Microsoft Edge for Android recently reached the 1 million download mark and now the browser is in the list of top 20 Free Apps chart on the Google Play Store, meaning that the company’s browser is actually popular among the Android users. Since Microsoft Edge has ditched the preview tag, the browser is actually gaining huge popularity.
This is also a living proof that Microsoft is very keen on becoming a top developer on rival mobile platforms, with more focus on Google’s Android. Since Microsoft Edge is now expanding to rival mobile platforms, this would also help the browser gain some more market share.
Microsoft Edge is the 17th popular app after Facebook and Netflix on the Play Store, according to the top 20 apps chart. Microsoft Edge debuted in 2015 and the browser has barely improved its market share on the PCs since then, on the other hand, Microsoft Edge is growing at least on the rival mobile platform, while Google Chrome is the top choice for any user.
Since the Microsoft Edge adoption rate is going strong on Android and iOS, we can assume that the Microsoft is pretty satisfied with the performance of its browser. At the time of writing this story, Microsoft Edge has between 1 million and 5 million hits on the Google Play Store.
Microsoft Edge on Android comes with important feature like ‘Continue on PC’ and Password Sync, it could also boost adoption of the browser on desktops as many users are looking for applications that support cross-platform syncing, however, the feature requires a Microsoft account to function. You can get the Microsoft Edge browser from the Google Play Store by clicking on the below link.
Facebook is building on its open-source performance build tool, Buck, to speed up development and minimize the time it takes to test code changes in Android apps.
Buck is designed to speed up builds, add reproducibility to builds, provide correct incremental builds, and help developers understand dependencies. The company first open sourced the solution in 2013.
“We’ve continued to steadily improve Buck’s performance, together with a growing community of other organizations that have adopted Buck and contributed back. But these improvements have largely been incremental in nature and based on long-standing assumptions about the way software development works,” Jonathan Keljo, software engineer at Facebook, wrote in a post. “We took a step back and questioned some of these core assumptions, which led us deep into the nuances of the Java language and the internals of the Java compiler.”
According to Keljo, the team has completely redesigned the way Buck compiles Java code in order to provide new performance improvements for Android engineers.
The solution is also introducing rule pipelining, which Keljo says is designed to shorten bottlenecks, and increases parallelism to reduce build times by 10 percent.
“Buck is usually able to build multiple rules in parallel. However, bottlenecks do occur. If a commonly used rule takes awhile to build, its dependents have to wait. Even small rules can cause bottlenecks on systems with a high enough number of cores,” Keljo wrote.
Rule pipelining now enables dependent rules to compile while the compiler is still finishing up dependencies. This feature is now available in open source, but is not turned on by default.
The company is also announcing source-only stub generation to flatten the dependency graph and reduce build times by 30 percent.
“Flatter graphs produce faster builds, both because of increased parallelism and because the paths that need to be checked for changes are shorter,” Keljo wrote.
Gameloft recently announced that it would no longer support the Windows Phone platform, blaming Microsoft for not supporting its own mobile operating system. While the company stated that it wouldn’t support Dungeon Hunter and some selected games, however it is likely that no new games will be released for Windows Phone because the platform is unfortunately dead.
A week ago, Gameloft’s Community Manager revealed that it is dropping support for Windows Phone because of Microsoft. “Microsoft announced recently that they are discontinuing development of this platform, for that reason, we will not be able to keep creating updates for DH5 for Windows Phones,” the company said in the forum.
However, today the company has released yet another statement, this time Gameloft has said that Windows Phone is no longer being supported because of low user base. Surprisingly, Gameloft is not blaming Microsoft anymore.
“An internal miscommunication led to an incorrect statement regarding the end of support for Dungeon Hunter 5 on Windows Phones. To clarify, the reason we will not be able to release further updates for Windows Phones is that, unfortunately, the community of players on this platform has become too small for us to support.
We thank all Windows Phone players for their continuous engagement in Dungeon Hunter 5, and want to offer them the possibility to migrate their progress to Windows PC, or to an iOS/Android device, in order to continue playing with the most recent content and events. Dungeon Hunter 5 will still be available on Windows Phone for those who choose to remain on this platform, with all its current functionalities, but will not receive updates,” Gameloft said in a statement.
Gameloft recently released a new game for Windows Phone and PC, despite saying it wouldn’t do so. But now as Windows Phone platform is no longer being supported, more and more users are likely to quit the platform for Android or iOS, as a result Gameloft will also not release any new games for Microsoft’s mobile platform.
Google surprised Android developers back in May when it announced for the first time it was adding a new programming language to the operating system. Since then, Kotlin language adoption has exploded among developers so much that it is set to overtake Java in the next couple of years, according to a new report.
