Apple and Google have teamed up to help make it easier to spot suspicious item trackers

As part of iOS 17.5, Apple is finally rolling out its Detecting Unwanted Location Trackers specification, allowing mobile users to locate suspiciously placed AirTags and other similar devices. Simply, this update has been a long time coming. 

To give a quick breakdown of the situation at large, Bluetooth trackers were being used as a way to stalk people. Google announced that it and Apple were teaming up to tackle this problem. The former sought to upgrade its Find My Device network quickly but decided to postpone the launch, partly to wait until Apple finished developing its new standard.

With iOS 17.5, though, Apple states that your iPhone will notify you if an unknown Bluetooth tracker device was placed on you. If it sniffs something out, an “[Item] Found Moving With You” alert will appear on the smartphone screen. 

Upon detection, your iPhone can trigger a noise on the tracker to help you locate it. An accompanying notification will include a guide showing you how to disable the gadget. You can find these instructions on Apple’s support website.

Supporting devices

The detection tool can locate other Find My accessories so long as the third-party trackers are built to the specifications that Apple and Google are on. Devices not on the new network aren't compatible and will not work. Third-party tag manufacturers like Chipolo and Motorola are reportedly committing future releases to the new standard, which means the iOS feature will also detect forthcoming models.

Android devices have been capable of detecting Bluetooth trackers for some time, and Google is currently rolling out its long-awaited Find My Device upgrade to smartphones. Thanks to the Detecting Unwanted Location Trackers specification, it’ll work in conjunction with Apple’s network.

Part of iOS 17.5

There is more to iOS 17.5 than just the security patch. 

First, it’s introducing a dynamic wallpaper celebrating the LGBTQ+ community just in time for Pride Month. Second, the company is adding a new game called Quartile to Apple News Plus. It’s sort of like Scrabble, where you have to make up words using small groups of letters. 

Moreover, Apple News Plus subscribers can download audio briefings, entire magazine issues, and more for offline enjoyment. When you're back online, the downloaded content list “will automatically refresh.”

Besides these, 9To5Mac has confirmed even more changes like the Podcasts widget receiving support for dynamic colors. This alters the color of the box to match a podcast’s artwork. The publication also confirms the existence of Repair State, a “special hibernation mode” that lets people send in their iPhone for service without disabling the Find My connection. 

To install iOS 17.5, head over to your iPhone’s Settings menu. Go to General then Software Update to receive the patch. And be sure to check out TechRadar's list of the best iPhone for 2024.

You might also like

TechRadar – All the latest technology news

Read More

OpenAI is working on a new tool to help you spot AI-generated images and protect you from deep fakes

You’ve probably noticed a few AI-generated images sprinkled throughout your different social media feeds – and there are likely a few you’ve probably scrolled right past, that may have slipped your keen eyes. 

For those of us who have been immersed in the world of generative AI, spotting AI images is a little easier, as you develop a mental checklist of what to look out for.

However, as the technology gets better and better, it is going to get a lot harder to tell. To solve this, OpenAI is developing new methods to track AI-generated images and prove what has and has not been artificially generated.

According to a blog post, OpenAI’s new proposed methods will add a tamper-resistant ‘watermark’ that will tag content with invisible ‘stickers.’ So, if an image is generated with OpenAI’s DALL-E generator, the classifier will flag it even if the image is warped or saturated.

The blog post claims the tool will have around a 98% accuracy when spotting images made with DALL-E. However, it will only flag 5-10% of pictures from other generators like Midjourney or Adobe Firefly

So, it’s great for in-house images, but not so great for anything produced outside of OpenAI. While it may not be as impressive as one would hope in some respects, it’s a positive sign that OpenAI is starting to address the flood of AI images that are getting harder and harder to distinguish.

Okay, so this may not seem like a big deal to some, as a lot of instances of AI-generated images are either memes or high-concept art that are pretty harmless. But that said, there’s also a surge of scenarios now where people are creating hyper-realistic fake photos of politicians, celebrities, people in their lives, and more besides, that could lead to misinformation being spread at an incredibly fast pace.

Hopefully, as these kinds of countermeasures get better and better, the accuracy will only improve, and we can have a much more accessible way to double-check the authenticity of the images we come across in our day-to-day life.

You might also like

TechRadar – All the latest technology news

Read More

Google Docs wants to help you spot when you’re being phished

Spotting potential security threats such as phishing scams on Google Workspace should soon be a lot easier thanks to a new update to the software suite.

Google has revealed it is releasing an upgrade to its online collaboration platform that will provide more information on who is tagging you in comments or questions.

This means that whenever you are mentioned in a comment on a Google Docs document, Sheets spreadsheet or Slides slideshow, it should be easier to spot that the notification is legitimate.

Workspace email alerts

Previously, only the name of the commenter was included in email alerts sent to a user after they had been mentioned in a comment. Google says that in order to provide more security and insight, it will now also include the commenter's email address, showing they are a legitimate user.

Google Workspace comment email

(Image credit: Google)

“We hope that by providing this additional information, this will help you feel more confident that you’re receiving a legitimate notification rather than a spam or phishing attempt by a bad actor,” the company noted in a blog post announcing the news.

The feature is rolling out now, and is available to all Google Workspace customers, as well as legacy G Suite Basic and Business customers, and users with personal Google accounts.

The move is the latest addition from Google Workspace to improve security for its users. The company added end-to-end encryption to the platform back in June 2021 in what was a slightly late move, but one that added a significant protection boost for its entire software collection.

