Wednesday, December 11, 2024
Google Warns Millions Of Android Users—These Apps Are Spying On You
Monday, October 7, 2024
Harvard Hackers Turned Meta's Smart Glasses into Creepy Stalker Specs
A few weeks ago, Meta announced the ability to use its new Ray-Ban Meta glasses to get information about your surroundings. Innocent things, like identifying flowers.
Well, two Harvard students just revealed how easy it is to turn these new smart glasses into a privacy nightmare.
Here’s what happened: students Anhphu Nguyen and Caine Ardayfio cooked up an app called I-XRAY that turns these Ray-Bans into a doxxing machine. We're talking name, address, phone number—all from looking at someone with the glasses.
Here's how it works:
The Ray-Bans can record up to three minutes of video, with a privacy light that's about as noticeable as a firefly in broad daylight.
This video is streamed to Instagram, where an AI monitors the feed.
I-XRAY uses PimEyes (a facial recognition tool) to match these faces to public images, then unleashes AI to dig up personal details from public databases.
Their demo had strangers freaking out when they realized how easily identifiable they were from public online info.
How to Remove Your Information
Fortunately, it is possible to erase yourself from data sources like Pimeyes and FastPeopleSearch, so this technology immediately becomes ineffective. We are outlining the steps below so that you and those you care about can protect themselves.
Removal from Reverse Face Search Engines:
The major, most accurate reverse face search engines, Pimeyes and Facecheck.id, offer free services to remove yourself.
Removal from People Search Engines
Most people don’t realize that from just a name, one can often identify the person’s home address, phone number, and relatives’ names. We collected the opt out links to major people search engines below:
Preventing Identity Theft from SSN data dump leaks
Most of the damage that can be done with an SSN are financial. The main way to protect yourself is adding 2FA to important logins and freezing your credit below:
Extensive list of data broker removal services
Wednesday, August 14, 2024
FutureWatch: The AI Polygraph, or Who's Zoomin' You
How it Works
PolygrAI is a fusion of advanced computer vision algorithms and extensive psychological research designed to discern the validity of human expressions. The software meticulously analyzes a spectrum of physiological and behavioral indicators correlated with deceit. For instance, when a person tells a lie, they might unconsciously exhibit decreased blinking or an erratic gaze—these are the tell-tale signs that PolygrAI detects.
The system vigilantly computes a ‘trustfulness score’ by monitoring and interpreting subtle changes in facial expressions, heart rate variability, and eye movement patterns. This score is adjusted in real-time, offering a dynamic gauge of credibility.
Furthermore, PolygrAI assesses the voice for sudden shifts in tone and pitch—parameters that could betray an individual’s composure or reveal underlying stress. more Lifetime access ($100) for beta testers.
Click to enlarge. |
Monday, July 1, 2024
Lawsuit Claim: Shopping App Temu - “Dangerous Malware,” Spying on Your Texts
Griffin cited research and media reports exposing Temu's allegedly nefarious design, which "purposely" allows Temu to "gain unrestricted access to a user's phone operating system, including, but not limited to, a user's camera, specific location, contacts, text messages, documents, and other applications."
"Temu is designed to make this expansive access undetected, even by sophisticated users," Griffin's complaint said. "Once installed, Temu can recompile itself and change properties, including overriding the data privacy settings users believe they have in place." more
App Slammed for Spying at Popular Nightclubs Using 'Hidden Cameras'
2night, the startup behind the app, had hoped that the service would promote nightlife in the area, allowing users to check livestreams of the bars and clubs to determine if they had the right vibe.
But bargoers were quick to lash out after they learned that they were being recorded without their permission, with some going so far as to liken the service to 'Big Brother.' more
Thursday, March 21, 2024
Signal App - New Usernames Keeps Cops Out of Your Data
Signal is the gold standard for secure messaging apps because not only are messages encrypted, but so is pretty much everything else. Signal doesn’t know your name or profile photo, who any of your contacts are, which Signal groups you’re in, or who you talk to and when...
