Why OnePlus’s Credit Card Data Breach is Particularly Bad

The other shoe dropped today forOnePlus, who announced they had determined as many as 40,000 customers’ card information had been compromised.

According to the internal investigation, a malicious script was running on one of the company’s payment processing servers and was able to capture customer’s full credit card numbers, expiration dates, and security codes directly from the user’s browser window.

WOW! Most of the time when a credit card is stolen from a merchant’s database, the CVV is not captured because it is against PCI regulations for any merchant or payment processor to store that critical piece of data. Because this script was capturing data directly from the customer’s browser, this had not been purged from the system yet. That CVV is something only you and your bank should know, and it’s the essential element in online (card not present) transactions to verify you have the actual card with you and are not using someone else’s card. With the CVV, a criminal using your card looks exactly like you to the bank1. So yeah, that’s really not good.

This is why new payment methods like Google Pay and Apple Pay are so important. If OnePlus had allowed me to pay with a more secure payment method like those instead, this script would not have been able to do anything.

I don’t own a OnePlus phone, but I did buy my brother an accessory for Christmas last year and I bought it from their store. Faaaantasic.

  1. Hopefully your bank notices an IP address abnormality or something else to trigger a fraudulent transaction, but that’s no guarantee. 

Meet the New Headphone Struggles, (mostly the) Same as the Old Headphone Struggles

You can almost set your watch by The Verge articles about how the 3.5mm headphone jack was glorious and everything is bad now that it’s gone from most of the the more important smartphones today. They had another one today and once again I’m just not sold.

It’s all with the intent of making things better, but before we get to the better place, we’re going to spend an uncomfortable few months (or longer) in a fragmented market where you’ll have to do diligent research to make sure your next pair of headphones works with all the devices you already own.

Right up front we have this assertion that buying headphones is now tricky because you need to figure out what headphones work with your phone. My answer: get literally any Bluetooth pair of headphones. No, I don’t need to know what phone you have, Bluetooth with work with them.

This this, Vlad Savov would say “yes, but to get the best quality you need to find headphones that use a codec supported by your device,” and he is totally correct there. But I would argue this is not something that almost anyone needs to get hung up on. Studies show very little difference between the competing proprietary codecs vs the standard Bluetooth codec used by all wireless headphones. So while the codec the device uses to transfer data from your phone to your headphone is mildly important, the quality of the headphones themselves is far more critical. This reminds me of the rush for Qualcomm’s QuickCharge tech when there was an equally good standard that phone makers could choose to use instead.

And while we’re talking about codecs, I think we should remember that before wireless was king, we were endlessly comparing the DACs in phones as they came out, as different companies put out headphone jacks that supported different audio types. Here’s a line from an iPhone 6 review talking about it’s 3.5mm headphone jack:

Can Apple improve this? […] They could also support 24-bit audio which can improve on the SNR values here. […] The HTC M8 may perform better given 24-bit test tones but would need a retest to verify this. Apple seems to have decided on using Lightning with an external DAC to push beyond 16-bit audio so we will have to wait for devices using that to see.

Mush of this review is mysterious to me, but it is a reminder that simply plugging any old pair of headphones into any phone did not guarantee you got everything before Bluetooth either.

And the problem with compatibility was (and still is) there with the codecs used to encode music in the first place:

The Apple iPhone 6S – our current Award-winner – is restricted in the files it plays. Apple Music (the native music player app) and iTunes can both play MP3, WAV, AAC and ALAC files, but not FLAC or DSD files, nor anything beyond 24-bit/48kHz.

While ALAC is the iTunes-friendly version of FLAC, most hi-res download sites – 7digital, Qobuz, Technics Tracks, Onkyo Music – only offer albums in the lossless FLAC format.

So the problem here is software, rather than hardware.

Basically, if you want to get the best quality sound, you need to make sure your phone, your headphones, and your audio files are all on the same page. This is true today and it was true before.

