Hi, friends! Welcome to Installer No. 54, your guide to the best and Verge-iest stuff in the world. (If you’re new here, welcome, so psyched you found us, and also you can read all the old editions at the Installer homepage.)
Technology
California governor vetoes major AI safety bill
/cdn.vox-cdn.com/uploads/chorus_asset/file/25330660/STK414_AI_CHATBOT_H.jpg "California governor vetoes major AI safety bill")
California Governor Gavin Newsom vetoed the Safe and Secure Innovation for Frontier Artificial Intelligence Models Act (SB 1047) today. In his veto message, Governor Newsom cited multiple factors in his decision, including the burden the bill would have placed on AI companies, California’s lead in the space, and a critique that the bill may be too broad.
“While well-intentioned, SB 1047 does not take into account whether an AI system is deployed in high-risk environments, involves critical decision-making or the use of sensitive data. Instead, the bill applies stringent standards to even the most basic functions — so long as a large system deploys it. I do not believe this is the best approach to protecting the public from real threats posed by the technology.”
Newsom writes that the bill could “give the public a false sense of security about controlling this fast-moving technology.”
“Smaller, specialized models may emerge as equally or even more dangerous than the models targeted by SB 1047 – at the potential expense of curtailing the very innovation that fuels advancement in favor of the public good.”
Governor Newsom also writes that he agrees that there should be safety protocols and guardrails in place, as well as “clear and enforceable” consequences for bad actors. However, he states that he doesn’t believe the state should “settle for a solution that is not informed by an empirical trajectory analysis of Al systems and capabilities.”
Here is the full veto message:
It would have applied to covered AI companies doing business in California with a model that costs over $100 million to train or over $10 million to fine-tune, adding requirements that developers implement safeguards like a “kill switch” and lay out protocols for testing to reduce the chance of disastrous events like a cyberattack or a pandemic. The text also establishes protections for whistleblowers to report violations and enables the AG to sue for damages caused by safety incidents.
Changes since its introduction included removing proposals for a new regulatory agency and giving the state attorney general power to sue developers for potential incidents before they occur. Most companies covered by the law pushed back against the legislation, though some muted their criticism after those amendments.
The Chamber of Progress, a coalition that represents Amazon, Meta, and Google, similarly warned the law would “hamstring innovation.”
The bill’s opponents have included former House Speaker Nancy Pelosi, San Francisco Mayor London Breed, and eight congressional Democrats from California. On the other side, vocal supporters have included Elon Musk, prominent Hollywood names like Mark Hamill, Alyssa Milano, Shonda Rhimes, and J.J. Abrams, and unions including SAG-AFTRA and SEIU.
The federal government is also looking into ways it could regulate AI. In May, the Senate proposed a $32 billion roadmap that goes over several areas lawmakers should look into, including the impact of AI on elections, national security, copyrighted content, and more.
Continue Reading
You’d think an app listed on the Play Store would be safe to download. That’s what Google wants you to believe, and it’s true to a large extent. But in this digital world, no service is foolproof.
Time and time again, there have been instances when widely downloaded apps on the Play Store were infected by malware. While Google continues to promise that the app market is safe, another incident has come to light.
Security researchers have discovered a new Trojan malware called Necro that not only infects apps downloaded through unofficial sources but also those on the Play Store, including one with more than 10 million downloads.
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
A man scrolling on his Android phone (Kurt “CyberGuy” Knutsson)
How does Necro infect apps
The exact method by which both apps were initially compromised with the malware is still unclear. Researchers at Kaspersky’s Securelist believe a rogue software development kit (SDK) used for integrating advertising functionalities may be responsible for the breach. SDKs are essential tools developers use to add specific features to their apps, such as ad services, analytics or payment processing.
CLICK HERE FOR MORE U.S. NEWS
When an SDK is compromised, it can inadvertently introduce vulnerabilities into the applications that utilize it. In this case, the malware affecting the apps displayed ads in the background to generate fraudulent revenue for the attackers, installed apps and APKs without the user’s consent and used invisible WebViews to interact with paid services.
