+62 61 7330092


Microsoft Donates $465 Million in Cloud Services in 2016

Brought to you by Talkin’ Cloud

Microsoft has made significant headway on its goal to provide $1 billion in cloud services for non-profits and researchers over three years, donating $465 million in cloud services to 71,000 organizations so far in its first year of the effort.

Microsoft Philanthropies was created just over a year ago “to realize the promise and potential of technology for everyone,” according to a blog post this week by Mary Snapp, corporate vice president of Microsoft Philanthropies.

See also: Microsoft’s Philanthropic Arm to Bring Cloud Services to 70,000 Organizations by 2017

Along with donating cloud computing, the efforts of the initiative have included delivering connectivity to remote schools, health clinics and community centers in 11 countries, and in the U.S. specifically, expanding access to computer science education to 225 high schools.

“If there’s a single technology that is making today’s technology-driven change possible, it’s cloud computing. Our ability to work from anywhere, at any time. The emergence of self-driving cars. Individualized medicine based on the analysis of a person’s genetics. All of these things are made possible by the cloud,” Snapp said. “But to realize the full potential of the cloud to create economic opportunity and address the world’s most difficult challenges, the power of cloud computing must be available to nonprofit organizations and researchers, and to individuals who lack affordable broadband access. Therefore, in January of last year, we announced a three-year initiative to donate $1 billion in cloud computing resources to 70,000 nonprofit organizations and 900 university researchers, and to expand broadband access in 15 countries.”

Snapp said that in 2017 Microsoft Philanthropies will continue to drive initiatives in education, increase support for its humanitarian action, and work to make technology more accessible for people with disabilities.

The promises build on a vision laid out by Microsoft general counsel Brad Smith at Microsoft Worldwide Partner Conference (WPC) in July, where he talked about the company’s role in building a “cloud for good.”

In an interview last year with The New York Times, Microsoft said it would not take a tax deduction for its donated cloud services.

Microsoft was named one of the 20 most charitable companies of the Fortune 500 last year, as was Google, who last month committed $11.5 million to support racial justice, split between 10 different causes.

In January, Google pledged $4 million in donations to the American Civil Liberties Union, Immigrant Legal Resource Center, International Rescue Committee and UNHCR in conjunction with President Donald Trump’s executive order on immigration.

Amazon Says Employee Error Caused Tuesday’s Cloud Outage

(Bloomberg) — Amazon.com Inc. said efforts to fix a bug in its cloud-computing service caused prolonged disruptions Tuesday that affected thousands of websites and apps, from project-management and expense-reporting tools to commuter alerts.

An Amazon Web Services employee working on the issue accidentally switched off more computer servers than intended at 9:37 a.m. Seattle time, resulting in errors that cascaded through the company’s S3 service, Amazon said in a statement Thursday. S3 is used to house data, manage apps and software downloads by nearly 150,000 sites, including ESPN.com and aol.com, according to SimilarTech.com.

“We are making several changes as a result of this operational event,” Amazon said in a statement. “While removal of capacity is a key operational practice, in this instance, the tool used allowed too much capacity to be removed too quickly. We have modified this tool to remove capacity more slowly and added safeguards to prevent capacity from being removed when it will take any subsystem below its minimum required capacity level.”

AWS is the company’s fastest-growing and most-profitable division, generating $3.5 billion in revenue in the fourth quarter. It’s the biggest public cloud-services provider, with data centers around the world that handle the computing power for many large companies, such as Netflix Inc. and Capital One Corp. Amazon and competitors like Microsoft Corp. and Alphabet Inc.’s Google are growing their cloud businesses as customers find it more efficient to shift their data storage and computer processes to the cloud rather than maintaining those functions on their own. Widespread adoption also increases the likelihood that problems with one service can have sweeping ramifications online.

