Connect with us

Tech News

Spyware was found in 100+ phone apps, did you download one?

(TECH NEWS) An android security company recently discovered that a plethora of apps were infected with a spyware, did you download one of them?

Published

on

android spy

App shaped trojan horse

Downloading news apps is potentially one of the more fun parts of owning a smartphone.

bar
Bad news for Android users. Spyware has infected over 1,000 apps, three of which were available in the Google Play store.

Womp womp

Apparently Android devices are easy to hack. Since the Google system is more open and adaptable than iOS, cyberattackers have taken advantage of it. Lookout Security, a mobile security firm based in San Francisco, recently caught SonicSpy hiding among popular messaging apps.

SonicSpy is malware that is believed to have come from Iraq, and designed by the same hackers that made SpyNote.

SonicSpy is dangerous. It has a range of capabilities that give hackers control over devices without ever being noticed. Once a user downloads an app infected with SonicSpy, it automatically deletes its icon from the menu to go on undetected. Once installed, hackers can then take photos, send text messages, make and record phone calls and spy on wifi access points, among other things.

Sonic the spy

Three apps in the Google Play store, which have been downloaded by thousands of users, were infected with SonicSpy. All three were messaging apps: Soniac, Hulk Messenger and Troy Chat. In addition, thousands of apps available through third parties were also found to be infected.

Soniac, Hulk Messenger and Troy Chat are no longer available through Google Play but it is unknown if this is the result of Google deleting the apps, or SonicSpy removing them to avoid further detection.

Spyware such as SpyNote and SonicSpy target messaging apps to obtain sensitive information.

Many of these apps are used through enterprises to communicate while overseas. Therefore, the information that is available pertains to client and business meetings, conferences and other private talks among employees.

They also gain access to unlimited information from anyone using the app, whether the information pertains to important matters or not.

Proceed with caution

Though the infected apps are now removed from Google, various types of malware, still including SonicSpy, is alive among apps offered through third parties.

It took over five months for anyone to find out that SonicSpy had infected the apps offered through Google Play, so it is best to be cautious of apps you download, and also where they come from.

#Spy

Natalie is a Staff Writer at The American Genius and co-founded an Austin creative magazine called Almost Real Things. When she is not writing, she spends her time making art, teaching painting classes and confusing people. In addition to pursuing a writing career, Natalie plans on getting her MFA to become a Professor of Fine Art.

Tech News

Study finds 1,000 phrases that accidentally activate smart speakers

(TECH GADGETS) Don’t worry about accidentally activating your nosy smart speakers… unless, of course, you utter one of these 1,000 innocuous phrases.

Published

on

smart speakers

It’s safe to say that privacy concerns, especially in today’s digital era, are unquestionably valid. With new video recording technology making it easier to identify people at a glance (whether they like it or not) and concerns that your smart speakers are eavesdropping on you, it may feel like you’re bordering on slightly paranoid around modern technology.

After all, even though there have been cases of smart speakers picking up on intimate conversations, there’s absolutely no risk of them overhearing private things without your consent, right? Even though it’s been documented that these devices — including Cortana, Alexa, Siri, and Google Home — have listened in relationship spats, criminal activity, and even HIPAA-protected data, you’re totally in the clear.

Oh yeah. The thing is, everything that gets broadcast into your smart speaker? There’s a completely random chance that someone back at headquarters may decide to sift through it in order to improve AI learning.

And while most of the time these conversations are totally benign, it doesn’t change the fact that a complete stranger is getting an earful of your private life. In fact, these transmissions? Are actually completely admissible in court, as several murder cases have already demonstrated. Their key evidence was none other than poor Alexa herself.

But wait, wait. These smart speakers can only get your information if you activate them, and that requires you to clearly enunciate their names. Right? Um. Not exactly. Even though you may think that you need to speak crisply into the speaker to activate it, it turns out that these devices are highly sensitive to any suggestion that you might be talking to them. It’s almost like your dog when you even remotely glance at his bag of doggie treats in the corner: one crinkle and Fido comes running, begging for some kibble and ready to serve you.

It’s the same for your smart speakers. As it turns out, there are over a thousand words or phrases that can trigger your device and invite it to start recording your voice. These can range from the perfectly reasonable (Cortana hearing “Montana” and springing to attention) to the downright absurd (Alexa raising her hackles over the words “election” and “unacceptable”). Well, crap. Now what?

It’s no secret that someone is listening in on your conversations. That’s been clearly documented, researched, dissected, and even accepted at this point. However, if you thought that they’d only listen to it if you gave them implicit permission by activating your device (which, to be fair, should not even count as permission in the first place), you were wrong.

So what’s a privacy-loving person to do? Just suck it up and try to choose between the lesser of two evils? On one hand, yes, these smart speakers are super convenient and can make your life easier. On the other?

Well, if you’re a fan of your privacy, then perhaps these devices aren’t meant for you. At this point, you’ve got little recourse. These companies will continue to use your data, and there’s nothing stopping them from spying on you. That is, unless you prevent them from doing it in the first place.