The Trojan in question, Necro, isn’t exactly new. It’s the same malware that infected a popular document scanner called CamScanner in 2019, which at that time had over 100 million downloads.
An Android phone on a desk (Kurt “CyberGuy” Knutsson)
ANDROID BANKING TROJAN EVOLVES TO EVADE DETECTION AND STRIKE GLOBALLY
Which apps are affected?
Kaspersky researchers identified several apps affected by the Necro Trojan, including those available in Google Play. Their combined audience numbered more than 11 million Android devices.
The first affected app is the Wuta Camera, a photo editing and beautification tool. It has at least 10 million times. The Necro loader has been embedded in it starting from version 6.3.2.148. The latest version of the app, 6.3.6.148, which was available on Google Play, also had it. After the researchers reported the presence of malicious code to Google, the Trojan was removed from the app in version 6.3.7.138.
The second infected app was Max Browser. This browser, according to Google Play, has been installed more than a million times and, starting with version 1.2.0, also contained the Necro loader. Google took down the infected app from the Play Store after it was reported.
Kaspersky also found WhatsApp mods that had the Necro loader in unofficial sources. It also spotted the Spotify mod called “Spotify Plus,” which promises free access to ad-free premium services. Plus, the report mentions mods for popular games like Minecraft, Stumble Guys, Car Parking Multiplayer, and Melon Sandbox, all of which were infected with the Necro loader.
Mods, or modifications, are altered versions of original apps or games that often provide additional features or tweaks.
An Android phone (Kurt “CyberGuy” Knutsson)
ANDROID BANKING TROJAN MASQUERADES AS GOOGLE PLAY TO STEAL YOUR DATA
What is Google’s response to this?
Google is aware of the Necro malware and, as I mentioned above, it has already taken down the affected apps. A Google spokesperson provided us with the following statement:
“All of the malicious versions of the apps identified by this report were removed from Google Play prior to report publication. Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services. Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play.”
THE HIDDEN COSTS OF FREE APPS: YOUR PERSONAL INFORMATION
4 ways to protect yourself from Necro malware
1. Have strong antivirus software: Android has its own built-in malware protection called Play Protect, but the Necro Trojan proves it’s not enough. Historically, Play Protect hasn’t been 100% foolproof at removing all known malware from Android phones. The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.
2. Download apps from reliable sources: It’s important to download apps only from trusted sources like the Google Play Store. You might say I am contradicting myself, but Play Store is still safer than other options out there. It has strict checks to prevent malware and other harmful software. However, even with the security measures provided by Google Play, downloading apps from the store does not guarantee 100% protection against malware or harmful software. Avoid downloading apps from unknown websites or unofficial stores because they can pose a higher risk to your personal data and device. Never trust download links that you get through SMS.
3. Be cautious with app permissions: Always review the permissions requested by apps before installation. If an app requests access to features that seem unnecessary for its function, it could be a sign of malicious intent. Do not give any app accessibility permissions unless you really need to. Avoid granting permissions that could compromise your personal data.
4. Regularly update your device’s operating system and apps: Keeping your software up to date is crucial because updates often include security patches for newly discovered vulnerabilities that could be exploited by trojans.
ANDROID USERS AT RISK AS BANKING TROJAN TARGETS MORE APPS
Kurt’s key takeaways
The discovery of the Necro loader in apps like Wuta Camera, Max Browser and popular game mods shows just how serious security issues can be in the app world. With over 11 million Android devices affected, it’s crucial to be careful about where you download your apps. Unofficial sources can be a breeding ground for hidden threats, but the Play Store isn’t completely safe either. Google should look into what apps it allows on its platform. I haven’t seen as many malware issues affecting iPhone apps as there are on Android.