This launch also saw Google enabling businesses to set up their own in-house key service, enabling them to take charge of their encryption keys.

The company is also looking to draw in more new users with the launch of Workspace Migrate, which offers an easier way for admins to assess and plan migration projects to its platform.

This includes looking to move a large amount of enterprise data, such as that from Microsoft Exchange, Microsoft OneDrive, file shares, and Box migrations.

TechRadar – All the latest technology news

Read More

Google Drive will now let you spot anyone snooping around your company files

Securing your cloud storage systems is set to get a significant boost thanks to a new update from Google.

The company is updating its Google Drive platform to allow users to track external activity in their audit logs.

This should help admins spot any suspicious or unauthorized actions by external users, including attempts to copy, move or change data – keeping your important business information safe.

Google Drive audits

In a blog post announcing the news, Google noted that the change can help admins see new audit log events related to potential exfiltration that they could not see before, say for example if an external guest user makes a copy of your document in their organization.

The Google Drive audit log includes content created across a range of Google Workspace apps, including the likes of Google Docs, Sheets, and Slides, and also monitors content uploaded to Drive, such as PDFs and Microsoft Word files. 

Google says the feature will be switched on by default, and has begun rolling out to all Google Workplace customers with the Drive audit log feature now.

The news is the latest boost to Google Drive in recent weeks as the company launches a range of new tools and services.

This includes the launch of “search chips” in Drive, which lets users filter search results using various different parameters, including file type, labels and last modified date.

Google Drive will also make it possible to filter based on “To do” status, which narrows down the pool of results to include only files that have outstanding actions associated with them.

The platform will also soon begin to restrict access to files deemed to be in violation of the company’s policies. These files will be flagged to their owner and restricted automatically, which means they can no longer be shared with other people, and access will be withdrawn from everyone but the owner.

TechRadar – All the latest technology news

Read More

GitHub wants to help developers spot security issues before they get too serious

In an effort to further secure open source software, GitHub has announced that the GitHub Advisory Database is now open to community contributions.

While the company has its own teams of security researchers that carefully review all changes and help keep security advisories up to date, community members often have additional insights and intelligence on CVEs but lack a place to share this knowledge.

This is why GitHub is publishing the full contents of its Advisory Database to a new public repository to make it easier for the community to leverage this data. At the same time, the company has built a new user interface for security researchers, academics and enthusiasts to make contributions.

All of the data in the GitHub Advisory Database is licensed under a Creative Commons license and has been since the database was first created to ensure that it remains free and usable by the community.

Contributing to a security advisory

In order to provide a community contribution to a security advisory, GitHub users first need to navigate to the advisory they wish to contribute to and submit their research through the “suggest improvements for this vulnerability” workflow. Here they can suggest changes or provide more context on packages, affected versions, impacted ecosystems and more.

The form will then walk users through opening a pull request that details their suggested changes. Once this done, security researchers from the GitHub Security Lab as well as the maintainer of the project who filed the CVE  will be able to review the request. Contributors will also get public credit on their GitHub profile once their contribution has been merged.

In an attempt to further interoperability, advisories in the GitHub Advisory Database repository use the Open Source Vulnerabilities (OSV) format. Software engineer for Google's Open Source Security Team, Oliver Chang provided further details on the OSV format in a blog post, saying:

“In order for vulnerability management in open source to scale, security advisories need to be broadly accessible and easily contributed to by all. OSV provides that capability.”

We'll likely more on this change to the GitHub Advisory Database once security researchers, academics and enthusiasts begin making their own contributions to the company's database.

TechRadar – All the latest technology news

Read More

This Microsoft Edge update will help you spot why your browser is running so slowly

Spotting potential browser slowdowns in Microsoft Edge could soon be a lot easier thanks to a new tool that will allow users to debug memory leaks.

Memory leaks occur when an application's JavaScript code retains more and more objects in memory that it no longer needs instead of releasing them for garbage collect (GC).

For apps that run for a long time without being closed, small memory leaks of only a few kilobytes can add up to noticeably degrade performance over time according to a new blog post from Microsoft.

Detached

React, the open source JavaScript library for building front end user interfaces, maintains a virtualized copy of the DOM (Document Object Model). However, failing to properly unmount components can lead to an application leaking large parts of the virtual DOM.

For this reason, the Microsoft Edge team worked together with Microsoft Teams to build the browser's new Detached Elements tool that allows users to investigate and resolve DOM memory leaks.

Although there are valid reasons for detaching elements, DOM memory leaks occur when an application keeps references to more and more detached elements without actually reusing them later. As the code used in applications grows in size and complexity, it becomes easier to make mistakes and forget to clean things up which could unknowingly lead to keeping DOM elements in memory. 

This is particularly a problem for long running applications. For instance, if an email client detaches DOM elements every time an email is opened and closed and a user keeps the app running for a whole week, it could amount to really high memory usage and slow down a user's business laptop or workstation over time.

While Microsoft's new Detached Elements tool has been available in Edge Canary since version 93, it will roll out to the stable channel of Microsoft Edge when version 97 of the browser launches this month.

To access this new tool early though, you'll first need to open DevTools in Edge by pressing F12 and click on the gear icon to open the DevTools Settings. From here, navigate to Experiments on the left side of the Settings pane, type in Detached Elements and click on the tool to enable it.

TechRadar – All the latest technology news

Read More