3 TIPS FOR SECURING YOUR ANDROID DEVICE

Recently, we asked you, our valued readers, to tell us which topics you would like to see on AndroidPIT in the future. The results showed that about 90% of you were interested in learning more about security and privacy. With that in mind, here are three things you can do today to make your Android device more secure.

• Our review of the Telegram messenger
• Is antivirus software really necessary for Android? 

1. Encrypting your device

Encryption is a process which encodes your private data on a device, so that it can't be read by anyone unauthorized. Once you encrypt your Android smartphone, any new data becomes encrypted automatically. Decrypting takes place automatically for you as well.

Android has two methods for encrypting your device:

Full disk encryption on Android (5.0 and up)

According to Google, "full-disk encryption uses a single key—protected with the user’s device password—to protect the whole of a device’s userdata partition. Upon boot, the user must provide their credentials before any part of the disk is accessible." This is secure, but when you reboot your phone, your data isn't accessible until your credentials are entered. Which means, things like alarm notifications and phone calls can't take place.

File-based encryption on Android (7.0 and up)

For those who have Nougat already, Android's file-based encryption "allows different files to be encrypted with different keys that can be unlocked independently." With the Direct Boot function, devices can "boot straight to the lock screen, thus enabling quick access to important device features like accessibility services and alarms."

2. Secure messaging on Android

The Secure Messaging Scorecard by the Electronic Frontier Foundation (EFF) is a great resource for evaluating all the complex ways a messaging service can be secured or unsecured. There are a lot of factors to take into account, and if you're not a security expert, you may not have considered something like whether or not your messages were encrypted during transit. Nevertheless, these details are still very important. 

Their scorecard evaluates messengers based on the following criteria:

• Encrypted in transit?    
• Encrypted so the provider can’t read it?    
• Can you verify contacts’ identities?    
• Are past comms secure if your keys are stolen?    
• Is the code open to independent review?    
• Is security design properly documented?    
• Has there been any recent code audit?

With these factors in mind, there are many apps which meet all the criteria on the scorecard. Since security and usability are often at odds with each other, some apps which meet these criteria aren't the most user-friendly or widely adopted.

For both security and usability, I recommend the average person to try Signal for secure communications. It's user-friendly and popular among the security-conscious crowd.

3. Enable Two-factor Authentication on everything

Two-factor authentication, also called two-step verification, requires two authentication methods, like passwords, PIN numbers, fingerprints or physical access to your cell phone. This method of securing your accounts works on many services, and you may already have used it with your online banking platform. 2FA, as it is sometimes known, even works with various social media platforms to prevent other people from hijacking your online identity. Facebook, Twitter and LinkedIn all have the feature. Major payment platforms like PayPal and cloud storage services like Dropbox also usually support 2FA. And, very importantly, you should enable it on your Google Account as well.

What other security topics are you interested in? Have you tried any of the above methods before?

'Over 1 million Google accounts breached by Android malware Gooligan'

A new variant of an Android malware called "Gooligan" is believed to have breached the security of over one million Google accounts.

According to security firm Check Point Software Technologies, the malware roots Android devices and steals email addresses and authentication tokens stored on them.

This can give attackers access to users' sensitive data from Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite, it said.

"This theft of over a million Google account details is very alarming and represents the next stage of cyber- attacks. We are seeing a shift in the strategy of hackers, who are now targeting mobile devices in order to obtain the sensitive information that is stored on them," Check Point's head of mobile products Michael Shaulov said.

No immediate comment could be received from Google on the matter.

Check Point's report said the malware campaign infects 13,000 devices each day and that Gooligan targets devices on Android 4 (Jelly Bean, KitKat) and 5 (Lollipop), which represent nearly 74 per cent of Android devices in use today.

About 40 per cent of these devices are located in Asia and about 12 per cent are in Europe.

After attackers gain control over the device, they generate revenue by fraudulently installing apps from Google Play and rating them on behalf of the victim, the report said.

"Every day Gooligan installs at least 30,000 apps on breached devices, or over 2 million apps since the campaign began," it added.

