Items tagged with: Apps
Do you know any one man SaaS app that are profitable?
I'm asking this because I'm considering starting a SaaS app as a side project, and I'm looking for some inspiration.
Note: this is was previously on HN here1, but it's been few years, and I'm sure a lot of one person startups are thriving than before.
HN Discussion: https://news.ycombinator.com/item?id=19701783
Posted by phoenix24 (karma: 143)
Post stats: Points: 192 - Comments: 108 - 2019-04-19T18:27:41Z
#HackerNews #apps #are #ask #one-person #profitable #saas #that
HackerNewsBot debug: Calculated post rank: 164 - Loop: 179 - Rank min: 100 - Author rank: 15
HN Discussion: https://news.ycombinator.com/item?id=19686622
Posted by mzs (karma: 2181)
Post stats: Points: 163 - Comments: 59 - 2019-04-17T21:24:46Z
#HackerNews #abusing #and #apps #are #committing #fraud #google #permissions #play #popular #store
HackerNewsBot debug: Calculated post rank: 128 - Loop: 179 - Rank min: 100 - Author rank: 23
The privacy crisis Apple and Google need to fix—now
Article word count: 1113
HN Discussion: https://news.ycombinator.com/item?id=19653771
Posted by tumblen (karma: 564)
Post stats: Points: 128 - Comments: 57 - 2019-04-13T16:02:40Z
#HackerNews #apps #are #filled #smartphone #trackers #with
Go to the profile of Owen Williams
Credit: Anadolu Agency/Getty Images
Most of us understand by now that we’re being followed across the web. But how much do we know about how the smartphone apps we use track our every move? Thanks to tiny pieces of code that millions of developers use to make their lives easier, an array of companies gets free access to data they can employ to understand your habits. The process is invisible, and it’s worse news for you than you might think.
When we browse the web through Google Chrome, for example, a dizzying array of companies follow us. Such is the Wild West of our modern web, but you still remain in control of which sites you visit and which social networks you log into.
The shift to native apps changes this equation, however. Suddenly you’re no longer in full control of what’s loaded, nor of who is tracking you, and you must trust app developers to do the right thing.
All of this should make you skeptical of marketing like Apple’s recent “privacy matters” campaign.
On mobile, tracking is generally performed through the use of a “software development kit” or SDK—a set of tools that helps app developers get something done faster. Many SDKs help developers debug their code or hook into useful services, but others help advertisers and marketing companies peer into your private life. Take the iHeartRadio app for example: Last fall, Medium reported that it contained code from Cuebiq’s SDK, which would permit user data to be sold for the purposes of ad tracking.
All of this should make you skeptical of marketing like Apple’s recent “privacy matters” campaign. While the company offers tools within Safari to block trackers on the web, it doesn’t offer any control over trackers embedded in apps that are distributed through the iOS App Store. Most people use the Google Chrome browser anyway, and it has even fewer privacy protections baked in. (Apple does ask developers to “respect user preferences for how data is used,” but good luck with that.)
SDKs present a solution to Apple’s pesky tracking restriction for advertisers. They can connect who you are between apps, provided the developer of each app uses the same SDK and the advertiser is able to use signals to figure out who you are. If we look at the top 200 apps on the iOS App Store, it’s interesting to see how broad the reach of most SDKs actually is.
The top 10 most commonly used SDK libraries in the top iOS apps, as reported by analytics firm Mighty Signal, are largely provided by Facebook (three out of 10) and Google (four out of 10). Google’s AdMob tools, for example, helps developers show advertising and track their users, and it’s integrated into 78% of the top apps on iOS—everything from the Holy Bible to LinkedIn. Facebook’s “Core Kit,” which provides access to the social platform’s features, is integrated into 61% of top apps. The list goes on.
Both of these SDKs allow Facebook and Google to track users beyond their desktop web browsers and automatically collect information like when you installed the app, each time you opened it, and what you purchased.
Tracking in SDKs is clearly part of the modern App Store ecosystem, and it goes far beyond the big corporate names. There are a dizzying array of companies you’ve never heard of invisibly tracking your habits in apps you use every day. Networks like Vungle, Apps Flyer, and Applovin all call themselves “advertising and analytics” platforms. They help developers monetize their apps, and all of them track data to sell to other partners behind the scenes as well.
