Android

Hacker Eva Galperin Has a Plan to Eradicate Stalkerware

changing passwords, setting up two-factor authentication—seem to help.The reason those fixes don't work, in these cases, is because the abuser has deeply compromised the victim's phone itself. The stalker doesn't have to be a skilled hacker; they just need easily accessible consumer spyware and an opportunity to install it on their target's device. An entire…


changing passwords, setting up two-factor authentication—seem to help.

The reason those fixes don’t work, in these cases, is because the abuser has deeply compromised the victim’s phone itself. The stalker doesn’t have to be a skilled hacker; they just need easily accessible consumer spyware and an opportunity to install it on their target’s device. An entire industry of that so-called spouseware, or stalkerware, has grown in recent years, one that Galperin argues represents a deeply underestimated scourge of digital privacy.

“Full access to someone’s phone is essentially full access to someone’s mind,” says Galperin, a security researcher who leads the Threat Lab of the digital civil liberties group the Electronic Frontier Foundation. “The people who end up with this software on their phones can become victims of physical abuse, of physical stalking. They get beaten. They can be killed. Their children can be kidnapped. It’s the small end of a very large, terrifying wedge.”

“It starts with someone standing up and saying this is not OK, this is not acceptable, this is spying.”

Eva Galperin, EFF

Now Galperin has a plan to end that scourge for good—or at least take a serious bite out of the industry. In a talk she is scheduled to give next week at the Kaspersky Security Analyst Summit in Singapore, Galperin will lay out a list of demands: First, she’s calling on the antivirus industry to finally take the threat of stalkerware seriously, after years of negligence and inaction. She’ll also ask Apple to take measures to protect iPhone users from stalkerware, given that the company doesn’t allow antivirus apps into its App Store. Finally, and perhaps most drastically, she says she’ll call on state and federal officials to use their prosecutorial powers to indict executives of stalkerware-selling companies on hacking charges. “It would be nice to see some of these companies shut down,” she says. “It would be nice to see some people go to jail.”

Ahead of her talk, Galperin has notched her first win: Russian security firm Kaspersky announced today that it will make a significant change to how its antivirus software treats stalkerware on Android phones, where it’s far more common than on iPhones. Rather than merely flag those spy apps as suspect but label them with a confusing “not a virus” message, as it has for most breeds of stalkerware in the past, Kaspersky’s software will now show its users an unmistakeable “privacy alert” for any of dozens of blacklisted apps, and then offer options to delete or quarantine them to cut off their access to sensitive information.

Prior to today, Kaspersky flagged stalkerware with the confusing label “not a virus,” (left) compared with an unmistakeable “privacy alert” it will now display for the same spyware. (right)
Kaspersky

Galperin, who has been working directly with stalkerware victims, sees the Moscow-based firm’s move as raising the bar for the entire security industry. Once one company begins to call out consumer spyware as a full-fledged security threat, she argues, competition will drive the other antivirus firms to meet that standard. The result, she hopes, will be a broader remedy to a security industry that has long underestimated stalkerware—often because security researchers don’t count spy tools that require full access to a device as “real” hacking, despite domestic abusers in controlling relationships having exactly that so

Read More

Be the first to write a comment.

Leave a Reply

Android

Gadget Lab Podcast: Chris Cox on Life After Facebook

Former Facebook bigwig Chris Cox has been busy. In March, Cox left his position as chief product officer of the social media giant, where he had overseen Instagram, WhatsApp, and Messenger. Since then, hes taken on advising roles with an environmental data co…

Former Facebook bigwig Chris Cox has been busy. In March, Cox left his position as chief product officer of the social media giant, where he had overseen Instagram, WhatsApp, and Messenger. Since then, hes taken on advising roles with an environmental data co…
Read More

Continue Reading
Android

Teen Love for Snapchat Is Keeping Snap Afloat

Snapchat. “At this point it’s just the easiest way to contact everyone,” she wrote via text. “I use it if I’m trying to get them to respond.” All her friends have Snapchat, and they all check it more frequently than they do their text messages “(no matter how much I hate that lol).” Logan, who…

Snapchat. “At this point it’s just the easiest way to contact everyone,” she wrote via text. “I use it if I’m trying to get them to respond.” All her friends have Snapchat, and they all check it more frequently than they do their text messages “(no matter how much I hate that lol).” Logan, who lives in Denver, says Snapchat conversations feel more intimate: “It is also just nice to see the faces of people.” Sometimes, she and her friends will just send pictures of their faces to each other. “It’s good to see them and adds a little more connection than a normal chat or DM,” she says.

