Showing posts with label App. Show all posts
Showing posts with label App. Show all posts

Thursday, March 21, 2024

Signal App - New Usernames Keeps Cops Out of Your Data

Ephemeral usernames instead of phone numbers safeguard privacy — and makes Signal even harder to subpoena...


Signal is the gold standard for secure messaging apps because not only are messages encrypted, but so is pretty much everything else. Signal doesn’t know your name or profile photo, who any of your contacts are, which Signal groups you’re in, or who you talk to and when...

With the long-awaited announcement that usernames are coming to Signal — over four years in the making — Signal employed the same careful cryptography engineering it’s famous for, ensuring that the service continues to learn as little information about its users as possible. more

Sunday, January 14, 2024

Spybuster Tip #629: Delete Apps that are 'Spying' Using 'One Day Rule'

Security experts have explained how your phone apps track and collect your data even if they remain unused, but there's a handy hack to avoid data harvesting and potential spying...

The rule involves simply deleting one unused app a day which the expert says can massively improve your phone efficiency and free up your storage space. Doing this will help you manage how your data is used and stop it from being harvested...

To delete an app on the iPhone, find the app on your home screen, touch and hold down the icon and tap "Remove app." If you are an Android user, go to the Google Play store, tap the profile icon in the top right, and go to Manage Apps and Devices > Manage. Tap the name of the app you want to delete and choose to uninstall. more

Friday, October 13, 2023

Smartphone Security: Delete These Apps

Smartphone owners have been urged to remove certain apps that could be spying on their activity.

Some of the most popular apps you love and have come to rely on could be posing more of a danger than they're worth. Here's what you need to know. ...some of those apps that you love and have come to rely on could actually be putting you at risk... We’ve (Reader's Digest) collected information about some of the worst offenders so that you can make an educated decision about which apps you trust with your privacy and which ones need to go...

CamScanner
Ana Bera is a cybersecurity expert with Safe at Last. She identified CamScanner, an app meant to imitate a scanner with your phone, as one of the apps consumers should be concerned about. “Cybersecurity experts have found a malicious component installed in the app that acts as a Trojan Downloader and keeps collecting infected files,” she explains. “This kind of app can seriously damage your phone and should be de-installed instantly. Luckily, once you remove it from your phone, it is highly unlikely that it will continue harming you.”

Weather apps
“Check your weather app,” says Shayne Sherman, CEO of TechLoris. “There have been several different weather apps out there that have been laced with Trojans or other malwares.” While the most benign of these claims to take your information purely for weather accuracy, he calls that questionable. “Watch your local forecast instead, and if you have Good Weather, delete it now,” he advises. “That one is especially dangerous.”

Facebook
Look, we all love our social networking apps. But cybersecurity expert Raffi Jafari, cofounder and creative director of Caveni Digital Solutions, says, “If you are looking for apps to delete to protect your information, the absolute worst culprit is Facebook. The sheer scale of their data collection is staggering, and it is often more intrusive than companies like Google. If you had to pick one app to remove to protect your data, it would be Facebook.”

WhatsApp
“This is a call to action for users who may be living under a rock and unaware of the vulnerabilities that were disclosed earlier this year,” says Michael Covington, VP of Product for mobile security leader Wandera. “The vulnerabilities with WhatsApp—both iOS and Android versions—allowed attackers to target users by simply sending a specially crafted message to their phone number. Once successfully exploited, the attackers would be granted access to the same things WhatsApp had access to, including the microphone, the camera, the contact list, and more.”

Instagram
Whatsapp and Instagram are both owned by Facebook, which is part of what makes them all a risk. Dave Salisbury, director of the University of Dayton Center for Cybersecurity and Data Intelligence, says that Instagram “requests several permissions that include but are not limited to modifying and reading contacts and the contents of your storage, locating your phone, reading your call log, modifying system settings, and having full network access.” Plus Nine More

Thursday, June 29, 2023

From the What Goes Around Files: Phone Spy App Hacked

LetMeSpy, a phone tracking app spying on thousands, says it was hacked...

