Google Is Planning Two Special Events For Mobile Chrome On June 7th And June 13th

Here's some unexpected news. Two new livestream videos have popped up on Google's Developers website, counting down to their respective start times. Both are marked as events especially for the mobile version of Chrome (presumably Android and iOS), and both have no more details to share at the moment. The first livestream is scheduled to start on June 7th at 1PM Eastern Daylight Time, the second is scheduled for June 13th at 11AM EDT.

We'll be honest, we've got no idea what's in store at these events. To our knowledge, Google has never held an event especially for Chrome, and certainly not for the mobile versions. It's odd to see something like this just a few weeks after Google I/O. The first video is marked "Chrome Mobile Special Event," the second is slightly different, "Mobile Chrome Special Event," but it's unlikely that there's anything significant to that.

What's Google got up its sleeve? A major update? More desktop browser integration? Dare we dream of extension support for mobile Chrome? Hopefully we'll find out in a week (or possibly two).

Chrome Mobile Special Event - June 7th, June 13th

Thanks, Andy!

Via: Google Is Planning Two Special Events For Mobile Chrome On June 7th And June 13th

Google won't approve Glassware that use facial recognition at this time

Taking into account user feedback, the policy will evolve in the coming weeks and months

Writing on its official Project Glass Google+ page, Google explained that because of privacy concerns it will not be approving Glassware (apps for Glass) that take advantage of facial recognition technology. While a consumer release of Glass may still be several months away, there are now enough people out there with Explorer Edition units that Google felt the need to address this concern. One of the biggest struggles it is fighting with Glass currently is concerns over privacy, and following its current company line on the use of facial recognition it thinks that now is not the time to include it.

Google says that it is listening to feedback from early users of Glass, and will be evolving its policy on facial recognition software in the coming weeks and months. We of course know that with a little bit of hacking non-approved Glassware including facial recognition could easily be added to Glass, but in these fragile stages of building public perception of the product it is best for Google to have an official stance here.

Source: +Project Glass

Via: Google won't approve Glassware that use facial recognition at this time

Sony Xperia SP now available on Three UK

Available for free on 26 per month contracts, or 349.99 on PAYG

Data-friendly operator Three UK has launched Sony Mobile's latest mid to high-end handset, the Xperia SP. The phone sports an unorthodox design, with an aluminum trim and glowing "transparent element" under the screen. Spec-wise, you're looking at Android 4.1.2 Jelly Bean on a dual-core Snapdragon S4 Pro CPU, 1GB of RAM and a 4.6-inch720p "HD Reality" display. Around the back there's an 8-megapixel Sony Exmor RS camera.

TheXperiaSPalso supports Three's "Ultrafast" network with 42MbpsDC-HSDPAat present, and4GLTEin the future.

The phone is being given away free on all Three's 24-month contracts, which start at 26 per month for unlimited data, 500 minutes and 5,000 texts. It's also available on Pay As You Go for a pretty reasonable 349.99.

Check past the break for our hands-on video.

Source: Three UK

Via: Sony Xperia SP now available on Three UK

Thursday App/Game Sales: Draw A Stickman, Clone Camera, Magicka, Crazy Machines, Call Notes Pro, And Rebuild [Update]

One more day, gentle readers - one more day until you can toss away the shackles of oppressive shift labor to fall into the sweet, silky lull of the weekend, and bask in glorious leisurely respite. Until then, here are some cheap apps.

• Draw a Stickman: EPIC - $.99 (50% off)
• Clone Camera - $.99 (50% off)
• Magicka - $.99 (50% off)
• Crazy Machines GolenGears THD - $.99 (66% off)
• Call Notes Pro - $.99 (75% off)
• Rebuild - Free (normally $2.99) [Amazon Appstore]

Update: It looks like the sale on Clone Camera has ended.

Note that Rebuild is only free on Amazon, and despite the THD label, Crazy Machines is also compatible with non-Tegra hardware. Draw A Stickman: Epic is probably the best of the lot - if a dollar's too much to risk for you, there's a free version as well. For those in the western hemisphere, may the arms of Morpheus embrace you fondly. For those in the eastern hemisphere: wake up and get to work already.

Via: Thursday App/Game Sales: Draw A Stickman, Clone Camera, Magicka, Crazy Machines, Call Notes Pro, And Rebuild [Update]

Thursday App/Game Sales: Draw A Stickman, Clone Camera, Magicka, Crazy Machines, Call Notes Pro, And Rebuild

One more day, gentle readers - one more day until you can toss away the shackles of oppressive shift labor to fall into the sweet, silky lull of the weekend, and bask in glorious leisurely respite. Until then, here are some cheap apps.