Snapchat isn’t Logan’s favorite platform; she prefers Instagram because “it basically has all my passions.” But what’s a girl to do? If everyone is on Snapchat, then she has to be too. In one week, she’ll get close to 500 notifications from Snapchat, more than twice what she gets from iMessage and Instagram combined.

Written off by many after a disappointing stock-market debut and Facebook mimicry of its popular features, Snapchat remains a mainstay among youth. “You don’t have to speak words to talk to someone you want to stay connected with, as weird as that sounds,” Lily Klima, a 17-year-old from New York City, explains over text. A Pew Research poll from 2018 found that 69 percent of American teens aged 13 to 17 reported using the platform, trailing only YouTube and Instagram, and ahead of Facebook. More than one-third of respondents—35 percent—said they use Snapchat most often, more than any other social media platform. DaJauna Burnett-Hollins, 19, of St. Paul, says she spends up to two hours a day on Snapchat, and prefers it in part because she can “see [a friend’s] face and not just a screen.”

Thanks to those young, devoted users and investments in its Android app and better ad technologies, parent company Snap is riding a rare wave of investor optimism as it prepares to release its latest financial results Tuesday. Snap shares have more than doubled this year, though they remain below the $17 price of the company’s 2017 IPO. Analysts from Goldman Sachs, BTIG, and Bank of America all recently increased their price targets for Snap’s stock.

Snap beefed up its management team by adding Jeremi Gorman

Read More

Continue Reading
Android

This App Lets Your Instagram Followers Track Your Location

Instagram-loving friends did last summer. Called Who’s in Town, the iOS and Android app is ostensibly designed to show you, well … who’s in town. But it does much more than that.Users who download the app and grant it access to their Instagram account are presented with an eerie interactive map of every place the…

Instagram-loving friends did last summer. Called Who’s in Town, the iOS and Android app is ostensibly designed to show you, well … who’s in town. But it does much more than that.

Users who download the app and grant it access to their Instagram account are presented with an eerie interactive map of every place the people they follow have visited and shared online since they created their profile. The map updates in real time and is sourced from the wealth of location data the average Instagram user willingly uploads to the platform each time they opt to use its popular geotag feature in a story or post.

This information is nominally public already, as Instagram users must choose to share it with their followers. But by collecting them all in one place over time, Who’s in Town transforms data points seemingly meaningless in isolation into a comprehensive chronology of the habits and haunts of anyone with a public Instagram account.

It can tell you what coffeeshops or restaurants your Instagram-using friends frequent, when they last told the digital world they were there, and paint a detailed picture that wouldn’t be evident from just looking at their profile.

“The amount of data is insane,” said Erick Barto, the app’s creator. “It’s the equivalent of you going through every single story and writing down every single location, just consistently all the time.”

Paris Martineau covers platforms, online influence, and social media manipulation for WIRED.

A pre-release study he conducted using Who’s in Town tracked the posting habits of over 15,000 active Instagram users over multiple weeks. Barto said it found that 30 percent of people who post Instagram stories over the weekend geotag at least one location.

“This capability is problematic … from a privacy perspective as long-term aggregate data can potentially be misused in various ways,” Jason Polakis, security researcher and assistant professor at the University of Illinois at Chicago, told WIRED in an email.

Polakis said users’ aggregate location data could reveal sensitive information about their daily routine—like when a person normally goes out, or is at work—that could be used to determine when their home is empty, enabling stalking, or revealilng social connections like friendships or relationships, based on similarities in the time and location of posts. The information could also be used by companies to infer a person’s hidden habits or traits, he noted. A health insurance firm, for example, could scan prospective customers’ geotag history to compare how often they indicated they frequented bars versus the gym.

“While the app’s functionality isn’t doing anything complicated that a determined (malicious) individual or company wouldn’t be able to do,” Polakis added, “it does streamline and facilitate potentially invasive behavior at a large scale, as anyone installing the app would have access to this functionality.”