A data breach reveals the spyware is built by a Polish developer hacker has stolen the messages, call logs and locations intercepted by a widely used phone monitoring app called LetMeSpy, according to the company that makes the spyware.

The phone monitoring app, which is used to spy on thousands of people using Android phones around the world, said in a notice on its login page that on June 21, “a security incident occurred involving obtaining unauthorized access to the data of website users​​.”

“As a result of the attack, the criminals gained access to e-mail addresses, telephone numbers and the content of messages collected on accounts,” the notice read.

LetMeSpy is a type of phone monitoring app that is marketed for parental control or employee monitoring. The app is also specifically designed to stay hidden on a phone’s home screen, making it difficult to detect and remove. Also known as stalkerware or spouseware, these kinds of phone monitoring apps are often planted by someone — such as spouses or domestic partners — with physical access to a person’s phone, without their consent or knowledge. more

Wednesday, May 31, 2023

Delete Alert - Android App iRecorder has Morphed Into Spyware

A screen recording app available in the Google Play store that was installed over 50,000 times functioned normally for months before it started spying on users, researchers say.


The app, iRecorder – Screen Recorder, was first uploaded to the Google Play store on September 19, 2021, according to Lukas Stefanko, a malware researcher with cybersecurity firm ESET.

Stefanko said that the app had no harmful features until a later update changed the code, likely in August 2022. After that date, malicious code allowed bad actors to make secret audio recordings and secretly transfer images, videos, saved web pages, and other files off of devices, according to ESET. 

Anyone who had downloaded the app before August 2022, might still have been exposed if they updated the app manually or automatically. It’s not yet clear if the developer or another actor is responsible for the update that converted the app into a Trojan horse.

The app is no longer available in the Google Play store, TechCrunch reports, but if you already have it on your phone you should uninstall it and clear the app’s files. more

Friday, February 24, 2023

Qphone Claims to Secure Communications

Highly Secure Communications Platform Enables Encrypted, End-to-End Voice, Messaging, and Video


Global Integrity announced the immediate availability of Qphone, a secure communications software platform that encrypts and protects voice, text, and video conversations between mobile devices, laptops, and desktop computers. Supporting iOS and Android, the Qphone app ensures total privacy of communications using end-to-end quantum-resistant encryption.

Every day there are new instances of eavesdropping, corporate espionage, and compromised systems initiated from bad actors, leaving organizations vulnerable,” explained Bill Marlow, CEO of Global Integrity. “Messaging apps and cybersecurity infrastructure available today are mostly compromised in some fashion. Qphone offers a new approach, delivering a native phone app that is easy to use yet highly secure. In short, Qphone makes privacy simple.” more

Friday, December 23, 2022

Eavesdropping & Anti-Eavesdropping Apps

Two new apps to be aware of…

The iEavesdrop app redirects internal microphone, external wired microphone or line input input audio to any Bluetooth audio device such as AirPods so that you can use your phone as a stealth listening device.

Using the correct line input cables, audio from any device such as an external microphone, in-flight entertainment or portable gaming device can be routed to your AirPods or other Bluetooth device. iEavesdrop will work with all iOS devices.

THIS APP CAN ALSO BE USED FOR MANY OTHER PURPOSES SUCH AS A BABY MONITOR, HEARING AID OR ANY OTHER APPLICATION THAT REQUIRES YOU TO LISTEN IN OR ROUTE MICROPHONE AUDIO TO A BLUETOOTH DEVICE.
(iOS)


———


(ANDROID)

About this app...
Ever thought someone might eavesdrop through your smart phone? Skewy is a privacy protection method, which is more than just a software setting. With Skewy you can mask your conversation with a simple – yet effective method. Simply making the audio data picked up by your phone unusable. Additionally, Skewy can detect ultrasonic signals to indicate the presence of device tracking technologies.