Do you think Google does enough to protect users from malware on the Play Store? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you’d like us to cover
Follow Kurt on his social channels
Answers to the most asked CyberGuy questions:
New from Kurt:
Copyright 2024 CyberGuy.com. All rights reserved.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25646247/installer_54.png "The AR and VR headsets you’ll actually wear")
This week, I’ve been reading about AI slop and sports betting and Jony Ive, clearing my schedule for the new season of The Great British Bake Off, watching Sicario and Pirates of the Caribbean and A Quiet Place: Day One on plane-seat screens like their directors intended, insta-subscribing to Hasan Minhaj’s new YouTube show, and just relentlessly trolling people with Vergecast clips through Pocket Casts’ new feature.
I also have for you a couple of new Meta gadgets, the mobile game that will eat up all your free time, a couple of hotly anticipated new movies, the best Spotify feature in forever, and much more. So much going on! Let’s dig in.
(As always, the best part of Installer is your ideas and tips. What are you into right now? What should everyone else be reading / watching / playing / trying / building out of clay this week? Tell me everything: installer@theverge.com. And if you know someone else who might enjoy Installer, tell them to subscribe here.)
The Drop
- Meta’s Quest 3S. My biggest issues with the Quest 3 were the price and the passthrough, and this new model appears to have solved both. It’s back in “totally reasonable game console” range, and the passthrough demos looked much sharper than before. They look great, though not as good as…
- The limited-edition Ray-Ban Meta Wayfarer. I already own two pairs of Meta’s smart glasses (don’t ask), but I am still lusting over this clear pair. They’re more expensive, and they actually undo some of the good non-gadget vibes of the other models, but they look so good.
- Balatro Mobile. This might be the most recommended thing in the history of Installer — I swear, every week someone tells me how much this poker roguelike has taken over their life. And now it’s on your phone! $10, no data collected, no microtransactions, my screen time is about to go through the roof.
- Wolfs. This Clooney-Pitt Apple TV Plus movie has a fascinating backstory that says a lot about the future of Hollywood, but I also just love a big-budget flick in which movie stars say cool lines in cool ways. This appears to be exactly that.
- The new Roku Ultra. I helped review the Google TV Streamer this week, and I really love that thing. But I’m also psyched to see Roku keep pushing — the new one’s not reinventing the wheel, but it’s faster and better, and that is a very good thing.
- The Wild Robot. I’d really like to tell you to go see Megalopolis this weekend, but every single indication is that the movie is hot garbage. But people seem thrilled about this one, an animated flick about a stranded robot that sounds adorable and delightful and like something I’m going to end up watching 100 times.
- The Legend of Zelda: Echoes of Wisdom. A Zelda game… in which you get to play as Zelda. That’s the dream! This game doesn’t seem to be as big or awe-inspiring or platform-defining as Breath of the Wild or Tears of the Kingdom, but it sounds clever and fun just the same.
- Spotify’s AI Playlist feature. This is terrible news for my relentless quest to quit Spotify: the AI playlists are great. Now that the feature is available in the US, I’ve been using it to name a few bands or songs, plus an overall vibe, and it picks a few dozen songs that, at least so far, always seem to hit. Spotify is very, very good at this part of the music game.
- Social Studies. Being a kid is hard work. And this doc digs in with a group of students on how much… maybe not always harder, but definitely more complicated, social media has made being a kid in 2024. This comes from a good team, too, and I’m excited about it.
- The Nothing Ear Open. Nothing’s headphones have been really solid, and as a recent and aggressive convert to open earbuds, I’m pumped to see how these sound. They look so cool, too! Big week for clear gadgets.
Screen share
Fun fact: Joanna Stern is the main reason I ever got a job at The Verge in the first place. (That story is long and, if I remember correctly, involves her playing a fairy in a video? But I promised her I wouldn’t tell that story.) These days, she’s a columnist at The Wall Street Journal, an Emmy winner, and most recently, the creator of Joannabot, the AI chatbot that will tell you everything you need to know about the iPhone 16. (And apparently also do some other things, if you’re clever enough, but again, we’ll leave that alone.)