The infection begins when a user downloads and installs a Gooligan-infected app on a vulnerable Android device, or by clicking on malicious links in phishing attack text messages.

Check Point said it has reached out to the Google security team immediately with information on this campaign.

"We appreciate Check Point's partnership as we've worked together to understand and take action on these issues. As part of our ongoing efforts to protect users from the Ghost Push family of malware, we've taken numerous steps to protect our users and improve the security of the Android ecosystem overall," Google's director of Android security Adrian Ludwig was quoted as saying.

Among other actions, Google has contacted affected users and revoked their tokens, removed apps associated with the Ghost Push family from Google Play, and added new protections to its Verify Apps technology.

Check Point?s Mobile Research Team first encountered Gooligan's code last year and in August this year, the malware reappeared with a new variant and has since infected at least 13,000 devices per day.

Check Point is offering a free online tool that allows users to check if their account has been breached.

"If your account has been breached, a clean installation of an operating system on your mobile device is required. For further assistance, you should contact your phone manufacturer or mobile service provider," Shaulov said.

Everything you need to know about Google Allo

The very best by Google is here! If you have been jostling to find one resource that provides consolidated information about the newly launched Google Allo, Artificial Intelligence (AI) powered messaging app that was announced alongside Duo, during its annual I/O event in May, this year, here we are.

There are several apps connecting people to their contacts – ranging from the most popular, WhatsApp and Facebook Messenger, to Hike, Hangouts and Viber, to name a few, Google decided to enter the market with its revolutionary and more personalized new messaging app that boasts artificial intelligence system, as well as other new features such as end-to-end encryption, voice messages, and sticker packs.
So, what is the app all about and how it is different from existing messenger applications that you have on your smart devices? Let’s find out:

Google Allo signup and account creation

Just like our very own Whatsapp, the process to sign up on Allo is pretty simple. It uses your mobile number, so you can use it to send instant messages to anyone in your phonebook, along with other Allo users. You can also sync your Gmail account with the app, and keep track of mails and important meetings with built-in AL powered by Google Assistant, the assistive technology. This feature makes it unique.

App interface and design

Google is known to keep the interface of all their products user-friendly. Regular Google users would not take long to figure out app’s interface, settings and features. The overall interface is pretty basic and seamless for any user to get acquainted to.
"Allo is a smarter messaging app, with machine intelligence and our natural language processing advances from search," explains Fulay. "Smart reply – which we first built for Inbox gives real time suggestions to quickly reply to a message based on your responses, and it learns over time."

Security

You can also use Allo in incognito mode, where your text messages will not be logged and the chat gets fully encrypted. However, this also restricts some smart features. To combat this problem, Allo plans to keep only temporary message logs, in order to improve the Google Assistant and Smart reply features. Allo offers an Incognito Mode, which means you get to access not only end-to-end encrypted messages but also value added features like expiring chats and private notifications. Benefit? You can keep all yours messages safe, as well as control how and when to permanently delete them from your device. Basically, you get additional controls over the privacy of your chats.

Smart Reply

One of the well-noted, distinctive features of Allo is its ability to send smart replies. "I actually miss this when I'm not using Allo," adds Fulay. "If I use any other messaging app I miss this because it really keeps the conversation going."
However, smart replies can take a week of training for someone to make the most of this feature. Fulay also demonstrated smart replies to show how they work effectively. He shows us how it responds to a picture and a number of common messages by offering a suitable and quick response.

Google Assistant

Finally, Siri like experience for Android users! If you have used chat bots like Slack, it won’t take you much time to get acquainted with the in-built virtual assistant that Allo has to offer.  You can call on Google Assistant at any time just by typing "@google" in Allo. For example, if you and your friend are making plans to visit a Chinese restaurant in your area, you can simply type in your query in the chat window to bring up these results. Google Assistant will proactively suggest options to your queries at the bottom of the app's messaging window. That means you no longer have to leave your messaging app to do a quick Google search for your favourite restaurants, Coldplay concert details, movie time and so on. You can simply copy the information from the bottom window to your chat window and share it with your friends. Allo's Google Assistant can get everything done in the app itself. During the launch of the app in May, Sundar Pichai, Google CEO said, “Think of the assistant, we think of it as a conversational assistant, we want users to have an ongoing two-way dialogue.”

