At a glance.
- US Department of Homeland Security using commercial geolocation database to track immigration violations.
- Google purges spyware and fleeceware from Play.
- Removing nonconsensual videos proves harder than the terms-of-service suggest.
US Department of Homeland Security using commercial database for immigration enforcement.
The Department's Immigration and Customs Enforcement (ICE) and Customs and Border Protection (CBP) agencies both use licenses from Virginia-based Venntel Inc., the Wall Street Journal reports, to access its mobile phone geolocation data. ICE is said to use the data to identify potential immigration law violators. CBP looks for signs of mobile device activity in remote locations, like deserts near possible border crossing points.
Pushy apps want too many permissions.
VPNPro, Trend Micro, and Cofense have reported a number of apps in Google Play that ask for suspiciously expansive privileges. Such privileges include access to a user's camera or to the phone itself (and the latter would enable the app to make calls from the device it was installed on). Many of the apps ask to be given the device's geolocation, and some seek the ability to read data kept on external storage. Others wish to collect and report information about the device and its networks. Some ask for access to contact lists, and one even requests permission to record audio to its own servers. It’s difficult to come up with legitimate reasons why an app might want to do these things, but they certainly look like the sorts of things spyware and fleeceware would wish to accomplish. Naked Security reports that Google has yanked Shenzhen HAWK’s twenty-four suspect apps from the store.
Those identified by Trend Micro are interesting in that they post their own positive reviews in the Play store, the better to attract downloads. Claiming to boost device performance, the apps’s sockpuppets tell potential users that they work just great. The effect is vitiated by their use of the same text: “Great, works fast and good,” accompanied by a standard four-star rating. A bit of variation would have lent some corroborative detail that might have not only given artistic verisimilitude to an otherwise bald and unconvincing narrative, but would have been more persuasive, too.
VPNPro connects the bad apps it found to Shenzhen HAWK Internet Co., a Chinese firm that is itself a subsidiary of TCL Corporation, a large and partially state-owned electronics company, told Forbes through its corporate parent that the whole thing is a misunderstanding. TCL said it “takes its customers’ privacy seriously,” and went on to explain: “we understand the actions Google has taken here in removing our applications from the Play Store and we’re actively working with them to better understand their concerns. We are also engaging an outside security partner to assist our teams in auditing each of our applications, and setup ongoing auditing and monitoring, to ensure we are can offer the peace of mind and trust our customers expect from us.” Well OK, then.
Nonconsensual videos prove difficult to remove.
An investigation by Motherboard concludes that it's difficult to the point of near impossibility for deluded or nonconsensual participants in Girls Do Porn videos to get the humiliating content removed. PornHub, the principal commercial purveyor of such videos, says it has mechanisms in place that enable the shamed participants to get the videos removed, and it expresses the customary pieties about its strong opposition to nonconsensual content. But Motherboard found that in practice it's not only difficult to do, but that the process puts a heavy burden on the victim, and that in any case the technology that enables the videos to be removed, fingerprinting, is easily circumvented. The case is particularly vexing in that the proprietor of Girls Do Porn, one Michael Pratt, is currently a fugitive, wanted on US Federal sex trafficking charges.