I asked Joanna to share her homescreen because she just reviewed the iPhone 16, which means she just had to set up a homescreen. And because she’s forever using new gadgets and switching between things, I was curious what always made it to the top of the pile.
Here’s Joanna’s homescreen, plus some info on the apps she uses and why:
I’m submitting my homescreen and my Control Center screen because I’m proud of the work I did on the Control Center. I may submit it for an award. But really, I’d like to just use this as a forum to complain about the all-in-one connectivity widget in the new Control Center in iOS 18. I don’t like it. I like the single buttons so I can easily just turn them on and off or long-press to get in there. Sadly, they have gotten rid of the single Wi-Fi button, but I read on this great website that it’s coming back in iOS 18.1.
The phone: iPhone 16 Pro Max.
The wallpaper: This is my dog Browser. It isn’t the best shot of him, but the framing is nice for putting him in the middle of the screen. My lockscreen wallpaper is this awesome retro iPod made by a designer named Shane Levine. I bought it through this site last year after featuring it in my newsletter.
The apps: WSJ, ChatGPT, Apple Notes, Google Maps, Google Docs, Google Calendar, Instagram, YouTube, Clock, Threads, Signal, Photos, Slack, Spotify, Phone, Safari, Messages, Gmail.
My apps are so basic and make me feel so basic. I work (Slack, Gmail). I message (Messages, Signal). I listen and watch things (YouTube, Spotify). I social media (Threads, Instagram). I work more (Google Docs, WSJ). If it isn’t on this main homescreen, I usually just search for it.
Before iOS 18, I had a widget stack on the homescreen with weather and time zone widgets, but I moved it off to another screen. I might move it back. I might not. Got to live a little.
I also asked Joanna to share a few things she’s into right now. Here’s what she shared:
- The Devil at His Elbow. I’m currently listening to this audiobook by my wildly talented colleague Valerie Bauerlein. It’s all about the Murdaugh murders. The writing, the details, the whole thing, is so gripping. I find myself just sitting in the garage waiting until a chapter is done.
- Full Swing. I know I’m late to Netflix’s popular golf-u-series, but I started playing golf again this summer, and I’m loving the stories of these players and how psychological the sport really is.
- Take Your Pet to School Day. My 3-year-old loves this book. I don’t want to spoil it, but the pets take over Maple View Elementary, and, well, Ms. Ellen is pissed.
Crowdsourced
Here’s what the Installer community is into this week. I want to know what you’re into right now as well! Email installer@theverge.com or message me on Signal — @davidpierce.11 — with your recommendations for anything and everything, and we’ll feature some of our favorites here every week. And for even more great recommendations, check out the replies to this post on Threads.
