Tag Archives: aapl

Fitbit’s Latest Fitness Trackers Off To Strong Start

Wearable fitness device maker Fitbit ( FIT ) announced Thursday that it shipped more than 1 million units each of its latest products — the Fitbit Blaze smart fitness watch and Fitbit Alta fitness wristband — in their first month of availability. Fitbit stock has been depressed this year in part because investors were disappointed in the company’s products announced since the CES in January. Fitbit went public last June 18 at 20 and climbed as high as 51.90 on Aug. 5. Fitbit stock was up over 6% to above 14 in midday trading on the stock market today . Fitbit’s message on Thursday was that both new products are off to a strong start. The San Francisco-based company said its Blaze sales have exceeded the company’s internal forecasts. Some industry analysts were worried the fitness-centric watch would compare poorly to Apple ‘s ( AAPL ) more capable, yet pricier, Apple Watch. Since its launch, Fitbit Blaze has been the No. 1 best-selling device in the smartwatch and heart-monitor categories on Amazon.com ( AMZN ). Fitbit Alta also is currently one of the top-selling devices in the fitness tracker and pedometer categories on Amazon. “At Fitbit, we continue to focus on developing innovative and motivating fitness-first products that our customers love and that help them achieve their health and fitness goals,” Woody Scal, chief business officer at Fitbit, said in a statement . “The positive response we’ve received to Blaze and Alta demonstrates our continued ability to innovate and drive strong demand for Fitbit products, which is what has made and kept us the leader in the global wearables category.” The Fitbit Blaze costs $199.95. Last week, Apple cut the starting price for its Apple Watch to $299 from $349. The Fitbit Alta costs $129.95. It competes with fitness trackers from Garmin ( GRMN ), Jawbone, Microsoft ( MSFT ) and others.

How Google Hands Free App Could Disrupt In-Store Payments

If Google and its Hands Free payments app can achieve a critical mass of brick-and-mortar stores, other digital wallet companies and payments processors could find themselves facing tougher competition — at least, based on my test of the app. Hands Free is designed to eliminate the need to pull out a smartphone and tap it on a point-of-sale system when paying with Android Pay. It uses a combination of your initials, phone and picture to complete each transaction. And it works. Well. Google, which is a unit of Alphabet ( GOOGL ), rolled out Hands Free in March to at least 15 businesses with locations around the South San Francisco Bay Area. Since IBD’s Silicon Valley bureau is located near several, I decided to test the idea of ordering and paying for something with only my voice — part of the future we’ve been promised. After taking a selfie — a photo is required to use the Hands Free app — on my Nexus 5X phone, I headed to a nearby McDonald’s ( MCD ), one of the chains participating in the pilot program. A colleague in the newsroom wanted a Diet Coke, and I was happy to oblige. Phone in my pocket, I walked up to the cash register, placed my order for a medium Diet Coke and then uttered the phrase “Can I pay with Google?” The cashier skipped a beat and replied, “Of course you can! Initials?” I replied with mine. “M.C. Hammer!” she said, and pressed a few more buttons on the register. “Wearing a hat today, I see,” she said, studying my hatless selfie on the register. And then she handed the beverage over with a receipt (I got an emailed receipt as well). Neither my phone nor wallet ever left my pockets. My order was small and the test limited, but it’s clear that the implications could be far-reaching if consumers take to the idea. If Hands Free were available widely, I would certainly use it — paying with just your voice is incredibly easy (and cool, too). At its core, Hands Free takes a swing at a big issue in payments (and e-commerce in general): how to make checkout as frictionless as possible. PayPal ( PYPL ) and its most recent endeavor on that front, One Touch , also attacks the friction problem. Apple ( AAPL ) Pay and rival Android Pay are also trying to innovate around the friction Silicon Valley perceives in paying with cash, a credit card or a mobile phone. With Google running a relatively small pilot program, it’s hard to say at this early stage what impact Hands Free will have on its digital wallet. I doubt that being able to pay with Hands Free would alter where I go to buy things, but it just might be enough to convince me to pick Android Pay over its competitors.