Bug ‘exposes’ WhatsApp message secrets

Some messages sent through WhatsApp can be intercepted and read thanks to a bug in the app, suggests research.
The bug arises because of the way WhatsApp encrypts the messages sent via its service.
Security expert Thomas Boelter found that eavesdropping was possible when circumstances called for encryption keys to be reissued.
Mr Boelter told WhatsApp owner Facebook about the issue in April 2016 but it said it was not working on a fix.
The response he received said that what he had discovered was expected behaviour.
Privacy campaigners claimed in The Guardian newspaper that the bug was a “huge threat” to freedom of speech because it could be used by governments or law enforcement agencies to spy on people who thought they were communicating securely.
In a statement reacting to media stories about the research, WhatsApp said the bug was not a “backdoor” intentionally placed in its code that allowed governments to make the firm decrypt messages.
“This claim is false,” it said. “WhatsApp does not give governments a ‘backdoor’ into its systems and would fight any government request to create a backdoor.”
Bad coding
The bug crops up in situations when encryption keys used to scramble messages have to be reissued and resent.
Mr Boelter found that, in certain circumstances, attackers can pose as the recipient of a message and force WhatsApp to reissue keys for scrambling information.
Sophisticated manipulation of this system would let attackers intercept and read messages, said Mr Boelter.
Zack Whittaker, security editor at ZDNet, said it was a “stupid and big bug” but played down its seriousness.
The problem was “limited” in its scope, he said, adding that it probably emerged because of “bad coding or a favour to good user experience”.
In its statement, WhatsApp said it had taken a design decision to implement the re-issuing of keys in this way to preserve millions of messages that would otherwise be lost.
Cryptographer Frederic Jacobs said anyone worried about falling victim to the bug could adjust security settings on the app to warn them if encryption keys were being changed.

10 Days of DDoS: an Actor’s “Working” Hours

Threat actors working on a schedule similar to that of legitimate businesses recently launched large distributed denial of service (DDoS) attacks for ten days in a row, CloudFlare researchers warn.

Starting on Nov. 23 and running through Dec. 2, the actor behind a DDoS-capable tool has been launching large-scale attacks for roughly eight hours each day, seemingly during specific working hours. CloudFlare, which observed and mitigated several of the attacks, says that the actor started work at around 18:00 UTC (13:00 EST) each day and ended shift eight hours later, at around 02:00 UTC (21:00 EST).

Day after day, with only slight variations of half an hour or so, the actor would employ this pattern when launching DDoS attacks, as if they “’worked’ a day and then went home,” CloudFlare says. On the last day, the attacks continued for 24 hours straight, either because the attacker no longer took the night off, or because multiple operators worked in shifts to keep the floods going.

The attacks, the security researchers say, were quite large: they peaked at 172Mpps (Million packets per second) and 400Gbps (Gigabits per second) on the first day, but went over 200Mpps and 480Gbps on the third day.

“And the attacker just kept this up day after day. Right through Thanksgiving, Black Friday, Cyber Monday and into this week. Night after night attacks were peaking at 400Gbps and hitting 320Gbps for hours on end,” CloudFlare’s John Graham-Cumming reveals.

One of the most interesting aspects of these attacks is that they are not launched by the famous Internet of Things (IoT) botnet Mirai, but by a different tool, CloudFlare reveals. The attacker is sending very large L3/L4 floods aimed at the TCP protocol, a technique different from what Mirai uses.

The security researchers also note that the attacks they witnessed were highly concentrated in a small number of locations mostly on the United States west coast. This doesn’t come too much as a surprise, considering that DDoS bots have been long abusing cloud services offered by Amazon and other companies.

What this incident also reveals is how trivial it has become for a DDoS actor to launch attacks peaking above the 400Gbps mark. In fact, as Akamai’s Q3 State of the Internet report reveals (PDF), the number of attacks over 100Gbps went up 138% in the third quarter of this year compared to the same period in 2015, while DDoS attacks registered an overall increase of 71% since Q3 2015.