Why would you use Google Allo?

You might want to give it a try for the amazing set of new and powerful features that this messaging app has to offer. Most distinctive features have been described above…and all of it is available totally free of cost.

Google Glass 2.0 is real, and here are photos to prove it

The next generation of Google Glass, Google's head-mounted wearable display, is the real deal.

A filing to the Federal Communications Commission, the U.S. government body that must review and approve personal electronics like phones and wearables, reveals photos of the device's external design, along with internal circuitry (see below) and also a basic user manual. The filing also includes a statement on company letterhead authorizing a third party to help get Google through the FCC's authorization process.

A new edition of Google Glass signals a possible new direction for the company's stalled and stagnant wearable, especially if it winds up in use as a business tool rather than as product for everyday buyers, as blog 9-to-5 Google reports.

Named as model GG1 on the FCC documents, the device appears to hew closely to the original Google Glass Explorer Edition. In other words, it will look like a set of eyeglass frames with a screen floating above your eye.

A previous patent from November depicts a version of Glass that looks like a squiggle of a device that would hug only half your head. Google apparently isn't ready for that future of Glass yet.

Unconfirmed rumors from 9-to-5 Google and The Wall Street Journal suggest that the new edition of Google Glass will have a larger prism, a sturdier design and include an Intel Atom processor. It could sell directly to businesses.

Google Glass has had a rough ride so far. Launched in 2012 for developers and then in 2013 for buyers, Google Glass was widely received as expensive and invasive, the latter because people feared they were being photographed or recorded without knowledge or permission. Google stopped selling its first Glass edition in January 2015.

Android N Developer Preview 2 Includes New Vulkan 3D Rendering API

Among the top new features of the recently released Android N Developer Preview 2 is Vulkan, a new 3D rendering API which Google helped to create as a member of the Khronos Group.  

Vulkan is a new generation graphics and compute API that provides high-efficiency, cross-platform access to modern GPUs used in a wide variety of devices from PCs and consoles to mobile phones and embedded platforms. 

For developers, it offers a significant boost in performance for draw-call heavy applications. Vulkan’s reduction of CPU overhead allows some synthetic benchmarks to see as much as 10 times the draw-call throughput on a single core as compared to OpenGL ES. 

Combined with a threading-friendly API design, which allows multiple cores to be used in parallel with high efficiency, this offers a significant boost in performance for draw-call heavy applications.

Vulkan support is available now via the Android N Preview on devices which support it, including Nexus 5X and Nexus 6P.  According to a recent blog post, the Android team reports there are many similarities between OpenGL ES and Vulkan, but Vulkan offers these new features for developers:

- Application control of memory allocation: Vulkan provides mechanisms for fine-grained control of how and when memory is allocated on the GPU. This allows developers to use their own allocation and recycling policies to fit their application, ultimately reducing execution and memory overhead and allowing applications to control when expensive allocations occur.

- Asynchronous command generation: In OpenGL ES, draw calls are issued to the GPU as soon as the application calls them. In Vulkan, the application instead submits draw calls to command buffers, which allows the work of forming and recording the draw call to be separated from the act of issuing it to the GPU. By spreading command generation across several threads, applications can more effectively make use of multiple CPU cores. These command buffers can also be reused, reducing the overhead involved in command creation and issuance.

- No hidden work: One OpenGL ES pitfall is that some commands may trigger work at points which are not explicitly spelled out in the API specification or made obvious to the developer. Vulkan makes performance more predictable and consistent by specifying which commands will explicitly trigger work and which will not.

- Multithreaded design, from the ground up: All OpenGL ES applications must issue commands for a context only from a single thread in order to render predictably and correctly. By contrast, Vulkan doesn’t have this requirement, allowing applications to do work like command buffer generation in parallel -  but at the same time, it doesn’t make implicit guarantees about the safety of modifying and reading data from multiple threads at the same time. The power and responsibility of managing thread synchronization is in the hands of the application.

