Connect with us

Tech News

Private chat on WhatsApp for Android may not have been so private

(Tech News) WhatsApp on Android is said to have a workaround for hackers and developers that allows private chat logs to be extracted.

Published

on

whatsapp

whatsapp

Forget TINSTAFL, remember TINSTAP

Messenger app, WhatsApp has recently been acquired by Facebook for $19B, and today they unveil a gorgeous redesign. It’s been a great year for the team.

But now, a dark cloud is hovering over the company, as security consultant, Bas Bosschert uncovered a way for Android developers and hackers alike to easily access WhatsApp chat logs.

bar
The circumstances involve SD storage of the chat program’s backup database, and Bosschert walks through how developers who need access to large storage on any device would be able to see the database once given permission through an app, and hackers can use the same channel to simply access the database via malware.

Bosschert had a conversation with his brother on the topic and discovered the workaround based on the possibility of uploading and reading the chat logs from another Android application. He details the process of using a PHP script, an Android application asking for phone access, a web server and some XML file edits to be able to pull down the data from an Android device.

Then, he says that with a key readily available on the Internet, the downloaded database is pulled over to Excel, where the data is then decrypted with a Python script revealing user chat history from the backup database WhatsApp writes to memory.

WhatsApp reacts

WhatsApp has responded by improving their database encryption and offloading it from a hard-cded key for all devices, implementing use of “the account name to create a device (account) unique encryption key,” according to Bosschert.

Bosschert has outlined a way that even with the new encryption, a few extra steps taken leads to the data still vulnerable to extraction.

A spokesman for WhatsApp tells TechCrunch that Bosschert’s claims “have not painted an accurate picture and are overstated.”

Why Android and not iOS?

What cannot be debated is the fact that Android offloads larger files onto expandable memory, and while most conditions would require malware to be loaded specifically seeking to compromise a device to access the logs, but given current privacy and security concerns over data, this information could still be accessed by legitimate developers unbeknownst to users after given access to at least the SD card.

Apple’s iOS does not have this problem, since the operating system sets up each application within their own sandbox, generally not allowing apps to access data outside of it.

Marti Trewe reports on business and technology news, chasing his passion for helping entrepreneurs and small businesses to stay well informed in the fast paced 140-character world. Marti rarely sleeps and thrives on reader news tips, especially about startups and big moves in leadership.

Tech News

Jenzy helps perfectly measure your kids’ feet

(TECH NEWS) Jenzy is a mobile app currently in beta that helps you perfectly measure your kids feet and buy shoes without having to leave your home.

Published

on

jenzy

Parents rejoice, there’s now a mobile app that sizes your child’s feet to determine their correct shoe size. No more carpet charts that every kid has put their dirty little socked foot on, or those weird metal sizing instruments.

With Jenzy, you just take a picture of your child’s foot, and the app calculates the measurements. It then generates personalized size and style recommendations, which you can order directly from the app.

Jenzy partners with podiatrist recommended brands designed for active kids, including pediped, Robeez, and Morgan & Milo. However, you don’t have to purchase their suggestions to receive the sizing info.

Incorrectly sized shoes are a literal pain for everyone, but this especially affects children, who don’t have purchasing power.

Additionally, shoes that don’t fit can have long-term effects on children’s growth and development, and lead to foot problems in the future. Properly fitted shoes are necessary for healthy foot development.

Wearing incorrectly sized shoes is just part of the problem. If shoes aren’t suited for every day use, children’s feet and overall growth can also suffer.

Flip flops, ballet pumps, and shoes with raised heels are not recommended by podiatrists for frequent use, as they can cause discomfort, or even musculoskeletal issues.

According to Dr. Stewart Morrison, a University of Brighton podiatrist, “children’s feet are still growing and are more susceptible to damage than adult feet, so it’s really vital to ensure they are wearing shoes which fit them well – in width as well as length – and that are suitable for age, as well as the task they are wearing them for.”

As online shopping has taken over, fewer parents are getting their children’s feet sized by in-store experts. Of course, there’s also a cost-barrier, as many stores that offer shoe-sizing are often more expensive.