“Sliding Seas. It’s a match-three (or four!) game but also so much more: there’s real strategy required behind your moves to beat levels at the higher end, but it’s never unfair, and while there are in-app purchases and power-ups you can buy to make a level easier, you crucially never need to. It is the most compelling and well-suited-to-mobile game I’ve ever found and a gem I recommend without reservation.” – Jamie
“Gisnep is another daily puzzle game, this time by David Friedman of Ironic Sans. It appears as a crossword-esque grid, but the words only go across and wrap around. The goal is to reveal both a quote and the source by filling in letters from vertical columns. I’ve gotten a number of my friends hooked already.” – Kyle
“Satisfactory 1.0 launched a week ago or so. A great group of devs have effectively made a game that feels like work but is fun. If you love conveyor belts and staying up all night, this might be for you.” – Matt
“Can’t believe you haven’t mentioned switching to OmniFocus! As a fellow perennial ‘task manager switcher,’ this app is a staple in my rotation.” – Pedro
“I previously recommended App in the Air as a great travel companion, but unfortunately, it’s shutting down. If you’re looking for an alternative, Flighty is excellent, especially for travel stats, and they’re building an importer for App in the Air users.” – Vivian
“We’ve been watching English Teacher on FX. Constant laughs and, so far, each episode has been better than the last. Easily one of the funniest shows on TV right now.” – Danial
“I was gifted the Humanscale FR300 Ergonomic Foot Rocker, which is a very tech-sounding name for a very manual / mechanical rocking footrest. It’s very pleasant to use. I’ve also been standing on it sometimes… which I’m not sure is safe but sure is fun!” – Wisdom
“Repeatedly putting in my Amazon cart the Black Milanese Loop for the Apple Watch Ultra 2. I was so close to buying it like three times. Now it’s out of stock. Even Apple says early November for shipping.” – Scott
“Been playing with different LLMs using LM Studio. Integrated it into my Obsidian vault to help summarize and organize things into specific formats. It’s been extremely cool!” – Cody
Signing off
I’ve had back-to-back-to-back-to-back trips over the last two weeks, and I would just like to quickly shout out my new No. 1 travel hack: a wall charger that doubles as a big-ass portable battery. I have this Anker model, which is $55, charges a USB-C and a USB-A device simultaneously, and also charges itself so I can get 10,000mAh of power when there’s no outlet nearby. (There’s also a newer one with two USB-C ports and even faster charging but less battery capacity.) It’s huge and heavy, but this thing and a long cable are now the only charging gear I travel with, and they’re the only reasons my gadgets have survived trains and plane rides. Here at Installer, we love a sensible charging strategy, and this is as sensible as it gets.
Ever wonder how cruise lines keep up with the insatiable demand for bigger and better ships?
It turns out they have a trick up their sleeve that’s almost as impressive as building a new vessel from scratch.
Let’s dive into the fascinating world of cruise ship “jumboization.”
GET SECURITY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE
A Cruise ship split in half (Windstar Cruises)
The cruise boom: More passengers, bigger ships
Cruise vacations have exploded in popularity over the past few decades. In 1990, about 3.7 million people took a cruise, but fast-forward to 2024, and we’re looking at a whopping 30 million cruisegoers. That’s a lot of buffet lines.
To keep up with this soaring demand, cruise lines have been building massive ships like Royal Caribbean’s Icon of the Seas. This floating city can carry nearly 10,000 people and boasts features like a waterpark, seven pools and 20 decks of entertainment. However, these mega-ships come with a hefty $2 billion price tag and take years to build.
Cruise ship split in half (Windstar Cruises)
BEST TRAVEL GEAR FOR 2024
Jumboization: The quick and (relatively) cheap solution
That’s where “jumboization,” a surgical procedure for ships almost as wild as it sounds, comes in. For about $80 million and just a couple of months out of service, cruise lines can literally slice an existing ship in half, add a new middle section, and weld it all back together. The result is a bigger ship with more cabins, more amenities, and more profit potential — all without the hassle of building an entirely new vessel or training an entirely new crew.
CLICK HERE FOR MORE U.S. NEWS
HOW TO PROTECT YOUR ONLINE PRIVACY AND SECURITY ON YOUR NEXT CRUISE VACATION
How to stretch a cruise ship
The process begins with engineers meticulously planning every detail of the new section to ensure that all systems will line up perfectly. The new section is constructed separately, often complete with interior fittings. Once ready, the existing ship is positioned on special lifting jacks known as “skid shoes.” Workers then cut the ship clean in half using lasers for precision.
After that, the two halves are separated to make room for the new section, which is slid into place. Skilled welders join the sections together with millimeter precision, ensuring that everything fits perfectly. Afterward, thousands of cables, pipes, and ducts are reconnected to restore functionality. Finally, every system undergoes thorough testing before the ship returns to service.
