Connect with us

Technology

Touch MacBook Pro Video Shows What A Real Apple Concept Might Look Like

Published

on

MacBook Pro Touch

You probably wish you were hearing that the next MacBook Pro Touch was coming to stores near you. A new video is getting quite a bit of attention and getting some viral traction that features a MacBook Touch being demoed in an Apple-like commercial. Is it real?

No, not at all. This is a concept video by an Apple fan that has turned what looks to be a MacBook Pro into an iPad like touch interface that has a workable hinge on the MacBook. The video shows a screen folding completely back in on itself placing the keyboard on the underside of the faux MacBook Pro touch device.

Is the concept itself new? Many people seeing the video are mentioning that it’s basically the same as the Lenovo Yoga. The Lenovo Yoga was announced at CES 2012 in Las Vegas and was the hit among tablet lovers that wanted a hybrid laptop version.

Either way, Oliver Terrisse has done a great job at creating a concept Apple advertisement that features what a MacBook Pro could look like with a touch interface. The most liked comments on the video reveal the fondness of the Lenovo Yoga so it still seems like Apple would need to do some significant redesign to gain it’s own identity.

Two of the top comments say:

“This is a lenovo Yoga baby. Windows 8 convertibles/hybrids will will poop on this.”

“I preferred it when it was called the Lenovo Yoga. 😉
If that is your own render though, then it is very professional, so well done.”

MacBook Touch Screen

You can watch the video below of the new but completely fake MacBook Touch:

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

Seven Android Stalkerware Removed From Google Play Store

The apps allowed users to stalk employees, family members, and kids.

Published

on

Photo by Rami Al-zayat on Unsplash

Seven apps which are suspected stalkerwares are pulled out of Google Play Store after security researchers flagged the said applications for allowing users to stalk their family members, kids, employees, and even their love interests.

On Tuesday, security researchers from Avast reported to Google the existence of four stalkerware, which were later removed by the tech giant from its app marketplace for Android OS. According to Avast, their team was also able to detect three more on Wednesday, which all were reported and removed immediately.

Collectively, the seven apps have been downloaded from the Google Play Store more than 130,000 times, with the most popular apps, Spy Tracker, and SMS Tracker having more than 50,000 downloads each. Nikolaos Chrysaidos, Avast’s head of mobile threat intelligence and security, identified the apps using Avast’s mobile threat detection platform apklab.io.

According to the researchers, the app doesn’t work without a snoop or a person who will physically do some things. “The apps require the snoop to have access to the phone they want to spy on,” they said. The snoop will have to physically and (to stalk, sneakily) get hold of the target’s phone and download the apps from the Google Play Store and install them on the target device. The apps would then prompt to have the snoop input his email address and password to the app so the spyware collected data will be sent there.

“The apps also help the snoop to hide the surveillance by providing directions to uninstall anything noticeable to the phone’s owner. Upon setup there is no app icon, so the targeted person does not see any sign of the stalkerware app installed on their phone,” Avast said in a blog post.

The apps were able to collect information like a person’s location, collect their contacts, SMS, and call history. The published names of the stalker apps are:

  • Track Employees Check Work Phone Online Spy Free
  • Spy Kids Tracker
  • Phone Cell Tracker
  • Mobile Tracking
  • Spy Tracker
  • SMS Tracker
  • Employee Work Spy
Photo: Avast Security

“These apps are highly unethical and problematic for people’s privacy and shouldn’t be on the Google Play Store,” Chrysaidos said. “They promote criminal behavior and can be abused by employers, stalkers, or abusive partners to spy on their victims. We classify such apps as stalkerware, and using apklab.io, we can identify such apps quickly, and collaborate with Google to get them removed,” said Nikolaos Chrysaidos.

One of the apps, named SMS Tracker, markets itself as an app that would help employers track their employees. It said that it allows employers to monitor how long an employee spends on their phones and messaging apps.

“Our app will help you monitor the work time of your employees to save time and save money. Notify the users of work phones that you are going to install the app. It will teach your employees to use their time at work wisely, to reduce time spent on messengers and arrive to work in time,” reads the app’s description.

Spy Tracker, on the other hand, promises parents the ability to know more about their children and their activities. According to the app description in Google Play, the app aims to protect children from “dangers” of using a cellphone.