• Draw a Stickman: EPIC - $.99 (50% off)
• Clone Camera - $.99 (50% off)
• Magicka - $.99 (50% off)
• Crazy Machines GolenGears THD - $.99 (66% off)
• Call Notes Pro - $.99 (75% off)
• Rebuild - Free (normally $2.99) [Amazon Appstore]

Note that Rebuild is only free on Amazon, and despite the THD label, Crazy Machines is also compatible with non-Tegra hardware. Draw A Stickman: Epic is probably the best of the lot - if a dollar's too much to risk for you, there's a free version as well. For those in the western hemisphere, may the arms of Morpheus embrace you fondly. For those in the eastern hemisphere: wake up and get to work already.

Via: Thursday App/Game Sales: Draw A Stickman, Clone Camera, Magicka, Crazy Machines, Call Notes Pro, And Rebuild

Dish makes unsolicited all-cash offer to buy Clearwire for $4.40 per share

All-cash offer beats Sprint's current offer by 29-percent; minority shareholders urged to accept

Dish announced today that it has put in a cash tender offer to purchase all outstanding shares of Clearwirefor the price of $4.40 per share, adding yet another twist into the relations between Dish, Clearwire, Sprint and Softbank. The deal stands proudly as a 29-percent premium over what Sprint is currently offering for the other 49.2-percent of Clearwire it doesn't currently own at $3.40 per share, and sweetens the deal further by offering to buy out the entire company all at once. In its offer, Dish explains that it will agree to purchase a smaller amount of Clearwire if only a portion of the minority shareholders agree to the deal, as long as it is greater than a 25-percent stake in the company. As another condition, Dish is also requiring that it receives at least 3 board member positions for that 25-percent stake, and more if a larger portion of the company is acquired.

Naturally, Dish is urging any and all shareholders to agree to accept its offering, as it will be a great competitive play in the complex mess of offers and mergers currently happening between the companies. If Clearwire agrees to let Dish acquire it,Softbank's offer to buy a 70-percent stake in Sprint -- a deal which had Sprint acquiring Clearwire as a condition -- could be compromised. In light of this new offer from Dish, Clearwireis postponing its scheduled May 31st shareholder meeting until June 13thin order to give enough time to review it. The offer will be available to Clearwire until June 28th, and Dish has expressed that it is ready and willing to finalize the deal as quickly as possible.

Source: Clearwire; Dish(2)(3)

Via: Dish makes unsolicited all-cash offer to buy Clearwire for $4.40 per share

AT&T HTC One gets fix for Media Link HD connectivity

A quick heads up for those of you rocking the HTC One on AT&T. A software update is available (and has been for a while, actually) that fixes a few things in regards to the Media Link HD, which AT&T gave out to those who preordered HTC's latest and greatest. Specifically, some folks hadn't been able to connect to HTC'shigh-def streamer because of a software glitch. That glitch has been fixed and is now ready to download. It's a small, 269KB update, takes just a minute or so to do, and basically makes your life seem a little brighter. And fixes the Media Link HD connection.

Via: AT&T HTC One gets fix for Media Link HD connectivity

Real Racing 3 Updated With New Lexus And Dodge Cars, Dubai Autodrome Track, And 50+ Events

Electronic Arts' mobile racing magnum opus has been downloaded more than ten million times worldwide on Android alone, and it doesn't look like they're ready to stop adding content any time soon. The latest update to Real Racing 3 is a doozie, adding a new manufacturer and cars, a brand new racing venue, and more than 50 challenges and events for the dedicated virtual driver. The game is free and so is the update, though you'll still have to put up with the annoying time-based in-app purchase system.

The update adds racing-tuned Lexus cars to the garage, though only two are available at the moment: the Lexus IS-F and the drool-worthy LFA. Both V8 versions of the Dodge Charger have been added as well, the Charger RT and SRT8. The new track is based off of the real-world venue of the Dubai Autodrome, a 3.35-mile (5.4km) track focused mostly on Formula 1 races. Check out our full review for an in-depth look at the initial release.

Remember that EA Android games are released in North America and Rest Of World flavors, so hit up the relevant widget below to go to the Play Store page for your version. Real Racing 3 is available for Android 2.3.3 and higher, and required an enormous 1.2GB of free space - tiered data customers, consider yourself warned.