Mobile-friendly features: Vulkan includes features particularly helpful for achieving high performance on tiling GPUs, used by many mobile devices. Applications can provide information about the interaction between separate rendering passes, allowing tiling GPUs to make effective use of limited memory bandwidth, and avoid performing off-chip reads.

Offline shader compilation: Vulkan mandates support for SPIR-V, an intermediate language for shaders. This allows developers to compile shaders ahead of time, and ship SPIR-V binaries with their applications. These binaries are simpler to parse than high-level languages like GLSL, which means less variance in how drivers perform this parsing. SPIR-V also opens the door for third parties to provide compilers for specialized or cross-platform shading languages.

- Optional validation: OpenGL ES validates every command you call, checking that arguments are within expected ranges, and objects are in the correct state to be operated upon. Vulkan doesn’t perform any of this validation itself. Instead, developers can use optional debug tools to ensure their calls are correct, incurring no run-time overhead in the final product.

Other new functionality with the Android N Preview 2 include:

- Launcher shortcuts: Now, apps can define shortcuts which users can expose in the launcher to help them perform actions quicker. These shortcuts contain an Intent into specific points within your app (like sending a message to your best friend, navigating home in a mapping app, or playing the next episode of a TV show in a media app).

An application can publish shortcuts and launchers can be expected to show 3-5 shortcuts for a given app.

- Emoji Unicode 9 support: Google is introducing a new emoji design for people emoji that moves away from a generic look in favor of a more human-looking design. If you’re a keyboard or messaging app developer, you should start incorporating these emoji into your apps. The update also introduces support for skin tone variations and Unicode 9 glyphs, like the bacon, selfie and face palm.

API changes: This update includes API changes as Google continue to refine features such as multi-window support (you can now specify a separate minimum height and minimum width for an activity), notifications, and others.

Stable Release of Android Studio 2.1 Supports Android N Developer Preview

The stable release of Android Studio 2.1 is now available and includes updates to the platform’s IDE wizards, build system and Android Emulator. The Android Studio development team says that the latest release provides access to new features and APIs of the developer preview including the new Jack compiler and Java 8 language support. Android Studio 2.1 includes performance improvements to Instant Run which provides faster edit and deploy build speeds.

Highlights of the new features to Android Studio 2.1:



N Developer Preview Support

For developers who want test and validate an app with the Android N Developer Preview, Android Studio 2.1 is the suggested IDE to do so. Developers can access the latest versions of the preview SDK, learn the functionality of new Java 8 support, and utilize the official Android Emulator able to run N Developer Preview Emulator System Images to help in with testing.


The Android Studio 2.1 release includes support for the new Jack compiler and support for Java 8. With the Jack compiler, lambdas, method references, compile-time type annotations, intersection types and type inference are available on all versions of the Android platform. Default and static methods and repeatable annotations are available on Android N and higher. To use Java 8 language features when developing with the N Developer Preview, developers need to use the Jack compiler.

Instant Run

Developers can access fast edits, builds and deploy cycles with Android Studio 2.0 as Instant Run now can now update incremental changes to app code much faster. Instant Run and general build speed are now faster due to two new features - incremental Java compilation and in-process dex.

In previous versions of Android Studio, a single line of Java code change will cause all the Java sources in the module to be recompiled. Now in Android Studio 2.1, incremental Java compilation is enabled by default to reduce compilation time by compiling only what is needed.


Build times are now faster by using in-process dex, which converts class files to dex files within the Gradle daemon process. This avoids the processing operation of creating separate dex processes. To use this feature, developers will need to increase the amount of memory available to the Gradle daemon to at least 2GB (1 GB is the default). This feature will help speed up both incremental and full builds.

Read More: https://developer.android.com/studio/intro/index.html

Malware hits millions of Android phones

Up to 10 million Android smartphones have been infected by malware that generates fake clicks for adverts, say security researchers.

The software is also surreptitiously installing apps and spying on the browsing habits of victims.
The malware is currently making about $300,000 (£232,000) a month for its creators, suggests research.
The majority of phones that have been compromised by the malicious software are in China.