With the long-awaited announcement that usernames are coming to Signal — over four years in the making — Signal employed the same careful cryptography engineering it’s famous for, ensuring that the service continues to learn as little information about its users as possible. more
Sunday, January 14, 2024
Spybuster Tip #629: Delete Apps that are 'Spying' Using 'One Day Rule'
Friday, October 13, 2023
Smartphone Security: Delete These Apps
Some of the most popular apps you love and have come to rely on could be posing more of a danger than they're worth. Here's what you need to know. ...some of those apps that you love and have come to rely on could actually be putting you at risk... We’ve (Reader's Digest) collected information about some of the worst offenders so that you can make an educated decision about which apps you trust with your privacy and which ones need to go...
CamScanner
Ana Bera is a cybersecurity expert with Safe at Last. She identified CamScanner, an app meant to imitate a scanner with your phone, as one of the apps consumers should be concerned about. “Cybersecurity experts have found a malicious component installed in the app that acts as a Trojan Downloader and keeps collecting infected files,” she explains. “This kind of app can seriously damage your phone and should be de-installed instantly. Luckily, once you remove it from your phone, it is highly unlikely that it will continue harming you.”
Weather apps
“Check your weather app,” says Shayne Sherman, CEO of TechLoris. “There have been several different weather apps out there that have been laced with Trojans or other malwares.” While the most benign of these claims to take your information purely for weather accuracy, he calls that questionable. “Watch your local forecast instead, and if you have Good Weather, delete it now,” he advises. “That one is especially dangerous.”
Look, we all love our social networking apps. But cybersecurity expert Raffi Jafari, cofounder and creative director of Caveni Digital Solutions, says, “If you are looking for apps to delete to protect your information, the absolute worst culprit is Facebook. The sheer scale of their data collection is staggering, and it is often more intrusive than companies like Google. If you had to pick one app to remove to protect your data, it would be Facebook.”
“This is a call to action for users who may be living under a rock and unaware of the vulnerabilities that were disclosed earlier this year,” says Michael Covington, VP of Product for mobile security leader Wandera. “The vulnerabilities with WhatsApp—both iOS and Android versions—allowed attackers to target users by simply sending a specially crafted message to their phone number. Once successfully exploited, the attackers would be granted access to the same things WhatsApp had access to, including the microphone, the camera, the contact list, and more.”
Whatsapp and Instagram are both owned by Facebook, which is part of what makes them all a risk. Dave Salisbury, director of the University of Dayton Center for Cybersecurity and Data Intelligence, says that Instagram “requests several permissions that include but are not limited to modifying and reading contacts and the contents of your storage, locating your phone, reading your call log, modifying system settings, and having full network access.” Plus Nine More
Thursday, June 29, 2023
From the What Goes Around Files: Phone Spy App Hacked
A data breach reveals the spyware is built by a Polish developer hacker has stolen the messages, call logs and locations intercepted by a widely used phone monitoring app called LetMeSpy, according to the company that makes the spyware.
The phone monitoring app, which is used to spy on thousands of people using Android phones around the world, said in a notice on its login page that on June 21, “a security incident occurred involving obtaining unauthorized access to the data of website users.”
“As a result of the attack, the criminals gained access to e-mail addresses, telephone numbers and the content of messages collected on accounts,” the notice read.
Wednesday, May 31, 2023
Delete Alert - Android App iRecorder has Morphed Into Spyware
The app, iRecorder – Screen Recorder, was first uploaded to the Google Play store on September 19, 2021, according to Lukas Stefanko, a malware researcher with cybersecurity firm ESET.
Friday, February 24, 2023
Qphone Claims to Secure Communications
Global Integrity announced the immediate availability of Qphone, a secure communications software platform that encrypts and protects voice, text, and video conversations between mobile devices, laptops, and desktop computers. Supporting iOS and Android, the Qphone app ensures total privacy of communications using end-to-end quantum-resistant encryption.