Real Racing 3

Via: Real Racing 3 Updated With New Lexus And Dodge Cars, Dubai Autodrome Track, And 50+ Events

[Deal Alert] Sprint LG Optimus G Drops To $0.01 For New And Renewing Customers On Amazon

If you're in the market and don't need the most cutting edge device, Amazon has a solid deal on the LG Optimus G for Sprint. The price for this handset has fallen to a single penny on a 2-year contract. This deal is open to all interested parties, whether it's for a new line of service or not. The Optimus G was previously only this cheap for new customers.

The LG Optimus G came out last fall, but it has since been overshadowed by the likes of the HTC One and Galaxy S4. But hey, there's still plenty to like in the Optimus G. The Snapdragon S4 Pro, 2GB of RAM, and LTE connectivity are still totally reasonable for a high-end smartphone. The same chassis was used to design the Nexus 4, after all. Sprint's version of the Optimus G also packs a 13MP camera. The software front isn't quite as rosy the Optimus G is still running Android 4.0.4.

Head on over to Amazon if you're down. Sprint charges $100 for existing customers grab the Optimus G, so there are real savings to be had on Amazon.

[LG Optimus G]

Via: [Deal Alert] Sprint LG Optimus G Drops To $0.01 For New And Renewing Customers On Amazon

Moto X to be the lead device for the new Motorola

Motorola's X phone is finally confirmed, now all we need are the details

MotorolaCEO Dennis Woodside is speaking at D11, and he announced what many of us have been waiting to hear -- news of the Moto X. According to Woodside, who teases us by saying the phone is in his pocket but he can't show us, the Moto X will be a true game changer. Made in the USA, using all the APIs Google announced at Google I/O last month, the X is the lead device to show off the companies new direction.

He also was sure to mention that Motorola was ready to build high quality, low cost devices for emerging markets, but the X is not one of these. The X will be "more contextually aware. And you can interact with it in different ways."

There's not much to go on here, but you can rest assured that we'll let you know as soon as we do.

Edit: A lot of the talk was about how the X will be different. Specifically mentioned was the battery tech, which we all care about. The question was asked:"How can you fix it, [battery life] when everyone else has struggled with it so much? There are ways to improve it, but can you solve the underlying problem? How do you go about doing that?"

The answer:

I'll save the more detailed discussion for later. But your question about how you understand the change in state and optimized the battery we have some of the best engineers, and they've created a system where there are two processors that are more aware.

So we can expect an all-new "smart" battery monitoring processor of some sort. I can't wait for the details on this!

Via: Moto X to be the lead device for the new Motorola

Deal of the Day: SPE Leather Slider Case for Galaxy Note 2 and Galaxy Note

The May 29 ShopAndroid.com Deal of the Day is the SPE Leather Slider Case for Galaxy Note 2 and Galaxy Note. This case is made of genuine leather and designed to offer top-notch comfort, quality, and ease of use. The interior features a soft padding which keeps your device's screen safe from scratches even while inside the case. Comes in black, brown and white.

The SPE Leather Slider Case is available for just $12.00, 60% off today only. Backed by our 60-day return policy and fast shipping!

Never miss a deal. Sign up for Daily Deal alerts

Via: Deal of the Day: SPE Leather Slider Case for Galaxy Note 2 and Galaxy Note

[Deal Alert] Refurbished Nexus 10 32GB On Sale For $380 (Plus $5 Shipping) On Woot - $65 Off

It's been more than half a year since Google officially unveiled the Nexus 10 tablet, and the Samsung-made device has yet to be dethroned as the debatable king of Android slates. If you've been waiting for a sweet deal to grab your own, you'd better hurry: the closeout specialists at Woot.com have the 32GB version on sale at Tech.Woot for just $380, a whole $70 off the Play Store retail price, and still cheaper than the 16GB version at most outlets. As with all Woot sales, shipping to the United States (lower 48 only) is just $5.

Why the big discount? Technically this is a refurbished unit, but it comes with a one-year warranty, and Woot has a pretty good reputation when it comes to refurbished sales. If that still isn't enough for you, this particular sale is eligible for a SquareTrade extended warranty, which offers "no questions asked" protection for just under sixty bucks extra - still within your savings margin.

In case you're wondering, the cheapest we had seen the 32GB Nexus 10 before now was $430 over at eBay Daily Deals. This is one of Woot's extended sales, so the time limit is three days instead of just 24 hours. That said, you should still pounce on the Nexus 10 right when you read this if you intend to buy it - if Woot's stock runs out, the sale is over. Quantities are limited to one per customer.