If you want to keep your private conversations private, either unplug your smart speaker when you’re not using it, or don’t get one in the first place. Otherwise, you’ll continue to give your implied consent that you’re totes cool with them butting in on your personal life, and they’ll continue to be equally totes cool with using it without your permission.

Continue Reading

Tech News

HEY needs to fix its issues to be the Gmail killer it claims to be

(TECH NEWS) You would hope that HEY, the paid email service, would launch without issues but it has a few. Let’s hope some of that money goes to fixing them.

Published

on

Hey email

Last week, we covered HEY–a new email service that seemingly has a lot to offer–and while we largely praised the service despite it being a paid client awash in a sea of free email options, not everyone is fully on board with HEY’s inimitable charm–at least, not yet.

Adam Silver, an interaction designer focused on user experience, had some criticisms of HEY–many of which he identified as “pretty surprising oversights.” Though Silver does mention that his overall opinion of the service is good, these oversights are the focus of his review.

“HEY isn’t very accessible,” says Silver in his notes. His assessment, while self-admittedly not a holistic view, includes issues related to JavaScript (specifically when it isn’t enabled, which is something more and more companies are requiring) and lack of reasonable keyboard shortcuts for anyone using a screen reader. As Silver points out, these are fairly simple–and, thus, surprising–problems that probably should have been caught from the onset.

“All of these things are really easy to fix,” amends Silver.

Another issue Silver highlights is the inbox (imbox?) sorting. As we mentioned previously, there are three locations for email: the imbox, the feed, and the paper trail, each of which serves a different purpose. The problem with this system is that organizing emails by only three overarching categories affords little flexibility; furthermore, Silver notes that the menu for accessing each folder leaves a lot to be desired from a design standpoint.

The feed is also the subject of Silver’s criticism in that it doesn’t function enough like a traditional inbox to the point that it is actually difficult to use. Especially given the feed’s purpose–to store newsletters and such in a free-scrolling manner–this is a hold-up for sure; coupled with the feed’s lack of notifications, you can see how this problem cripples the user experience without active attention to the ancillary feed inbox.

Lastly, Silver mentions that the name “imbox” is, well, stupid. “This is not a typo but it’s not good,” he says. “You need a really good reason not to keep things simple.”

This is actually a point that we initially glossed over in our overview, but it’s another instance of a company doing a little too much to stand out–and, in doing so, potentially disrupting the user experience. “Keeping it simple” by calling the delivery place for your email the “inbox” won’t sink your brand, and the name “imbox” is sure to, at best, annoy.

It’s important to reaffirm that HEY’s driving principle–accessible email that prioritizes your privacy and charges you a relatively nominal fee for doing so–is good, and that’s the tough part of any app’s development; should they choose to follow Silver’s lowkey advice and make a few tweaks, they’ll have a winning product.

Continue Reading

Tech News

Live captioning via AI is now available for Zoom, if a little limited

(TECH NEWS) In order to be more inclusive, and improve the share of information with your team, live captioning is a great option for your next Zoom call.

Published

on

Zoom live captioning

The ubiquitous all-father Zoom continues to prompt innovation–and in a time during which most companies are still using some form of remote communication, who can blame them? It’s only fitting that someone would come along and try to flesh out Zoom’s accessibility features at some point, which is exactly what Zoom Live Captioning sets out to accomplish.

Zoom Live Captioning is a Zoom add-on service that promises, for a flat fee, to caption up to 80 hours per month of users’ meetings via an easy-to-implement plugin. The allure is clear: a virtual communication environment that is more time-efficient, more accessible, and more flexible for a variety of usage contexts.

Unfortunately, what’s less clear is how Zoom Live Captioning proposes to achieve this goal.

The live-captioning service boasts, among other things, “limited lag” and “the most accurate [speech-to-text AI] in the world”–a service that, despite its sensational description, is still only available in English. Furthermore, anyone who has experienced auto-captioning on YouTube videos–courtesy of one of the largest technology initiatives in the world–knows that, even with crystal-clear audio, caption accuracy is questionable at best.

Try applying that level of moving-target captioning to your last Zoom call, and you’ll see what the overarching problem here is.

Even if your Zoom call has virtually no latency, everyone speaks clearly and enunciates perfectly, your entire team speaks conversational English at a proficient degree across the board, and no one ever interrupts or experiences microphone feedback, it seems reasonable to expect that captions would still be finicky. Especially if you’re deaf or hard of hearing–a selling point Zoom Live Captioning drives home–this is a problematic flaw in a good idea.

Now, it’s completely fair to postulate that any subtitles are better than no subtitles at all. If that’s the decision you’d like to make for your team, Zoom Live Captioning starts at $20 per person per month; larger teams are encouraged to contact the company to discuss more reasonable rates if they want to incorporate live captioning across an enterprise.

Nothing would be better for speech-to-text innovation than being wrong about Zoom Live Captioning’s potential for inaccuracy, but for now, it’s safe to be a little skeptical.

Continue Reading
Advertisement

Our Great Partners

The
American Genius
news neatly in your inbox

Subscribe to our mailing list for news sent straight to your email inbox.

Emerging Stories

Get The American Genius
neatly in your inbox

Subscribe to get business and tech updates, breaking stories, and more!