Microsoft Goes All In for Linux

While not quite at the level of a parting of the waters, the news that Microsoft has joined The Linux Foundation may seem miraculous to those aware of the past enmity between the company and the open source community.

Microsoft Goes All In for Linux
Microsoft has joined The Linux Foundation as a platinum member, it announced Wednesday at its Microsoft Connect conference in New York.

Google has joined the .Net foundation, Scott Guthrie, executive vice president of Microsoft Cloud and Enterprise, also told attendees. Further, Microsoft and Samsung Electronics have joined forces to allow .NET developers build apps for millions of Samsung devices.

The first demo during the Connect conference was with Visual Studio Code, which has attracted more than 1 million developers, Guthrie said — a sign of how the company has embraced open source.

The number of people who created their first GitHub repository has doubled in the past year from 5,000 to 10,000 per day, GitHub CEO Chris Wanstrath told attendees.

“More and more, we’re seeing not just pure open source companies, but companies that have either not embraced open source in the past or sort of done it here and there, really fully embracing open source, particularly the developer communities,” he said.

Microsoft over the past two years has transformed the way it uses open source with the launch of .Net, he said, showing data indicating that Microsoft was the No. 1 company with contributors on GitHub, at 16,419.

Shock and Skepticism

Linux Foundation Executive Director Jim Zemlin told Guthrie on the conference stage that when he told a few people in advance that he would be announcing the move, they responded, “What’s the catch?”

The foundation and Microsoft have had disagreements in the past, Zemlin acknowledged, but with the growing importance of mobile and cloud, there is “too much software to be written for one organization or individual to write it by themselves,” he said.

John Gossman, architect of the Microsoft Azure team, will join The Linux Foundation’s board of directors.

Microsoft previewed several new products that show their capabilities across multiple platforms, including SQL Server on Linux, Visual Studio for Mac, Azure App Service on Linux with support for containers, Visual Studio Mobile Center, Visual Studio 2017, and Azure Data Lake Services, which allows developers and data scientists to store petabyte-size files.

“From what we see, Microsoft continues to recognize the importance of Linux and other open source technologies in the marketplace,” observed Mike Ferris, vice president of business development and architecture at Red Hat.

“Microsoft has been progressing towards putting more and more of its platform software in open source,” said Al Hilwa, program director for software development research at IDC.

“I think putting software in open source is the first step, but to get the true benefits of the process, you have to engage community and recruit contribution,” he told LinuxInsider.

The move also reflects the work done by The Linux Foundation to include other prominent open source projects and communities, ranging from Cloud Foundry to Cloud Native Computing Foundation, node.js and Open Container Initiative, 451 Research Principal Analyst Jay Lyman told LinuxInsider.

The bad blood between Microsoft and Linux ran deep for many years, as the company viewed open source as a threat to its Windows operating system dominance.

Samsung Mobile

Samsung announced a new collaboration with Microsoft on open source projects, including .Net core and Xamarin.Forms, to enable .Net support for Tizen, the company’s Linux-based open source operating system for more than 50 million Samsung devices.

Samsung released a preview of Visual Studio Tools for Tizen, which will allow developers to build applications for a variety of Samsung devices, ranging from smartphones to smart TVs, wearables like the Gear S3, and IoT devices.

The preview supports development for mobile apps, Samsung said, through device emulators and an extension to Visual Studio with full IntelliSense and debugging capabilities. Tizen’s .Net support will become available for all devices in 2017.

Facebook and Google to Build Transpacific Submarine Cable

Brought to you by Data Center Knowledge

Facebook has partnered with Google to pay for construction of what will be one of the highest-capacity submarine cable systems stretching across the Pacific Ocean, connecting Los Angeles to Hong Kong.

This is a second such partnership Facebook has gotten involved in and yet another example of changes happening in the submarine cable industry, which has traditionally been dominated by consortia of private and government-owned carriers. Operators of mega-scale data centers who deliver internet services to people around the world – companies like Facebook, Google, Microsoft, and Amazon – have reached a point where their global bandwidth needs are so high, it makes more sense for them to fund cable construction projects directly than to buy capacity from carriers.