Realm, a real-time mobile platform provider, announced the first edition of the Realm Report. The report takes an in-depth look at the mobile development world based on the analysis of its more than 100,000 active developers.
Kotlin is a statically typed programming language developed by JetBrains for JVM, Android, JS browser and native applications. According to the Realm Report, since August 2015, the number of applications built with Kotlin has increased by 125%, and about 20% of Kotlin applications today were previously built with Java.
In addition, the report found the number of Android apps built with Java has decreased by 6.1% over the past four months. Realm predicts by December 2018 Kotlin will overtake Java for Android development similarly to how the Swift programming language overtook Objective C for iOS app development.
Realm notes the rapid adoption of Kotlin and Swift point to an ongoing migration to modern programming languages. “There are seven major languages for mobile platforms today, but the balance of power is quickly shifting. Not too long ago, Swift didn’t exist. Now, it towers over Objective-C for iOS developers,” according to the report.
“Given the position of the Realm Mobile Database as the world’s most popular independent in-app mobile database, we have unique insight into what developers are using to build next-generation, responsive mobile apps that meet consumer and business demands,” said Alexander Stigsen, CEO and co-founder of Realm. “By analyzing the choices developers make on programming tools, languages and platforms, the Realm Report provides the mobile community with actionable insights on the best approaches for building breakthrough experiences.”
The open source database PostgreSQL has announced the release of their latest version, PostgreSQL 10. It includes the ability to distribute data across many nodes, also known as a divide and conquer strategy. Other features include logical replication, declarative table partitioning, improved query parallelism, quorum commit for synchronous replication, and SCRAM-SHA-256 authentication.
Logical replication will enable users to send modifications to different databases. The new release improves upon the existing table partitioning by providing a new syntax, which allows users to create and maintain range and list partitioned tables. The update also provides better queries by enabling more parts of the query execution to be run in parallel. The quorum commit allows for flexibility in how the primary database gets confirmation that changes were successfully written to replica databases. And the SCRAM-SHA-256 authentication is designed to provide a more secure way of authentication than what was previously in place.
Red Hat announces Red Hat Container-Native Storage 3.6 Red Hat has announced the release of Red Hat Container-Native Storage 3.6, which will be available later this month. Container-Native Storage integrates with their OpenShift Container Platform, the latest version of which was released in August. New features include block storage, support for core infrastructure elements of Red Hat OpenShift Container Platform, and the ability to have three times as many applications and microservices deployed on a single cluster, according to the company.
“As enterprises deploy containers, many see a need for storage solutions designed specifically for these types of systems,” said Ranga Rangachari, vice president and general manager of Storage at Red Hat. “Red Hat Container-Native Storage, optimized for multi/hybrid cloud deployments with Red Hat OpenShift Container Platform, offers that.”
Microsoft Edge to be released on iOS and Android
Microsoft has announced that they will be bringing Microsoft Edge to iOS and Android devices. Currently, it is available in iOS to limited number of users as a part of Apple’s TestFlight system. It will be available soon as part of the company’s Play Store Early Access. Microsoft Edge is built on the EdgeHTML platform, but the iOS version will be built using the WebKit engine and the Android version will be built using the Blink rendering engine from Chromium. The mobile version will be able to sync with the desktop version so that users can open pages on their phone and then pick up where they left off on their computer.
“A web platform is a complex piece of technology that in many respects duplicates aspects of an entire operating system in a single app,” Sean Lyndersay, principal program manager lead for Microsoft Edge, wrote in a post. “Taken in that light, it should then not be a surprise that we have chosen to adopt the core web platform technologies on each of the app platforms we are announcing today.”
ReactOS moves to decentralized Git repository
The ReactOS source code has been migrated to a Git repository. According to the company, the team has been wanting to move to a decentralized repository for years, but were unable to do so until now. They are still in the process of rewriting development documentation that reflects changes after the Git migration. “We expect that this move greatly improves the way we collaborate on ReactOS development and reduces the barriers for newcomers,” said Colin Finck in a blog post.
The Angular team has announced support for Cloud Firestore in AngularFire.
Cloud Firestore was released into public beta this week by the Google Firebase team. It features querying; real-time data synchronization; iOS, Android and web SDKs with offline data access; and multi-region data replication.
AngularFire is the official Angular library for Firebase. “AngularFire combines the power of Angular, Firebase, and RxJS to act as your serverless backend. It includes modules for the Realtime Database, Firebase Authentication, and now we’ve added Cloud Firestore to that list,” according to an Angular blog post.
With Cloud Firestore, AngularFire now features improved querying and offline data.
In an effort to make its platform better for new and logged-out users – and presumably, folks who don’t tweet much – Twitter is rolling out a new feature that surfaces articles that people in your feed are talking about.