Billions Of Apple iPhones May Be Vulnerable To Attack: Check Point

Billions of Apple ( AAPL ) iPhones and iPads could be exposed in an iOS 9 vulnerability, Check Point Software Technology ( CHKP ) researchers were slated to announce Thursday morning at Singapore’s Black Hat Asia 2016 conference. Enterprise applications installed via Mobile Device Management (MDM) software are exempt from Apple’s latest security changes, which means that an attacker can hijack legitimate communications to install malicious apps, says the security firm. It’s still theoretical, Avi Rembaum, Check Point vice president of security solutions, told IBD on Wednesday. Black Hat gives researchers an opportunity to discuss hypothetical threat vectors, including this new so-called “Sidestepper” vulnerability. “Unfortunately, a lot of those things we talk about that might happen often end up happening,” he said. Few Barriers To Entry Apple recognized a key piece of the Sidestepper vulnerability in iOS 8. For $299 a year, an enterprise can purchase an Apple certificate to upload a private app via the Apple Developer Enterprise Program. “But if someone is going to be malicious, they don’t really care about signing a (certificate) agreement, plus it’s $299 per year to get that certificate,” Rembaum said. “There weren’t many barriers to entry.” Enterprises are headily embracing the “Bring Your Own Device” trend and, in one case study of a Fortune 100 company, Check Point found 318 private apps and 116 unique certificates on employees’ devices. Those numbers were suspiciously high, Rembaum said. “When we looked deeper … they were on the sketchier side and were from parts of the world that could be problematic,” he said. “We saw a very small number of them that would be considered white-listed (trustworthy).” So in iOS 9, Apple upped the challenges to installation, says Check Point. But the new challenges don’t cover MDM-pushed updates to employees’ devices. Of the 1.2 billion installed iPhones and iPads, 79% have iOS installed and are therefore vulnerable. Intercepting Legit Connections Enterprises often rely on MDM services like those by BlackBerry ( BBRY ) (via its Good Technology acquisition),  VMWare ( VMW ) and MobileIron ( MOBL ) to push updates onto employees’ devices, thereby avoiding the “headache” of ensuring that every app has identical settings, Rembaum said. That MDM-device connection, however, is also a powerful portal for Man-in-the-Middle (MitM) attacks, he said. A hacker can, theoretically, intercept the communications between MDM and device to install a certificate and then a malicious app. Often, the interception relies on social engineering, he said. “An attacker would send a text message to the target with a link to download the configuration file,” he said. “It would install a certificate and configuration instructions in the phone. The only thing the user has to do is say yes to installing.” Then the attacker is in — with access to a user’s address book, microphone, photos, GPS, apps and, possibly, company data. Education Alone Isn’t Enough Rembaum recommends that MDM users take a “multilayer approach” to mobile security. Because hackers often rely on social engineering to launch phishing attacks — by email, text message or social media — enterprises should train employees on red flags. Phishing attacks cost businesses more than $215 million between October 2013 and December 2014, according to a January report by the FBI. This month, Seagate Technology ( STX ) discovered that it had been duped into handing out nearly 10,000 W-2 forms belonging to former and current employees. The Seagate revelation came on the heels of a similar attack on privately held Snapchat. Scammers often change a single letter in an email address or impersonate a CEO’s email address, Barracuda Networks ’ ( CUDA ) Slawek Ligier and Proofpoint ’s ( PFPT ) Ryan Kalember told IBD. Outside education, an enterprise can install Check Point’s Mobile Threat Prevention (MTP) software and have its employees install the ZoneAlarm app, Rembaum said. FireEye ( FEYE ), Symantec ( SYMC ), Intel ’s ( INTC ) McAfee, Palo Alto Networks ( PANW ) and Proofpoint also compete in the mobile security space. A MitM attacker creates an encrypted tunnel — typically through a virtual private network (VPN) — to its own site, directing a user away from the legitimate MDM. Check Point’s MTP solution hunts down that encrypted tunnel. “The user would have received the text, clicked on the link and installed the certificate,” Rembaum said. “Then (Check Point’s software) would reach out and block the connection.” He added: “The actual installation of the malware wouldn’t have succeeded.”