In ExtraBITS this week, it turns out that the FBI hired hackers in the San Bernardino iPhone case, a new authentication protocol has been proposed to make USB-C safer, and AirPlay comes to Android on the new HTC 10 smartphone. Amazon has announced a new high-end e-reader, the Kindle Oasis, and is adding monthly payment options for its Amazon Prime service. Finally, in Apple news, the company has ended its iTunes Allowances program and its App Store reviewers have been feuding with developers of Reddit clients.
 -- Amazon Prime has always been billed annually, with a current price of $99 per year. For that fee, you get a bundle of benefits, most notably free 2-day shipping on many items and an ever-expanding lineup of Prime Instant Video selections. For those in the United States who have trouble with the yearly pricing, Amazon is now offering two monthly subscription options: just Amazon Prime Instant Video for $8.99 (a dollar less than Netflix’s most popular plan) or the full Amazon Prime service for $10.99 per month. However, neither option is preferable to the $99 per-year price, which equals $8.25 per month.
 -- Apple has announced that it is putting an end to the iTunes Allowances program, which enabled parents to fund their kids’ iTunes accounts with a fixed monthly credit. The option to create new iTunes Allowances ended on 13 April 2016, and existing allowances will be cancelled on 25 May 2016. Current balances will remain in the recipients’ accounts after that date. Apple now suggests Family Sharing as a way to manage iTunes purchases by children and iTunes Gifts as a way to send a one-time gift. The iTunes Allowances program was little known, so it’s unlikely that many people will be bothered by its loss. We wonder: is the service being shut down because Family Sharing replaces it, because people didn’t find it helpful, or because Apple didn’t expose or promote it well enough?
 -- Many media outlets reported that the FBI used Israeli firm Cellebrite to gain access to the iPhone 5c connected to the San Bernardino terrorism case, but The Washington Post is now reporting that the FBI instead hired professional “gray hat” hackers, paying them a one-time flat fee. The hackers had discovered a previously unknown software flaw, which was then used to develop a piece of hardware to crack the iPhone’s passcode without erasing the data after ten failed attempts. Meanwhile, pressure is mounting on the FBI to disclose the vulnerability it used, although the exploit is applicable only to the iPhone 5c running iOS 9.
 -- Amazon has announced a premium entry to its Kindle e-reader lineup: the $289.99 Kindle Oasis. It’s designed to be held one-handed like a folded paperback, with a wedge-shaped hand grip that recalls the original Kindle, although Amazon brags that the screen is 30 percent thinner than any previous model. Since it’s intended for one-handed reading, the screen automatically flips depending on which hand you’re holding it with. Amazon says that the battery in the device’s leather case will stay charged for 8 weeks, based on a half hour of use per day with Wi-Fi off and the light setting at 10. While it’s unclear how much better it is than the $119.99 Kindle Paperwhite or $199.99 Kindle Voyage, some Kindle Oasis configurations are already delayed to ship after the 27 April 2016 launch date due to high demand.
 -- We’ve reported in the past that non-compliant USB-C cables and devices can damage or destroy connected hardware. To address this problem, the USB 3.0 Promoter Group has announced the USB Type-C Authentication specification, a cryptographic authentication standard for USB devices. A phone equipped with USB-C authentication could reject a connection to a non-approved charger, for instance, if it hadn’t been certified as meeting necessary specs. However, the authentication protocol could also be used to prevent devices from connecting to fully compliant devices that didn’t meet some other business requirement. That would let companies restrict access to only verified USB storage devices, but could also allow manufacturers to lock customers into a proprietary ecosystem of approved devices. In short, beware the unintended consequences!
 -- Apple recently pulled most third-party apps for the popular social-news site Reddit from the App Store, drawing the ire of many of the site’s users, especially since the just-launched official Reddit app was spared. Apple apparently suddenly decided that it didn’t like that many of these apps — some of which had been in the App Store for over a year — contained a switch that let users choose whether or not to display content tagged NSFW (Not Safe for Work). However, Apple has now readmitted many of those apps in which the developer has removed that switch — users must now control access to NSFW content via the Reddit Web site preferences. Apparently, even an NSFW switch is, in Apple’s view, Not Safe for the App Store, which seems overly paternalistic.
 -- AirPlay has been a standard iOS and OS X feature for years, but it’s not an open standard. As a result, it has been available in Google’s Android mobile operating system only via often-flaky third-party apps. But HTC’s upcoming HTC 10 smartphone will include AirPlay support out of the box, integrated into the HTC Connect service. This is presumably being done without Apple’s involvement, so it will be interesting to see how well the HTC 10 sends audio and video to Apple TVs and other AirPlay receivers.