A serious vulnerability found by Microsoft in the TikTok Android app could have allowed hackers to hijack millions of accounts. On Wednesday, the company’s 365 Defender Research Team detailed a one-click exploit it informed TikTok of in February. The good news is that the social media company promptly patched the vulnerability before today’s disclosure and Microsoft says it has no evidence of someone using it out in the wild.

“We gave them information about the vulnerability and collaborated to help fix this issue,” Microsoft’s Tanmay Ganacharya told The Verge. “TikTok responded quickly, and we commend the efficient and professional resolution from the security team.”

According to Microsoft, the vulnerability involved an oversight with TikTok’s deep linking functionality. On Android, developers can program their apps to handle certain URLs in specific ways. For instance, when you tap on a Twitter embed in Chrome and the Twitter app automatically opens on your phone as a result, that’s an example of the deep linking feature working as intended.

However, Microsoft found a way to bypass the verification process TikTok had in place to restrict deep links from executing certain actions. They then discovered they could use that vulnerability to access all the primary functions of an account, including the ability to post content and message other TikTok users. The flaw was present in both global versions of TikTok’s Android app. The two releases have more than 1.5 billion downloads between them, meaning the potential impact of someone discovering the vulnerability before it was patched could have been massive.

Microsoft recommends all TikTok users on Android download the latest version of the app as soon as they can. More broadly, you can protect yourself in the future from similar exploits by not clicking on sketchy links. It’s also good practice to avoid sideloading apps as you don’t know how someone could have altered the APK.

Meta has started notifying users of its standalone Facebook Gaming app that it will soon no longer be available. In an in-app notification (as shared by social media consultant Matt Navarra and other publications), the company has announced that both iOS and Android versions of the application will stop working on October 28th. Meta is also giving users the chance to download their search data and reminding them that Facebook Gaming isn't going away entirely. Users will merely have to go to the Gaming tab in the main Facebook app to watch their favorite creators' livestreams.

The company released the dedicated Gaming app in 2020 to better compete with Twitch and YouTube. Meta (still known as Facebook back then) designed the app to highlight content from streamers and to provide users with a group chat and other community features. It didn't say why it decided to shut down the standalone app, but it could be part of its cost-cutting efforts meant to help it weather what Mark Zuckerberg calls "one of the worst downturns [the company has seen] in recent history."

Over the past year, streaming tool providers such as StreamElements reported that Facebook Gaming comes only second to Twitch when it comes to hours watched on a game streaming platform. However, we examined data from CrowdTangle, Meta's analytics service, and found that the platform is flooded with spam and pirated content masquerading as gaming livestreams. Back then, a spokesperson told Engadget that Meta was "working to improve [its] tools to identify violating content" so that users can have "the best experience."

Instagram is giving users more ways to tweak their suggested posts amid a backlash to the app’s aggressive shift toward recommendations. The app is testing a new option that will allow users to use keywords and emoji to mute certain topics from appearing in suggested posts.

The change will block posts in which the users’ keywords, which can include emoji as well as words and phrases, appear in the caption or hashtag for a post. “You can use this feature to stop seeing content that’s not interesting to you,” Instagram writes in a blog post. Users can customize their filter words from the app's settings. The company notes that people can also opt to snooze all recommendations entirely.

Instagram is also testing a new way to weed out unwanted posts from the app’s Explore section. With the change, users can select multiple posts at a time and mark them all as “not interested.” This will hide those posts, and block out similar recommendations in the future, according to the company.

Instagram

While both new options require a bit of extra work, the changes could bring some relief for users’ who have been frustrated by the quality of Instagram’s recommendations as the app has taken increasingly aggressive steps to become more like TikTok. Instagram’s top exec Adam Mosseri said last month the company would tone down the number of recommended posts and halt its experiment with a full-screen feed. Both changes have been deeply unpopular, prompting viral memes criticizing the company’s efforts to copy TikTok.

Regardless of criticism, Meta’s leaders have been clear that they intend to shift both Facebook and Instagram’s feeds from mostly friend content to more posts from AI-driven recommendations. But the new controls could help the company eventually improve the quality of those suggestions, which might make them more palatable to users in the long run.

Truth Social, the social media platform backed by Donald Trump, is still not available on the Google Play Store. That's because Google has yet to approve the app due to violations of standards and inadequate content moderation.

The company informed Truth Social earlier this month about "several violations of standard policies in their current app submission and reiterated that having effective systems for moderating user-generated content is a condition of our terms of service for any app to go live on Google Play," a Google spokesperson told Axios. "Last week, Truth Social wrote back acknowledging our feedback and saying that they are working on addressing these issues.”

Devin Nunes, Truth Social's CEO, said last week that it was up to Google to determine when the Android version of the app would be available on the store. However, Google asserts that Truth Social will need to resolve the moderation issues first. Google reportedly has concerns over certain content on the platform, including incitements of violence and physical threats.

The platform does apply a label to some posts indicating that the content "may not be suitable for all audiences." However, at least some content alluding to violence does not feature the banner. 

