Schneier: "It's really too late to secure 5G networks"

Bruce Schneier's Foreign Policy essay in 5G security argues that we're unduly focused on the possibility of Chinese manufacturers inserting backdoors or killswitches in 5G equipment, and not focused enough on intrinsic weakness in a badly defined, badly developed standard wherein "near-term corporate profits prevailed against broader social good." Read the rest

New York Times analyzes a leaked set of location data from a private broker, sounds the alarm

In 2017, a string of reports revealed that data-brokers were acquiring and linking titanic sets of location data from apps and mobile carriers and mining that data (and sometimes selling it outright). The carriers promised they'd end the practice, but they were lying. A year later, fresh reports surfaced of both app- and carrier-derived location data being sold, often by companies whose lack of elementary security meant that the data was effectively available to anyone. Then we learned that carriers were supplying fine-grained, realtime location data that was ending up in the hands of bounty hunters, skip tracers, and crooks and stalkers (naturally Ajit Pai's FCC had helped them get away with it0. Read the rest

FCC Chairman Pai's former employer, Verizon, lied about coverage, and then Pai tried to bury the news

America's telcoms sector is hugely concentrated and corrupt, and systematically underinvests in maintenance and infrastructure even as it gouges customers, which it can get away with thanks to its monopoly power, leaving Americans with some of the world's worst, most expensive communications services. Read the rest

Frustrated game devs automated the production of 1,500 terrible slot machine apps and actually made money

Last March, game devs Alex Schwartz and Ziba Scott gave a presentation at the Game Developers Conference called "1,500 Slot Machines Walk into a Bar: Adventures in Quantity Over Quality in which they described how their own dissatisfaction with falling revenues from mobile app stores led them to muse about bulk-creating crappy apps and seeing if they could get paid. Read the rest

Debullshitifying the Right to Repair excuses Apple sent to Congress

Apple's response to the Congressional committee investigating monopolistic behavior by tech giants contains a chapter on Right to Repair, whose greatest enemy is Apple -- the company led successful campaigns to kill 20 state level Right to Repair bills last year. Read the rest

Ecommerce sites' mobile templates hide information that shoppers use to save money

In Do Consumers Make Less Accurate Decisions When They Use Mobiles?, a study by researchers at Ben Gurion University accepted for presentation at next month's International Conference on Information Systems in Munich, the researchers seek to discover why consumers spend more money on ecommerce sites when using mobile devices than when they use laptops and other, larger screens. Read the rest

A woman's stalker compromised her car's app, giving him the ability to track and immobilize it

An Australian woman's creepy, violent ex-boyfriend hacked her phone using stalkerware, then used that, along with her car's VIN number, to hack the remote control app for her car (possibly Landrover's Incontrol app), which allowed him to track her location, stop and start her car, and adjust the car's temperature. Read the rest

EFF and ACLU triumph as federal judge rules that warrantless, suspicionless device searches at the border are illegal

Back in 2017, EFF, ACLU and ACLU of Massachusetts sued the US government on behalf of 11 travelers whose devices had been subjected to warrantless, suspicionless searches by Customs and Border Protection at the US border. Read the rest

New 5G vulnerabilities could put phone users at risk

Security researchers at Purdue and U. of Iowa confirm what many security experts have long feared: there are serious security weaknesses in 5G that undermine the promised security and privacy protections. Read the rest

Foreigners visiting China are increasingly stumped by its cashless society

Technically, it's illegal for Chinese merchants to refuse payment in cash, but this rule is hardly ever enforced, and China has been sprinting to a cashless society that requires mobile devices -- not credit-cards -- to effect payments, even to street hawkers. Read the rest

Bill Gates just accidentally proved that even "unsuccessful" antitrust enforcement works

In 1992, the Federal Trade Commission opened an antitrust investigation against Microsoft; in 2001, the company settled the claims, making a slate of pro-competitive promises that were widely derided as too little, too late. Read the rest

T-Mobile: because we have a (stupid) trademark on one magenta shade, no one can use pink in their logos

T-Mobile has a trademark on RAL 4010, a shade of magenta. Trademarks on colors (see also: UPS, John Deere) are a dangerous trend, robbing us of the spectrum one shade at a time, but T-Mobile's views on its trademark made this bad situation much worse. Read the rest

The Catalan independence movement is being coordinated by an app designed for revolutions

Tsunami Democràtic is a radical, decentralized wing of the resurgent Catalan independence movement, centered around an anonymously authored app designed to coordinate revolutionary uprisings. Read the rest

WhatsApp fixes security bug that let hackers take over with a GIF

A spokesperson for the Facebook-owned WhatsApp says the company has fixed a security vulnerability that let hackers take control of the messaging app by way of a malicious GIF. Read the rest

Checkm8: an "unstoppable" Iphone jailbreaking crack

Last month, a developer called Axi0mx released an Iphone crack called Checkm8, which attacks a defect in the Ios bootrom, a low-level piece of code that has not been successfully attacked since 2010. The bootrom is read-only, making its defects effectively unpatchable, short of removing the chip and swapping it for one with more robust code (the attack also works on version 1, 2 and 3 Apple Watches). Read the rest

Son of Ghostnet: the mobile malware that targets Tibetans abroad

Citizen Lab (previously) is one of the world's top research institutions documenting cyber-attacks against citizen groups, human rights activists, journalists and others; ten years ago, they made their reputation by breaking a giant story about "Ghostnet," malicious software that the Chinese state used to convert the computers of the world's Tibetan embassies into spying devices. Read the rest

This is your smartphone on feminism

Maria Farrell admits that comparing smartphones to abusive men (they try to keep you from friends and family, they make it hard to study or go to work, they constantly follow you and check up on you) might seem to trivialize domestic partner violence, but, as she points out, feminists have long been pointing out both the literal and metaphorical ways in which tech replicates misogyny. Read the rest

More posts