“Find out more about your child’s life, interests, friends, and plans. Parents are responsible for every step that their kids make. So this app is created to monitor them and protect them from dangers that can be revealed via cell phone. It is better to talk to children, but if you are not a good listener…”

Meanwhile, another app called Employee Work Spy allegedly helps employers keep their employees loyal to the company because “finding a skilled employee is only half a task. The biggest challenge is to keep him faithful to the company and its mission.”

This is not the first time Google Play Store has pulled out malicious apps off its marketplace. In the past months, Six Android apps that were downloaded more than 90 million times were found to have been loaded with the PreAMo malware. Another recent threat saw 50 malware-laced apps on the Google Play Store, infecting over 30 million Android devices. While all of these apps have already been removed from the Play Store, the danger of having apps with malware in the platform remains to be a cause of trouble for all Android users.

Continue Reading

Technology

‘Number Finder’ App Scam Flagged By Researcher

Check the reviews before you subscribe!

Published

on

Photo by Gilles Lambert on Unsplash

A new scam has been discovered by mobile security researchers to have been masquerading as an Android app that promises to find out owners of phone numbers.

The scam was flagged by cybersecurity researchers from Avast led by Nikolaos Chrysaidos. In his twitter account, Chrysaidos detailed that an app by the name of Number Finder, is advertising a free trial for its services that could track the owner of a specific phone number, instead of doing that, as the researcher has said, it is a scam.

“Number Finder application & a subscription scam on “6th Top Grossing” in @GooglePlay. Free 3 days trial and 16$/month after. One (1+) million installations (!),” Chrysiados said on Twitter. “Subscription scams have been trending for a while now in both app stores – Google and Apple,” he added. “Users should be careful using apps that require a subscription to use the basic functionality.” He said consumers should also be skeptical of apps with high monthly subscription rates.

Understandably, people would want to know the identities of unknown callers and Number Finder, published by developer POZTechnology, knows that the market demands for it. It has been downloaded more than one million times, while the collective downloads of applications posted by the developer are more than 11 million.

The app promises users that they can discover the identity of an unknown caller for a fee. As part of its “marketing strategy,” the app is offering a free 3-day trial after which the service will be billed for $16 per month.

This is where the scam takes place. “Using sneaky techniques to push the user to try the “free trial.” Put a random number, and always there will be “1 person linked to this number,” the researcher wrote on Twitter.

As part of its MO, the app offers two options for users: either they pay for the service monthly, or they search for a number’s owner which they promise always to be able to track one identity per number. But the identity of whoever owns the number will only be revealed if the user decides to subscribe to the service.

“If the user enters a number to test this, whether valid or fake, Number Finder displays the same message claiming one person is linked to that number. This appears to be a dishonest attempt to convince the user to subscribe to the service to find out whose number it is,” wrote Avast in a blog post.

To test the hypothesis of Chrysiados, Avast tried to key in numbers that they are sure to be not active and they discovered that Number Finder would nonetheless display that there is one identity linked to the bogus test numbers.

Photo: Avast Security

“This number is identified by one people. Get a free-started subscription to see all results unlimitedly,” reads the prompt in the app.

Numerous reviews in the Google Play Store have revealed that the people have been experiencing failure of service right after they subscribed.

One review said that she only subscribed to the app’s service to do a review and found out that “this app is trashy as hell and a scummy marketing gimmick.” Another user reported that the app prompted the same message saying that one person is matched with the number, but it turns out that no one is matched after subscribing to the feature.

Reviewers also reported that after installing the app and subscribing to its free trial, for some reasons, their WhatsApp history and contacts were wiped up. It is still unclear if the app causes the incident, or it is a different issue.

Furthermore, claims of charging people for subscribing to a supposedly “free trial” were also made. Devyani Mishra left a review saying that: “When I subscribed, immediately 990 rupees has been charged, don’t know why… as per their policy, they didn’t charge any amount in 3 days in the trial period.”

Other reviews have called the app a “money-making platform” and “absolute garbage.”

Avast has escalated the issue to Google’s anti-malware team and warned users to be vigilant in subscription services that they subscribed to.

“To avoid falling victim to scams such as this, Avast recommends that users always check the reviews and ratings of applications on both Google Play and Apple’s App Store before downloading them,” they wrote.