Truth Social's iOS app debuted on February 20th. Two days later, it emerged that Truth Social was censoring some content and kicking out certain users, so moderation is not a foreign concept to the company.

Truth Social hasn't offered a web-based version of the service that Android users can try. Nor has it provided a way to sideload the app, even though there's nothing to inherently stop it from doing so. 

There are broader issues at the company, such as an investigation into how it became publicly traded. It's said to owe a vendor $1.6 million too. On top of that, two key executives resigned soon after the iOS app went live.

Snapchat is the latest app to add dual camera functionality. The app is launching the “Dual Camera” recording feature it previewed during its Partner Summit earlier this year. The update enables users to snap photos and video using their phone’s front-facing and rear cameras simultaneously. It’s available now on iOS for iPhone XS and newer (Snap says Dual Camera won’t be available on Android for several more months.)

The company first teased the feature in April, when it said the new video option would be part of a suite of more advanced features for creators called “director mode.” But while director mode hasn’t yet launched — Snap says it’s expected in the coming months — the company opted to roll out Dual camera as a standalone feature in the main Snapchat camera.

Capturing content with both device’s cameras at once isn’t a new concept — the briefly popular app Frontback experimented with it nearly a decade ago — but the concept has become more popular in recent months with the rise of selfie app BeReal. However, Snapchat’s take on the feature is a bit different than those apps, which were more focused on selfies.

With Snapchat’s Dual Camera enabled, users can record video using both cameras at once, and can change up the layout of the two clips. There’s a split-screen version, which places each camera on one half of the screen; a picture-in-picture style; and a cutout mode similar to the effect you might get with TikTok’s green screen. Dual Camera mode also supports Snapchat's signature augmented reality lenses, though for now the effects can only be applied after the fact. 

Snap isn’t the only company experimenting with dual-camera-recording. Instagram is also testing a dual camera setup called Candid Challenges, which the company confirmed last week is currently an “internal prototype.” For now, that feature sounds more like a straight copy of BeReal, but it’s not difficult to imagine the feature could one day make an appearance in Reels as well

For over a decade, Valve has offered access to Steam through Android and iOS clients. In recent years, however, the Steam mobile app hasn’t gotten much attention from the company. Not only does it look dated, but it’s also a pain to use. I only keep it on my iPhone to take advantage of Steam Guard verification.

The good news is that Valve is working on a new version of the mobile app. In a blog post spotted by PC Gamer, the company invited “invested Steam users” to beta test its redesigned Android and iOS client. “We’ve rebuilt the app on a new framework and modernized the design. (2015 called and wanted their app back,)” Valve wrote. 

In addition to previously included features, the redesigned app adds more intelligent notifications, multi-account support and a new way to log into your Steam account. Instead of inputting your username, password and Steam Guard verification, you can use a QR code to simplify the process. It’s probably the most useful feature added by Valve.

The early consensus among testers is that the new app is a welcome improvement over its predecessor. It does have the usual blemishes you find in beta software, including sluggish performance and plenty of bugs, but it's a step forward. “The sooner we get your feedback on a product, the better,” Valve wrote. “This is especially important when the app can be used on so many different phones and devices.”

There’s no public release date for the redesigned app yet. However, the beta is open to anyone who wants to take part. You can find installation instructions on the Steam website, but note that the iOS beta is limited to 10,000 concurrent participants due to Apple’s TestFlight restrictions.

Duolingo is holding its annual Duocon event today to show off some of what it's working on. One of the big things the company has in the pipeline is an app called Duolingo Math, which marks its first move outside of language learning.

The app has two main elements. The first is a math course designed for elementary school-level kids. As you'd expect if you've used the main app, Duolingo will offer short, gamified math lessons. The app also has a brain training component geared toward those aged 13 and older. The idea is to help you improve your math and everyday thinking skills. 

Meanwhile, Duolingo is set to add another language course. This time it's for Zulu, which is the most widely spoken first language in South Africa. Duolingo said the introduction of the Zulu course is part of its efforts to increase cultural awareness of lesser-studied and endangered languages.

In addition, the company will offer a look at a redesign for Duolingo ABC, a literacy app for kids. Duocon will also include details on some upcoming social features. One of those is called Friends Quest. Duolingo says it hopes to help folks have more fun while they work toward their language learning goals.

At the I/O 2022 conference this past May, Google CEO Sundar Pichai announced that the company would, in the coming months, gradually avail its experimental LaMDA 2 conversational AI model to select beta users. Those months have come. On Thursday, researchers at Google's AI division announced that interested users can register to explore the model as access increasingly becomes available.

Regular readers will recognize LaMDA as the supposedly sentient natural language processing (NLP) model that a Google researcher got himself fired over. NLPs are a class of AI model designed to parse human speech into actionable commands and are behind the functionality of digital assistants and chatbots like Siri or Alexa, as well as do the heavy lifting for realtime translation and subtitle apps. Basically, whenever you're talking to a computer, it's using NLP tech to listen.   