Moving on from the technical side, Savov brings up Bluetooth pairing being a pain in the ass. He’s not wrong here, as it usually goes well, but it can be a real pain if it goes poorly. Apple and Google have their own solutions to make this process easier, and I agree it is unfortunate not all devices get it this easy. That said, Bluetooth 5 is supposed to make pairing easier and as the market for wireless headphones grows, so will manufacturers’ motivation to make the pairing experience better.

Finally, he gets to voice assistant fragmentation, which again I say has always been an issue. My AirPods can’t connect to my Pixel 2 and trigger Google Assistant (although this free app fixes that), but neither could my EarPods. Likewise, I’ve had trouble with generic headphones working between devices as well. Some will trigger Assistant on Android, but not Siri on iOS, and some will do the opposite. If you have a pair of wired headphones that do work with voice assistants on both iOS and Android, then you have them from a company who did extra work to make them work with both. Again, just like today.

I understand where Savov is coming from, I really do: headphones can be a pain! But what I generally disagree with is the notion that things were so much easier before. Yes, wired can be less complicated than wireless in a few ways (mostly in regards to pairing, aka you don’t have to with wires) but the complications we have today are very similar to the ones we had before. Codecs are still a mess, and no one can agree on what to use, which is true of every single thing that has a standard, audio or not, but this has always been the case and the good news is that the actual standards that everyone is using today is good for most people. If you want to do more specific about your audio needs, then you need to pair your devices appropriately, and that’s true today and 10 years ago.

Wireless audio should improve, and I can already see it happening. As an AirPods user, I feel like I’m living in the future every day. These were dead simple to set up, work 100% of the time for me, are subtle but stay in my ears very well, and they don’t make me feel like I’m giving anything up over the wired headphones they replaced.Generic Bluetooth devices are not this good yet, but they are getting there, and honestly are not that bad. And for all the benefits they allow, most people seem to be okay with the transition.

I for one do not miss getting my headphones ripped out of my ears when they got caught on doorknobs, spending more time than I’d like to admit untangling them from my pockets, replacing them when the wires wore out, and looking a little silly with those cables dangling down from my head.

Wallpaper Wednesday: Asphalt

I took this photo of the street near my work and thought it would make for a nice wallpaper. I put it on my iPhone and was kinda blown away by the look.

This was shot on the Pixel 2 and the color was adjusted with Pixelmator for iOS. The shot is at full size, so 3024×4032 (aka about 50% more pixels than the normal 4K wallpapers I post, and about 5-6x higher resolution than the screen on the phone in your pocket). It’s a 7MB image, so you may have to give it a minute to load.

Voice Assistants’ Blind Spot

Smart Audio Report on Smart Speaker Adoption in the U.S. – MacStories:

To me, this suggests that either owners of smart speakers aren’t familiar with smartphone assistants (I doubt it) or that there is indeed something useful about stationary speakers that smartphones can’t fully replicate.

Federico Viticci nails it here. As I have tried to articulate as well, there is a distinct difference between a smart speaker with a voice assistant and a smartphone with a voice assistant. If people like Alexa/Assistant and when asked, say they want those assistants in their cars first, and then their smartphones, one of two things is most likely true:

  1. People don’t know that their smartphone has a voice assistant built in, and if it’s an Android phone running Nougat or newer, it’s the same Google Assistant as your Google Home.
  2. The use case between a phone and smart speaker are different and people do not find the current implementation on phones to be sufficient.

I would give people the benefit of the doubt and say that number 2 is the answer.

FIFA 18 Sold Better on Switch than PS4 in Japan

FIFA 18 Switch Has Officially Outsold The PS4 Version In Japan | NintendoSoup:

FIFA 18 sales on Nintendo Switch have officially overtaken FIFA 18 sales on PS4. According to Dengeki Online, as of January 7, 2018, the PS4 version has sold 77,892 copies since launch, while the Switch version sold 89,329 copies.

This oh course comes with a grain of salt, as Nintendo usually does better in Japan than the rest of the world, as well as the fact Japan is a smaller market on the world stage, but it’s still exciting. Nintendo owners famously have not bought sports games in any real volume for decades, so this is at least encouraging. I’d love to see the numbers for FIFA in North America.