HOW TO REMOVE YOUR PRIVATE DATA FROM THE INTERNET
A cruise ship split in half (Fincantieri)
HOW TO STAY CONNECTED NO MATTER WHERE YOU TRAVEL IN THE WORLD
The payoff: Why cruise lines love jumboization
This process isn’t just a cool engineering feat. It’s also a financial goldmine for cruise operators. The extra cabins added during jumboization can pay for the entire operation within just a few years. Additionally, it offers an opportunity to upgrade other features, such as pools and engines, or even add entirely new attractions.
A cruise ship split in half (Silver Sea)
THE HIDDEN COSTS OF FREE APPS: YOUR PERSONAL INFORMATION
Kurt’s key takeaways
As demand for cruising continues to grow, we are likely to see more and more ships getting the jumboization treatment. This trend is a testament to human ingenuity. We can take something as massive and complex as a cruise ship and essentially “stretch” it like a piece of taffy. These “extended” vessels prove that sometimes the most impressive innovations aren’t about building something new but rather reimagining what we already have. So, next time you’re on a cruise, take a moment to appreciate the engineering innovation beneath your feet. It might be hiding a secret middle section.
What are your thoughts on the environmental impact of jumboization in the cruise industry, and do you think the benefits of expanding existing ships outweigh the potential ecological costs? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you’d like us to cover
Follow Kurt on his social channels
Answers to the most asked CyberGuy questions:
New from Kurt:
Copyright 2024 CyberGuy.com. All rights reserved.
Virginia2 mins ago
‘It’s devastating:’ Recovery efforts continue in VA following Hurricane Helene
Washington6 mins ago
Washington Capitals’ Roster For Penultimate Preseason Game at Columbus Blue Jackets: Both NHL Goaltenders, Rasmus Sandin To Dress
Wisconsin14 mins ago
‘He’s the next Megatron:’ USC’s Ja’Kobi Lane breaks out against Wisconsin
West Virginia21 mins ago
2024's Towns In West Virginia That Come Alive In The Fall
Wyoming27 mins ago
Wolves and Tigers Compete at Wyoming State Tennis Tournament – SweetwaterNOW
Colorado2 years ago
Colorado Rockies game no. 116 thread: Zac Gallen vs José Ureña
Midwest2 years ago
See it: Tesla crashes into Columbus convention center at 70 mph
South2 years ago
Fox News Politics: Georgia the whole day through
South2 years ago
Death of missing Oregon girl found in stream ruled homicide
South2 years ago
At least 2 dead as tornadoes hit Alabama, damage homes across Southeast
Politics2 hours ago
Social media critics rip Walz for celebrating Minnesota football rival, remind him he was booed: 'No loyalty'
World3 hours ago
Former Netanyahu rival Gideon Saar joins Israeli cabinet
News4 hours ago
The Pentagon says it wants to prevent Iran from spreading the conflict in the Middle East
News11 hours ago
Video: The Border in the Campaign and in Real Life
Politics11 hours ago
Trump, Harris blasted for ignoring exploding budget deficit, as economists plead with both to 'get real'
-
News1 week agoVideo: Who Are the Black Swing Voters?
-
Politics1 week agoDem lawmakers push bill to restore funding to UN agency with alleged ties to Hamas: 'So necessary'
-
News1 week agoFour killed, dozens injured in Alabama shooting
-
News1 week agoMoney for cutting-edge climate technology could dry up in a second Trump term
-
News1 week agoElection 2024 Polls: Florida
-
World1 week agoCritics slam landmark EU competitiveness report as 'one-sided'
-
Politics1 week agoSecret Service protection bill passes House unanimously after Trump assassination attempts
-
/static.texastribune.org/media/files/5e5395400eb1f412fb6d97a439483caf/SpaceX%20Brownsville%20MGO%2005.jpeg "Cards Against Humanity says in new lawsuit that SpaceX has destroyed some of its South Texas property")
News1 week agoCards Against Humanity says in new lawsuit that SpaceX has destroyed some of its South Texas property