In May, Facebook announced it had teamed up with Microsoft on a submarine cable across the Atlantic, linking landing stations in Virginia Beach, Virginia, and Bilbao, Spain. The future transatlantic system, called MAREA, will be operated by Telefonica.

Both Europe and Asia Pacific are important markets for the internet and cloud services giants. The Los Angeles-Hong Kong cable will help improve connectivity between both companies’ data centers in the US and Asia.

The cable will be called Pacific Light Cable Network, taking its name from the third partner on the project: Pacific Light Data Communications.

Both MAREA and PLCN systems will be built by TE SubCom, one of the biggest names in the submarine cable industry.

In addition to simply increasing the amount of bandwidth between the US and Asia, the 120Tbps PLCN system will provide greater diversity in transpacific cable routes, Najam Ahmad, director of technical operations at Facebook, wrote in a blog post announcing the project. “Most Pacific subsea cables go from the United States to Japan, and this new direct route will give us more diversity and resiliency in the Pacific,” he explained.

The FASTER cable system, backed by Google and several Asian telecommunications and IT services companies, came online earlier this year. Another big submarine cable project is the New Cross Pacific Cable System, which is backed by Microsoft and a group of Asian telcos. NCP is expected to come online in 2017. Both will land in Oregon on the US side.

Also this year, Amazon Web Services made its first investment in a submarine cable project, agreeing to become the fourth anchor customer necessary to make the planned Hawaiki Submarine Cable between the US, Australia, and New Zealand possible.

One big way in which PLCN and MAREA will be different from traditional transoceanic cable systems is they will be interoperable with a variety of network equipment, rather than being designed to work with a specific set of landing-station technologies, according to Ahmad. Not only will each user be able to choose what optical equipment fits their needs best, they will be able to upgrade that equipment as better technology becomes available.

“This means equipment refreshes can occur as optical technology improves, including taking advantage of advances made during the construction of the system,” he wrote. “When equipment can be replaced by better technology at a quicker pace, costs should go down and bandwidth rates should increase more quickly.”

Credit card with a digital display that randomly generates a security code is being launched

A credit card with a digital display that randomly generates a security code is being launched as a way of combating fraud.
Oberthur Technologies is currently in discussions with UK banks about rolling out the technology and will have cards “in the hands” of consumers in France by the end of the year.
Credit card fraud costs banks millions of pounds each year.
One expert said a different design for credit cards was overdue.
“In some ways, it’s surprising it has taken so long for this to appear,” Prof Alan Woodward, a cybersecurity expert from Surrey University, told the BBC.
The card provides an extra layer of security by replacing the static printed three-digit security code on the back of the card with a mini screen which displays a random code that changes automatically every hour.
It is powered by a thin lithium battery designed to last for three years.
“The technology has existed for some time so now it will be a case of persuading card processors that it is worth doing,” said Prof Woodward.
“It may be costly for card operators as some extra infrastructure will be required to ensure our cards stay synchronised with the operator, but it happens already for many banks with the dongles they issue for login.”
One drawback of the card is that customers will no longer be able to memorise their security code and will need to check the card every time they want to make an online purchase.
French banks Societe Generale and Groupe BPCE are preparing to roll the cards out to customers, following a pilot scheme last year and there are also pilot schemes in Mexico and Poland.
According to the UK’s Financial Fraud Action, credit card fraud in the UK totalled £755m in 2015 and the Office for National Statistics said that there were 20,255 victims.
There are several ways that fraudsters get hold of credit card details – from the online theft of data to skimmers that are attached to cash machines.
Skimmers – often homemade devices – that are attached to a cash machine, can steal information from the card’s magnetic strip and pin code with the help of a fake ATM pin pad or web camera.
Over time, the design has become more sophisticated with the advent of so-called shimmers – that are able to gather information from the card’s chip. Scammers are also now able to inject malware directly into cash machines
In response, banks are working on new authentication solutions, based on biometrics – regarded as a more secure way to identify customers.
But a recent study from security firm Kaspersky Labs suggests that cybercriminals are already planning to exploit these new technologies.
It found at least 12 sellers offering skimmers capable of stealing victims’ fingerprints. Other underground sellers are already researching devices that could obtain data from palm, vein and iris recognition systems.
David Emm, principal security researcher at Kaspersky, said the Motion Code card would “reduce the window of opportunity” for a thief with a stolen card but added it would be a stronger proposition if the security code was generated on “another device”.
“Banks should consider applying a multitude of cybersecurity solutions to minimise unauthorised access to such information,” he said.
“Consumers must also be aware of their digital footprint, installing security updates promptly, using strong and unique passwords, applying caution when using public wi-fi networks and not revealing too much information about ourselves online.”