This often overflows into our daily lives in weird ways. The technology podcast Reply All recently dug into mysterious automated robocalls, which were somehow matching the area code of producer Damiano Marchetti, even adjusting to different locations as he traveled. How could such robocallers know where you physically are?
After digging into all of Damiano’s apps, Reply All made a discovery: He had downloaded a game called Mobile Legends: Bang Bang, which reported the phone’s location and IMEI (a unique identifier) to a bunch of analytics companies, which then sold that data, eventually leading to robocallers purchasing it.
The world of SDKs is intentionally obfuscated from view in the same way a magician wishes their most impressive tricks to remain secret.
The Wall Street Journal recently wrote about data collection on millions of other apps, such as those intended for menstrual cycle and body weight tracking. Those apps were found to sell this data to Facebook. Many people assume that Facebook is monitoring their microphones, but the reality is that they don’t need to: They can just collect data from the apps you’re using all day long.
In the past, Apple has moved to make it more difficult to identify you by blocking access to unique identifiers and your phone number, but it’s still trivial to correlate an identity via your IP address, the name of a Wi-Fi network, or just matching together the bread crumbs of data they grab about you. Android allows even broader access to identifiers—not surprising, given that it’s built by a company that relies on advertising to make money.
The world of SDKs and the companies tracking with them is intentionally obfuscated from view in the same way a magician wishes their most impressive tricks to remain secret. If you knew that the game you love was the one ratting out your habits, you’d probably consider uninstalling it.
There’s frustratingly little we can do to combat SDK tracking without intervention from Apple and Google. There are nuclear methods that can help protect you, such as installing a network-wide ad-blocker on your home Wi-Fi, which blocks the requests at the source—but of course that only works within the confines of your home. On the go, some VPN providers are able to block advertising, but with the same limitations: You must stay connected to the VPN at all times to block them, which simply isn’t realistic.
What we really need is change from the top. Apple and Google should provide operating system controls that show the parties harvesting data inside the apps on our devices or should require third parties to reveal this information. A good example of this in practice can be found in the Guardian app, which allows users to disable tracking on a per-SDK basis in its settings. Requiring this should be standard for all developers.
Ultimately, the gatekeepers of mobile app stores have a responsibility to give us more control. Otherwise, the next big privacy scandal will be the digital equivalent of the Deepwater Horizon oil spill: All our information out there, under the surface, helping companies build a picture of who we are—without us ever seeing it.
HackerNewsBot debug: Calculated post rank: 104 - Loop: 152 - Rank min: 100 - Author rank: 65
Online dating sites, such as #PlentyofFish and #Tinder, have become tools used by #humantraffickers to recruit potential #victims. In some cases, potential #traffickers #manipulate their victims into thinking that they are looking for a romantic #relationship to recruit and then ultimately use #force, #fraud or #coercion to #profit off of their relationship with the victim.
The #companies that create these #apps need to make efforts to combat human trafficking and keep it from thriving online. We are gathering #signatures to petition the Match Group, owners of the popular dating sites, Tinder, Plenty of Fish, #OkCupid, #Match, and more, to implement safety features and smart protocols and practices to help keep human trafficking off of their platform.
Sign the petition to hold the creators of online #datingsites accountable. It is important that they put the safety of their users first and foremost. Together, we can let the Match Group know that we will not stand for inaction. We need your to help end this type of human trafficking.
Digitalisierung in der Schule: Wann sind Apps und Tablets im Unterricht sinnvoll? | Wissen | SWR2
#Tablet #Medien #Apps #Unterricht #Schule #Lernen #digitaleSchulwelt #Digitalisierung
With over 200 apps, there is a lot of functionality you can add to Nextcloud. Occasionally it just pays off to go check what’s new on apps.nextcloud.com and today we’d like to share a few recently new or updated highlights!
Working with your files
Nextcloud handles all kind of files, but only a number of those can be viewed natively. Apps can extend this however! You can see and edit text files and view pictures and PDF files out of the box, but Collabora Online or ONLYOFFICE add office document viewing and editing. Or install the Markdown app to edit Markdown files.
You might have more advanced needs. How about a 3D viewer for dae, .fbx, .gltf and .obj files? There is an app for that! You can also view Google Photo Sphere images in Nextcloud with a viewer!
Need to extract files in the Nextcloud web interface? Extract comes to the rescue – zip files take just a right click, RAR is work-in-progress and it works with external storage, too!
