The European Union has reached a provisional agreement to amend parts of the EU AI Act, introducing simplification measures for businesses while also expanding restrictions on harmful AI applications, including so-called “nudifier” apps and AI-generated child sexual abuse material. The agreement, reached early Thursday by negotiators from the European Parliament and the Council, forms part of the EU’s broader “digital omnibus” package aimed at refining the implementation of the bloc’s landmark AI legislation. The updated proposal seeks to reduce compliance burdens and legal uncertainty for AI providers while maintaining the AI Act’s core risk-based framework. Lawmakers said the changes are designed to make the rules more practical without weakening safeguards tied to safety, privacy, and fundamental rights.

EU AI Act Deadlines Pushed to Reduce Legal Uncertainty

One of the biggest changes under the proposed amendments is the postponement of several obligations linked to high-risk AI systems. Under the revised timeline, rules for AI systems classified as high-risk due to their use cases will now apply from 2 December 2027. These systems include AI deployed in biometric identification, critical infrastructure, education, employment, law enforcement, and border management. Meanwhile, AI systems used as safety components under sector-specific EU product safety laws will face compliance obligations from 2 August 2028. The agreement also delays watermarking obligations for AI-generated content until 2 December 2026. The European Commission had earlier proposed a February 2027 implementation date. Watermarking tools are intended to help identify and trace AI-generated images, audio, and video content. Lawmakers said the postponements are necessary to ensure technical standards and implementation guidance are fully in place before the rules become enforceable.

EU Bans Nudifier Apps and AI-Generated Abuse Content

A major part of the agreement focuses on tightening restrictions around harmful AI-generated sexual content. Negotiators agreed to ban AI systems designed to create child sexual abuse material or generate explicit deepfake content involving identifiable individuals without consent. The restriction covers images, video, and audio content. The EU AI Act ban specifically applies to companies placing such AI systems on the EU market, providers failing to include reasonable safeguards against misuse, and users deploying the systems to create illegal or non-consensual explicit material. The decision directly targets “nudifier” apps, which use AI to digitally remove clothing or generate fake explicit imagery of individuals. Companies operating such systems will have until 2 December 2026 to comply with the new requirements. Michael McNamara, co-rapporteur for the Civil Liberties, Justice and Home Affairs committee, said the agreement strengthens the EU’s ability to act against AI systems that threaten human dignity and fundamental rights. “I’m pleased that this morning we reached an agreement on the AI Omnibus,” McNamara said. “Alongside simplification measures, we are banning nudification apps, a key part of the Parliament’s mandate, and, of course, the creation of child sexual abuse material using AI systems.”

Simplification Measures for AI Providers and SMEs

The amendments also introduce several simplification measures intended to reduce overlapping compliance requirements for companies developing AI technologies. Under the new framework, machinery products with AI features will no longer need to comply separately with both the EU AI Act and sector-specific safety laws if existing safety rules already provide equivalent protection. Lawmakers also narrowed the definition of “safety component” within the EU AI Act. This means AI functions designed only to assist users or improve product performance will not automatically be classified as high-risk unless their failure creates health or safety risks. Another change allows companies to process personal data where strictly necessary to detect and correct bias in AI systems, provided appropriate safeguards are in place. The agreement further extends certain exemptions previously available only to small and medium-sized enterprises (SMEs) to small mid-cap companies. EU officials said the move is intended to help startups and growing technology firms scale AI innovation more easily within Europe. Arba Kokalari, co-rapporteur for the Internal Market and Consumer Protection committee, said the revised rules strike a balance between innovation and regulation. “With this agreement, we show that politics can move just as quickly as technology,” Kokalari said. “We now make the AI rules more workable in practice, remove overlaps and pause the high-risk requirements.”

