforms previous state-of-the-art by significant margins on most benchmarks. We observe that: (1) the cross-modal objective is important for transfer learning performance; (2) a bigger and more diverse pre-training set leads to better representations; (3) compared with baseline methods such as average pooling or LSTMs, the CBT model is much better at utilizing long temporal context.
Action anticipation accuracy with the CBT approach from untrimmed videos with 200 activity classes. We compare with AvgPool and LSTM, and report performance when the observation time is 15, 30, 45 and 72 seconds.
Conclusion & future work
Our results demonstrate the power of the BERT model for learning visual-linguistic and visual representations from unlabeled videos. We find that our models are not only useful for zero-shot action classification and recipe generation, but the learned temporal representations also transfer well to various downstream tasks, such as action anticipation. Future work includes learning low-level visual features jointly with long-term temporal representations, which enables better adaptation to the video context. Furthermore, we plan to expand the number of pre-training videos to be larger and more diverse.

Acknowledgements
The core team includes Chen Sun, Fabien Baradel, Austin Myers, Carl Vondrick, Kevin Murphy and Cordelia Schmid. We would like to thank Jack Hessel, Bo Pang, Radu Soricut, Baris Sumengen, Zhenhai Zhu, and the BERT team for sharing amazing tools that greatly facilitated our experiments. We also thank Justin Gilmer, Abhishek Kumar, Ben Poole, David Ross, and Rahul Sukthankar for helpful discussions.

iFixit gives Fairphone 3 a perfect 10 for repairability


Here’s something the hermetically sealed iPhone can’t do: Score a perfect 10 for repairability.

Smartphone startup and social enterprise Fairphone’s latest repairable-by-design smartphone has done just that, getting 10/10 in an iFixit Teardown vs scores of just 6/10 for recent iPhone models.

The Fairphone 3, which was released in Europe last week with an RRP of €450, gets thumbs up across the board in iFixit’s hardware Teardown. It found all the internal modules to be easily accessible and replaceable — with only basic tools required to get at them (Fairphone includes a teeny screwdriver in the box). iFixit also lauds visual cues that help with disassembly and reassembly, and notes that repair guides and spare parts are available on Fairphone’s website.

iFixit’s sole quibble is that while most of the components inside the Fairphone 3’s modules are individually replaceable “some” are soldered on. A tiny blip that doesn’t detract from the 10/10 repairability score

Safe to say, such a score is the smartphone exception. The industry continues to encourage buyers to replace an entire device, via yearly upgrade, instead of enabling them to carry out minor repairs themselves — so they can extend the lifespan of their device and thereby shrink environmental impact.

Dutch startup Fairphone was set up to respond to the abject lack of sustainability in the electronics industry. The tiny company has been pioneering modularity for repairability for several years now, flying in the face of smartphone giants that are still routinely pumping out sealed tablets of metal and glass which often don’t even let buyers get at the battery to replace it themselves.

To wit: An iFixit Teardown of the Google Pixel rates battery replacement as “difficult” with a full 20 steps and between 1-2 hours required. (Whereas the Fairphone 3 battery can be accessed in seconds, by putting a fingernail under the plastic back plate to pop it off and lifting the battery out.)

The Fairphone 3 goes much further than offering a removable backplate for getting at the battery, though. The entire device has been designed so that its components are accessible and repairable.

So it’s not surprising to see it score a perfect 10 (the startup’s first modular device, Fairphone 2, was also scored 10/10 by iFixit). But it is strong, continued external validation for the Fairphone’s designed-for-repairability claim.

It’s an odd situation in many respects. In years past replacement batteries were the norm for smartphones, before the cult of slimming touchscreen slabs arrived to glue phone innards together. Largely a consequence of hardware business models geared towards profiting from pushing for clockwork yearly upgrades cycle — and slimmer hardware is one way to get buyers coveting your next device.

But it’s getting harder and harder to flog the same old hardware horse because smartphones have got so similarly powerful and capable there’s precious little room for substantial annual enhancements.

Hence iPhone maker Apple’s increasing focus on services. A shift that’s sadly not been accompanied by a rethink of Cupertino’s baked in hostility towards hardware repairability. (It still prefers, for example, to encourage iPhone owners to trade in their device for a full upgrade.)

At Apple’s 2019 new product announcement event yesterday — where the company took the wraps off another clutch of user-sealed smartphones (aka: iPhone 11 and iPhone 11 Pro) — there was even a new financing offer to encourage iPhone users to trade in their old models and grab the new ones. ‘Look, we’re making it more affordable to upgrade!’ was the message.

Meanwhile, the only attention paid to sustainability — during some 1.5 hours of keynotes — was a slide which passed briefly behind marketing chief Phil Schiller towards the end of his turn on stage puffing up the iPhone updates, encouraging him to pause for thought.

Apple 2019 event

“iPhone 11 Pro and iPhone 11 are made to be designed free from these harmful materials and of course to reduce their impact on the environment,” he said in front of a list of some toxic materials that are definitely not in the iPhones.

Stuck at the bottom of this list were a couple of detail-free claims that the iPhones are produced via a “low-carbon process” and are “highly recyclable”. (The latter presumably a reference to how Apple handles full device trade-ins. But as anyone who knows about sustainability will tell you, sustained use is far preferable to premature recycling…)

“This is so important to us. That’s why I bring it up every time. I want to keep pushing the boundaries of this,” Schiller added, before pressing the clicker to move on to the next piece of marketing fodder. Blink and you’d have missed it.

If Apple truly wants to push the boundaries on sustainability — and not just pay glossy lip-service to reducing environmental impact for marketing purposes while simultaneously encouraging annual upgrades — it has a very long way to go indeed.

As for repairability, the latest and greatest iPhones clearly won’t hold a candle to the Fairphone.


Read Full Article