Connect with us

Technology

Latest ‘Huawei’ Faux Pas: Ads On Lock Screens

Published

on

Huawei phones are showing booking.com ads in the preinstalled lock screen landscape background wallpapers.
Huawei phones are showing ads on their lock screen. Photo: John Karakatsanis | Flickr | CC BY-SA 2.0

Probably one of the most controversial tech companies in the world right now, Huawei, the Chinese-based smartphone manufacturing giant, is yet again in the middle of another faux pas as reports poured regarding the deliberate decision of the company to display ad on the lock screen of phones which uses the auto-generated wallpaper feature.

Specifically, Huawei phones started to show ads for the popular booking website, Booking.com, superimposed in landscape images for the built-in wallpapers of specific Huawei devices. The affected models include the P30 Pro, P20, P20 Lite, Honor 10, and P20 Pro.

Reports from social media users have revealed that the Booking.com ad started to appear in their preinstalled background wallpapers. Many users took to Twitter to ask Huawei why are there ads on their lock screens with screenshots accompanied in it.

“@Huawei_Europe Why is there advertisement on my lock screen?! Have I signed up to this in some small print T&C somewhere?” one wrote on Twitter.

The ads don’t seem to be limited to a particular region or country — they appear on devices in the UK, Netherlands, Ireland, South Africa, Norway, and Germany, at the very least.

While it is relatively easier to remedy even in the user level as the problem is not intrusive, one only needs to refrain from using the preinstalled landscape background images on their phones to prevent the unwanted ad from showing on their lock screens.

A series of bad press for Huawei

This new blunder adds to the list of the recent bad press the company has attracted, especially after Washington’s policy that forced different US suppliers from cutting business with Huawei. An executive order coming from the Trump administration has required US companies from engaging any transaction with the Chinese company, that the US government has repeatedly accused of being used by the Chinese communist government for espionage and economic sabotage.

The first of the long list of companies to impose the ban against Huawei is Google, as the company revoked Huawei’s license to use Android, the operating system currently employed in all Huawei and Honor devices. Chip maker ARM also cut off ties with the Chinese tech giant, which, just like the Google/Android ban, impacts the operations of the company profoundly.

As explained by Android Authority, “ARM is the lifeblood of the smartphone market, as it’s responsible for the inner workings of the vast majority of smartphones. Literally, everyone in the smartphone industry licenses the company’s architecture and instruction sets […] Huawei has seemingly lost the very technology it requires to make a modern smartphone.”

Amidst the ban, Huawei said that it is prepared for situations like this. Following the ban, the China-based company released its very own operating system, Hongmeng. A source has confirmed that Huawei is set to officially launch Hongmeng, as the company has been working on it since 2012. The company has been testing the new OS on selected devices under closer door and closed environment. The source also said that the testing was accelerated for the new operating system to be ready for situations just like this.

Nonetheless, it is still unclear whether Hongmeng will be the official name of the OS from Huawei. Experts note that even if Huawei can successfully launch its operating system, the company will still be faced with the challenge of establishing an app ecosystem. It would take Huawei a lot of time to build apps that are compatible with the new operating system.

Huawei accounted for 19% of the worldwide smartphone market and became the second largest smartphone manufacturer, overtaking Apple, in Q1 2019.

Huawei’s predicament drags tech stocks down

As the US-China trade wars continue and the prevalence of bad press against Huawei, the overall tech market has been affected as the volatile US tech market has seen a series of downfall dragged by the Huawei predicament down. Huawei is dragging the entire tech industry with it as market uncertainty brought upon by the apparent tech trade wars. As Huawei’s future remains at the limbo, it brings with it the rest of the tech world.

“If this remains enforced, it’s going to create some opportunity, but companies are working with their compliance departments to get out of the way of this Huawei situation,” said Quincy Krosby, chief market strategist at Prudential Financial. That’s difficult because “Huawei has its tentacles in so many parts of the technology sector. That’s why this is not a one-day event.”

A consumer tech and cybersecurity journalist who does content marketing while daydreaming about having unlimited coffee for life and getting a pet llama.

Technology

Sprint Resets Account Passwords Of Users After Data Breach

Hackers used the Samsung website to gain access to Sprint’s accounts.

Published

on

Photo: Sprint Website

Sprint, an American mobile telecom provider, has proactively reset their customers’ account PIN following a data breach that has affected an “unknown” number of accounts.

In a letter sent by Sprint to its customers, Sprint said that the data breach could have affected any account, so they are resetting everyone’s PIN as part of a safety mechanism to mitigate the effects of the data breach.

“Your account PIN may have been compromised, so we reset your PIN just in case in order to protect your account,” reads the notification letter sent by the telecom provider to its users.

