“Google has removed 7 ‘stalkerware’ apps from its Play Store - The Next Web” plus 2 more
- Google has removed 7 ‘stalkerware’ apps from its Play Store - The Next Web
- You downloaded FaceApp. Here’s what you’ve just done to your privacy. - The Washington Post
- Microsoft Word passes 1 billion installs on Play Store - Android Police
Posted: 18 Jul 2019 05:39 AM PDT
For the ongoing series, Code Word, we're exploring if — and how — technology can protect individuals against sexual assault and harassment, and how it can help and support survivors.
Google has pulled seven tracking apps from the Play Store after Avast, a cybersecurity company, found they allowed people to stalk on their employees, children, or partner.
Combined, the apps pulled from Google's Play Store had been installed approximately 130,000 times. The most installed apps were "Spy Tracker" and "SMS Tracker," which had more than 50,000 downloads each.
"These apps are highly unethical and problematic for people's privacy and shouldn't be on Google's Play Store, as they promote criminal behavior, and can be abused by employers, stalkers or abusive partners to spy on their victims," Avast said in a statement.
Last month, Citizen Labs' study called "The Predator in your Pocket" found that consumer spyware companies' blogs and search engine optimization (SEO) content revealed most companies had extensive references to partner monitoring. One company, mSpy, encoded secret HTML text which advertised spousal spying on their website as a way to make their products easily discoverable by people searching for ways to spy on their partners.
When the researchers viewed the source code for mSpy's site, they found: "Have you ever considered using SMS tracker to know who your spouse or children are texting with?" This text was originally hidden in the web browser and was only visible when reading the "page's source code."
While developers who create these apps are to blame, the responsibility also falls into the hands of Google and Apple to prevent stalkerware apps being available to install. Earlier this year, Google refused to remove Absher, a Saudi Arabian tracking app which limited women's movement in the country, from its app store as it "did not violate Google's terms of services."
Like this article and want to see more like it? We have a monthly feminist tech newsletter called "Lady Bits" — subscribe here.
Posted: 17 Jul 2019 04:34 PM PDT
When an app goes viral, how can you know whether it's all good fun — or covertly violating your privacy by, say, sending your face to the Russian government?
That's the burning question about FaceApp, a program that takes photos of people and "ages" them using artificial intelligence. Soon after it shot to the top of the Apple and Google store charts this week, privacy advocates began waving warning flags about the Russian-made app's vague legalese. Word spread quickly that the app might be a disinformation campaign or secretly downloading your entire photo album. Leaders of the Democratic party warned campaigns to delete the app 'immediately.'
I got some answers by running my own forensic analysis and talking to the CEO of the company that made the app. But the bigger lesson was how much app-makers and the stores run by Apple and Google leave us flying blind when it comes to privacy.
I raised similar questions a few weeks ago when I ran an experiment to find out what my iPhone did while I slept at night. I found apps sending my personal information to all sorts of tracking companies I'd never heard of.
Looking under the hood of FaceApp with the tools from my iPhone test, I found it sharing information about my phone with Facebook and Google AdMob, which probably help it place ads and check the performance of its ads. The most unsettling part was how much data FaceApp was sending to its own servers, after which … who knows what happens. It's not just your own face that FaceApp might gobble up — if you age friends or family members, their face gets uploaded, too.
In an email exchange, FaceApp CEO Yaroslav Goncharov tried to clarify some of that.
These five questions are basics we ought to know about any app or service that wants something as personal as our faces.
1. What data do they take?
FaceApp uploads and processes our photos in the cloud, Goncharov said, but the app will "only upload a photo selected by a user for editing." The rest of your camera roll stays on your phone. You can also use FaceApp without giving it your name or email — and 99 percent of users do just that, he said.
2. How long do they hold on my data?
The app's terms of service grant it a "perpetual" license to our photos. Goncharov said FaceApp deletes "most" of the photos from its servers after 48 hours.
3. What are they doing with my data?
Is FaceApp using our faces and the maps it makes of them for anything other than the express purpose of the app, such as running facial identification on us? "No," Goncharov said. Legally, though, the app's terms give it — and whoever might buy it or work with it in the future — the right to do whatever it wants, through an "irrevocable, nonexclusive, royalty-free, worldwide, fully-paid, transferrable sub-licensable license." (Clear as mud?)
4. Who has access to my data?
Do government authorities in Russia have access to our photos? "No," Goncharov said. FaceApp's engineers are based in Russia, so our data is not transferred there. He said the company also doesn't "sell or share any user data with any third parties" — aside, I pointed out, from what it shares with trackers from Facebook and AdMob. (Another exception: Users in Russia may have their data stored in Russia.)
5. How can I delete my data?
Just deleting the app won't get rid of the photos FaceApp may have in the cloud. Goncharov said people can put in a request to delete all data from FaceApp's servers, but the process is convoluted. "For the fastest processing, we recommend sending the requests from the FaceApp mobile app using 'Settings->Support->Report a bug' with the word 'privacy' in the subject line. We are working on the better UI [user interface] for that," he said.
Why not post this information to FaceApp's website, beyond the legalese? "We are planning to make some improvements," Goncharov said.
Same question for the app stores run by Apple and Google. Those giant companies make money from a cut of upgrades you can purchase in the app. We're literally paying them to read the privacy policies — and vet that companies such as FaceApp are telling the truth. Why not better help us understand right where we download what's really going on? Neither company replied with an on-the-record comment.
Much better to help us sort through all of this before millions of us upload our faces somewhere we might regret.
Read more tech advice and analysis from Geoffrey A. Fowler:
Posted: 12 Jul 2019 12:00 AM PDT
Even though cloud-based productivity suites like Google Docs are incredibly popular, many people (and large corporations) still operate on good ol' Microsoft Office. The Word text processor was Microsoft's first Android app to pass 500 million installs on the Play Store, and a little over a year later, it has now passed the 1 billion mark.
As with most apps that reach this many installations, the count isn't made up entirely of downloads from the Play Store. Microsoft has agreements with Samsung and other manufacturers to pre-install Word (and several other apps) on phones and tablets, so there's a good chance many of those billion installations come from devices where the app has never been opened.
Still, this is an important milestone for Microsoft, as Word has become the company's first Android app to reach that many installs. Personally, I still prefer Word XP.
|You are subscribed to email updates from "google word" - Google News. |
To stop receiving these emails, you may unsubscribe now.
|Email delivery powered by Google|
|Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States|