Connect with us

Tech News

Private chat on WhatsApp for Android may not have been so private

(Tech News) WhatsApp on Android is said to have a workaround for hackers and developers that allows private chat logs to be extracted.

Published

on

whatsapp

whatsapp

Forget TINSTAFL, remember TINSTAP

Messenger app, WhatsApp has recently been acquired by Facebook for $19B, and today they unveil a gorgeous redesign. It’s been a great year for the team.

But now, a dark cloud is hovering over the company, as security consultant, Bas Bosschert uncovered a way for Android developers and hackers alike to easily access WhatsApp chat logs.

bar
The circumstances involve SD storage of the chat program’s backup database, and Bosschert walks through how developers who need access to large storage on any device would be able to see the database once given permission through an app, and hackers can use the same channel to simply access the database via malware.

Bosschert had a conversation with his brother on the topic and discovered the workaround based on the possibility of uploading and reading the chat logs from another Android application. He details the process of using a PHP script, an Android application asking for phone access, a web server and some XML file edits to be able to pull down the data from an Android device.

Then, he says that with a key readily available on the Internet, the downloaded database is pulled over to Excel, where the data is then decrypted with a Python script revealing user chat history from the backup database WhatsApp writes to memory.

WhatsApp reacts

WhatsApp has responded by improving their database encryption and offloading it from a hard-cded key for all devices, implementing use of “the account name to create a device (account) unique encryption key,” according to Bosschert.

Bosschert has outlined a way that even with the new encryption, a few extra steps taken leads to the data still vulnerable to extraction.

A spokesman for WhatsApp tells TechCrunch that Bosschert’s claims “have not painted an accurate picture and are overstated.”

Why Android and not iOS?

What cannot be debated is the fact that Android offloads larger files onto expandable memory, and while most conditions would require malware to be loaded specifically seeking to compromise a device to access the logs, but given current privacy and security concerns over data, this information could still be accessed by legitimate developers unbeknownst to users after given access to at least the SD card.

Apple’s iOS does not have this problem, since the operating system sets up each application within their own sandbox, generally not allowing apps to access data outside of it.

Marti Trewe reports on business and technology news, chasing his passion for helping entrepreneurs and small businesses to stay well informed in the fast paced 140-character world. Marti rarely sleeps and thrives on reader news tips, especially about startups and big moves in leadership.

Tech News

Palm is a tiny phone that pairs with your giant smartphone

(TECHNOLOGY) Nokia’s new Palm mini-phone release encourages endless Honey I Shrunk the Phone jokes.

Published

on

palm baby phone

My current phone is dangerously close to being excluded from regular software updates. However, I have no real intention of purchasing a new one until crucial functions become unusable. There’s so little storage that if I want to install a new app, I have to delete one.

Yet I hold on to my increasingly historical device because I love how tiny it is compared to everything else on the market. Larger screens are no longer a novelty. It’s now the norm to have a five inch screen at a minimum.

But Palm has something different in mind. Yes, Palm as in the same people who brought you the now defunct PalmPilot. Mobility-loving users rejoice, they have risen from the ashes of the technology graveyard to bring you a new miniature innovation.

Palm released a eensy teensy credit card sized “ultra-mobile companion device” creatively called Palm. This cute little pal’s screen measures a mere 3.3 inches and weighs just over two ounces.

It easily fits in your athleisure wear, clutches, wallets, and even bike mounts. Palm is meant to help you out in times when your “big phone” is too gigantic for whatever you’re doing. Hold up, don’t we already have smartwatches for that?

Well, yes. But the tiny device boasts several features absent in smartwatches, including rear and front facing cameras, full keyboard messaging, and an expanded accessory ecosystem. The adorable companion even has facial recognition and customizable notification settings. Plus, if you’re not a watch person, Palm is a non-wearable alternative.

So that’s all neat, but is this all just a gimmick to convince you that your giant smartphone needs a baby smartphone friend? Well, that depends on your lifestyle.

If you’re frequently using your phone on-the-go or simply want a technology detox, this device may be the thing for you. It makes your phone more like a fun toy to check sometimes instead of a huge screen that sucks the life out of your waking hours.

But if you’re constantly on your phone and always prefer the bigger screen, you’ll want to stick with your current device. Or give one to your kids to use as an American Girl Doll accessory.

The device starts at $349 and pairs with your existing phone, but comes with an additional $10 charge since it has its own cellular radio. Palm syncs with Android and iOS and is currently available in the U.S. exclusively through Verizon.