“Every day there are new instances of eavesdropping, corporate espionage, and compromised systems initiated from bad actors, leaving organizations vulnerable,” explained Bill Marlow, CEO of Global Integrity. “Messaging apps and cybersecurity infrastructure available today are mostly compromised in some fashion. Qphone offers a new approach, delivering a native phone app that is easy to use yet highly secure. In short, Qphone makes privacy simple.” more
Friday, December 23, 2022
Eavesdropping & Anti-Eavesdropping Apps
Two new apps to be aware of…
The iEavesdrop app redirects internal microphone, external wired microphone or line input input audio to any Bluetooth audio device such as AirPods so that you can use your phone as a stealth listening device.Using the correct line input cables, audio from any device such as an external microphone, in-flight entertainment or portable gaming device can be routed to your AirPods or other Bluetooth device. iEavesdrop will work with all iOS devices.
THIS APP CAN ALSO BE USED FOR MANY OTHER PURPOSES SUCH AS A BABY MONITOR, HEARING AID OR ANY OTHER APPLICATION THAT REQUIRES YOU TO LISTEN IN OR ROUTE MICROPHONE AUDIO TO A BLUETOOTH DEVICE.
(iOS)
———
(ANDROID)
About this app...
Ever thought someone might eavesdrop through your smart phone? Skewy is a privacy protection method, which is more than just a software setting. With Skewy you can mask your conversation with a simple – yet effective method. Simply making the audio data picked up by your phone unusable. Additionally, Skewy can detect ultrasonic signals to indicate the presence of device tracking technologies.
Wednesday, October 19, 2022
Police Use New Tool to Track People Without a Warrant
The tool enables law enforcement officers to see “patterns of life” – where and when people work and live, with whom they associate and what places they visit. The tool’s maker, Fog Data Science, claims to have billions of data points from over 250 million U.S. mobile devices. more
Sunday, June 5, 2022
FutureWatch: An App to Find Wi-Fi Spycams & More
Imagine a user walking into an unfamiliar environment such as a hotel room or Airbnb. Nowadays, the user has to be wary of wireless Internet-of-Things (IoT) devices being used to spy on them. These devices could be installed by the owner or by a previous guest. This threat is not just hypothetical...
...we want to empower users so that as they enter an unfamiliar space, they can run an app on their personal handheld (e.g., phone or tablet). This app would report a list of detected and identified devices and their corresponding locations.
Friday, August 27, 2021
Controversial Tool That Lets Kids Spy on Their Parents
It's called Parent Track and it's the mindchild of environmentally caring soap brand Gelo.
The idea is that kids can install the Parent Track ad tracker onto their parents' devices. This will, well, guilt them into not buying environmentally questionable products and drive them to eco-positive awareness tools...
Not everyone will be positively moved by the message Gelo sends when a parent's device is signed up.
It reads: "You just signed up this device, allowing us to follow your parents around the internet, reminding them to quit single-use plastics for good. By doing so, you set them on a more sustainable path and may very well have saved the planet. Our thanks just don't feel like enough."
Perhaps more parents buying Gelo products -- so that Gelo would make more money -- would feel like enough. more
Monday, March 8, 2021
Privacy and the Clubhouse App
Clubhouse might be the hottest app that's not even publicly available yet, but privacy issues are already being discussed online. Some of the people who are particularly upset? Those who say they have profiles without even having used the app before...
Clubhouse reportedly requests access to your phone's contacts, under the pretense that you can connect with other users of the social network. But people are claiming that Clubhouse takes information from your contact list and builds "shadow profiles" of people who have never signed up...
If you allow Clubhouse to use your contact list, the app then reportedly has access to your contacts' names, phone numbers and how many friends they have on Clubhouse. But that's not all. Privacy advocates note Clubhouse records voice chats of the virtual rooms, which also doesn't sit well with some current users of the app.