Tech.Woot.com - Google Nexus 10 32GB (Refurbished)

Thanks, Kyle!

Via: [Deal Alert] Refurbished Nexus 10 32GB On Sale For $380 (Plus $5 Shipping) On Woot - $65 Off

The Nexus 4 Zebra Edition

Is it the hot new look for the summer season, or just a black and white mess? There's a poll, let us know!

BlackBerry users have their Oreo, webOS users love their Panda, and now the Android faithful have their very own zebra -- that's with the short e, in the proper Queen's English. (Read it in Alex's voice)

The zebra acts a whole lot like the regular, plain old black (and now white) version, but it's more zebra-like. Sporting a fun, yet business-ready black and white look, it's ready for anything while staying stylish no matter what you throw at it.

OK, I'll stop. But it is a pretty unique look, bound to have people who love it as well as folks who hate it. I'm digging the white one with the black bumper myself. What do you think? Answer the poll after the break, then fill the comments with praise or curses to let us all know why you feel that way. And of course, head into the forums where the zebra was first spotted.

Via: The Nexus 4 Zebra Edition

Google Spins Up 'Roll It' To Turn Your Phone Into A Skee-Ball WiiMote, Wrist Straps Not Included

It's the late afternoon - wouldn't you like to sneak out of work to head down to the boardwalk and play some skee-ball? Well, Google might not be able to hide your tracks as you escape your day job, but you can still salvage some fun while locked away in your office. A new Chrome Experiment has just been launched that uses your phone's accelerometer to fling a virtual ball on your desktop browser.

The setup is simple, just browse to g.co/rollit on both your desktop and smartphone. It seems most mobile browsers will work, even Safari on the iPhone. Click through the instructions on both screens until you are asked to enter a code, which will be used to pair your phone and desktop. Once connected, use your thumb to aim the ball, tilt the phone to control the starting position, and swing your arm. While you should hold onto your phone carefully, the game expects a fairly gentle, slow-speed motion. Nobody wants to see your phone careening over the wall of your cubical. Every level offers a new board and a special ball with a randomly chosen power.

Google has created quite a few novelties like this in the past, including another one that uses your phone as a controller. If you have the time, check out the Chrome Experiments page for some of the other cool ideas from Google and many other developers. Now you've got several ways to waste the rest of your work day.

Chrome Experiments, Roll It

Via: Google Spins Up 'Roll It' To Turn Your Phone Into A Skee-Ball WiiMote, Wrist Straps Not Included

Deal of the Day: Body Glove Hybrid Fusion Steel Case for Galaxy S4

The May 28 ShopAndroid.com Deal of the Day is the Body Glove Hybrid Fusion Steel Case for Samsung Galaxy S4. Protect and personalize your Galaxy S4 with the Body Glove Fusion Steel Case - a flexible TPU skin cover with a brushed metal design inlay on the back. The skin gives your phone the slick look of a hard case while providing shock-absorbing protection. Comes in black or purple.

The Body Glove Hybrid Fusion Steel Case is available for just $19.00, 37% off today only. Backed by our 60-day return policy and fast shipping!

Never miss a deal. Sign up for Daily Deal alerts

Via: Deal of the Day: Body Glove Hybrid Fusion Steel Case for Galaxy S4

Popular Music App doubleTwist Going Holo In Next Update Possibly Live May 28th

It looks like the folks at doubleTwist are hard at work on a new version of their music playback/syncing app for Android, but we're not supposed to know that yet. Someone seems to have jumped the gun a little bit and posted the news on the doubleTwist blog. The post was locked down almost immediately, but not before we spotted it. The news? As the post says, the future is Holo(graphic).

This is less a complete redesign of doubleTwist than it is a realignment. The current UI was just rolled out late in 2012, and the updated version will essentially be flattening the interface, changing up the colors, tweaking fonts, and finally fixing the menu/action bar situation. This app has gone though a number of significant design changes as Android itself has. As explained in the blog post, DT's designers were reluctant to ditch some of the custom UI elements implemented in doubleTwist over the years. There was concern that the Holo guidelines could shift in future versions of Android. Now that the Holo UI appears to have stuck, doubleTwist is finally getting more in-line with Android's design language.

The phantom blog post has yet to go back up as of this writing, probably because it was supposed to coincide with the Play Store app update. Although, it's possible something has been delayed. Check out these screens for a peek at what the current "old" UI looks like:

The doubleTwist post is dated May 28th, so it's a safe bet we'll see the update tomorrow. Check below for the full text of the post.