Continue Reading

Technology

Kazakhstan Forces Citizens To Install Government-Issued Certificate To Access HTTPS Traffic

Kazakhstan started intercepting HTTPS traffic to force citizens to install government-issued certificates to regain access to “allowed” websites.

Published

on

Photo by Ilya Pavlov on Unsplash

Another day, another government attempts to control the internet after Kazakhstan has started forcefully requiring its citizens to obtain government-issued certificates after they’ve begun intercepting HTTPs traffic.

The Kazakhstan government has issued an advisory to the country’s internet service providers (ISPs), ordering it to make it mandatory for their users to install government-issued root certificates before allowing them to gain access to the internet.

Law of the Republic of Kazakhstan on Communications, Article 26 and Clause 11 of the Rules for Issuing and Applying a Security Certificate, all ISPs are required to monitor the encrypted Internet traffic of their customers using government-issued security certificates. The latest advisory sent to the country’s telecommunication providers is under the most recent amendment on the said legislation which would make it mandatory for users to install government-issued security certificates.

How exactly does the decryption work?

The Hacker News explained it by saying that “for those unaware, your device and web browsers automatically trust digital certificates issued by only a specific list of Certificate Authorities (CA) who have their root certificates installed on your system.”

By compelling internet users to install government-issued certificates, the ISPs can generate valid digital certificates for any domain they want to intercept through a user’s HTTPS traffic. By this policy, users will no longer be able to access HTTPS traffic that is not “allowed” by the government.

Internet Service Providers have started informing their customers regarding installing government-issued certificates in their devices and browsers since April this year so they can continue browsing the internet without their HTTPS traffic being redirected.

Now, ISPs started redirecting HTTPS traffic of users who have not installed government-issued certificates in their devices to a web page that explains how to do it, why they do it, and what happens if the users don’t do it.

Tele2, one of the major ISP in Kazakhstan, is redirecting their users to a webpage that includes the certificate files as well as for instructions on how to install the certificate on Windows, macOS, Android, and iOS devices.

“In accordance with the Law of the Republic of Kazakhstan on Communications, Article 26 and Clause 11 of the Rules for Issuing and Applying a Security Certificate, communications operators ensure the distribution of a security certificate to their subscribers with whom they have contracts for the provision of communications services,” the Tele2 advisory reads.

“The law prescribes for carriers to pass traffic using protocols that support encryption using a security certificate, with the exception of traffic encrypted by means of cryptographic protection of information in the Republic of Kazakhstan. A security certificate is a set of electronic digital characters used to pass traffic that contains protocols that support encryption.”

Beeline, another ISP from Kazakhstan has also announced that it will soon intercept HTTPS traffic that doesn’t run with a government-issued certificate. Other internet service providers with the plans to follow through the legislation that mandates the installation of the government-issued certificate include:

  • K-Cell
  • Active (also lists allowed HTTPS websites)
  • Altel
  • Kazakhtelecom

Active posted a catalog of approved HTTPs websites in different categories like literature, arts and culture, social network, and sports and tourism. Interestingly, in the list of social networks, only search engines are allowed, and social media platforms like Facebook and Twitter are not included in the list. Some of the search engines and website listed in the permitted HTTPs website catalog are:

  • http://www.google.ru/
  • http://www.mail.ru/
  • http://www.aport.ru/
  • http://www.liveinternet.ru/
  • http://www.filesearch.ru/
  • http://www.zoneru.org/
  • http://www.km.ru/
  • http://meta.ua/
  • http://www.google.com.ua/
  • http://www.google.com
  • http://www.alltheweb.com
  • http://www.yahoo.com
  • http://search.msn.com
  • http://www.bing.com/
  • http://baidu.com
  • https://www.aol.com/
  • http://www.ask.com/
  • http://www.hotbot.com
  • http://search.lycos.com/
  • http://www.metacrawler.com/
  • http://www.dogpile.com/
  • Full list of “allowed” websites can be accessed here.

However, security and tech experts warn that the way this policy is being implemented carries a great amount of risk. For one, since users who are yet to install government certificates, they can only access websites without HTTPS connections. This means that the certificate files can be downloaded only from unsecured websites which hackers can exploit and replace the certificate files using MiTM attacks.

Continue Reading

Trending