Remote control
A spike in the number of phones infected by the malware was noticed separately by security companies Checkpoint and Lookout. The malware family is called Shedun by Lookout but Hummingbad by Checkpoint.

In a blogpost, Checkpoint said it had obtained access to the command-and-control servers that oversee infected phones which revealed that Hummingbad was now on about 10 million devices. China, India, the Philippines and Indonesia top the list of nations with most phones infected by the software.
Hummingbad is a type of malware known as a rootkit that inserts itself deep inside a phone's operating system to help it avoid detection and to give its controllers total control over the handset.
The ability to control phones remotely has been used to click on ads to make them seem more popular than they actually are. The access has also been used to install fake versions of popular apps or spread programs the gang has been paid to promote.
"It can remain persistent even if the user performs a factory reset," wrote Kristy Edwards from Lookout in a blogpost. "It uses its root privileges to install additional apps on to the device, further increasing ad revenue for the authors and defeating uninstall attempts."
Ms Edwards said the recent spike in infections could be driven by the gang behind the malware adding more functions or using their access to phones for different purposes.
The malware gets installed on handsets by exploiting loopholes in older versions of the Android operating system known as KitKat and JellyBean. The latest version of Android is known as Marshmallow.
In a statement, Google said: ""We've long been aware of this evolving family of malware and we're constantly improving our systems that detect it. We actively block installations of infected apps to keep users and their information safe."
Google released the latest security update for Android this month and it tackled more than 108 separate vulnerabilities in the operating system. So far this year, security updates for Android have closed more than 270 bugs.

Google’s Android Security Rewards program has given out $550,000 this year

Everyone’s worried about Android vulnerabilities whether or not Google is able to resolve them in time. But last year, Google did portray that they are serious about the vulnerabilities found in Android OS with its Android Security Rewards program. A year later, security firms and researchers seem to have made a killing indeed.

Google has given out about $550,000 to about 82 individuals in rewards in the program’s first year. This would cover about 250 reports that qualified, translating into about $2,200 per reward and about $6,700 given out to every researcher.

@heisecode was the top researcher on that short list. He reported about 26 vulnerabilities himself and has managed to reap about $75,750. About 15 researchers were paid $10,000 or more. There were no payouts for the top reward for a complete remote exploit chain leading to TrustZone or Verified Boot compromise.

While it may worry many Android users as to how there are so many exploits to begin with, Google seems pretty happy with the success of the program. In fact, it has upped the rewards plan and has decided to pay even more. According to the blog post Google will now pay 33 percent more for a “high-quality vulnerability report with proof of concept.”

A researcher would need a Critical vulnerability report with a proof of concept that it works in order to qualify for the reward that has now been upped from $3,000 to $4,000.

The stakes for kernel exploits have been raised as well. From a jaw dropping $20,000 to $30,000. At the same time, a remote exploit chain or exploits leading to TrustZone or Verified Boot compromise also increases from $30,000 to $50,000.

Augmented Reality – What is it?

Although this site is dedicated to virtual reality, you cannot discuss it without mentioning its very close cousin augmented reality, but what is it?

Whereas virtual reality immerses your senses completely in a world that only exists in the digital realm, augmented reality takes the real world of the present and projects digital imagery and sound into it. Augmented and Virtual Reality both fall on the continuum of mediated reality. Which is where a computer system modifies our perception of reality versus the “real” world.

As you can probably deduce this means many things qualify as augmented reality. The heads up displays we see in some aircraft and cars that may show you things like “distance to a target”, GPS position or your current speed are a form of augmented reality. Events with digital avatars of deceased musicians such as Michael Jackson and Tupac Shakur projected onto a screen using the Pepper’s Ghost illusion would also qualify under a broad definition of augmented reality.

However, when we hear about augmented reality these days it usually refers to a much more sophisticated, interactive and spatially aware implementation of the concept. Where digital objects such as 3D models or video are projected onto our view of reality as if they were really there.

How Does Augmented Reality Work?

The type of augmented reality you are most likely to encounter uses a range of sensors (including a camera), computer components and a display device to create the illusion of virtual objects in the real world.

