Connect with us

Tech News

Private chat on WhatsApp for Android may not have been so private

(Tech News) WhatsApp on Android is said to have a workaround for hackers and developers that allows private chat logs to be extracted.

Published

on

whatsapp

whatsapp

Forget TINSTAFL, remember TINSTAP

Messenger app, WhatsApp has recently been acquired by Facebook for $19B, and today they unveil a gorgeous redesign. It’s been a great year for the team.

But now, a dark cloud is hovering over the company, as security consultant, Bas Bosschert uncovered a way for Android developers and hackers alike to easily access WhatsApp chat logs.

bar
The circumstances involve SD storage of the chat program’s backup database, and Bosschert walks through how developers who need access to large storage on any device would be able to see the database once given permission through an app, and hackers can use the same channel to simply access the database via malware.

Bosschert had a conversation with his brother on the topic and discovered the workaround based on the possibility of uploading and reading the chat logs from another Android application. He details the process of using a PHP script, an Android application asking for phone access, a web server and some XML file edits to be able to pull down the data from an Android device.

Then, he says that with a key readily available on the Internet, the downloaded database is pulled over to Excel, where the data is then decrypted with a Python script revealing user chat history from the backup database WhatsApp writes to memory.

WhatsApp reacts

WhatsApp has responded by improving their database encryption and offloading it from a hard-cded key for all devices, implementing use of “the account name to create a device (account) unique encryption key,” according to Bosschert.

Bosschert has outlined a way that even with the new encryption, a few extra steps taken leads to the data still vulnerable to extraction.

A spokesman for WhatsApp tells TechCrunch that Bosschert’s claims “have not painted an accurate picture and are overstated.”

Why Android and not iOS?

What cannot be debated is the fact that Android offloads larger files onto expandable memory, and while most conditions would require malware to be loaded specifically seeking to compromise a device to access the logs, but given current privacy and security concerns over data, this information could still be accessed by legitimate developers unbeknownst to users after given access to at least the SD card.

Apple’s iOS does not have this problem, since the operating system sets up each application within their own sandbox, generally not allowing apps to access data outside of it.

Marti Trewe reports on business and technology news, chasing his passion for helping entrepreneurs and small businesses to stay well informed in the fast paced 140-character world. Marti rarely sleeps and thrives on reader news tips, especially about startups and big moves in leadership.

Tech News

Australia wants Facebook and Google to pay media royalties

Australia seeks to require Facebook and Google to pay royalties to media companies for use of news content on their platforms.

Published

on

australia facebook google

Australia is in the process of requiring tech giants, Facebook and Alphabet, to pay royalties to Australian media companies for using their content. Australian Treasurer Josh Frydenberg announced the move the day after the US Congressional antitrust hearing that put the CEOs of Facebook, Alphabet, Amazon, and Apple back in the regulatory spotlight.

In addition to the pressure from the United States investigation into market control by these companies, global leaders are calling for similar regulations. Though none have been successful, media companies in Germany, France, and Spain have pushed for legislation to force Google to pay licensing fees to use their news content. Some companies have been pushing for this for years and yet, the tech giants keep dragging out their changes, even admitting their actions are wrong.

In 2019, the Australian government instructed Facebook and Google to negotiate voluntary deals with Australian media to use their content. The Australian government says the companies failed to follow through on the directive, and therefore will be forced to intervene. They have 45 days to reach an agreement in arbitration, after which the Australian Communications and Media Authority will create legally binding terms for the companies on behalf of the Australian government.

Google claims the web traffic that it drives to media websites should be compensation enough for the content. A Google representative in Australia asserts that the government regulations would constitute interference into market competition – which would be the point, Google!

According to a 2019 study, an estimated 3,000 journalism jobs have been lost in the last decade. The previous generation of media companies has paid substantial advertising fees to Google and Facebook while receiving nothing in return for the use of its news content. Frydenberg asserts the regulatory measures are necessary to protect consumers and ensure a “sustainable media landscape” in the country.

Continue Reading

Tech News

Onboarding for customers and employees made easy

(TECH NEWS) Cohere enables live, virtual onboarding at bargain prices to help you better support and guide your users.