Many Yahoo users rushed on Friday to close their accounts and change passwords

Many Yahoo users rushed on Friday to close their accounts and change passwords as experts warned that the fallout from one of the largest cyber breaches in history could spill beyond the internet company’s services.

After Yahoo disclosed on Thursday that hackers had stolen the encrypted passwords and personal details of more than 500 million accounts in 2014, thousands of users took to social media to express anger that it had taken the company two years to uncover the data breach.

Several users said they were closing their accounts.

“We’re probably just going to dump Yahoo altogether,” said Rick Hollister, 56, who owns a private investigation firm in Tallahassee, Florida. “They should have been more on top of this.”

Due to the scale of the Yahoo breach, and because users often recycle passwords and security answers across multiple services, cyber security experts warned the impact of the hack could reverberate throughout the internet.

Several users said they were scrambling to change log-in information, not just for Yahoo but for multiple internet accounts with the same passwords. Accounts at banks, retailers and elsewhere could be vulnerable.

“I suppose a hacker could make the connection between my Yahoo and Gmail,” said Scott Braun, 47, who created a Yahoo email when he was setting up a shop on online retailer Etsy. “They both use my first and last name. Not being a hacker, I don’t know what their capabilities are.”

That concern was echoed in Washington. “The seriousness of this breach at Yahoo is huge,” Democratic Senator Mark Warner said Thursday. The company plans to brief Warner next week about the attack, his office said.

Yahoo has said that it believes that the breach was perpetrated by a state-sponsored actor.

SY Lee, a former Department of Homeland Security spokesman, said that would be of particular concern to the intelligence community, given the interest state-sponsored hackers have in compromising employees with security clearances.

The FBI had not issued specific guidance to its employees on handling their personal Yahoo accounts, a spokeswoman said.

British companies BT Group (BT.L) and Sky Plc (SKYB.L), which use Yahoo to host email for some of their broadband customers, said they were communicating with their users.

Yahoo urged users to change their passwords and security questions, but some said it would be easier just to give up their accounts because they rarely use them.

The company has been losing users, traffic and ad revenue in recent years and over the summer agreed to sell its core business for $4.8 billion to Verizon (VZ.N).


Yahoo is sued for gross negligence over huge hacking
Yahoo faces growing scrutiny over when it learned of data breach
Rachel, a 33-year-old from Newcastle, England, who asked Reuters not to use her last name, said she would be shutting down the Yahoo account she opened in 1999.

Furious that the company had not protected its customers’ data better, she said she thought this could be yet another blow for the email service, which has been overtaken in popularity by Google’s Gmail over the last decade.

But Cody Littlewood, who owns a start-up incubator in Miami Beach, was one of several users who said it was precisely because of the decline in the use of Yahoo’s services that they were not worried about the hack.

“Yahoo is only relevant for fantasy football. Worst case scenario, they get into my account and drop Jamaal Charles,” he said, a reference to the star Kansas City running back who regularly tops fantasy football rankings.