Thanks to the popularity of smartphones, which have all the necessary components, they have been the place most commercial augmented reality applications that have been released.

In general the device looks for a particular target. This can be anything, but usually it’s a 2D image printed on something like a movie poster. Once the augmented reality application recognizes the target via the camera it processes the image and augments it in some way with pictures and sound. For example, you may see the movie poster spring to life and play a trailer for the film. As long as you look at the poster through the “window” of the display you can see augmented reality instead of plain old vanilla reality.

By using smart algorithms and other sensors such as accelerometers and gyroscopes the device can keep the augmented elements aligned with the image of the real world.

Using a smartphone or tablet computer as a “magic window” into the augmented world is one way we can relay this digital info to our eyes, but there are many other ways to achieve this.

Digital imagery can be projected directly onto physical objects. This is known as projection mapping and can be used to quite striking effect. For example, the Dyadic Mano-a-Mano uses projectors and Microsoft Kinect sensors to provide the user with 3D digital imagery projected directly onto the environment. The user doesn’t need to wear equipment or use any devices. Interaction with this system is highly natural and intuitive.

Projection mapping for augmented reality

Projection mapping as an augmented reality method has a lot of potential, but it requires a controlled and mapped space in order to work. The method that is most likely to supplant smartphone augmented reality as a common implementation outside of the laboratory is one that uses head mounted systems. This is where virtual and augmented reality really begin to converge, as there is no real reasons why the head mounted systems used by both technologies cannot be cross-functional. Indeed, head mounted systems that use smartphones to work often have something known as a camera “pass-through”. In other words, although you can’t see anything other than the screen of the head mounted display (HMD) it can show you the outside world via the rear-facing camera of the phone. This of course allows for augmented reality without the need for a handheld device. However, unless specially designed against it, this method leaves one feeling a bit disconnected from the experience, since the camera’s perspective and lack of depth perception don’t quite gel compared to what the naked eye sees.

One way to get around this is by using a system as found in the Google Glass and Microsoft Hololens. Both of these devices use something known as a “prism projector”. The eyes of the user look out at the world unimpeded, but digital imagery is projected into the prism projection system that sits between the eye and the outside world, making it appear as if those objects are really there, sitting on a table or hanging against the wall. The way this HMD achieves this is complex and fascinating and it discussed more completely in our Hololens article.

There are many ways to achieve the goal of augmented reality, but as you can see the end result is that we see digital information blend with the analogue world. Something that has many, many applications. Some of which we’ll take a closer look at.

Applications of Augmented Reality

Augmented reality has a wide range of applications in several industries and thanks to the rise of consumer smart devices and overall computing technology developments it now has lots of potential in the mainstream consumer space as well.

The two areas where we have seen a lot of commercial development in augmented reality are education and gaming.

The two biggest mainstream video game consoles, the Xbox and Playstation, have included augmented reality capabilities for the last two console generations. These game in the form of the Kinect (for the Xbox) and Playstation Eye or Camera (for the Playstation 3 and 4 respectively). Because you’re facing both the camera and the screen in these implementations are more like augmented reality mirrors, where you see yourself “in” the game and can interact with game characters that look to be in the same room as you.

Mobile augmented reality games are also not rare, and can be found on smartphones, tablets and handheld consoles such as the Nintendo 3DS and Playstation Vita.

Seeing the potential for augmented reality in education isn’t hard. It’s being implemented in fields such as medicine where students can benefit from live 3D models. It’s possible to use existing learning material (such as pages from a textbook) as targets for augmented reality. So when viewed through the lens of a smartphone you can see that picture of an engine animate in an engineering textbook or a working 3D model of a beating heart that you can walk around of rotate by hand.

In medical practice augmented reality can project information directly onto the body of a patient. For example, the Veinviewer system projects a real-time image of infrared vein scans directly onto the patient’s skin. Creating the impression that the skin is transparent. This allows the clinician to “see” the veins directly.