Its no secret that at doubleTwist, were constantly working on improving the design and usability of our apps. You can read about our long design process for something as simple as an Alarm Clock app we are still very proud of doubleTwist Alarm, and its success! For our latest major release, the newly updated doubleTwist player, Id like to take a little trip down memory lane so I can explain what made us a little slower to introduce this new, Holo version of doubleTwist.

When our Android player first came out, Android looked very different:

In fact, it was a given that Android was still in a phase of dynamic and constant change. The user interface of Android was simply struggling to find an identity, a visual style that it could truly own and be recognized by. At doubleTwist, wed certainly found our own look and feel, but its a real challenge for a designer to come up with a design for an application on a platform that hasnt truly found its own native appearance yet. Not only was Android rather garish looking, it was also changing its UI guidelines and styles very often. When we first launched, it had just made several complete U-turns on design guidelines: for instance, where Google at first advised icons to be designed in a slanted, 3D perspective, icons were now to be flat, without any kind of perspective, using minimal decoration. This trend of sudden drastic changes in design styles continued as Android grew older: the system font for Android changed, green and orange highlight colors were phased out, and with Android version 3.0 a new design style called Holo was introduced. I was very interested in Holo: I felt like the design team at Google was on to something with its simple lines and flat surfaces.

However, as you may be able to understand from our history (and Androids!), we were reluctant to adopt an entirely new design style for doubleTwist. We hadnt simply pushed out a design and maintained its appearance: as Android shifted in its user interface conventions and appearance, we tried our best to change with it and look like we belonged and fit in, without investing too much into the visual style of a single Android release.

Fortunately for us and all developers, Google stuck to Holo and while it is refining the style, its basic concepts and core principles remain somewhat consistent. Weve waited long enough: its time for doubleTwist to adapt. Weve heard your requests and Googles and were now pushing out what is the first part of a major redesign: the Holo Release, stage 1.

We havent simply adopted Holo, but worked to incorporate everything great about Googles latest and best designs to bring doubleTwist fully in line with their conventions and design patterns. Navigation throughout the app now uses the Up button, we use the system action bar with accessible actions for any screen (for instance, switching between methods of viewing albums in Album view), but we havent lost our smooth and good-looking dark style in the process. We took a lot of care to balance the clean and crisp look of Holo with our own aesthetic and I think it turned out fantastic.

doubleTwist Player now has a whole slew of new screens that work in both portrait and landscape, with often optimized layouts for landscape devices and usage modes.

But hopefully youll also see smaller changes: with the care we put into typographically redesigning every single view and changing the color and layout to be more pleasing, something as simple as a list view of songs now looks fantastic. We really minded the details: even though we had very intensely custom-designed alert dialogs and prompts in the past, but weve completely redesigned these to be Holo-compliant. Our new alerts are lightweight and designed with clean, well laid out typography and with occasional use of color highlights.

All in all, we left no stone untouched. From the basic look and feel of icons in the main grid view, to the actual little app icon, to the smoothness of animations, weve worked very hard to make this new, lighter and redesigned doubleTwist a pleasure to use and feel absolutely perfectly at home on Android right now, and in the future.

We have more drastic changes and improvements planned for the future that will bring the doubleTwist experience to even more devices. We are also optimizing doubleTwist for larger screens and devices to create a stellar app that will blow you away. We hope you expect nothing less from us.

doubleTwist is handcrafted with in San Francisco.

[doubleTwist Blog]

Via: Popular Music App doubleTwist Going Holo In Next Update Possibly Live May 28th

Facebook Patches Privacy Flaw In Pages Manager For Android

Over the weekend, Android Police received a tip about a serious privacy hole in Facebook Pages Manager for Android that made some privately uploaded photos public. Shortly after I made the details of the issue public, Facebook Security got in touch and let us know that its engineers were looking into the report and trying to get a fix up soon.

At 4:19pm PT today, I received a follow-up email from Facebook Security that confirmed a fix had been rolled out server-side, and no app update was necessary. The issue was introduced about a week prior, and the company promised to conduct a thorough internal review to investigate how it could have happened and how it could prevent similar issues in the future.

Additionally, in response to my inquiry regarding removal of all photos that were set public in error, Facebook Security said the engineering team is currently combing through everything and is planning to take them all down once they're positively and definitively identified.