Wednesday, October 19, 2022

Police Use New Tool to Track People Without a Warrant

Government agencies and private security companies in the U.S. have found a cost-effective way to engage in warrantless surveillance of individuals, groups and places: a pay-for-access web tool called Fog Reveal.

The tool enables law enforcement officers to see “patterns of life” – where and when people work and live, with whom they associate and what places they visit. The tool’s maker, Fog Data Science, claims to have billions of data points from over 250 million U.S. mobile devices. more

Sunday, June 5, 2022

FutureWatch: An App to Find Wi-Fi Spycams & More

Hidden IoT devices are increasingly being used to snoop on users in hotel rooms or AirBnBs. We envision empowering users entering such unfamiliar environments to identify and locate (e.g., hidden camera behind plants) diverse hidden devices (e.g., cameras, microphones, speakers) using only their personal handhelds.

Imagine a user walking into an unfamiliar environment such as a hotel room or Airbnb. Nowadays, the user has to be wary of wireless Internet-of-Things (IoT) devices being used to spy on them. These devices could be installed by the owner or by a previous guest. This threat is not just hypothetical...

...we want to empower users so that as they enter an unfamiliar space, they can run an app on their personal handheld (e.g., phone or tablet). This app would report a list of detected and identified devices and their corresponding locations. 

“Detect,” here, means knowing that there is some device (i.e., binary notification), “identify” entails knowing what type of device it is (e.g., type=camera), and “localize” entails knowing the device’s location in the physical space (e.g., behind the plants). While cameras in particular are imminent privacy threats, in general we want to detect/identify and localize diverse hidden IoT devices, as these could also be potential threats for tracking users. more

Friday, August 27, 2021

Controversial Tool That Lets Kids Spy on Their Parents

A new tool that may give one or two parents -- and many, many kids -- pause for thought.

It's called Parent Track and it's the mindchild of environmentally caring soap brand Gelo.

The idea is that kids can install the Parent Track ad tracker onto their parents' devices. This will, well, guilt them into not buying environmentally questionable products and drive them to eco-positive awareness tools...

Not everyone will be positively moved by the message Gelo sends when a parent's device is signed up. 

It reads: "You just signed up this device, allowing us to follow your parents around the internet, reminding them to quit single-use plastics for good. By doing so, you set them on a more sustainable path and may very well have saved the planet. Our thanks just don't feel like enough."

Perhaps more parents buying Gelo products -- so that Gelo would make more money -- would feel like enough. more

Monday, March 8, 2021

Privacy and the Clubhouse App

Clubhouse might be the hottest app that's not even publicly available yet, but privacy issues are already being discussed online. Some of the people who are particularly upset? Those who say they have profiles without even having used the app before...

Clubhouse reportedly requests access to your phone's contacts, under the pretense that you can connect with other users of the social network. But people are claiming that Clubhouse takes information from your contact list and builds "shadow profiles" of people who have never signed up...

If you allow Clubhouse to use your contact list, the app then reportedly has access to your contacts' names, phone numbers and how many friends they have on Clubhouse. But that's not all. Privacy advocates note Clubhouse records voice chats of the virtual rooms, which also doesn't sit well with some current users of the app.

Clubhouse's Community Guidelines states: "Solely for the purpose of supporting incident investigations, we temporarily record the audio in a room while the room is live." more

More privacy considerations...
Clubhouse app technology runs on the platform of Agora.io, an audio tech startup in Shanghai, China.

• Voice recordings may be paired with personal account details, and transferred into a government dossier for future voice identification surveillance purposes.
• What is said using the app may not be very private given hackers, lurkers and government interests. Not a good way to communicate confidentially.

“I refuse to join any club that would have me as a member” Groucho Marx

 

Monday, December 14, 2020

Exercise Like Your Walter Mitty Secret Agent Life Depended On It

via Justin Harper, Business reporter, BBC News, Singapore

I was the hero in my very own spy story, speeding from one checkpoint to another to foil the bad guys.