Clubhouse's Community Guidelines states: "Solely for the purpose of supporting incident investigations, we temporarily record the audio in a room while the room is live." more
More privacy considerations...
• Clubhouse app technology runs on the platform of Agora.io, an audio tech startup in Shanghai, China.
• Voice recordings may be paired with personal account details, and transferred into a government dossier for future voice identification surveillance purposes.
• What is said using the app may not be very private given hackers, lurkers and government interests. Not a good way to communicate confidentially.
“I refuse to join any club that would have me as a member” ― Groucho Marx
Monday, December 14, 2020
Exercise Like Your Walter Mitty Secret Agent Life Depended On It
via Justin Harper, Business reporter, BBC News, Singapore
I was the hero in my very own spy story, speeding from one checkpoint to another to foil the bad guys.
The plot came from a running app called Running Stories, which casts you as a secret agent in a story playing out with a heart-thumping soundtrack.
It is one of the latest apps designed to make exercise more entertaining, using real-time data that integrates the plot with your surroundings.
Key events in the storyline are triggered when a runner passes specific GPS markers and landmarks.
From being shot at by snipers to racing to catch a speedboat along the river, the plot kept me engaged and burned plenty of calories. more
Friday, August 7, 2020
National Security Concerns — Executive Orders Against TikTok
President Trump issued two executive orders late Thursday against China-based TikTok and messaging app WeChat, citing national security concerns in a sweeping order that could prevent the companies from doing most business in the United States....
“This data collection threatens to allow the Chinese Communist Party
access to Americans’ personal and proprietary information — potentially
allowing China to track the locations of Federal employees and
contractors, build dossiers of personal information for blackmail, and
conduct corporate espionage,” the TikTok order reads. more
Monday, August 3, 2020
Block TikTok, or Microsoft to the Rescue
U.S. Secretary of State, Mike Pompeo, claimed that TikTok sends user data to China, exerting pressure on the video-sharing social networking service. Pompeo brought attention to the fact that if personal information flows across a Chinese server, it will eventually end up in the hands of the Chinese Communist Party which he calls an “Evil Empire”.
TikTok has denied U.S. allegations but a report by cyber experts at ProtonMail says otherwise. The report is more a warning as it states – “Beware, the social media giant not only collects troves of personal data on you, but also cooperates with the CCP, extending China’s surveillance and censorship reach beyond its borders.” more
In other news...
Microsoft said Sunday it will continue talks to buy short-form video app, TikTok after its chief executive spoke with President Trump, following a weekend of uncertainty clouding the future of the Chinese-owned app. more
Connect the Dots...
When Microsoft bought Skype, Wired Magazine noted, "The Skype client itself is written almost as if it were a piece of malware, using complex obfuscation and anti-reverse engineering techniques, and it would be disquieting for Microsoft to release something that behaved in such a shady way; at the very least, the client would surely have to be rewritten to avoid the obfuscation and outright hostility to
managed networks that Skype currently has... Ultimately, it's hard to see how the Skype purchase is worthwhile from a
technology or user-access perspective. The technology isn't good enough
and the users aren't lucrative enough or plentiful enough to justify
it. more
Pure Conjecture Disguised as Analysis...
Microsoft already had Windows Live Messenger. Did it really need Skype? Skype you might recall was a predominately Estonian-based encrypted platform. It was giving governments fits worldwide. Then, in 2011, Microsoft bought it. Guess what happened.
TikTok, it appears, is also giving government fits. Who ya gonna call?
Wednesday, July 15, 2020
The Atlas of Surveillance
Explore 5,300 datapoints in the U.S. collected by hundreds of researchers.
TOGGLE the Legend to reveal how each technology is spreading. ZOOM into any region to see the technologies in greater detail. If an area has no markers, it means it hasn't been researched yet.
Click to enlarge. Go to website to explore. Wired article here. |