Not a viewer per-se, but a little different, the Linkeditor lets you create and edit external links in the filelist (.URL and .webloc). The links can be synced as created from your OS and opened from the web UI, also when publicly shared.
A step further
Let’s move beyond viewing files, and adjust the way Nextcloud works or add whole new features! Yes, there is the Right Click app which lets you use a right click in the files app to do actions on files. But there is more!
Tired of sending overly complicated links that are hard to remember or type in? Those times are over: Install Sharerenamer and send shared links with a human readable name! Keep in mind the security issues related with this: human readable names are of course guessable, so protect important data with a password if you use this app!
A great new app is the readme.MD app. Like developers are probably used to on Github, it allows you to add a specific file (read.me) to every folder. The content will then be shown as header or footer to that folder. You can use this, for example, to help explain the purpose of each folder on your Nextcloud. This is of course wonderful for folders you are sharing with a group of people.
But entirely new functionality can be added to Nextcloud as well. Did you know that if you use the German SPG-Verein software, you can access its data from Nextcloud? Simply add the SPG Verein app, and you’re good to go!
Carnet is a new, easy to use note taking app in the Nextcloud ecosystem, using HTML in the back-end. It provides nice features like for example Google Keep import, folder organization, keywords, search and an Android app with pin code protection!
Of course, those are only a few of the many really cool apps you could add to your Nextcloud. If you want more, have a look at apps.nextcloud.com and find the apps that will help you make your Nextcloud even more awesome!
#apps, #blog, #conference
Facebook routinely tracks users, non-users and logged-out users outside its platform through Facebook Business Tools. App developers share data with Facebook through the Facebook Software Development…
Article word count: 1124
HN Discussion: https://news.ycombinator.com/item?id=19595478
Posted by allwynpfr (karma: 61)
Post stats: Points: 110 - Comments: 24 - 2019-04-07T08:04:18Z
#HackerNews #2018 #android #apps #data #facebook #how #share #with
A video presentation of the finding of this report can be found here, as presented at 35th Chaos Computer Congress (35C3)
Previous research has shown how 42.55 percent of free apps on the Google Play store could share data with Facebook, making Facebook the second most prevalent third-party tracker after Google’s parent company Alphabet. In this report, Privacy International illustrates what this data sharing looks like in practice, particularly for people who do not have a Facebook account.
This question of whether Facebook gathers information about users who are not signed in or do not have an account was raised in the aftermath of the Cambridge Analytica scandal by lawmakers in hearings in the United States and in Europe. Discussions, as well as previous fines by Data Protection Authorities about the tracking of non-users, however, often focus on the tracking that happens on websites. Much less is known about the data that the company receives from apps. For these reasons, in this report we raise questions about transparency and use of app data that we consider timely and important.
Facebook routinely tracks users, non-users and logged-out users outside its platform through Facebook Business Tools. App developers share data with Facebook through the Facebook Software Development Kit (SDK), a set of software development tools that help developers build apps for a specific operating system. Using the free and open source software tool called "mitmproxy", an interactive HTTPS proxy, Privacy International has analyzed the data that 34 apps on Android, each with an install base from 10 to 500 million, transmit to Facebook through the Facebook SDK.
All apps were tested between August and December 2018, with the last re-test happening between 3 and 11 of December 2018. The full documentation, including the exact date each app was tested, can be found at https://privacyinternational.org/appdata.
Facebook places the sole responsibility on app developers to ensure that they have the lawful right to collect, use and share people’s data before providing Facebook with any data. However, the default implementation of the Facebook SDK is designed to automatically transmit event data to Facebook.
Since May 25, 2018 – the day that the EU General Data Protection Regulation (GDPR) entered into force - developers have been filing bug reports on Facebook’s developer platform, raising concerns that the Facebook SDK automatically shares data before apps are able to ask users to agree or consent. On June 28, 2018, Facebook released a voluntary feature that should allow developers to delay collecting automatically logged events until after they acquire user consent. The feature was launched 35 days after GDPR took effect and only works on the SDK version 4.34 and later.
In response to this report, Facebook has stated in an email to Privacy International on 28 December 2018: “Prior to our introduction of the “delay” option, developers had the ability to disable transmission of automatic event logging data, except for a signal that the SDK had been initialized. Following the June change to our SDK, we also removed the signal that the SDK was initialized for developers that disabled automatic event logging.” (emphasis added).