Next Steps for the EU AI Act Amendments

The provisional agreement still requires formal approval from both the European Parliament and the Council before it can become law. EU lawmakers are aiming to finalize adoption before 2 August 2026, which marks the scheduled start date for existing high-risk AI system rules under the original AI Act framework. The negotiations are part of the EU’s continuing effort to shape global standards around artificial intelligence governance while addressing concerns related to safety, transparency, and misuse of generative AI technologies.

The post The Grok-Powered Pivot: X Unveils Custom Timelines and “Snooze” Tools to Conquer Feed Slop appeared first on Daily CyberSecurity.

The Italian Data Protection Authority fine against Poste Italiane and Postepay has reached over €12.5 million, after regulators found unlawful processing of personal data affecting millions of users.

Italy’s Italian Data Protection Authority imposed a €6.6 million penalty on Poste Italiane and €5.8 million on Postepay. The action follows an investigation launched in April 2024 after multiple complaints from users regarding how their data was being handled through mobile applications.

Italian Data Protection Authority Fine Linked to Intrusive App Monitoring

The Italian Data Protection Authority fine centers on how BancoPosta and Postepay apps collected user data. Customers were required to allow monitoring of information stored on their devices, including details about installed and active applications.

According to the companies, this access was necessary to detect malware and prevent fraud in line with payment security requirements. However, the regulator found that the scope of monitoring went too far.

Authorities stated that the data collection methods were not proportionate and resulted in excessive intrusion into users’ private lives. The ruling emphasized that fraud prevention cannot justify blanket access to personal device data.

Multiple Compliance Failures Identified

The investigation behind the Italian Data Protection Authority fine also revealed broader compliance failures. Regulators flagged insufficient transparency in how users were informed about data collection practices.

The companies were also found to have not conducted an adequate Data Protection Impact Assessment. Such assessments are required when processing activities pose high risks to individual privacy.

Further issues included weak security measures, unclear policies on how long data was stored, and irregularities in defining data controller responsibilities. These gaps raised concerns about how user data was governed internally.

As part of the enforcement action, both companies have been ordered to stop the disputed data processing practices if still ongoing. They must also align their data retention policies with regulatory requirements and report compliance to the Authority.

Italian Regulator Steps Up Enforcement

The action reinforces a broader trend of stricter enforcement by the Italian Data Protection Authority across the financial sector. The Italian Data Protection Authority fines Poste Italiane and Postepay case follows another high-profile enforcement action earlier this year involving Intesa Sanpaolo. In March 2026, the regulator imposed a €31.8 million penalty on the bank after uncovering serious lapses in how customer data was protected. The case involved unauthorized access to sensitive information of more than 3,500 customers over a period of more than two years. Investigators found that a single employee had accessed customer records more than 6,600 times without any legitimate business reason. The breach went undetected for months, exposing weaknesses in the bank’s internal monitoring systems.

Insider Risks and Monitoring Gaps under Focus

The Intesa Sanpaolo case highlighted a different but equally critical issue. While Poste Italiane and Postepay were penalized for excessive data collection, the bank was fined for failing to detect misuse of legitimate access. According to the Authority, the bank’s monitoring systems were not designed to identify slow, repeated misuse of access over time. This allowed the unauthorized activity to continue without triggering alerts, even when it involved high-risk individuals such as public figures. Regulators concluded that the controls in place were not aligned with the risks associated with broad internal access to sensitive financial data. The case has since raised concerns about insider threats and the effectiveness of existing detection mechanisms within financial institutions.

Growing Pressure on Financial Services

Together, these cases reflect a tightening regulatory environment in Italy, where financial institutions are being held accountable for both overreach and underperformance in data protection. The Italian Data Protection Authority fines Poste Italiane and Postepay decision highlights the importance of balancing fraud prevention measures with user privacy. Security controls must be proportionate, transparent, and supported by proper risk assessments. At the same time, the Intesa Sanpaolo breach demonstrates that insufficient monitoring can be just as damaging, particularly when insider threats go unnoticed for extended periods. With enforcement actions increasing in scale and frequency, organizations operating in the financial sector are facing mounting pressure to reassess their data governance frameworks. The regulator’s recent decisions make it clear that both excessive data collection and weak oversight can lead to significant financial and reputational consequences.

