Category: Android

Microsoft reportedly showing ads in Microsoft 365 app for Android

Posted on by Martin Brinkmann

Is it an experiment, rolling out to everyone, or a bug? Reports are coming in that users are starting to see ads in the Microsoft 365 application for Android when they open PDF documents in the app.

The ad shows up at the top of the screen underneath the title of the document. It features a close button, but that closes it just for the current PDF document and has no effect on future documents that users view in the app.

User Longhorn describes the experience on an independent Mastadon server:

The PDF reader in the Office app on Android has built-in ads.

Even if you have an @Microsoft 365 subscription, ads do sometimes show up.

That’s utterly insane. That particular ad I got was powered by Taboola under the hood.

Another user chimed in and said that ads are also showing up for other documents opened in the application.

I tried to replicate this by opening several PDF documents and Office documents in the app, but they did not show up. It is possible that they do get blocked by the privacy-focused DNS service that I use, as it blocks most ads on Android devices.

Microsoft has been experimenting with advertisement in its products before and still is. Various sections and apps by Microsoft on Windows show ads. While some might argue that a recommendation for another Microsoft product is not an ad, I’d beg to differ.

Third-party apps are also a thing. The Copilot feature that is integrated into Windows may show third-party ads.

Ads in the Microsoft 365 app are not out of the question therefore. It would be a serious blow to subscribers, if Microsoft intents to show ads to them as well.

If Microsoft is rolling this out, we are likely going to see more and more comments about it on various places on the Internet.

What is your take on ads in apps? Do you mind, if they are free? What about paid apps? Feel free to leave a comment down below.

Android may soon warn you when you download a low quality app

Posted on by Martin Brinkmann

Is the app any good? This is probably one of the first questions that come to mind when you stumble upon a new app.

User reviews and ratings, as well as other information, such as the developer’s history of application releases, only help that much.

Google appears to be working on a new Google Play feature for Android that may warn users about apps before the download is started.

A report by Android Authority suggests that Google is working on such a feature. A deep-dive into the lastest release brought the information to light, according to the site.

So, how is Google going to determine if an app is low quality? Messages baked into the app give clues:

  • This app is frequently uninstalled compared to similar apps on Play
  • Play has limited user data about this app
  • This app has few active users compared to others on Play

Android Authority says that the messages will be displayed on an application’s “details page” on the Play Store. In other words, Google won’t display popups that warn users about a potentially low quality app.

The messages cover several scenarios. The first looks at uninstalls. If an app gets more uninstalls than comparable apps, it may be considered low quality by Google.

The second is for new apps. If Google Play has little data about the app, it may warn users. This does not necessarily mean that an app is low quality. All apps start with zero installs and reviews after all.

The third looks at user activity while the app is installed. If it is lower than that of comparable apps, Google may also show a warning.

There may be others, but that is all that Android Authority could extract from the latest Play Store APK file.

No clear definition of low quality

There is no strict definition of low quality. That is likely the reason why Google is not showing popups about certain apps, but adding information to the application’s page on Google Play instead.

Especially new apps cannot be judged by common metrics. They have no or only a few reviews or ratings, and the lack of users makes other metrics, such as user engagement, also difficult to use.

Still, the information that Google provides may be useful in a user’s decision making process.

What is your take on Google’s plan? Do you think it is useful? Feel free to leave a comment below.

How to block (most) ads on Android

Posted on by Martin Brinkmann

While it is relatively easy to install ad-blockers on desktop devices, the same cannot be said for mobile devices.

On desktop, all you have to do is install an extension in your preferred browser and you are all set; at least when it comes to ads on websites. You could also pick a browser with a built-in ad-blocker, which make things even easier.

Most browsers on mobile do not support extensions. They could, and some do, but the majority does not. Some browsers come with built-in content blockers, Brave does for instance. Firefox supports extensions, including uBlock Origin on mobile.

Related content:

Android Apps: Exodus reveals trackers and permissions before installation

But what if you want to block ads in mobile ads? Browsers or extensions don’t help you in that case.

DNS-based solutions come to the rescue

One of the options that you have is to change the DNS provider on the mobile device. Some come with ad-blocking by default, and that takes care of most ads on the device, including in apps.