Continue Reading

Tech News

Remote job search site literally copied & pasted competitor’s entire site

(TECH NEWS) What happens if someone copies and pastes your site into their own site, then charges users for it? Besides rage… ?

Published

on

Despite the fact that plagiarism has been a no-no with very serious potential consequences since middle school for most people, some folks didn’t get the memo. One group of individuals even went so far as to copy a competitor’s entire website and publish it as their own, raising the question: just how much idiocy do you have to remain alert for?

This egregious case of copy-and-paste innovation started when a new company by the name of Jobscribe went live on Product Hunt. After spending some time in the spotlight, the company’s apparent plagiarism was brought to light by Product Hunt user Robert Williams in a review left on the Jobscribe announcement page – Jobscribe had duplicated Williams’ site Folyo — right down to the site copy and testimonials — and published the content on their own domain. Then had the gall to announce their launch on Product Hunt.

You can’t make this stuff up.

It’s easy to look at what happened to Folyo as an isolated incident, but this kind of “sharing of ideas” happens to businesses on a much more frequent basis than one might assume. In an era where everything is online and innumerable new sites are published every second, it’s all too easy for a competitor to steal your hard work and publish it as their own service.

Sadly, there isn’t much you can do after the fact; besides reporting the site to their web host for plagiarism and making a visible statement on your site (and social media if applicable), you’ll simply have to wait for the “competitor” to have their version of your content taken down. Steps you can take to mitigate some of the damage before instances like this even happen include patenting your service and brand before going live, but that won’t help you if you’re already a victim of plagiarism.

If you visit the Jobscribe website, it’s gone, and you get a note from GoDaddy that the site is parked. Adios.

Not so fast – if you visit the Jobscribe page on Product Hunt now, you’ll find that the page redirects to something called Worklead, a service which offers a functionality similar — though this time, not identical — to Folyo’s original purpose. Additionally, users have complained that the “free” service costs $5 (not a large sum, but indicative of the continued shady tactics the company employs).

Unfortunately, while the site’s copy has clearly been changed (arguably for the worse), the damage is done with little in the way of recourse for Folyo’s creator, and there’s no reason to believe that Worklead’s services will offer clients anything other than a lighter wallet.

Continue Reading

Tech News

Facebook Ads Manager unreliability keeps dumpster fire rep alive

(SOCIAL MEDIA) The Facebook Ads Manager isn’t exactly reliable, refunds aren’t offered, and social media practitioners hate the (still) necessary evil.

Published

on

facebook ads manager

If there is one thing upon which we can rely when it comes to Facebook, it’s disappointing us. Sure, it is clear that the platform has done amazing things to connect people from all over the world. It allows the sharing of passions, photos, ideas, lifestyles, and pointlessly hilarious memes. But we have all glimpsed the dark underbelly of the social media giant.

Facebook regularly shows us the ugliest side of ourselves. This is a topic that is covered ALL. THE. TIME. How many of us have expressed our regret that Auntie posted insensitive views with the same pride she shares her great-grandchild’s first touchdown in the junior divisional beauty pageant and peewee football game?

But the content created by users is not Facebook’s latest letdown.

Ad buyers are regularly unable to see the analytics of their campaigns. For example, on October 29th, a number of digital media professionals found the Facebook Ads Manager to be unresponsive for hours. This lapse in availability is devastating to those who purchase ad space. This was aggravated by the fact that many campaigns were time sensitive, as they focused on the midterm elections.

Further, online advertisers rely on instant feedback and data to inform their next decisions. Many have expressed that the October 29th outage is a fairly regular occurrence with Facebook and continues to make their jobs nightmares.

Additionally, refunds were not offered for the time advertisers had purchased and not been able to use.

This recent occurrence appears to be the longest shutdown of FB Ads Manager, contributing to the dumpster fire of a reputation Facebook ads have cultivated.

We continue to ask – how can such a wealthy and dominating platform not get this issue into check? Or is it part of a broader design to lower expectations and soak up money like an adult child living in their parent’s basement, with no end in sight?

Facebook continues to decline commenting on their unreliability. Perhaps they know that all the Baby Boomers and Gen Xers will continue to use, share, swoon, and offend regardless of internal issues, and that advertisers will not (for some time) be able to subsist without reaching these groups.

For now, it seems Facebook is still in the driver’s seat. Whether or not they know how to drive this dumpster on wheels is another matter.

Continue Reading
Advertisement

Our Great Parnters

The
American Genius
news neatly in your inbox

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Emerging Stories