The post The Infinite Factory: How “Vibe Coding” Sparked a 104% Explosion in AI-Generated Apps appeared first on Daily CyberSecurity.

The post Bot Revolution: How Telegram’s New “Manager Mode” Lets AI Agents Spawn Their Own Sub-Bots appeared first on Daily CyberSecurity.

WhatsApp is testing usernames that could let users chat without sharing phone numbers, adding a new privacy layer now rolling out to some beta users.

The post WhatsApp New Update Lets You Chat Without Sharing Your Phone Number appeared first on TechRepublic.

A major outage hit Russian banking apps and payments, blocking card use, cash withdrawals, and mobile access for hours.

A widespread outage disrupted banking apps and payment systems across Russia, leaving customers unable to pay by card, withdraw cash, or access mobile banking for hours. According to The Record Media, the incident affected major banks, including Sberbank, VTB, Alfa-Bank, T-Bank, and Gazprombank, and impacted multiple regions, including Moscow.

“The combined client base of VTB , Sberbank, T-Bank , and Alfa-Bank amounts to tens of millions of people across the country. Apparently, the scale of the outage is colossal and affects most regions of Russia. Complaints number in the thousands.” reported the Russian website CNews. “For example, in just one hour, more than 3,300 complaints were filed about a Sberbank outage. Over the past 12 hours, 35% of complaints came from Moscow, 8% each from St. Petersburg and the Sverdlovsk region , and 7% and 5% from the Novosibirsk and Chelyabinsk regions .”

Media say the outage comes as Russia tightens internet control, restricting apps and cracking down on VPN use.

“Russia’s major banks faced large-scale disruptions to their electronic services on April 3, according to online tracking data and customer reports.” reports Kyiv Independent. “The outage comes as the Russian government has increasingly tightened control over internet access in the country, imposing restrictions on popular apps and seeking to clamp down on the use of virtual private networks (VPNs).“

A temporary outage on April 3 affected Sberbank and spread to other major banks, including VTB Bank and T-Bank. Starting around 10 a.m. Moscow time, customers faced issues with mobile apps, transfers, and ATM withdrawals, forcing many businesses to accept only cash and causing long lines across cities.

Russia’s National Payment Card System said the disruption was due to a technical failure at one bank and did not affect funds. Reports from Kommersant linked it to a Sberbank glitch, possibly worsened by VPN use, shortly after plans to curb VPNs.

“The mass outage comes less than a week after Russia’s Digital Development Minister Maksut Shadayev said on March 30 that the government will work to “reduce the use of VPNs” — one of the few remaining ways for Russian citizens to bypass online censorship.” continues the Kyiv Independent. “Shadayev reportedly asked telecom operators and digital platforms to introduce fees and block users for using VPN services following an order by Russian President Vladimir Putin.”

Local security experts speculate that blocking VPNs likely contributed to the April 3 banking outage, describing it as possible “friendly fire” in comments to Kommersant. Russian authorities have steadily tightened online censorship since the war in Ukraine began, with restrictions accelerating in recent months. In early March, the Kremlin introduced a whitelist system allowing access only to selected, mostly pro-government sites during mobile internet outages. Internet shutdowns have become more frequent, officially justified as security measures against Ukrainian drone attacks.

The Record Media also reported that the outage also impacted public transport, with Moscow metro and suburban train turnstiles unable to accept cards, forcing staff to let passengers pass for free to avoid crowding.

By Monday, reports had largely vanished from many sites. Independent media said the Russian Internet watchdog Roskomnadzor ordered outlets to remove content linking the banking outage to its VPN-blocking efforts.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Russian banking apps)

The FBI is warning Americans about data security risks tied to foreign-developed mobile apps, especially those linked to China.