Here is a short list of providers that support this:

Let’s pick Mullvad from the list for this guide. The content blocking DNS server is adblock.dns.mullvad.net. You can also use other DNS servers, which block additional types of content that you may want to block.

Here is the overview:

  • adblock.dns.mullvad.net (Ads, Trackers)
  • base.dns.mullvad.net (Ads, Trackers, Malware)
  • extended.dns.mullvad.net (Ads, Trackers, Malware, Social Media)
  • family.dns.mullvad.net (Ads, Trackers, Malware, Adult, Gambling)
  • all.dns.mullvad.net (Ads, Tracking, Malware, Adult, Gambling, Social Media)

Do the following to set one of these up on your Android device:

Block ads with custom DNS
  1. Open the Settings on the Android device.
  2. Switch to Connections > More connection settings.
  3. Activate Private DNS on the page that opens.
  4. Select “Private DNS provider hostname”.
  5. Type the DNS server name, e.g., adblock.dns.mullvad.net.
  6. Tap on the Save button.

You may need to close open apps before the changes take effect in them. Ads should be reduced or even completely eliminated now in apps that you use.

Note that some options, like the ability to “get something” in games by watching an ad, won’t work anymore once you make the change. Regular ads in games, shown while you play the game, should be gone though.

You can undo the change at any time by switching back to Automatic or by changing the provider hostname to another one.

Do you use custom DNS solutions on your devices? Feel free to leave a comment down below.

The way you connect to public Wi-Fi networks is changing on Android

Posted on by Martin Brinkmann

Google is about to roll out a change on Android that changes how captive portals are opened.

Tip: I never connect to open Wi-Fi networks because of security and privacy concerns. I do use the option to create instant hotspots on Android using my mobile device when possible, which is much safer. Clearly, this works only if you do have mobile coverage on Android.

Good to know: Captive Portals are webpages that are displayed by public wireless networks before Internet access is granted.

The change moves Captive Portal entry pages from being displayed using Android WebView to Android Custom Tabs.

The main benefit of the change is that saved passwords, autofill data and session data becomes available from the default system browser; this may benefit users who sign-in to specific portals regularly.

Some portals may ask users to sign-in to social media accounts or share personal data. This may be cumbersome without autofill support, and the update changes that.

So, if you trust a public Wi-Fi, you may now sign-in faster, if it asks for login data or personal information.

Note that the change is not enabled yet according to Android Authority.

Thunderbird Android

Thunderbird is now officially available for Android

Posted on by Martin Brinkmann

The open source email client Mozilla Thunderbird is now also available for Android. This marks a big milestone for the makers and enables users to use the client on desktop systems and on mobile systems powered by Android.

With iOS support in the works, Thunderbird will be a true cross-platform email client that you can run on all major operating systems.

One of the main questions that existing Thunderbird users may have is this: how do I get my settings imported to Android?

Thankfully, Thunderbird’s team has published an easy to follow step-by-step guide that explains the entire process.

Note: the functionality requires manual steps. It also requires the latest version of Thunderbird 128 or Thunderbird Beta 132 or newer on the desktop. Only these versions come with the “export for mobile” option that is required.

Import email data from Thunderbird desktop to Android

All the latest version of Thunderbird for the desktop include an option to export data specifically for mobile use.

Here is how that is done:

  1. Open the Thunderbird email client on the desktop system.
  2. Select Menu > Tools > Export for Mobile.
  3. Modify the accounts you want to export (Optional).
  4. Decide whether you want to include account passwords (Optional)
  5. Activate the Export button.

Thunderbird displays a QR code when you hit export. Keep the screen open and switch to your Android device.

  1. Open Thunderbird on the Android device.
  2. Activate the get started button on the first screen.
  3. Select import settings.
  4. Scan the QR code that Thunderbird on the desktop shows.
  5. Select next, if you have selected multiple accounts for export.
  6. Repeat the steps 4 and 5 until all accounts have been added.

If everything went well, Thunderbird for Android should have imported the account settings from the desktop client. Thunderbird for Android should start looking for new emails immediately.

You can check out the full blog post to find out what is new and supported in Thunderbird for Android.

Mullvad

Mullvad VPN adds protections against AI traffic analysis

Posted on by Martin Brinkmann

One of the best things you can do to protect your data and privacy while online is to use a good VPN. Not all VPNs offer equally good protections; some even collect and sell user data.