"I'm sorry, I didn't quite get that" is a phrase that still haunts many early Siri adopters' dreams, though in the past decade NLP technology has advanced at a rapid pace. Today's models are trained on hundreds of billions of parameters, can translate hundreds of languages in real time and even carry lessons learned in one conversation through to subsequent chats.   

Google's AI Test kitchen will enable beta users to experiment and explore interactions with the NLP in a controlled, presumably supervised, sandbox. Access will begin rolling out to small groups of US Android users today before spreading to iOS devices in the coming weeks. The program will offer a set of guided demos which will show users LaMDA's capabilities. 

"The first demo, 'Imagine It,' lets you name a place and offers paths to explore your imagination," Tris Warkentin, Group Product Manager at Google Research, and Josh Woodward, Senior Director of Product Management for Labs at Google, wrote in a Google AI blog Thursday. "With the 'List It' demo, you can share a goal or topic, and LaMDA will break it down into a list of helpful subtasks. And in the 'Talk About It (Dogs Edition)' demo, you can have a fun, open-ended conversation about dogs and only dogs, which explores LaMDA’s ability to stay on topic even if you try to veer off-topic."  

The focus on safe, responsible interactions is a common one in an industry where there's already a name for chatbot AIs that go full-Nazi, and that name in Taye. Thankfully, that exceedingly embarrassing incident was a lesson that Microsoft and much of the rest of the AI field has taken to heart, which is why we see such strident restrictions on what users can have Midjourney or Dall-E 2 conjure, or what topics Facebook's Blenderbot 3 can discuss. 

That's not to say the system is foolproof. "We’ve run dedicated rounds of adversarial testing to find additional flaws in the model," Warkentin and Woodward wrote. "We enlisted expert red teaming members... who have uncovered additional harmful, yet subtle, outputs." Those include failing "to produce a response when they’re used because it has difficulty differentiating between benign and adversarial prompts," and producing "harmful or toxic responses based on biases in its training data." As many AIs these days are wont to do.

Instagram is testing a new feature called Candid Challenges, which bears a striking resemblance to BeReal, a photo sharing app popular among Gen. Z. The currently unreleased feature was spotted by Alessandro Paluzzi, a developer known for reverse engineering apps and finding early versions of upcoming updates. An Instagram spokesperson confirmed the feature is an "internal prototype," but declined to provide additional details.

According to Paluzzi, Instagram users participating in Candid Challenges will see a notification at a different time each day to snap a photo of their surroundings. Upon getting the prompt, the Instagram camera will also open with both front and rear-facing shooters, and give users a two-minute window to snap a pic. Content shared via the challenges will appear in the Stories tray.

If that sounds familiar, it’s because the functionality sounds nearly identical to BeReal, a selfie app marketed as a more candid and authentic alternative to mainstream social media platforms. The app, which originally launched in 2019, also prompts users to take a photo using their phone’s front and rear-facing cameras at a random time each day. The daily prompts also expire after two minutes, after which users can view all the photos shared by their friends that day.

It's not yet clear if or when Instagram intends to launch the feature. An Instagram spokesperson described the feature as an "internal prototype" that's "not testing externally." But the fact that the company is testing the functionality suggests it's at least considering replicating the app inside of its own service.

BeReal has a big following among Gen. Z, and has been rising in popularity over the last several months. BeReal is currently sitting in the top position in Apple's App Store, ahead of both Instagram (No. 8) and Facebook (No. 18). It's been among the ten most-popular free apps for much of this summer. 

Mark Zuckerberg has said Meta’s future relies on appealing to young adults, who are increasingly spending their time on non-Meta platforms. And while TikTok is currently its top competitor, the company is known to closely monitor its rivals and has often copied features from other services. Instagram also recently added a new "Dual" setting to its in-app camera that mimics the shooting style popularized by BeReal.

Since the launch of Google TV almost two years ago, Google has been busy adding new features to the platform – including, most recently, iOS support. So if you feel the company has neglected the product from a performance and stability standpoint, the latest Google TV update is for you.

To start, Google says new CPU and cache management optimizations will reduce the time it takes for the “For you” tab to load on startup. Similarly, navigating within a tab and switching between multiple ones should feel more responsive after installing the latest update. A faster Live tab should also result in you seeing less of Google TV’s loading animation. Google says switching to kids profiles will take less time as well. But best of all, the software will now use less RAM, leading to a smoother viewing experience.

If you’ve been using Google TV for a while, you’ll also appreciate the storage enhancements included in this latest update. Google has added a “Free up storage” option to the Setting menu to make it easier to clear the program’s cache and uninstall apps you’re not using. The feature is already available on Chromecast with Google TV and coming to smart TVs soon. The company has also made under-the-hood tweaks that should reduce the number of errors users see when attempting to install new apps. Lastly, there’s a new automated process that will free up space on your device so that you can install more apps.

Google has begun rolling out the above enhancements to users. If you don’t see them immediately, it may take them a few days to reach your device.