Jenzy hopes to bridge that gap, providing parents both proper shoe sizes and affordable products designed to last.

Right now the app is set to launch in December, but if you don’t want to wait, apply to take part in the beta test on Jenzy’s site.

Continue Reading

Tech News

Time is money and Clockify helps you make the most

(TECH NEWS) Tracking your time worked as a freelancer can easily be lost in the shuffle. A new tool has been designed to make this important aspect easier.

Published

on

clockify

After years of searching for a method that works for me in terms of organization and productivity, the answer seemed to be simple: a calendar I can write on and Post-It notes. This method is a little old school, but seems to get the job done for my organizational needs.

However, there are some things that slip through the cracks with this method, but it’s more user error than it is the actual practice. One thing I struggle with is keeping track of my freelance hours this way.

I have a tendency to guesstimate how much time I worked throughout the day and know that I wind up underdocumenting my hours. I would hate to know how much money I’ve missed out on keeping (sometimes inaccurate) handwritten notes.

But, like many other small scale issues, there is a simple solution. And that is found in the form of time trackers.

One of the newest members to join the online time tracker team is Clockify, who operates under the idea of “your time, your rules.” It is a free time tracking tool designed for agencies and freelancers.

Clockify allows users to manage as many team members, projects, and workspaces that you need in an effort to help your business run smoothly. This allows for a complete overview of team productivity.

The tool offers a way to enter time manually as well as clock time automatically. This way you can keep tabs on what you’re working on and assign and label time logs to the appropriate clients.

With this time tracking, you are able to generate weekly, monthly, and annual reports at any given time. These reports can be saved, exported, and shared with clients to give them more information about your work process.

The real-time tracking helps to improve business efficiency and gives more insight into what each team member is spending their time on. Having this information available can give visual representation of how to improve in the future.

Clockify currently exists in desktop format with iOS and Android apps coming soon.

Continue Reading

Tech News

Russia vetoed cryptocurrency and came back with CryptoRuble

(TECH NEWS) Russia put a hard pass on other cryptocurrencies in their country so that they could hop in the crypto-game with their own CryptoRuble.

Published

on

cryptoruble russia

Just days after The American Genius reported that the Russian Central Bank would attempt to block access to cryptocurrency trading cites, the Coin Telegraph has reported that the Russian government will issue its very own cryptocurrency, the CryptoRuble.

The report cited local Russian papers, who quoted the minister of communications, Nikolay Nikiforov.

Earlier this week, head of the Central Bank, Sergei Shvetsov, said that he would work with the Prosecutor General’s Office to ban Russian citizens from accessing cryptocurrencies like Bitcoin, calling such currencies a “negative phenomena for our markets” and a “pyramid scheme.”

Now it appears that the Kremlin will create its own cryptocurrency – one it can keep an eye on — which, some might argue, defeats the entire purpose of cryptocurrency.

However, like other cryptocurrencies the CryptoRuble will be based on blockchain and will presumably help prevent online fraud.

CryptoRubles will be exchangeable with regular Rubles, although the systems of exchange have not yet been set up. Experts think that Russia is hoping to stimulate e-commerce without the need for foreign money markets, which will allow them to have more independence from the United States.

According to Nikiforov, the Russian government is setting up its own cryptocurrency under the assumption that if they don’t, other European governments will.

Said NIkiforov, “I confidently declare that we run CryptoRuble for one simple reason: if we do not, then after two months our neighbors in the EurAsEC will.”

Traders using CryptoRubles will be asked to provide documentation of retail transactions and services rendered – or pay a 13 percent tax for undocumented transactions, leaving a wide loophole for money laundering.

Critics say that Russia is trying to facilitate, while also profiting from money laundering; that the Kremlin is stealing the market from other cryptocurrencies; and that the CryptoRuble fundamentally defies the spirit of decentralization that inspired other cryptocurrencies.

Continue Reading
Advertisement

The
American Genius
News neatly in your inbox

Join thousands of AG fans and SUBSCRIBE to get business and tech news updates, breaking stories, and MORE!

Emerging Stories