The post New FBI Warning: Chinese Apps Could Expose User Data appeared first on TechRepublic.

Samsung will discontinue its Messages app in July 2026, pushing users to Google Messages with RCS, AI, and security upgrades.

The post Samsung to Shut Down Its Messaging App, Switch to Google Messages in July appeared first on TechRepublic.

NoVoice malware was found in 50 Android apps on Google Play, with 2.3 million downloads, by bypassing detection and targeting outdated devices.

The post Android Alert: 50 Google Play Apps Linked to ‘NoVoice’ Malware Reached 2.3M Downloads appeared first on TechRepublic.

The data security risks of foreign-developed mobile apps are coming under sharper scrutiny, as the Federal Bureau of Investigation (FBI) issues a fresh warning on how widely used applications could expose sensitive user data. In a new public service announcement, the agency highlights that many of the most popular mobile apps used in the United States—especially those developed by companies based in China—may pose significant privacy and security concerns. At the core of the warning is a simple issue: users often do not fully understand how much data these apps can access—and where that data ultimately ends up.

Data Security Risks of Foreign-Developed Mobile Apps 

The data security risks of foreign-developed mobile apps are not limited to what users see on the surface. According to the FBI, once permissions are granted, apps can continuously collect data from across a device—not just while actively in use. This includes access to contacts, messages, location data, and even system-level information. In many cases, users unknowingly allow apps to collect information not only about themselves but also about people in their contact lists. Apps that offer features like inviting friends can access and store contact details such as names, phone numbers, email addresses, and physical addresses. This expands the risk beyond individual users, pulling non-users into the data collection ecosystem. The concern is not just the volume of data—but the persistence of access.

Where the Data Goes Raises Bigger Concerns

A key issue highlighted in the FBI’s advisory is data storage and jurisdiction. Many apps clearly state in their privacy policies that user data may be stored on servers located in China. This is where the data security risks of foreign-developed mobile apps become more complex. Companies operating in China are subject to national security laws that can require them to provide data access to government authorities when requested. For users, this creates a gap between consent and control. Even if data collection is disclosed, there is limited visibility into how that data may be accessed or used beyond the app itself. Some platforms offer local versions that allow users to run the app without relying on cloud-based systems, potentially reducing data transfer risks. However, not all apps provide this option. In some cases, users must agree to data sharing as a condition of using the service.

Malware Risks Add Another Layer of Threat

The data security risks of foreign-developed mobile apps are not limited to data collection practices. The FBI also warns that some apps may contain hidden malware. This can include malicious code designed to exploit vulnerabilities in mobile operating systems, install backdoors, and enable unauthorized access to sensitive data. In more advanced cases, such malware can download additional malicious packages without the user’s knowledge. The risk increases significantly when apps are downloaded from unofficial sources. Third-party app stores and unknown websites are more likely to host compromised applications, while official app stores typically conduct security checks to reduce such threats. Still, the presence of malware—even in seemingly legitimate apps—remains a concern.

FBI Urges Stronger Cyber Hygiene

While the spotlight is on foreign-developed apps, the FBI makes it clear that these data security risks of foreign-developed mobile apps are part of a broader digital security challenge. The agency emphasizes the importance of basic cyber hygiene. Users are advised to:

• Disable unnecessary data sharing permissions
• Download apps only from official app stores
• Regularly update passwords
• Keep device software up to date
• Review terms of service before installing apps

These steps may seem routine, but they are often overlooked—creating easy entry points for data exposure.

A Growing Concern Beyond the U.S.

Although the advisory focuses on users in the United States, the data security risks of foreign-developed mobile apps are not limited by geography. The same apps are used globally, often with similar permissions and data handling practices. This makes the issue less about nationality and more about transparency and control. Users are increasingly dependent on mobile apps, but visibility into how their data is collected, stored, and shared remains limited. The FBI also encourages users to report any suspicious activity linked to mobile apps, including unusual data usage, unauthorized access, or signs of malware. Incidents can be reported to the Internet Crime Complaint Center (IC3), along with details such as the app name, permissions granted, and type of data potentially compromised.

