Today’s topics include Apple’s unveiling of the iPhone X, its highest ever priced smartphone; Qualcomm trying to steal the spotlight from Apple; Bluetooth security flaws putting billions of devices at risk; and Google’s new deadline to replace Symantec website certificates.
Apple introduced a number of new products on Sept. 12, including the anticipated iPhone X, iPhone 8 and 8 Plus models, several new Apple Watch models, and a new Apple TV unit.
The highlight of the Cupertino, Calif., event was the iPhone X smartphone celebrating the iPhone’s 10-year legacy, whose features include an all-new 5.8-inch OLED Super Retina display, an A11 Bionic processor, Face ID facial recognition, wireless charging capabilities and an improved main rear TrueDepth camera. Prices start at the highest ever cost of $999 with 64GB of onboard storage.
“For more than a decade, our intention has been to create an iPhone that is all display,” said Jonny Ive, Apple’s chief design officer. “The iPhone X is the realization of that vision. … iPhone X marks a new era for iPhone—one in which the device disappears into the experience.”
The day before Apple’s product launch event, Francisco Cheng, director of technical marketing at Qualcomm, touted the technological accomplishments of his company and Android smartphone makers over the past several years as well as the large number of devices that use those innovations.
In an apparent swipe at Apple, which has been in a high-profile legal dispute with Qualcomm for most of the year, Cheng listed in a blog post 20 “notable firsts on Android” and the “respective mobile devices where they appeared that paved the way for others to come.” The list includes such technologies as dual cameras, iris authentication and facial recognition, OLED displays, Bluetooth 5 and a water-resistant touch screen.
Cheng wrote that Qualcomm integrates innovations into its mobile platforms and then works with OEMs like Samsung, HTC, LG and Lenovo’s Motorola business to “commercialize our inventions at both speed and scale, and with a choice for consumers on price points and features.”
Bluetooth is widely implemented in billions of devices, and now nearly all of them need to be patched for a new set of Bluetooth vulnerabilities dubbed BlueBorne.
These vulnerabilities were discovered by IoT security firm Armis, which reported the flaws to the impacted vendors, including Google, Microsoft and the Linux community. There is no indication that the vulnerabilities have been exploited in the wild by attackers.
“BlueBorne is a series of vulnerabilities that we found to enable an airborne attack vector. … We estimate there to be 5.3 billion vulnerable devices,” Nadir Izrael, co-founder and CTO of Armis, told eWEEK. Microsoft delivered patches for BlueBorne in its July Patch Tuesday update, and Google and Linux vendors are also making patches available.
Google this week announced a final timetable for withdrawing support in the Chrome browser for websites that use Symantec-issued authentication certificates. The timetable gives exact dates for organizations that are using Symantec authentication certificates to replace them or risk having their sites flagged as unsafe by the Chrome browser.
Site owners have until March 15, 2018, to replace Symantec Transport Layer Security certificates that were issued before June 1, 2016, and until mid-September next year for certificates dated after June 1, 2016.
Starting with release 70 of Chrome on September 13, 2018, the browser will distrust all existing Symantec-issued TLS certificates.