Babbel Language Learning Lifetime Subscription (All Languages): $159

Have time on your hands to learn a new language or 14? We have a deal for you on a lifetime subscription for Babbel, the language learning software. With Babbel, you get to practice with 10-15 minute bite-sized lessons, and Babbel uses speech recognition technology to keep your pronunciation on point. And, it comes with 10,000 hours of online language education. A lifetime subscription is $159 through our deal, and it covers all 14 of their languages.

Facebook Tried to Buy a Hacking Tool to Spy on iPhone Users

According to court filings, when Facebook was in the early stages of building its spyware VPN called Onavo Protect, it noticed that it wasn’t as effective on Apple devices as it was on Android. So Facebook approached a hacking group called NSO Group to use its Pegasus malware.

According to the court documents, it seems the Facebook representatives were not interested in buying parts of Pegasus as a hacking tool to remotely break into phones, but more as a way to more effectively monitor phones of users who had already installed Onavo.

iPhone 8 Still Works After Two Months in The River Thames

A UK woman dropped her new iPhone 8 into the River Thames. Two months later she stumbled across it, the Mirror reported. After a spell in some dried rice, she and her fiance turned the iPhone 8 on… and it worked.

At two metres beneath the surface, the phone was difficult to reach so the pair returned home to look for something to retrieve it with. After looking on Amazon, the pair eventually decided to fashion a homemade fishing net by attaching a kitchen sieve to the end of a broom. They next day they returned to the site with the contraption and spent 40 minutes fighting against the current to reach the phone.

Apple Pays Hacker Who Found Seven Zero-Days $75,000

Apple paid hacker Ryan Pickren $75,000 via its bug bounty program (via Forbes). The former Amazon Web Services engineer found seven zero-day vulnerabilities and used three of them to hijack an iPhone’s camera.

During December 2019, Pickren decided to put the notion that “bug hunting is all about finding assumptions in software and violating those assumptions to see what happens” to the test. He opted to delve into Apple Safari for iOS and macOS, to “hammer the browser with obscure corner cases” until weird behavior was uncovered… To cut a very long and technical story short: Pickren found a total of seven zero-day vulnerabilities in Safari (CVE-2020-3852, CVE-2020-3864, CVE-2020-3865, CVE-2020-3885, CVE-2020-3887, CVE-2020-9784, & CVE-2020-9787) of which three could be used in the camera hacking kill chain.

Zoom’s Encryption is Linked to Chinese Servers

Researchers found that Zoom uses its own encryption scheme, sometimes using keys issued by China.

Some of the key management systems — 5 out of 73, in a Citizen Lab scan — seem to be located in China, with the rest in the United States. Interestingly, the Chinese servers are at least sometimes used for Zoom chats that have no nexus in China. The two Citizen Lab researchers, Bill Marczak and John Scott-Railton, live in the United States and Canada. During a test call between the two, the shared meeting encryption key “was sent to one of the participants over TLS from a Zoom server apparently located in Beijing,” according to the report.

I don’t have further commentary on Zoom, other than asking, “How will this end?”

Smartphone UV Sanitizer: $37.95

We have a deal on a device that sells itself: a smartphone UV sanitizer. This device uses UV lights to disinfect your cell phone killing 99.9% of germs in 15 minutes or less. And, it has an internal battery with a 5,000mAh capacity so you use it on the go more than once. It fits cellphones and smartphones up to 6.3 x 3.22 x 0.43 inches, which includes the iPhone 11 and iPhone 11 Max (6.22 x 3.06  x 0.32 inches). It’s $37.95 through our deal.

iPhone Accessory Maker Gamevice Wants to Ban Nintendo Switch From US

Gamevice makes game controllers for iPhones, and believes that the Nintendo Switch infringes on its design.

This is a new complaint, separate from another against Nintendo that Gamevice is now appealing after the Patent Trial and Appeal Board ruled in Nintendo’s favor. In that case, Nintendo was accused of infringing 19 Gamevice patents.

Nintendo will be hoping that the ITC dismisses Gamevice’s latest suit before it ends up in another lengthy legal battle. But if Gamevice had its way, Nintendo would not be allowed to import and sell the Switch in the U.S.

I always wonder what goes through company minds in cases like these. Does Gamevice think that people will magically flock to its products if the Switch gets banned? Because that definitely won’t happen.

WireGuard VPN Gets Added to the Next Linux Kernel

I briefly mentioned WireGuard when I wrote of Cloudflare’s WARP beta. I think it’s something to add to your technology watch lists. It’s just not any old VPN app, it’s a VPN protocol that could very well replace current protocols like IPsec and OpenVPN, or at least be offered as an alternative. You can read the technical whitepaper here [PDF], along with this write up from Ars Technica.

WireGuard will now operate as either a Loadable Kernel Module (LKM) or built statically into the kernel itself. But whether static or loadable, it will be “in-tree”—which means it’s provided ready to go with the vanilla kernel itself, with no need for repackaging by the various distros. This puts it on the same footing as other supported drivers.