The plot came from a running app called Running Stories, which casts you as a secret agent in a story playing out with a heart-thumping soundtrack.

It is one of the latest apps designed to make exercise more entertaining, using real-time data that integrates the plot with your surroundings.

Key events in the storyline are triggered when a runner passes specific GPS markers and landmarks.

From being shot at by snipers to racing to catch a speedboat along the river, the plot kept me engaged and burned plenty of calories. more



Friday, August 7, 2020

National Security Concerns — Executive Orders Against TikTok

President Trump issued two executive orders late Thursday against China-based TikTok and messaging app WeChat, citing national security concerns in a sweeping order that could prevent the companies from doing most business in the United States....

“This data collection threatens to allow the Chinese Communist Party access to Americans’ personal and proprietary information — potentially allowing China to track the locations of Federal employees and contractors, build dossiers of personal information for blackmail, and conduct corporate espionage,” the TikTok order reads. more

Monday, August 3, 2020

Block TikTok, or Microsoft to the Rescue

U.S. Secretary of State, Mike Pompeo, claimed that TikTok sends user data to China, exerting pressure on the video-sharing social networking service. Pompeo brought attention to the fact that if personal information flows across a Chinese server, it will eventually end up in the hands of the Chinese Communist Party which he calls an “Evil Empire”.

TikTok has denied U.S. allegations but a report by cyber experts at ProtonMail says otherwise. The report is more a warning as it states – “Beware, the social media giant not only collects troves of personal data on you, but also cooperates with the CCP, extending China’s surveillance and censorship reach beyond its borders.” more

In other news...
Microsoft said Sunday it will continue talks to buy short-form video app, TikTok after its chief executive spoke with President Trump, following a weekend of uncertainty clouding the future of the Chinese-owned app. more

Connect the Dots...
When Microsoft bought Skype, Wired Magazine noted, "The Skype client itself is written almost as if it were a piece of malware, using complex obfuscation and anti-reverse engineering techniques, and it would be disquieting for Microsoft to release something that behaved in such a shady way; at the very least, the client would surely have to be rewritten to avoid the obfuscation and outright hostility to managed networks that Skype currently has... Ultimately, it's hard to see how the Skype purchase is worthwhile from a technology or user-access perspective. The technology isn't good enough and the users aren't lucrative enough or plentiful enough to justify it. more

Pure Conjecture Disguised as Analysis...
Microsoft already had Windows Live Messenger. Did it really need Skype? Skype you might recall was a predominately Estonian-based encrypted platform. It was giving governments fits worldwide. Then, in 2011, Microsoft bought it. Guess what happened.

TikTok, it appears, is also giving government fits. Who ya gonna call?

Wednesday, July 15, 2020

The Atlas of Surveillance

Documenting Police Tech in Our Communities. 

Explore 5,300 datapoints in the U.S. collected by hundreds of researchers.

TOGGLE the Legend to reveal how each technology is spreading. ZOOM into any region to see the technologies in greater detail. If an area has no markers, it means it hasn't been researched yet.
Click to enlarge. Go to website to explore. Wired article here.

Monday, July 6, 2020

US Court Rules Facebook Widgets can be Considered Wiretaps

After a nine-year-long legal battle, a federal appeals court has ruled that Facebook’s practice of collecting data through its widgets could be considered a violation of anti-wiretapping laws.

The social media firm has long defended its actions by quoting the part of the federal Wiretap Act that defines wiretapping as interception of communications. According to a Gizmodo report, in Facebook’s logic, gathering user data isn’t the same as wiretapping without that active interception.

However, a panel of judges on the 9th Circuit Court of Appeals in the US has dismissed this technicality as it was found that the Facebook widget was collecting information from people who didn’t click on it. Such actions, they ruled, count as interception. more

TikTok - Times Up

This has been a week that TikTok—the Chinese viral video giant that has soared under lockdown—will want to put quickly behind it...