Military use cases are also quite clear, since soldiers wearing heads up displays (HUDs) can see information tagged onto objects in the real world. Radar information, orders or any other relevant sensor data from devices on the network that can provide it. Enemy and friendly positions are of course also useful to know. Augmented reality clearly has a bright future in military applications.

Mobile phones especially the iPhone use augmented reality apps which allow you to view computer generated images that have been superimposed over real world images. An example of this is an app which helps you to find a restaurant: it does this by displaying restaurant signs/logos as you move in a particular direction.

Another useful type of app is a golf GPRS system which helps golfers around a course. It displays yardages for each of the 18 holes, shows where the hazards are, e.g. bunkers and advice and support on improving your game. If you are golfer then this app will appeal to you immensely – look for the Golfscape Augmented Reality Rangefinder from the Apple store.

Augmented reality is also used in marketing and advertising as a means of enhancing certain aspects of a product in order to make it more attractive which will boost sales. This is discussed in more detail in our augmented reality marketing article.

Conclusion

Augmented reality is likely to worm its way into our daily lives more and more in the 21st century. Once wearable computers become more common it won’t be strange to see people interacting with and reacting to things that aren’t there from your perspective. Thanks to technologies such as augmented reality the way we work with computing devices and think about the divide between digital and analogue reality is likely to change fundamentally. Nothing is stopping you from experiencing augmented reality for yourself today though. Just hop onto your smartphone’s app store and search for “AR” apps. There are plenty to try, many of them free.

We've seen Magic Leap's device of the future, and it looks like Merlin's skull cap

A patent filing has revealed a design for the much-vaunted Magic Leap augmented reality headset, but it’s hard to imagine looking cool while wearing it.

Depending on the reality you seek, the latest virtual reality news is either really nifty or really dorky.

The much-hyped startup Magic Leap – backed by Google, Warner Brothers, JPMorgan Chase and others – recently won a patent for the design of an augmented reality headset. The device, according to a report in Wired, would let users superimpose calendars, kids pictures or jellyfish over day-to-day life. So-called mixed reality or augmented reality is seen by many as consumer technology’s next big wave.

Magic Leap’s design patent, which was granted on Tuesday, could offer the first look at what some say may be the most revolutionary tech gadget in years. It could also illustrate a stubborn problem that’s been holding augmented reality back.

It’s hard to imagine looking cool while wearing the devices.
The headset features a quarter-dome piece of clear material that would sit in front of and above users’ heads. It’s not discreet.

Unlike standard virtual reality headsets, Magic Leap’s device would let users see the rest of the world around them while superimposing virtual content in all directions. It has more in common with Google’s ill-fated Glass, which offers basic web search information and map directions through an augmented reality – if far less graphically impressive than Magic Leap.

In a promotional video released by Magic Leap in April , a man looks around his desk at a three-dimensional rendering of daughter’s school project and shoes he might like to buy. He then tilts his head up and notices jellyfish are floating majestically above his desk.

Google launches certification program for development agencies

Google has made good on a pledge the company made last December of launching a certification program for software development agencies; with the program now live in a number of countries.

The initial announcement came via a blog post last year where the company shared its plans to offer a 'unique' program for software development agencies working on mobile apps. Few updates regarding the progress of the program were provided until today, but Google says it drew interest from "hundreds" of agencies.

Uttam Kumar Tripathi, Global Lead of the Developer Agency Program at Google, made the announcement today of a successful launch in countries including the UK, India, Russia, Indonesia, USA, and Canada.

Google makes it clear that it does “not endorse, or offer any warranty, regarding the certified agencies,” but rather it aims to highlight some of the agencies that Google considers among the best. Of course, the program focuses on agencies which build Android software but will also support those who create web applications.

“The Agency Program is an effort by Google’s Developer Relations team to work closely with development agencies around the world and help them build high-quality user experiences,” Tripathi says.

Certified agencies receive personalised training through local events and hangouts, dedicated content, priority support from product and developer relations teams, and early access to upcoming developer products. Google plans to review and include more agencies in their program over the year along with expanding the program to other countries.

You can find out more information about the Agency Program here.

What are your thoughts on Google's certification program? Let us know in the comments.