BuzzFeed News first spotted links to stories under a ‘Popular Articles’ header in the Explore tab on Twitter’s mobile app today. In addition to articles that your network is engaging with, you’ll also see stories that are gaining steam among users in your area.
Twitter has confirmed that the feature is rolling out to Android and iOS, but it might be a little while before you see it in your feed.
As BuzzFeed noted, Popular Articles feels a bit like Nuzzel, which bundles links to hot stories from your network into a newsletter.
I’m excited about this feature because I don’t tweet a whole lot (I even disconnect entirely on weekends), but I do log on to Twitter to see what stories everyone else is talking about.
There are loads of people I follow who are connected to things I care about, but whose tweets I don’t particularly enjoy. As such, it feels tedious to wade through them. With Popular Articles, I hope to have to do less of that in order to find things I should be reading. Thanks, Twitter.
Eight zero-day vulnerabilities affecting the Android, Windows, Linux and iOS implementations of Bluetooth can be exploited by attackers to extract information from, execute malicious code on, or perform a MitM attack against vulnerable devices.
The vulnerabilities, collectively dubbed BlueBorne by the researchers who discovered them, can be exploited without users having to click on a link or download a questionable file – in fact, no action by the user is required to perform the attack. Also, attacks exploiting them spread through the air, so it’s difficult to detect them and are highly contagious. Users will also not be able to detect whether they are being hit with a BlueBorne attack.
The only prerequisite for a successful attack is that Bluetooth, a widely used wireless communication protocol for exchanging data over short distances, is enabled on a target device. Unfortunately, it is often enabled by default on too many devices.
“Unlike the common misconception, Bluetooth enabled devices are constantly searching for incoming connections from any devices, and not only those they have been paired with,” the researchers explained. “This means a Bluetooth connection can be established without pairing the devices at all. This makes BlueBorne one of the most broad potential attacks found in recent years, and allows an attacker to strike completely undetected..”
The researchers, from enterprise IoT security company Armis, identified the following security flaws:
Linux kernel RCE vulnerability – CVE-2017-1000251
Linux Bluetooth stack (BlueZ) information leak vulnerability – CVE-2017-1000250
Android information leak vulnerability – CVE-2017-0785
Android RCE vulnerability #1 – CVE-2017-0781
Android RCE vulnerability #2 – CVE-2017-0782
The Bluetooth Pineapple in Android – Logical Flaw – CVE-2017-0783
The Bluetooth Pineapple in Windows – Logical Flaw – CVE-2017-8628
Apple Low Energy Audio Protocol RCE vulnerability – CVE-2017-14315
More technical details about each can be found in this paper, but the short story is this:
“The BlueBorne attack vector has several stages. First, the attacker locates active Bluetooth connections around him or her. Devices can be identified even if they are not set to “’discoverable’ mode. Next, the attacker obtains the device’s MAC address, which is a unique identifier of that specific device. By probing the device, the attacker can determine which operating system his victim is using, and adjust his exploit accordingly. The attacker will then exploit a vulnerability in the implementation of the Bluetooth protocol in the relevant platform and gain the access he needs to act on his malicious objective. At this stage the attacker can choose to create a Man-in-The-Middle attack and control the device’s communication, or take full control over the device and use it for a wide array of cybercriminal purposes.”
Here is a demonstration of a BlueBorne attack against a Samsung smartwatch running the Linux-based Tizen OS:
“These silent attacks are invisible to traditional security controls and procedures. Companies don’t monitor these types of device-to-device connections in their environment, so they can’t see these attacks or stop them,” noted Yevgeny Dibrov, CEO of Armis.
How many and which devices are vulnerable?
According to the researchers, the BlueBorne attack vector can potentially affect all devices with Bluetooth capabilities, estimated at over 8.2 billion devices today.
Among the vulnerable devices are Google Pixel smartphones, Samsung Galaxy phones and tablets, all Windows computers since Windows Vista, Samsung smartwatches, TVs and refrigerators, All iPhone, iPad and iPod touch devices with iOS 9.3.5 and lower, and AppleTV devices with version 7.2.2 and lower, the Pumpkin Car Audio System, and so on.
Naturally, the discovery of the vulnerabilities was shared months ago with the likes of Google, Microsoft, Apple, Samsung, and the Linux kernel security team.
Google has pushed out patches in the September Android update (for Nougat and Marshmallow, i.e v7.0 and 6.0) and provided the patches to its partners in August (but who knowns how soon those partners will ready them for users). Microsoft pushed out patches on Tuesday, September 12.
Apple will not be pushing out an update, because the vulnerability affecting its Bluetooth implementation has already been mitigated in iOS 10 and users are encouraged to upgrade to it. Finally, Linux maintainers will release a fix soon.
But, in the meantime, users can also protect themselves by simply switching off Bluetooth on their devices.