This “signal” is the data that we observe in our findings. We assume that prior to the release of this voluntary feature, many apps that use Facebook SDK in the Android ecosystem were therefore not able to prevent or delay the SDK from automatically collecting and sharing that the SDK has been initialized. Such data communicates to Facebook that a user uses a particular app, when they are using it and for how long.
Without any further transparency from Facebook, it is impossible to know for certain, how the data that we have described in this report is being used. This is particularity the case since Facebook has been less than transparent about the ways in which it uses data of non-Facebook users in the past.
Our findings also raise a number of legal questions. As this research was conducted in the UK we have focused on the relevant EU framework, namely EU data protection (“GDPR”) and ePrivacy law (the ePrivacy Directive 2002/58/EC, as implemented by Member State laws) as well as Competition Law. An underlying theme is the responsibility of the various actors involved, including Facebook.
HackerNewsBot debug: Calculated post rank: 81 - Loop: 43 - Rank min: 80 - Author rank: 38
As always, we want to make sure that upgrades are smooth as well as, of course, day to day usage. There is still a fair bit of polishing to do as well so we’re looking for all feedback we can get.
Nextcloud 16 beta 1 (zip)
Winter is coming! In all seriousness, ‘feature freeze’ means that we will no longer add new features, just improve and stabilize the release further. This is the stage in our development at which we release our first beta and begin to focus on polishing and bug fixing. The perfect time to get involved and help us make this release awesome!
We can’t yet reveal what is new, but you can see for yourself by installing the beta of course. And we can use your help, we have our automated tests and it has gotten some basic smoke testing but no test scheme can replace the myriad of ways you all use Nextcloud, on NAS devices to big iron servers!
Besides testing, your help is also welcome in polishing. Small UI improvements, fixes to details – and of course bugfixes! If you are new to Nextcloud, you’re more than welcome to get involved – simply join us on github or check out this page on our website. Note that translations are very welcome too! Now is the time to translate and make sure 16 is ready for as big a number of users as possible. We have millions of users and they don’t all read English!
If you are on the beta channel, we will make beta 16 available soon, stay tuned!
#apps, #news, #release, #testing
Security researchers have found a new kind of government malware that was hiding in plain sight within apps on Android’s Play Store. And they appear to have uncovered a case of lawful intercept gone…
Article word count: 2349
HN Discussion: https://news.ycombinator.com/item?id=19529781
Posted by 0xmohit (karma: 5741)
Post stats: Points: 109 - Comments: 25 - 2019-03-30T15:09:25Z
#HackerNews #apps #find #google #government #malware #play #researchers #store #were
Image: Cathryn Virginia/Motherboard
Leggi in italiano.
Hackers working for a surveillance company infected hundreds of people with several malicious Android apps that were hosted on the official Google Play Store for months, Motherboard has learned.
In the past, both government hackers and those working for criminal organizations have uploaded malicious apps to the Play Store. This new case once again highlights the limits of Google’s filters that are intended to prevent malware from slipping onto the Play Store. In this case, more than 20 malicious apps went unnoticed by Google over the course of roughly two years.
Motherboard has also learned of a new kind of Android malware on the Google Play store that was sold to the Italian government by a company that sells surveillance cameras but was not known to produce malware until now. Experts told Motherboard the operation may have ensnared innocent victims as the spyware appears to have been faulty and poorly targeted. Legal and law enforcement experts told Motherboard the spyware could be illegal.
“These apps would remain available on the Play Store for months and would eventually be re-uploaded.”
The spyware apps were discovered and studied in a joint investigation by researchers from Security Without Borders, a non-profit that often investigates threats against dissidents and human rights defenders, and Motherboard. The researchers published a detailed, technical report of their findings on Friday.
“We identified previously unknown spyware apps being successfully uploaded on Google Play Store multiple times over the course of over two years. These apps would remain available on the Play Store for months and would eventually be re-uploaded,” the researchers wrote.
Lukas Stefanko, a researcher at security firm ESET, who specializes in Android malware but was not involved in the Security Without Borders research, told Motherboard that it’s alarming, but not surprising, that malware continues to make its way past the Google Play Store’s filters.