A new phishing campaign targeting messaging apps has triggered warnings from the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), highlighting how even the most secure communication platforms can be undermined by human error rather than technical flaws. In a joint public service announcement, the agencies revealed that cyber actors linked to Russian Intelligence Services are actively targeting users of commercial messaging applications (CMAs), including high-profile individuals such as government officials, military personnel, political figures, and journalists. The goal is not to break encryption—but to bypass it entirely.

Phishing Campaign Targeting Messaging Apps Bypasses Encryption

The most striking aspect of this phishing campaign targeting messaging apps is that it does not rely on exploiting software vulnerabilities. Instead, attackers are focusing on users themselves. Evidence shows that while encryption remains intact, thousands of individual accounts have already been compromised globally. Once attackers gain access, they can read private messages, access contact lists, send messages as the victim, and even launch further phishing attacks. This reinforces a critical point often overlooked in cybersecurity discussions: encryption is only as strong as the user behind it.

How the Phishing Campaign Works

According to CISA and the FBI, the phishing campaign targeting messaging apps primarily uses social engineering tactics. Attackers impersonate official support accounts within messaging platforms, sending convincing messages that prompt users to take immediate action. These messages may:

• Ask users to click on malicious links
• Request verification codes or PINs
• Encourage account “recovery” actions

[caption id="attachment_110552" align="aligncenter" width="480"] Image Source: FBI[/caption] If a user complies, attackers can link their own device to the account or take full control. In some cases, attackers may escalate their tactics by deploying malware, making the campaign more persistent and difficult to contain. Notably, reporting suggests that platforms like Signal have been specifically targeted, though similar methods can be applied across other messaging apps. [caption id="attachment_110553" align="aligncenter" width="948"] Image Source: FBI[/caption]

Why This Phishing Campaign Targeting Messaging Apps Matters

The scale and simplicity of this phishing campaign targeting messaging apps make it particularly dangerous. Unlike complex cyberattacks, phishing requires minimal technical sophistication but delivers high success rates. CISA and the FBI emphasized this reality, stating: “Phishing remains one of the most unsophisticated, yet effective means of cyber compromise, often rendering other protections irrelevant including end-to-end encryption.”

Key Recommendations for Users

To counter the risks posed by the phishing campaign targeting messaging apps, authorities are urging users to adopt basic but effective cybersecurity practices:

• Pause before responding: If something feels suspicious, do not engage or share sensitive information.
• Avoid unknown messages: Treat unexpected or unusual requests with caution, even from known contacts.
• Check links carefully: Do not click on unfamiliar or suspicious links.
• Monitor group chats: Watch for duplicate or fake accounts in conversations.
• Use built-in security features: Enable protections like message expiration where appropriate.
• Report incidents quickly: Notify security teams or report to authorities such as the Internet Crime Complaint Center (IC3).

Users are also reminded that legitimate support services do not request verification codes or send account recovery links via direct messages.

A Persistent Cyber Threat That Relies on Human Behavior

What makes this phishing campaign targeting messaging apps particularly concerning is its reliance on human behavior rather than technical weaknesses. Attackers are betting on urgency, confusion, and trust—factors that technology alone cannot fix. The warning from CISA and the FBI is clear: users must remain vigilant. Strengthening personal cybersecurity habits is now just as important as the security features built into the platforms themselves. As messaging apps continue to play a central role in both personal and professional communication, campaigns like this serve as a reminder that the weakest link in cybersecurity is often not the system—but the user.

In a move that bucks the entire industry trend, TikTok has confirmed it will not implement end-to-end encryption (E2EE) for direct messages on its platform — arguing that E2EE would make users less safe. We break down what’s really going on: the child safety argument, the privacy counterargument, the geopolitical questions surrounding ByteDance, and what […]

The post TikTok Says No to End-to-End Encryption: Here’s Why That’s a Big Deal appeared first on Shared Security Podcast.