I have verified that the fix is indeed working, so we can now consider this case closed.

For completeness, here is the relevant part of Facebook's response in full:

Hi Artem,

To update, we had engineers working through most of the night (California time) on this and they deployed a server-side fix within hours of getting the report. This patch stops the problem for anyone using the app without them needing to update. We're currently checking for any photos that were posted due to this bug and plan on taking them down once they're confirmed.

When it comes to the timeframe, this issue was introduced after a server-side change about a week ago. We'll certainly be performing a thorough review to investigate how all of this happened and help ensure that it doesn't happen again.

Thanks for the feedback on the whitehat page; we've worked to raise awareness of it among security researchers, but we'll look at taking more steps to make it easier to find for other users as well. There's some overlap between security and privacy, and while this may not have been a vulnerability for an attacker to exploit, it's certainly the sort of issue we'd want to know about. As the whitehat page indicates, we built it for reporting bugs "that could compromise the integrity of Facebook user data, circumvent the privacy protections of Facebook user data, or enable access to a system within the Facebook infrastructure".

By the way, if you have any details on what avenues Joann used in trying to notify us of this, I'd definitely like to review those reports to understand why they weren't picked up on sooner. We really appreciate her trying to get this fixed and want to ensure any future reports don't get overlooked or delayed.

Thanks again for the heads-up,

Rory
Security
Facebook

Via: Facebook Patches Privacy Flaw In Pages Manager For Android

Samsung teases 'Premiere 2013' London event for June 20

New Galaxy and Ativ devices promised

The teaser image above has just hit the Samsung Mobile press site, bringing news of new Galaxy (Android) and Ativ (Windows) devices. "Samsung Premiere 2013" will take place on Thursday, June 20 at London's Earls Court Exhibition Center -- that's the same venue that hosted the Galaxy S3reveal last year. The action's set to begin around 7pm local time, and Samsung will be livestreaming everything on YouTube.

The first of the three teaser images accompanying the news looks an awful lot like the Galaxy S4 Activewe've seen leak in recent days. The other two are a bit less conspicuous -- there's what looks like the lid of a laptop, and some kind of glowing ring. It's possible (however unlikely) we could see more Windows Phone hardware from Samsung at the event. Our money's on new Ativ-branded Windows 8 tablets or laptops, though. On the Android side, we might see the extensively-leaked Galaxy S4 Mini debut alongside the Active.

What are you hoping to see from Samsung in London next month? Hit the comments and let us know!

Source: Samsung Mobile Press

Via: Samsung teases 'Premiere 2013' London event for June 20

Deal of the Day: Incipio DualPro Hard Case for Samsung Galaxy S4

The May 27 ShopAndroid.com Deal of the Day is the Incipio DualPro Hard Case for Samsung Galaxy S4. Featuring a high quality polycarbonate plastic exterior embedded in a shock absorbing silicone core, this case provides sturdy protection without sacrificing style. There's complete access to the screen and ports of the device, and is available in black, pink, blue or white.

The Incipio DualPro Hard Case is available for just $22.00, 27% off today only. Grab yours while supplies last!

Never miss a deal. Sign up for Daily Deal alerts

Via: Deal of the Day: Incipio DualPro Hard Case for Samsung Galaxy S4

Serious Privacy Flaw In Facebook Pages Manager For Android Exposes Private Pictures For Everyone To See [Updated]

• The Flaw
• Flaw Demo

Stop me if you've heard this one before: Facebook has a privacy hole that exposes private information to the public. And it's a serious one, this time in Facebook Pages Manager for Android, which has been installed over 5 million times since January of this year. Let me explain.

Update 5/26/13 11:30pm PT: Rory from Facebook Security has informed me that the company is looking into the issue and "will try to get a fix up soon."

The Flaw

Yesterday, Android Police reader Joann MacDonald tipped us off to a critical bug in the aforementioned application created by Facebook to help Facebook Page admins manage their Pages. The Android app, originally launched on January 4th of this year and currently sitting at version 1.4, has a private messaging feature, predictably called Messages. Messages lets Page managers communicate with Facebook users who contact Pages and is essentially the Facebook equivalent of email. Email that supports picture attachments.

Here's the problem. Right now, if a Page manager of any Page, say AndroidPolice, replies to any private message and attaches a picture in this private reply, this picture will be immediately and very publicly posted to the wall of the Page. To everyone visiting the wall, which is usually the first thing you see when you go to a Page on Facebook (in our case facebook.com/AndroidPolice), the photo will look like a regular message posted with Public settings by the page itself.