“Malware in 2018 and even in 2019 has successfully penetrated Google Play’s security mechanisms. Some improvements are necessary,” Stefanko said in an online chat. “Google is not a security company, maybe they should focus more on that.”
In an apparent attempt to trick targets to install them, the spyware apps were designed to look like harmless apps to receive promotions and marketing offers from local Italian cellphone providers, or to improve the device’s performance.
A screenshot of one of the malicious apps. (Image: Security Without Borders)
The researchers alerted Google earlier this year to the existence of the apps, which were then taken down. Google told the researchers and Motherboard, that it found a total of 25 different versions of the spyware over the last two years, dating back to 2016. Google declined to share the exact numbers of victims, but said it was below 1,000, and that all of them were in Italy. The company would not provide more information about the targets.
The researchers are calling the malware Exodus, after the name of the command and control servers the apps connected to. A person who’s familiar with the malware development confirmed to Motherboard that was the internal name of the malware.
Exodus was programmed to act in two stages. In the first stage, the spyware installs itself and only checks the phone number and its IMEI—the device’s unique identifying number—presumably to check whether the phone was intended to be targeted. For that apparent purpose, the malware has a function called “CheckValidTarget.”
But, in fact, the spyware does not appear to properly check, according to the researchers. This is important because there are currently some legally permissible uses of narrowly targeted malware—for example, with a court order, law enforcement can legally hack devices in many countries.
In a test done on a burner phone, the researchers saw that after running the check, the malware downloaded a ZIP file to install the actual malware, which hacks the phone and steals data from it.
“This suggests that the operators of the Command & Control are not enforcing a proper validation of the targets,” Security Without Borders concluded in the report. “Additionally, during a period of several days, our infected test devices were never remotely disinfected by the operators.”
Got a tip? You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, OTR chat at firstname.lastname@example.org, or email email@example.com. And you can reach Riccardo Coluccini securely on OTR chat at firstname.lastname@example.org, and email@example.com.
At that point, the malware has access to most of the sensitive data on the infected phone, such as audio recordings of the phone’s surroundings, phone calls, browsing history, calendar information, geolocation, Facebook Messenger logs, WhatsApp chats, and text messages, among other data, according to the researchers.
The spyware also opens up a port and a shell on the device, meaning it allows the operators to send commands to the infected phone. According to the researchers, this shell is not programmed to use encryption, and the port is open to anyone on the same Wi-Fi network as the target. This means that anyone in the vicinity could hack the infected device, according to the researchers.
“This inevitably leaves the device open not only for further compromise but for data tampering as well,” the researchers wrote.
A second, independent analysis by Trail of Bits, a New York-based cybersecurity company that looked into the malware for Motherboard, confirmed that the malware samples all connect to the servers of one company, that the IP addresses identified by Security Without Borders are all connected, and that the malware leaves the target device more vulnerable to hacking.
WHO IS BEHIND THE SPYWARE?
All the evidence collected by Security Without Borders in its investigation indicates the malware was developed by eSurv, an Italian company based in the southern city of Catanzaro, in the Calabria region.
The first hint that the authors of the malware were italian came from two strings inside the malware code: “mundizza,” and “RINO GATTUSO.” Mundizza is a dialectal word from the southern region of calabria that loosely translates to garbage. Rino Gattuso is a famous retired Italian footballer from Calabria.
The real smoking gun, however, is the command and control server used in several of the apps found on the Play Store to send the data back to the malware operators.
The server, according to the researchers, shares a TLS web encryption certificate with other servers that belong to eSurv’s surveillance camera service, which is the company’s main public business. Also, some of these servers identified by the researchers display eSurv’s logo as the icon associated with the server’s address, the icon you can see in your browser’s tab, also known as favicon.
Other spyware samples communicate with a server belonging to eSurv, according to the researchers. Google confirmed the servers belong to eSurv. The Trail of Bits researcher who reviewed the technical report and the spyware confirmed that it’s linked to eSurv.
A sample of eSurvʼs command and control servers. (Image: Security Without Borders)
Finally, an eSurv employee explained in a resume publicly available through his LinkedIn page that as part of his job at the company, he developed “an ‘agent’ application to gather data from Android devices and send it to a C&C server”—a technical, albeit clear, reference to Android spyware.