(Additional reporting by Dustin Volz; Editing by Cynthia Osterman)

Attack-for-Hire Teens Collared in Israel

At the request of the FBI, Israeli authorities last week arrested Itay Huri and Yarden Bidani, both 18 years old, for operating vDOS, a DDoS-for-hire service that raked in more than half a million dollars in two years.

DDoS attacks flood websites with garbage data in order to disrupt their operation and deny users access.

The pair were questioned and released after posting bond of about US$10,000 each, according to TheMarker, an Israeli news site. In addition, the duo’s passports were seized, they were placed under house arrest for 10 days, and they were barred from using the Internet or any telecommunications equipment for 30 days.

The arrests occurred at around the same time that Krebs on Security published a report on vDOS.

vDOS revenues for the past two years exceeded $600,000, and the service launched more than 150,000 DDoS attacks on behalf of its customers, Krebs reported.

Growing Trend

Although malpreneurs have been offering for-hire services for a while, they have begun emerging from the dark corners of the Internet.

“It’s just becoming more mainstream,” said Ram Mohan, chief technology officer at Afilias.

“It used to be only accessible on the dark Web,” he told TechNewsWorld. “Now it’s becoming accessible on the open Web as well.”

“As a Service” offerings have become popular in the business world because they’re easy to use, and the same is true of the malicious offerings, noted Slawek Ligier, vice president of engineering for security Barracuda Networks.

“You’re being provided with your entire infrastructure — not just a software tool,” he told TechNewsWorld.

Dollars and Cents

The benefits that are attracting businesses to the cloud also are attracting attackers to as a Service offerings.

“You have no setup costs and you have instant service,” Afilias’ Mohan explained. “You define a time period and target, transfer your money, and off you go. You don’t have to get your hands dirty while you try to take down your opponent.”

For many online criminals, the use of as a Service offerings is a simple matter of dollars and cents, noted Josh Shaul, vice president of product management for security at Akamai.

“You get better return by using these services than you do by trying to build the skills yourself, and build your own tools and use them,” he told TechNewsWorld.

Pricing strategies for criminal services follow their legitimate counterparts, Mohan added. Discounts are offered if multiple packages are purchased — or if you buy the DDoS and spam bundle, you can get a lower rate.

Minimal Impact

After Huri and Bidani were arrested, vDOS went dark, Krebs reported.

If it stays offline, it probably won’t have much impact on the DDoS trade other than possibly influencing those selling the service to be more cautious.

“The next set of people that offer a similar set of services will be circumspect,” Afilias’ Mohan said, “but as long as this service is made available at a very low cost of entry, we can expect to see more of such services being offered — not less.”

Although the arrests of the Israeli youths may take one big player off the board, there are many more out there, noted Barracuda’s Ligier.

“It can be difficult to prosecute these people, especially if they’re in countries that are harder to reach than Israel is,” he said.

“If history is any guide, I think there’s already someone who’s stepped in to fill their shoes,” suggested Akamai’s Saul. “You’ll have another vDOS service up in a week that’s offering the same service run by different people.”

iPhone 7 Draws Tepid Notices

The iPhone 7 may be the best version of Apple’s smartphone to date, but it’s garnering lukewarm reactions from reviewers and pundits.

The practical improvements in the new iPhone are praiseworthy, wrote Andrew Cunningham in his review for Ars Technica, but he cautioned would-be buyers about the price they would have to pay for the upgrade.

“The iPhone 7 is a very good phone with the sorts of logical, useful upgrades that Apple typically delivers with new hardware,” Cunningham wrote. “Waterproofing and better battery life have been common iPhone feature requests for years, and the camera and speed improvements are nothing to sneeze at, but you’ll need to buy into Apple’s vision of the future if you want to get them.”

No Buttons or Wires

That vision includes a world without buttons or wires.