Joann wrote:

I sent a PayPal screen dump to a customer who thought her payment never went through, and went straight to my page showing her name, address and value of order and payment status. It's caused me major stress as you can imagine.

According to Joann, several attempts to contact Facebook were made but all were left unanswered (everyone, feign surprise). She added:

Don't want anyone else being cost money... bloody thing cost me 80 quid in giving a free bracelet to the customer :-)

We verified that this bug is present in the Android version 1.4 of Facebook Pages Manager and does not manifest itself if you use the Facebook site. We have not tested the iOS app.

Flaw Demo

Here is the test we carried out:

1. I messaged the AndroidPolice page from a personal account (Artem Russakovskii) and attached a picture I called Test ("We'll do it live!"). As expected, only the Page managers and I could see this message and the picture within.
2. A page manager then replied to this private message by going to the Messages tab in the Android app, then tapping on the private message and attaching a picture we called Test2 (the Android Police wallpaper with the chrome Android).
3. At this point, this privately sent picture was immediately posted to facebook.com/AndroidPolice and started rapidly accumulating Likes by unsuspecting page visitors who were under the impression that they were just looking at an AP wallpaper we posted to share with them.
4. As you can see from the last screenshot, the private picture was uploaded by the Android app to a public area called Android Police's Photos under Timeline Photos, and its thumbnail was even visible right under the header next to the About section.
5. Yup, Shared with: Public, as if we had any doubt by now.
   
6. As I mentioned, the next picture (a green Android Police badge), sent via Facebook's desktop site, was correctly limited to the private conversation and was not visible to the public. The issue is limited to the Android app.

^{Test2 was sent by the Page to the user in a private message (middle) but immediately showed up in public (right)}

^{The same view from Facebook's desktop site}

Note: I have selected the full disclosure route in reporting the incident in hopes that Facebook will no longer have the option to ignore or brush it off (I have found at least three Play Store comments in the last week that have echoed this concern, and Joann's own attempts to contact Facebook were futile). Considering that this is not even a vulnerability or an exploit but rather a PSA (the more Facebook Page managers and users are aware of it, the better), this disclosure method is perfectly fine here.

As Joann's example above showed, the privacy violation could be very serious in certain situations exposing personal details and other sensitive information, and Facebook should fix it as soon as possible. We'll keep you updated on the progress.

Via: Serious Privacy Flaw In Facebook Pages Manager For Android Exposes Private Pictures For Everyone To See [Updated]

Serious Privacy Flaw In Facebook Pages Manager For Android Exposes Private Pictures For Everyone To See

• The Flaw
• Flaw Demo

Stop me if you've heard this one before: Facebook has a privacy hole that exposes private information to the public. And it's a serious one, this time in Facebook Pages Manager for Android, which has been installed over 5 million times since January of this year. Let me explain.

The Flaw

Yesterday, Android Police reader Joann MacDonald tipped us off to a critical bug in the aforementioned application created by Facebook to help Facebook Page admins manage their Pages. The Android app, originally launched on January 4th of this year and currently sitting at version 1.4, has a private messaging feature, predictably called Messages. Messages lets Page managers communicate with Facebook users who contact Pages and is essentially the Facebook equivalent of email. Email that supports picture attachments.

Here's the problem. Right now, if a Page manager of any Page, say AndroidPolice, replies to any private message and attaches a picture in this private reply, this picture will be immediately and very publicly posted to the wall of the Page. To everyone visiting the wall, which is usually the first thing you see when you go to a Page on Facebook (in our case facebook.com/AndroidPolice), the photo will look like a regular message posted with Public settings by the page itself.

Joann wrote:

I sent a PayPal screen dump to a customer who thought her payment never went through, and went straight to my page showing her name, address and value of order and payment status. It's caused me major stress as you can imagine.

According to Joann, several attempts to contact Facebook were made but all were left unanswered (everyone, feign surprise). She added:

Don't want anyone else being cost money... bloody thing cost me 80 quid in giving a free bracelet to the customer :-)

We verified that this bug is present in the Android version 1.4 of Facebook Pages Manager and does not manifest itself if you use the Facebook site. We have not tested the iOS app.