Motherboard reached out to the developer, who declined to comment, arguing that the answer would be “confidential information. I don’t think I can say anything about this ;)”
We reached out to eSurv multiple times via email and LinkedIn. Initially, an employee of the company claimed to be surprised and shocked by our findings, given that eSurv only sells video surveillance, she said. A few hours after our phone call, the company took down its site for a couple of weeks.
After we followed up and asked for clarification, the company declined to comment.
eSurv appears to have an ongoing relationship with Italian law enforcement, though Security Without Borders was unable to confirm whether the malicious apps were developed for government customers.
eSurv won an Italian government State Police tender for the development of a “passive and active interception system,” according to a document published online in compliance with the Italian government spending transparency law. The document reveals that eSurv received a payment of € 307,439.90 on November 6, 2017.
We filed a freedom of information request to obtain information on the tender, the list of companies that participated, the technical offer sent by the company, and the invoices issued by eSurv. Our request, however, was rejected. The Anti-Drug Police Directorate, an agency within the State Police which responded to the request, said it could not respond with the documents because the surveillance system was obtained with “special security measures.”
Over the last few months, several sources with knowledge of Italy’s spyware market told Motherboard that a new company from Calabria was getting several contracts to develop surveillance software with law enforcement and government agencies. Some of those sources specifically named eSurv as that new company that was taking the local market by storm.
Finally, a source close to eSurv, who asked to remain anonymous because he was not authorized to speak to the press, said that the company sells malware to the Italian police.
“They publish [the spyware] on the Play Store and then induce the person to download it and open it,” the source said in an online chat.
IS THIS ALL LEGAL?
Using spyware with warrants or a judge’s authorization is, generally speaking, legal in most countries in Europe, as well as the United States. In this case, however, eSurv’s spyware may not be operating according to the law, experts told Motherboard.
“I don’t think there are reasons to believe this spyware is legal,” Giuseppe Vaciago, an Italian lawyer who specializes in criminal law and surveillance, told Motherboard after reviewing the report by Security Without Borders.
Vaciago explained that a spyware acting according to Italian law should not install itself on any target without first validating that the target is legitimate, something Exodus does not properly do, according to the researchers.
Moreover, Vaciago explained that Italian law effectively equates spyware with physical surveillance devices, such as old school hidden microphones and cameras, limiting its uses to capturing audio and video.
“This software, on the other hand, is able to do, and effectively appears to have done, much more invasive activities than those prescribed by the law,” Vaciago told Motherboard in an email.
“Opening up security holes and leaving them available to anyone is crazy and senseless, even before being illegal.”
The fact that the malware leaves the device vulnerable to other hackers is perhaps the worst element of Exodus, according to a police agent who has experience using spyware during investigations, and who asked to remain anonymous because he’s not allowed to speak to the press.
“This, from the point of view of legal surveillance, is insane,” the agent told Motherboard. “Opening up security holes and leaving them available to anyone is crazy and senseless, even before being illegal.”
At the end of 2017, Italy introduced a law regulating the use of spyware for law enforcement activities and investigations—the law only regulates the use of spyware to record audio remotely, leaving out all the other features that surveillance software can have, such as intercepting text messages, or taking screenshots of the screen. In May 2018, the Ministry of Justice published technical requirements that must be respected in the development and use of spyware by law enforcement agencies.
In an opinion issued by the Italian Data Protection Authority in April of last year, the authority criticized the requirements for being too vague when it came to describing the interception system’s components, and it emphasized that authorities need to ensure that installing the spyware on a target does not reduce the overall security of the infected device.
“This is in order to prevent the device from being compromised by third parties, avoiding negative consequences on the protection of personal data contained therein as well as on investigative activities,” the authority wrote.
Apps that offer promotions and marketing offers from local telecommunication providers is a front that has been used by Italian government malware before. In fact, Italian telecommunication companies can be forced by the government to send text messages to facilitate malware injection on suspects’ devices, as previously reported by Motherboard Italy.
Details of this activity were found in a hearing of the Company Security Governance of the Italian cellphone provider Wind Tre Spa, held in March of 2017 by the Parliamentary Committee for the Security of the Republic (COPASIR)—a committee that supervises the activity of the intelligence services.