Once installed, Who’s in Town pulls post data for the people you follow dating back to the creation of each user’s account, and the geotags from stories posted that day.

Read More

Continue Reading
Android

Google’s Matías Duarte on the History of Smartphone Notifications

Daywise, modern smartphone users receive more than double the number of notifications per day than they think they’re getting—as many as 73 per day. (Anecdotally, Screen Time dashboard on my own iPhone tells me I’m averaging around 91 notifications per day.)App makers are trying every which way to grab a sliver of our attention. Psychological…

Daywise, modern smartphone users receive more than double the number of notifications per day than theythinkthey’re getting—as many as 73 per day. (Anecdotally, Screen Time dashboard on my own iPhone tells me I’m averaging around 91 notifications per day.)

App makers are trying every which way to grab a sliver of our attention. Psychological researcher Larry Rosen, who cowroteThe Distracted Mind, says he has spoken to app designers about their approaches and has concluded that their efforts to suck us into their apps is “really a business. The bottom line is, it’s a business. And the problem is they’re using behavioral scientists to help them design this.” More notably, Rosen’s research has consistently shown that notifications stress us out—and that constant notifications, beeps, buzzes, and vibrations from our smartphones and computers all contribute to ongoing chemical stress.

But it wasn’t always this way. Some of the earliest architects of smartphone notifications were simply trying to come up with ways to bring popular desktop communication apps to emerging mobile platforms. One of those people is Matías Duarte. His current role is head of material design at Google. But from 2000 to 2005, Duarte was the director of design at Danger, the predecessor to Android. (Remember the Hiptop, also known as the Sidekick? That was Danger.)

Duarte spoke with WIRED for the video above, digging up smartphone notification designs buried in boxes from nearly 20 years ago, and explained some of the early thinking behind smartphone notifications. An edited version of the conversation follows.

Lauren Goode:You were on the forefront of notifications before they were even called that. Talk a little bit about your history in designing what we now know as notifications.

Matías Duarte:I first started working in consumer electronics and mobile with the Danger Sidekick. This was just at the time when cell phones all looked like this, a nine-keypad at the bottom and a little tiny screen, and all you could basically do is text and [make and receive] phone calls. That’s it. There were no apps, no web browsers, nothing like that.

The first notifications were those little red voicemail lights on desktop phones. Mobile phones had these displays, which weren’t usually even colored. They were black and white … But you could use an icon to indicate when your phone was trying to get your attention because it would also have a little blinking light, right? About a missed call, or a voicemail, or about a text message. So you’d have two different little icons that were baked into that. So we knew that there was this problem of getting people’s attention and connecting people when we were working on the Sidekick.

LG:And this is well before Android, iOS, everything we know now.

MD:Yeah, absolutely. This was around 2000 when we were doing a lot of this design work. I think the very first one of these launched between 2001 and 2002. So this was all way before Android, although we have a connective lineage to these things.

LG:So you were designing just for the Sidekick’s little screen?

MD:For that tiny screen … Actually we started designing for this guy here. [Duarte holds up a small mobile device.] This is what we affectionately called the Peanut. It looks like one of those peanut cookies. This was basically a pager. That’s how you can think of it, except that it had a screen where we could show graphics and icons on it. This was the original product that we were going to make, although eventually we ended up making the Sidekick, which allowed you to communicate two ways just like you do today. And it had a keyboard.

The keyboard was the main appeal, and this meant that not only could you do emails like you would on a BlackBerry and type in your web pages faster, but you could text message. Not just SMS, but on what at the time was the hotness, which was AOL Instant Messenger. There was also MSN, ICQ. We had all of these on this guy here. In fact, we had the first mobile app store on the Sidekick.

LG:And this is a time before social media is really anything close to what it is now.

MD: Oh, there was no social media at the time … There were blogs.

LG: This was even before MySpace.

MD:This was the beginning of MySpace, the beginning of LiveJournal, that kind of thing, which is where this wonderful chart comes in [pulls out a paper chart]. Because part of the process of design is always understanding the problem space before you come up with a solution. And back then we did this analysis around w

Read More

Continue Reading