The scope of the risk
“In the past, most Bluetooth vulnerabilities and security flaws originated in issues with the protocol itself, which were resolved in version 2.1 in 2007. Nearly all vulnerabilities found since were of low severity, and did not allow remote code execution. This transition occurred as the research community turned its eyes elsewhere, and did not scrutinize the implementations of the Bluetooth protocol in the different platforms, as it did with other major protocols,” the researchers noted.
Bluetooth is a difficult protocol to implement, and the researchers are concerned that the vulnerabilities they found are only the tip of the iceberg, and that the distinct implementations of the protocol on other platforms may contain additional vulnerabilities.
“Bluetooth has become one of the most commonly used technologies to connect one device to another and as the discovery of this zero-day clearly shows, it’s also a big risk,” Leigh Anne Galloway, cyber security resilience lead at Positive Technologies, commented.
“While patches for smartphones, laptops and other internet-enabled devices are relatively easy to push out, for dumber gadgets the same can’t be said. There’s a huge number of ‘things’ that rely on Bluetooth to perform their function – like speakers, or computer keyboards and mice – and, short of turning them off, there isn’t fix and that is going to leave millions vulnerable.”
“Long term, the answer is that if any device can connect to another in any way, it needs to have security built in from the outset or hackers are going to take advantage of it. In the short term, make sure that any devices that can be updated are and, where possible, turn the Bluetooth off of anything not in use,” she concluded.
Microsoft announced that its UWP Community Toolkit graduated to version 2.0 and it sets the stage for future releases. Today, there are over 100 contributors to the toolkit, and developers have downloaded the packages over 250,000 times.
With version 2.0, the toolkit is making efforts to line up with the latest Windows 10 Fall Creators Update to enable developers to take advantage of the new APIs and the Fluent Design System. The Fluent Design System will see new and existing controls updated in the coming months, and a sample app will also be updated to take advantage of new foundational elements.
“Version 2.0 introduces two new packages: Microsoft.Toolkit and
Microsoft.Toolkit.Serviceswith the commitment to support more cross platform APIs in future releases. These packages are built with .NET Standard and support any platform with .NET Standard 1.4 and above. The Bing Service is the first API to go cross-platform and there is currently work underway to move more services to the new packages.”
XebiaLabs expands its DevOps Platform
XebiaLabs expanded dual-mode DevOps capabilities in its XebiaLabs DevOps Platform version 7.1. These features give developers using Jenkins and other code tools the ability to tie in continuous integration automation into their enterprise continous delivery processes.
XebiaLabs dual-mode DevOps approach supports DevOps users across the enterprise, and it delivers new code-centric features like Environment as Code. This allows teams to “define deployment infrastructure and environments in code, making it easier for Development and Operations to collaborate on configuration management,” according to an announcement from XebiaLabs.
Amazon announces Amazon EC2 Elastic GPUs for Windows
Amazon has announced the wide release to Amazon EC2 Elastic GPUs for Windows, which can be attached to an Amazon Elastic Compute Cloud instance to boost graphics performance of an application.
They are designed for applications running on the Amazon’s cloud computing platform that require limited or intermittent boosts in graphical overhead compared to their other cloud GPU offerings like the G3 and G2.
Developers using the bare minimum of increased graphical horsepower with the Elastic GPUs can see as much as an 80 percent cost-reduction compared to the G3 and G2 line.
The EC2 Elastic GPU currently supports the OpenGL API standard with more coming soon.
Kernel self-protection with Android 8.0
According to a blog post from the Android developers team, Android 8.0 focuses on kernel self-protection with four security hardening features, which are backported from upstream Linux to all kernels supported in devices that first ship with the Android Oreo release.
Sami Tolvanen, senior software engineer at Android Security, wrote:
“Android Oreo includes mitigations for the most common source of security bugs in the kernel. This is especially relevant because 85% of kernel security bugs in Android have been in vendor drivers that tend to get much less scrutiny. These updates make it easier for driver developers to discover common bugs during development, stopping them before they can reach end user devices.”
Details on how the security team is hardening the kernel in Android Oreo can be found here.
Microsoft’s digital assistant Cortana was initially launched for Windows Phone. The company later expanded Cortana to its other products with Windows 10. As more users having Android and iPhones, Microsoft launched Cortana for the rival platform. The Redmond giant is since then updating Cortana with improvements.
Today, Microsoft is rolling out a new update to Cortana for Android. The latest update is available to download on the Google Play Store and it brings improvements. No new features have been added to the app.
Cortana on Android now works significantly faster. Microsoft has stabilized the app and fixed several crash bugs. Furthermore, Microsoft is also asking users to try the new ‘Continue on PC’ app.
Cortana is a truly personal assistant who gets to know you better all the time so she can help you keep track of the important stuff wherever you are, across your devices. You can join the Beta program