Flaw Demo

Here is the test we carried out:

1. I messaged the AndroidPolice page from a personal account (Artem Russakovskii) and attached a picture I called Test ("We'll do it live!"). As expected, only the Page managers and I could see this message and the picture within.
2. A page manager then replied to this private message by going to the Messages tab in the Android app, then tapping on the private message and attaching a picture we called Test2 (the Android Police wallpaper with the chrome Android).
3. At this point, this privately sent picture was immediately posted to facebook.com/AndroidPolice and started rapidly accumulating Likes by unsuspecting page visitors who were under the impression that they were just looking at an AP wallpaper we posted to share with them.
4. As you can see from the last screenshot, the private picture was uploaded by the Android app to a public area called Android Police's Photos under Timeline Photos, and its thumbnail was even visible right under the header next to the About section.
5. Yup, Shared with: Public, as if we had any doubt by now.
   
6. As I mentioned, the next picture (a green Android Police badge), sent via Facebook's desktop site, was correctly limited to the private conversation and was not visible to the public. The issue is limited to the Android app.

^{Test2 was sent by the Page to the user in a private message (middle) but immediately showed up in public (right)}

^{The same view from Facebook's desktop site}

Note: I have selected the full disclosure route in reporting the incident in hopes that Facebook will no longer have the option to ignore or brush it off (I have found at least three Play Store comments in the last week that have echoed this concern, and Joann's own attempts to contact Facebook were futile). Considering that this is not even a vulnerability or an exploit but rather a PSA (the more Facebook Page managers and users are aware of it, the better), this disclosure method is perfectly fine here.

As Joann's example above showed, the privacy violation could be very serious in certain situations exposing personal details and other sensitive information, and Facebook should fix it as soon as possible. We'll keep you updated on the progress.

Via: Serious Privacy Flaw In Facebook Pages Manager For Android Exposes Private Pictures For Everyone To See

Tapatalk 4 beta released, we go hands-on!

A fresh UI, new features and a way to manage all your forum accounts in the new Tapatalk 4 beta

Tapatalk should be a familiar name to anyone who spends time browsing forums on their Android phone. Its designed to rework the often tedious process of navigating pages, forums and threads on a small screen, providing a cleaner, phone-friendly layout and some unique features to boot.

Today the Tapatalk team has released the first beta build of an all-new version of their app, Tapatalk 4. Weve had the chance to preview the newTapatalk for several days, and get to grips with all the new features. So let's take a look at whats new in Tapatalk 4 beta. We've got video and more after the break.

A new, cleaner Holo layout

The new version of Tapatalk is designed around the Android 4.0 API level. That means youll need a phone running Ice Cream Sandwich or later to use it, but building atop newer Android APIs allows for more advanced features, including the completely re-tooled layout. Tapatalk 4 follows Androids Holo design guidelines -- a Holo light style is used by default, but a dark option is also available. (This can also help you save battery power on devices with AMOLED screens.)

Tapatalk 4 looks, feels and behaves like a proper, native Android app. Theres an action bar up top, a slide-out menu bar of the sort used by many Google apps, and individual forum posts are arranged in a card layout not unlike those found in Google Now. Its also a speedy performer and easy to navigate, which helps.

The move up to a higher Android API level also allows Tapatalk to utilize push notifications, as opposed to more battery-intensive pull notifications.

Single sign-in with Tapatalk ID

As of Tapatalk 4, you can use a single login to manage all your various forum accounts. (Forum owners will have to update to the latest version of the plugin to enable this.) Sign in with a Tapatalk ID and your app will be populated with a list of associated accounts, even if its the first time youve signed in on that device. This makes life a good deal easier if you have multiple devices -- or if youre a power user constantly switching between ROMs on your phone.

New posting and viewing experience

As weve already mentioned, posts and threads are arranged into a card-like layout, and once youre into a thread you can easily change pages by swiping left and right. Its also possible to backtrack using the dropdown list in the action bar up top and head back to the parent forum.

When it comes to posting messages, you can add a quick reply down below, or press the plus icon to add more detail, including smilies, URLs and images -- and the Tapatalk team has evidently been busy with new image features in this release.

When you post attach a photo, you can apply a wide range of Instagram-like effects, add text, rotate, crop, and tweak things like contrast, saturation, sharpness through an Aviary-powered photo editor. You can even draw on top of your photos if you like.

All in all, its a worthy upgrade to the leading forum app for Android, with plenty of new features to get stuck into and a clean new UI thatll please Android purists. The Tapatalk 4 public beta is available now on Google Play -- hit the Play Store link at the top of this post to grab the app. Share your thoughts down in the comments -- or better still on the Android Central forums through the app itself.

Via: Tapatalk 4 beta released, we go hands-on!