Whether India had always planned to announce its ban on TikTok, along with 58 other Chinese apps, on June 29, or was prompted by the viral response to the iOS security issue is not known. But, as things stand, TikTok has been pulled from the App Store and Play Store in India, its largest market, and has seen similar protests from users in other major markets around the world, including the U.S.

One of the more unusual groups campaigning against TikTok is the newly awakened Anonymous hactivist group... “Delete TikTok now,” the account tweeted, “if you know someone that is using it, explain to them that it is essentially malware operated by the Chinese government running a massive spying operation.more
Calls for Tik Tok to be banned in Australia over Chinese spying fears

Wednesday, June 17, 2020

Privacy Protector – Anonymous Camera for iPhone

 A new camera app has been released for iOS that, unlike basically every other photography app, is designed to hide the photo’s subject rather than highlight them. Called Anonymous Camera, this app works to protect the people captured in a video or photo by blurring or otherwise hiding their faces — or, in cases where it is necessary, by removing their bodies entirely.

There are times when you may need to interview someone or take a picture, but hide someone featured in the content for their sake. This could include interviews with someone who wishes to remain private, protecting whistleblowers, or simply hiding the faces of protesters and activists so that facial recognition technology can’t be used to identify them.

Anonymous Camera is a free app that can perform these actions, as well as entirely removing the subject’s body in cases where they have other identifiers like tattoos. The app is free to download, though there’s also a Pro version priced at $2 that includes watermark-free video recording. more

Friday, May 15, 2020

NSA Publishes: Survey of Videoconferencing Apps

Selecting and Safely Using Collaboration Services for Telework
During a global pandemic or other crisis contingency scenarios, many United States Government (USG) personnel must operate from home while continuing to perform critical national functions and support continuity of government services. With limited access to government furnished equipment (GFE) such as laptops and secure smartphones, the use of (not typically approved) commercial collaboration services on personal devices for limited government official use becomes necessary and unavoidable. survey

Friday, May 1, 2020

Eavesdropper Scams Financial Advisor | Prevention Tips

Early in April, a financial advisor and her team met with an insurance company wholesaler via the video conferencing platform Zoom.

Unbeknownst to them, another participant had joined the virtual meeting.

As the hacker captured details, the wholesaler named the price of a new policy and the advisor agreed to the terms.

...It’s likely that even before the meeting ended the eavesdropper generated an email to the advisor so that it appeared to come from the insurer. In a later forensic analysis, an overlooked detail revealed the spoof: a single letter the hacker changed in the insurance company’s name.

After the meeting ended, the advisor received the message with instructions to wire money — in the low six figures — to a New York bank account. She did as instructed, sending the money to the hacker. more

———How to prevent Zoombombing in your video chats in 4 easy steps———

1. Don't use your Personal Meeting ID for the meeting. Instead, use a per-meeting ID, exclusive to a single meeting. Zoom's support page offers a video walk-through on how to generate a random meeting ID for extra security.

2. Enable the "Waiting Room" feature so that you can see who is attempting to join the meeting before allowing them access. Like many other privacy functions, a skillful disrupter can sometimes bypass this control, but it helps to put another hurdle in their route to chaos.

Zoom offers a support article here as well. To enable the Waiting Room feature, go to Account Management > Account Settings. Click on Meeting, then click Waiting Room to enable the setting.

3. Disable other options, including the ability for others to Join Before Host (it should be disabled by default, but check to be sure -- see below). Then disable screen-sharing for nonhosts, and also the remote control function. Finally, disable all file transferring, annotations and the autosave feature for chats...

4. Once the meeting begins and everyone is in, lock the meeting to outsiders ... and assign at least two meeting co-hosts. The co-hosts will be able to help control the situation in case anyone bypasses your efforts and gets into the meeting. more