Mullvad VPN is already offering some of the strongest privacy protections in the industry. This begins with options to buy access anonymously, but does not end there. You may also run Mullvad Browser, a hardened fork of the Firefox web browser.

Also great:

DNS Forge Review: privacy-friendly censorship-free DNS with ad-blocking

Mullvad announced a new protective feature against AI-based traffic analysis in May of this year. Defense against AI-guided Traffic Analysis (DAITA) is designed to protect user data against the growing thread of the use of AI to analyze traffic to identify patterns and users, even when VPNs are used.

This form of traffic analysis works in the following way according to Mullvad:

  • Whenever you visit a website or use a service on the Internet, network packets are transferred.
  • While ISPs and network listeners do not know the content of these packages, they do know a) the size of the packets, b) when and how often they are sent.
  • AI may identify websites, services, and even people you message based on network packages.

DAITA

DAITA is designed to protect against any form of network packet analysis to determine visited websites, services, or communication.

This is achieved in the following way (again according to Mullvad):

  • DAITA changes the size of all packets send over the VPN to be the same size.
  • Random background traffic is added to the communication.
  • Data pattern distortion by sending cover traffic between the client and the VPN server.

DAITA is available in Mullvad VPN for Android already. You need to enable ti manually under Settings > VPN Settings > DAITA.

Note that DAITA works with select servers, Mullvad lists Amsterdam, London, Los Angeles, and New York, at the time.

Do you use a VPN service? If so, which and why this one? What is your take on Mullvad’s new privacy feature? Feel free to leave a comment down below.

Google Messages: new protections may cause issues for some

Posted on by Martin Brinkmann

Google announced a range of new security features for its messaging app and service Google Messages.

Google says that the service is used by more than 1 billion users per day and that it filters out 2 billion suspicious messages each month already.

Good to know: the improvements roll out over time and some are currently available for Beta users in select markets. Others will be launching later this year or next year.

Here is what is getting improved:

  • Better protections against scam messages, starting with package delivery and job scams.
  • Improved protections against potentially dangerous links.
  • Option to turn off messages from unknown international phone numbers.
  • Option to turn on Sensitive Content Warning to blur images that may contain nudity.
  • Verification option to confirm the recipient or sender of messages. (next year).

Some of these may require additional explanations.

Google Messages gets improved message and link scanning protections. The first “will automatically move the message into your spam folder” or display a warning. Google says that it is using on-device algorithms to identify scams, which means that the information never leaves the device by default.

Issue: False positives may move legitimate messages into the spam folder. If you are waiting for such a message, but have not received it, you may want to check the spam to make sure it was not improperly classified as a scam by Google.

For links, Google is using two classifications.

  • Links from unknown senders display a warning.
  • Links from suspicious senders blocked automatically.

Controls to turn off messages from unknown senders sounds like a good idea. It is, for most users. It may be problematic if you receive messages regularly from users from other countries.

Issue: If you travel a lot, you may receive messages regularly. If you enable this feature, you may want to check the “Spam & blocked” folder, as they are moved there automatically when the feature is enabled.

Closing Words

Most users will benefit from the new features and options. While it may take months or even longer for them to roll out to all Android users who use Google Messages, they will arrive eventually.

For some users, these protective features may introduce issues, as some legitimate messages or message attempts will be moved to spam or blocked outright.

Now you: what is your take on the new functionality? Do you use Google Messages at all, or do you prefer a different kind of messaging system? Feel free to leave a comment down below.

Google removes Kaspersky antivirus from Google Play

Posted on by Martin Brinkmann

Things are heating up for the Russia-based cybersecurity company Kaspersky. After the company’s antivirus desktop version was hit by a ban in the United States, it is facing a second major drawback.

The details:

  • Google removed Kaspersky’s antivirus app from Google Play worldwide.
  • Google confirmed the removal.
  • Kaspersky apps remain available on the Apple App Store, third-party Android stores, and direct downloads.

Related content

Google services dominated web tracking last year

Google confirmed the removal of Kaspersky apps from Google Play in a statement to Bleeping Computer:

The U.S. Department of Commerce’s Bureau of Industry and Security recently announced a variety of restrictions on Kaspersky. As a result, we have removed Kaspersky’s apps from Google Play.

A search for Kaspersky or any Kaspersky app comes up empty on Google Play. Other antivirus apps are highlighted instead.