The post TikTok Says No to End-to-End Encryption: Here’s Why That’s a Big Deal appeared first on Security Boulevard.

💾

Oversecured flagged 1,575 flaws in 10 Android health apps with 14.7M installs, putting chats, CBT notes, and mood logs at risk, per BleepingComputer.

The post Millions at Risk as Android Mental Health Apps Expose Sensitive Data appeared first on TechRepublic.

This article was originally published in EdTech Magazine on 02/11/26 by Didi Gluck. As ransomware and phishing attacks grow more sophisticated, districts can’t rely on perimeter defenses alone. Cybersecurity has become a top priority for K–12 districts, not just to keep students safe online but to ensure continuity across devices, systems and end user accounts. ...

The post EdTech Magazine | What Minimum Viable Cybersecurity Looks Like for K–12 Districts appeared first on ManagedMethods Cybersecurity, Safety & Compliance for K-12.

The post EdTech Magazine | What Minimum Viable Cybersecurity Looks Like for K–12 Districts appeared first on Security Boulevard.

We’re seeing a surge in phishing calendar invites that users can’t delete, or that keep coming back because they sync across devices. The good news is you can remove them and block future spam by changing a few settings.

Most of these unwanted calendar entries are there for phishing purposes. Most of them warn you about a “impending payment” but the difference is in the subject and the action they want the target to take.

Sometimes they want you to call a number:

And sometimes they invite you to an actual meeting:

We haven’t followed up on these scams, but when attackers want you to call them or join a meeting, the end goal is almost always financial. They might use a tech support scam approach and ask you to install a Remote Monitoring and Management tool, sell you an overpriced product, or simply ask for your banking details.

The sources are usually distributed as email attachments or as download links in messaging apps.

How to remove fake entries from your calendar

This blog focuses on how to remove these unwanted entries. One of the obstacles is that calendars often sync across devices.

Outlook Calendar

If you use Outlook:

• Delete without interacting: Avoid clicking any links or opening attachments in the invite. If available, use the “Do not send a response” option when deleting to prevent confirming that your email is active.
• Block the sender: Right-click the event and select the option to report the sender as junk or spam to help prevent future invites from that email address.
• Adjust calendar settings: Access your Outlook settings and disable the option to automatically add events from email. This setting matters because even if the invite lands in your spam folder, auto-adding invites will still put the event on your calendar.
  
• Report the invite: Report the spam invitation to Microsoft as phishing or junk.
• Verify billing issues through official channels: If you have concerns about your account, go directly to the company’s official website or support, not the information in the invite.

Gmail Calendar

To disable automatic calendar additions:

• Open Google Calendar.
• Click the gear icon and select Settings in the upper right part of the screen.
  
• Under Event settings, change Add invitations to my calendar to either Only if the sender is known or When I respond to the invitation email. (The default setting is From everyone, which will add any invite to your calendar.)
• Uncheck Show events automatically created by Gmail if you want to stop Gmail from adding to your calendar on its own.

Android Calendar

To prevent unknown senders from adding invites:

• Open the Calendar app.
• Tap Menu > Settings.
• Tap General > Adding invitations > Add invitations to my calendar.
• Select Only if the sender is known.

For help reviewing which apps have access to your Android Calendar, refer to the support page.

Mac Calendars

To control how events get added to your Calendar on a Mac:

• Go to Apple menu > System Settings > Privacy & Security.
• Click Calendars.
• Turn calendar access on or off for each app in the list.
• If you allow access, click Options to choose whether the app has full access or can only add events.

iPhone and iPad Calendar

The controls are similar to macOS, but you may also want to remove additional calendars:

• Open Settings.
• Tap Calendar > Accounts > Subscribed Calendars.
• Select any unwanted calendars and tap the Delete Account option.

