A Microsoft patent filed last month revealed plans for controllers that will transform smartphones into handheld Xbox consoles, in what may be the system’s first foray into gaming on the go.

The patent, filed on July 9, is for a charging device for removable input modules. While there is no specific mention of the Xbox in the application, a couple of the drawings feature all-too-familiar buttons and symbols.

The patent is specifically for the charger of the controllers, which the filing said will temporarily attach to a touchscreen device to provide input controls. Possible features for the controllers include built-in speakers, a headphone jack, and wireless headphones support.

The controllers will address certain issues commonly experienced in games for a touchscreen device such as a smartphone, including slipping fingers, obscured parts of the display, and the cramped space for on-screen controls.

Designer Sarang Sheth from Yanko Design took a stab at mock-ups for the controller mentioned in the Microsoft patent, creating what may be the first look at an upcoming Nintendo Switch challenger.

Apple is having a bad week. Just days after Face ID was hacked and the company’s “user-hostile” iPhone battery practices were exposed, an extraordinary story of Apple neglect has resulted in a warning every iPhone and iPad user needs to know about.  

Picked up by AppleInsider, security firm Check Point has revealed it has found a way to hack every iPhone and iPad running iOS 8 right up to betas of iOS 13. This spread covers eight years of devices (iOS 8 supports the 2011 iPhone 4S) and, with Tim Cook stating there are 1.4BN active iOS devices around the world, this is worrying news for the owners of pretty much all of them. 

What Check Point discovered is that the Contacts app built into iOS can be exploited using the industry-standard SQLite database so that any search of Contacts can trick the device into running malicious code capable of stealing user data and passwords. 

"SQLite is the most wide-spread database engine in the world," said Check Point. "It is available in every operating system, desktop and mobile phone. Windows 10, macOS, iOS, Chrome, Safari, Firefox and Android are popular users of SQLite."

Getty

Millions of shiny new Android smartphones are being purchased with dangerous malware factory-installed, according to Google's own security research team. There have been multiple headlines about the millions of harmful apps being installed from the Play Store, but this is something new. And the danger to unsuspecting users, trusting that new boxed devices are safe and clean, is that some of that preinstalled malware can download other malware in the background, commit ad fraud, or even take over its host device.

Android is a thriving open-source community, which is great for innovation but not so great when threat actors seize the opportunity to hide malware in basic software loads that come on boxed devices. New phones can have as many as 400 apps factory-installed, many of which we just ignore. But it transpires that many of those apps have not been vetted. The apps themselves will work as billed, providing a useful capability or service, so we can be forgiven for not considering the risk that might lurk within.

Google's Maddie Stone, a security researcher with the company's Project Zero, shared her team's findings at Black Hat on Thursday. "If malware or security issues come as preinstalled apps," she warned, "then the damage it can do is greater, and that's why we need so much reviewing, auditing and analysis."

The risk impacts Android's Open-Source Project (AOSP), a lower-cost alternative to the full-fat version. AOSP is installed on lower-cost smartphones where cheaper software alternatives help keep prices down. This means owners of Android-badged devices from the likes of Samsung and Google itself are safe from this particular risk.