Kaspersky says that users may download their apps from third-party sources or from Kaspersky directly.

Kaspersky representatives say that the company is investigating the removal of its apps from the Play Store. It seems unlikely that the apps will be reinstated any time soon.

The removal is another heavy blow for the cybersecurity company. While alternatives remain available, the bulk of Android users rely on the Play Store for all-things app related.

Closing Words

Whether you truly need an antivirus solution for Android is up for debate. A good trusted VPN on the other hand is a recommended addition, if you happen to connect your device to public or third-party wireless networks at times.

What is your take on all of this? Do yo use extra security apps on Android or iOS? If so, which do you use and for what purpose? Feel free to leave a comment down below.

Google is adding anti-theft protections to Android

Posted on by Martin Brinkmann

Google announced a new set of features designed to protect Android devices against theft in May. At least some of these features are now rolling out on first devices.

The following anti-theft protections are implemented:

  • Require device or Google account credentials to set up an Android device after factory reset.
  • Private area on the device that may be locked with a separate pin.
  • More authentication prompts for changes of sensitive settings.
  • Option to require enhanced authentication for certain features.

Good to know: Factory reset protection and private space is included in Android 15. The enhanced protections “will be released to select devices” this year, according to Google.

Related content

How to turn your Android device into an Internet hotspot

Let’s take a closer look at the features.

Factor reset upgrade prevents a reset by a thief

One options that thieves had until now was to factory reset the phone before selling it on the blackmarket.

Google wants to make this more difficult by requiring credentials before the device can be set up again.

Private area with extra protection

The private area feature enables Android users to lock sensitive apps behind another pin. This prevents direct access to the selected apps. Besides finance and health apps, you may also secure other apps or games, for instance social or messaging apps.

Additional authentication prompts for sensitive settings

Last but not least, Google is adding more protections for sensitive settings. Changing these requires the pin, password or biometric authentication.

The main purpose is to keep unauthorized users, e.g., a thief, from making changes that disable security settings such as Find My Device.

There is also a new option to require additional authentication for sensitive settings. Google mentions viewing or editing “critical Google account and device settings”. These require biometric authentication.

Closing Words

Some of the features are rolling out already to Android users in the United States, according to a post by Mishall Rahman on Threads. Most Android users are probably still waiting for Android 15 on their devices.

You can read Google’s announcement here.

What is your take on the new security features? Will you use them when they become available? Feel free to let us know in the comments below.

Chrome for Android may move and delete Tabs automatically

Posted on by Martin Brinkmann

Google released Chrome 129 today for Android and desktop systems. The update fixes a few security issues and introduces new features and changes as well.

One change in particular affects users of Chrome on Android: the automatic handling of inactive tabs.

Once updated to Chrome 129 on Android, the browser will move inactive tabs to a new group automatically. There, the tabs remain for a period of 60 days before they are deleted automatically according to Google.

Tip: Switching from Chrome to Firefox is easier than ever before. If you worry about disabled or crippled extensions, Firefox is your best bet to avoid this.

Note: Whether the deleting is enabled by default is unclear. Google says that the tabs will get deleted automatically, but it was disabled in Chrome 129 Beta.

When is a tab considered inactive? Google moves tabs to the Inactive Tabs group after 14 days of inactivity. Inactivity means that the tab was not activated in that time in Chrome.

Chrome for Android's new Inactive menu.

Good news is that you may change the functionality in the settings. Here is how that is done:

  1. Open Google Chrome on the Android device.
  2. Select Menu > Settings to open the preference.
  3. Activate Tabs there to display tab-related settings.
  4. Tap on Inactive to customize the functionality.
  5. Set the period to 7 days, 14 days, 30 days, or never. The default is 14 days.
  6. Toggle “Close after 60 days” to enable or disable the auto-delete feature.

Google says that the feature is designed to reduce Chrome’s memory usage and to improve the accessibility of tabs in the browser.

Deleted tabs remain accessible through the browsing history, but only if it has not been deleted.

Chrome users who do not want inactive tabs to be moved to the new group should set the functionality to Never. This ensures that Chrome won’t move inactive tabs out of sight or delete them after the inactivity period.

How do you handle tabs in your browser? Keep everything open? Use bookmarks? Start afresh on every start? Feel free to leave a comment below.