Among the new features in iPhone 7 is the replacement of a physical home button with pressure sensors and haptic vibration motors that simulate the feel of a button.

“It’s clear that Apple is continuing its approach of removing any mechanical moving parts from their devices where possible,” IHS Markit Senior Director Ian Fogg told TechNewsWorld.

Apple also has omitted the headphone jack in the new iPhone.

“This move was done with the clear vision of making the iPhone experience completely wireless in the future,” Creative Strategies President Tim Bajarin told TechNewsWorld.

Prototype Phone?

While some reviewers saw the iPhone 7 as a harbinger of Apple things to come, they couldn’t hide their disappointment in the product in their hands.

“The entire time I was using the iPhone 7, I felt like I had a prototype of next year’s rumored drastic iPhone redesign disguised as an iPhone 6,” Nilay Patel wrote in The Verge.

“All those bold bets on the future are legitimately exciting,” he continued, “but here in the present using the iPhone 7 in a case feels a lot like using an iPhone 6s with a weirder home button and more adapters.”

There’s more to the new iPhone than the here and now, David Pierce, writing for Wired, also suggested.

“So, no, the iPhone 7 won’t blow your mind with its design or features,” he noted.

“It’s still a fantastic phone. And philosophically, it feels like Apple is throwing open a door. The iPhone 7 might not be a revolution, but it might be the catalyst for lots of them,” Pierce continued. “Your phone will be better in a few months, and even better a few months after that. And wouldn’t that be exciting?”

Playing Catch-Up

With iPhone 7, Apple is just keeping pace with its competition, according to a number of reviewers, including Geoffrey Fowler of The Wall Street Journal.

“Last year is when Apple should have put [the iPhone 7] on sale,” he wrote. “Now Apple’s just playing catch-up to Samsung, which added an equivalent camera and waterproofing to its Galaxy S7 six months ago.”

Apple is also behind in display technology, with competitors already moving to OLED screens, maintained David McQueen, a research director at ABI Research.

“There is also still no mention of wireless charging or quick charge to the added listed of features, which surely must become a necessity now that the headphone jack has been removed,” he told TechNewsWorld.

“For a ‘major’ upgrade year, consumers may feel a little short-changed when balancing between what has been added and what has been taken away before thinking of upgrading,” McQueen said.

Upgrade or Not?

On the burning question of whether iPhone owners should upgrade to the 7, reviewers were divided.

“If you’re already carrying an iPhone 6s, there’s little need to upgrade, unless you’re a photography nut or desperately need better battery life,” Lisa Eadicicco wrote in Time.

Gordon Kelly, writing for Forbes, offered an opposing view.

“Pick up the iPhone 7 Plus with no knowledge of what’s inside and you will be disappointed,” he wrote.

“Apple really should have done more to modernize the exterior of the new model after three generations (smaller bezels, better grip, etc.) but there’s still a lot here to enjoy,” Kelly maintained. “That said, iPhone 7 Plus owners are likely to find just enough this year to keep them happy until Apple rips up the rulebook next year.

Wait ’til Next Year…

“Wait ’til Next Year,” a refrain often heard around baseball parks at this time of year, was a common refrain among reviewers.

“This is a strong handset for sure,” Edward Baig wrote in USA Today. “But if you can hold out, there’s already talk that the truly dramatic leap forward for iPhone comes next year when this seminal smartphone celebrates its tenth anniversary.”

At this point, Apple appears content at incrementally upgrading the iPhone rather than reimagining it, said Charles King, principal analyst at Pund-IT.

“Replacing the industry standard headphone jack with proprietary technology demonstrates that the company is also willing to continue raising the wall around its garden of products. If you prefer wider vistas, you’ll have to find them with another vendor,” he told TechNewsWorld.

“There are rumors that Apple is saving up surprises for next year’s tenth anniversary model,” he said. “If that’s the case, all but the most dedicated Apple customers or photography fanatics would do well to skip upgrading to the iPhone 7 models.”