Additional calendars

Which brings me to my next point. Check both the Outlook Calendar and the mobile Calendar app for Additional Calendars or subscribed URLs and Delete/Unsubscribe. This will stop the attacker from being able to add even more events to your Calendar. And looking in both places will be helpful in case of synchronization issues.

Several victims reported that after removing an event, they just came back. This is almost always due to synchronization. Make sure you remove the unwanted calendar or event everywhere it exists.

Tracking down the source can be tricky, but it may help prevent the next wave of calendar spam.

How to prevent calendar spam

We’ve covered some of this already, but the main precautions are:

• Turn off auto‑add or auto‑processing so invites stay as emails until you accept them.
• Restrict calendar permissions so only trusted people and apps can add events.
• In shared or resource calendars, remove public or anonymous access and limit who can create or edit items.
• Use an up-to-date real-time anti-malware solution with a web protection component to block known malicious domains.
• Don’t engage with unsolicited events. Don’t click links, open attachments, or reply to suspicious calendar events such as “investment,” “invoice,” “bonus payout,” “urgent meeting”—just delete the event.
• Enable multi-factor authentication (MFA) on your accounts so attackers who compromise credentials can’t abuse the account itself to send or auto‑accept invitations.

Pro tip: If you’re not sure whether an event is a scam, you can feed the message to Malwarebytes Scam Guard. It’ll help you decide what to do next.

---

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

As we careen toward a future in which Google has final say over what apps you can run, the company has sought to assuage the community's fears with a blog post and a casual "backstage" video. Google has said again and again since announcing the change that sideloading isn't going anywhere, but it's definitely not going to be as easy. The new information confirms app installs will be more reliant on the cloud, and devs can expect new fees, but there will be an escape hatch for hobbyists.

Confirming app verification status will be the job of a new system component called the Android Developer Verifier, which will be rolled out to devices in the next major release of Android 16. Google explains that phones must ensure each app has a package name and signing keys that have been registered with Google at the time of installation. This process may break the popular FOSS storefront F-Droid.

It would be impossible for your phone to carry a database of all verified apps, so this process may require Internet access. Google plans to have a local cache of the most common sideloaded apps on devices, but for anything else, an Internet connection is required. Google suggests alternative app stores will be able to use a pre-auth token to bypass network calls, but it's still deciding how that will work.

Read full article

Comments

© Ryan Whitwam

Join a loyalty scheme and you often get a reward or discount on your special day – but it may have strings attached

Celebrating your birthday isn’t just about getting presents and cards from family and friends. Signing up to loyalty schemes and newsletters can give you access to a host of freebies, deals and discounts from retailers to mark the big day.

With my birthday on the horizon I decided to look at what was on offer, and see which gifts came with some small print.

Continue reading...

© Photograph: Oleksandr Latkun/Getty

© Photograph: Oleksandr Latkun/Getty

Gathering data used to be a fringe pursuit of Silicon Valley nerds. Now we’re all at it, recording everything from menstrual cycles and mobility to toothbrushing and time spent in daylight. Is this just narcissism redesigned for the big tech age?

I first heard about my friend Adam’s curious new habit in a busy pub. He said he’d been doing it for over a year, but had never spoken to anyone about it before. He had a furtive look around, then took out his phone and showed me the product of his burning obsession: a spreadsheet.

This was not a record of his annual tax return or numbers he was crunching for work (Adam is a data scientist). Instead, it was a spreadsheet recording the minutiae of his life, with dozens of columns tracking every element of his daily routine. It all started, he told me, because of a recurring argument with his boyfriend. His partner didn’t think they spent enough time together, but Adam thought that they did. There was only one way to settle this, he decided: cold, hard data. So he began keeping a note of the days they saw each other and the days they didn’t.

Continue reading...

© Illustration: Carl Godfrey/The Guardian

© Illustration: Carl Godfrey/The Guardian