According to the document, which summarizes the hearings, when it comes to the use of spyware for investigations, the telecommunication operators are consulted to facilitate the infection of third party devices with the malware. These operations “consist mainly in expanding the bandwidth and sending messages to request certain maintenance activities,” the document reads. These activities may be included in what are called “mandatory justice services” for telecommunication operators, services that are detailed in a specific price list by the Ministry of Justice: ranging from 15 Euros for wiretaps and internet communication flow, to 110 Euros for “assistance and feasibility studies.”
At the time of publication, the Italian State Police did not respond to multiple requests for comment on the technology subject to their tender, nor they had replied to questions on the use of this spyware. Questions to two Italian Public Prosecutorʼs Offices went unanswered as well.
The police agent agreed that eSurv’s spyware lacked the right scope and safeguards to ensure it wouldn’t hit people who were not being under investigation.
“You can’t do something indiscriminate,” the police agent told Motherboard. “Putting something on the Play Store thinking you’re going to infect an undetermined number of people, and do trawling is something absolutely illegal.”
The source close to eSurv confirmed that, at times, the apps ended up on the wrong phones, as “oblivious people,” the source said, “unknowingly downloaded the app and infected themselves.”
Instead of doing anything to stop that, however, the company used the victims as “guinea pigs.”
Listen to CYBER, Motherboard’s new weekly podcast about hacking and cybersecurity.
HackerNewsBot debug: Calculated post rank: 81 - Loop: 458 - Rank min: 80 - Author rank: 49
After its acquisition of BitTorrent, TRON has recently stepped up its game again, acquiring the very first global blockchain app store: CoinPlay.
#Kryptowährung #cryptocurency #TRX #TRON #Coinplay #DAPPS #apps
If you’re like me, you might be feeling spoilt for choice at the moment with fantastic range of new and established podcasts out there to listen to. We’ve just announced a second run of That Peter…
Article word count: 489
HN Discussion: https://news.ycombinator.com/item?id=19511026
Posted by open-source-ux (karma: 3349)
Post stats: Points: 123 - Comments: 54 - 2019-03-28T11:12:24Z
#HackerNews #apps #bbc #podcasts #third-party
If you’re like me, you might be feeling spoilt for choice at the moment with fantastic range of new and established podcasts out there to listen to.
We’ve just announced a second run of That Peter Crouch podcast - with a lots more coming soon.
You might have also seen that our podcasts are no longer available on certain Google products - including the Google Podcast app and Google assistant. I want to explain a little bit about why that has happened.
Last year, Google launched its own podcast app for Android users - they’ve also said they will launch a browser version for computers soon. Google has since begun to direct people who search for a BBC podcast into its own podcast service, rather than BBC Sounds or other third party services, which reduces people’s choice - an approach that the BBC is not comfortable with and has consistently expressed strong concerns about. We asked them to exclude the BBC from this specific feature but they have refused.
As a public service, we want our content and services to be available to as many people as possible and we make these available for free on a range of third-party apps. But as the BBC, funded by the licence fee payers in the UK, we have to ensure it is done in a way that is good for all audiences, according to our Distribution Policy - which has been agreed with Ofcom.
What we think is important is pretty simple. We want people to have easy access to the wide range of BBC programmes, not just a select few, and be able to discover and listen to new ones really easily.
In the UK we have a creative and flourishing radio and podcast industry and the BBC plays a significant part in this, which we’re really proud of. So we want to make sure podcasts made in, and championing the UK, are prominent on global platforms. We also want to make our programmes and services as good as they can possibly be - this means us getting hold of meaningful audience data. This helps us do a number of things; make more types of programmes we know people like, make our services even more personalised and relevant to people using them, and equally importantly, identify gaps in our commissioning to ensure we’re making something for all audiences.
Unfortunately, given the way the Google podcast service operates, we can’t do any of the above.
We don’t like removing our content from services and certainly don’t do it lightly - but unfortunately until Google changes the way they look at this, for the good of listeners, our podcasts will not be available on some of their services. We are in discussions with Google to try and resolve the situation and will continue to work with them to try and come to a solution that’s in the best interests of all listeners.
HackerNewsBot debug: Calculated post rank: 100 - Loop: 77 - Rank min: 100 - Author rank: 49
Esta guía presenta un enfoque estructurado para diseñar aplicaciones de Azure que sean escalables, resistentes y con una alta disponibilidad.
Si tampoco deseas usar Azure, al menos puede que la información si te parezca útil 😀
#Apliaciones #Apps #Application