Published

on

onboarding made easy

Web development and site design may be straightforward, but that doesn’t mean your customers won’t get turned around when reviewing your products. Onboarding visitors is the simplest solution, but is it the easiest?

According to Cohere–a live, remote onboarding tool–the answer is a resounding yes.

Cohere claims to be able to integrate with your website using “just 2 lines of code”; after completing this integration, you can communicate with, guide, and show your product to any site visitor upon request. You’ll also be able to see what customers are doing in real time rather than relying on metrics, making it easy to catch and convert customers who are on the fence, due to uncertainty or confusion.

There isn’t a screen-share option in Cohere’s package, but what they do include is a “multiplayer” option in which your cursor will appear on a customer’s screen, thus enabling you to guide them to the correct options; you can also scroll and type for your customer, all the while talking them through the process as needed. It’s the kind of onboarding that, in a normal world, would have to take place face-to-face–completely tailored for virtual so you don’t have to.

You can even use Cohere to stage an actual demo for customers, which accomplishes two things: the ability to pare down your own demo page in favor of live options, and minimizing confusion (and, by extension, faster sales) on the behalf of the customer. It’s a win-win situation that streamlines your website efficiency while potentially increasing your sales.

Naturally, the applications for Cohere are endless. Using this tool for eCommerce or tech support is an obvious choice, but as virtual job interviews and onboarding become more and more prevalent, one could anticipate Cohere becoming the industry example for remote inservice and walkthroughs.

Hands-on help beats written instructions any day, so if companies are able to allocate the HR resources to moderate common Cohere usage, it could be a huge win for those businesses.

For those two lines of code (and a bit more), you’ll pay anywhere from $39 to $129 for the listed packages. Custom pricing is available for larger businesses, so you may have some wiggle room if you’re willing to take a shot at implementing Cohere business-wide.

Continue Reading

Tech News

Smart clothing could be used to track COVID-19

(TECH NEWS) In order to track and limit the spread of COVID-19 smart clothing may be the solution we need to flatten the curve–but at what cost?

Published

on

COVID tracking clothing

When most people hear the phrase “smart clothing”, they probably envision wearables like AR glasses or fitness trackers, but certainly not specially designed fabrics to indicate different variables about the people wearing them–including, potentially, whether or not someone has contracted COVID-19.

According to Politico, that’s exactly what clinical researchers are attempting to create.

The process started with Apple and Fitbit using their respective wearables to attempt to detect COVID-19 symptoms in wearers. This wouldn’t be the first time a tech company got involved with public health in this context; earlier this year, for example, Apple announced a new Watch feature that would call 911 if it detected an abnormal fall. The NBA also attempted to detect outbreaks in players by providing them with Oura Rings–another smart wearable.

While these attempts have yet to achieve widespread success, optimism toward smart clothing–especially things like undershirts–and its ability to report adequately someone’s symptoms, remains high.

The smart clothing industry has existed in the context of monitoring health for quite some time. The aforementioned tech giants have made no secret of integrating health- and wellness-centric features into their devices, and companies like Nanowear have even gone so far as to create undergarments that track things like the wearer’s heart rate.

It’s only fitting that these companies would transition to COVID assessment, containment, and prevention in the shadow of the pandemic, though they aren’t the only ones doing so. Indeed, innovators from all corners of the United States are set to participate in a “rapid testing solutions” competition–the end goal being a cheap, fast, easy-to-use wearable option to help flatten the curve. The “cheap” aspect is perhaps the most difficult; as Politico says, the majority of people have a general understanding of how to use wearable technology.

Perhaps more importantly, the potential for HIPPA violations via data access is high–and, during a period of time in which people are more suspicious of technology companies than ever, vis-a-vis data sharing, privacy could be a significant barrier to the creation, distribution, and use of otherwise crucial smart clothing.

There is no denying that the Coronavirus pandemic has accelerated, among other things, technological advancement in ways unseen by many of us alive today. Only time will tell if smart clothing–life-saving potential and all–becomes part of that trend.

Continue Reading
Advertisement

Our Great Partners

The
American Genius
news neatly in your inbox

Subscribe to our mailing list for news sent straight to your email inbox.

Emerging Stories

Get The American Genius
neatly in your inbox

Subscribe to get business and tech updates, breaking stories, and more!