According to the company, their team was informed, on June 22nd, of a data breach that allowed a threat actor to gain unauthorized access to their user’s accounts by exploiting an unpatched vulnerability in Samsung’s website “add a line” feature. The “add a line” feature in Samsung.com allows Samsung users to connect their mobile line (including that availed from Sprint) to their Samsung devices.

Sprint, a Kansas-based telecom network founded in 1899 in Abilene, Kansas, claims that they have a total of 54.5 million as of March this year. According to the letter sent by the company to its users, it is still unclear how many of the millions of their users are affected by the breach.

The leak, as stipulated by their notification to customers, includes users’ personal information such as phone number, device type, device ID, monthly recurring charges, subscriber ID, account number, account creation date, upgrade eligibility, first and last name, billing address, and add-on services. Nonetheless, Sprint clarified that no sensitive information that could cause serious identity theft, and fraud was accessed by the hacker/s.

“We take this matter, and all matters involving Sprint customer’s privacy, very seriously,” assures the company to its users.

As of June 25th, the company has said to have “re-secured” their users account and they have taken appropriate measures to protect their users from any untoward fraud and malicious attacks against their identities.

“Sprint has taken appropriate action to secure your account from unauthorized access and has not identified any fraudulent activity associated with your account at this time. Sprint re-secured your account on June 25, 2019, with the following notification to your Sprint phone device: Your account PIN may have been compromised, so we reset your PIN just in case in order to protect your account,” they wrote in the letter.

Furthermore, the same letter includes different mitigation procedures that users can do in order to protect themselves from malicious attacks. The company also urges its users to follow the protocols set by the Federal Trade Commission to help secure their identities.

“As a precautionary measure, we recommend that you take the preventative measures that are recommended by the Federal Trade Commission (FTC) to help protect you from fraud and identity theft. These preventative measures are included at the end of this letter. You may review this information on the FTC’s website at www.ftc.gov/idtheft and www.IdentityTheft.gov or contact the FTC directly by phone at 1-877-438-4338 or by mail at 600 Pennsylvania Avenue, NW, Washington, DC 20580,” they added.

What to do to protect yourself after the data breach?

Place a fraud alert on your credit reports, and review your credit reports.

As part of Sprint’s effort to help their customers protect themselves, they are encouraging their users to contact at least one of the three toll-free fraud alert company below. A user only needs to contact one company as whoever they chose to contact is legally required to submit the fraud alert report to the other two.

TransUnion:
1-800-680-7289
TransUnion Fraud Victim Assistance P.O. Box 2000 Chester, PA 19016
www.transunion.com

Equifax:
1-800-465-7166 Equifax Information Services LLC P.O. Box 105069 Atlanta, GA 30348-5069
www.equifax.com

Experian:
1-888-EXPERIAN (397-3742)
Experian PO Box 9701, Allen, TX 75013
www.experian.com

“Once you place the fraud alert in your file, you’re entitled to order one free copy of your credit report from each of the three consumer reporting companies. If you find fraudulent or inaccurate information, get it removed,” the company advised.

Other steps to protect yourself include:

  • Close the accounts that you believe have been tampered with or opened fraudulently.
  • File a report with your local police or the police in the community where the identity theft took place.
  • Visit the Federal Trade Commission’s Identity Theft website, IdentityTheft.gov, or for more information on reporting and recovering from identity theft.
  • Contact your state’s Attorney General or Consumer Protection Agency for more information on reporting and recovering from identity theft.

Continue Reading

Technology

Amidst Zoom Zero-Day Fixes, Vulnerability Continues To Doom Partners Like RingCentral

Apple quietly released an update to remedy the situation.

Published

on

Photo: RingCentral Website

A recent zero-day vulnerability seen in Zoom’s software continues to plague its partners like RingCentral Meeting.

Last week, software engineer Jonathan Leitschuh uncovered a significant security flaw in the Mac client for Zoom. It turns out that this implementation isn’t secure since an attacker could create a link that would automatically join users to a call and turn your video camera on without you noticing. Users will only be made aware that their camera is on after seeing the LED indicator light (which has no option to be turned off as a functionality) lit.

Related: Zoom Zero-Day Allows Hackers To Turn Mac Cameras On Remotely

The bigger problem comes from the fact that once an attack is made, the problem will continue to annoy even after uninstalling the software from your Mac computers. This is possible since the designers of the software deliberately included a hidden web server on your Mac that would reinstall Zoom’s client automatically after clicking the link.

Following the discovery of the exploited vulnerability in Zoom’s video calling, the company promised to implement stricter security mechanisms to improve their system.

“To be clear, Zoom honors the user’s video settings,” they said in a press release regarding the vulnerability. “Video is central to the Zoom experience. Our video-first platform is a key benefit to our users around the world, and our customers have told us that they choose Zoom for our frictionless video communications experience,” they added.

And about what they did once they discovered the zero-day, they said: “Once the issue was brought to our Security team’s attention, we responded within ten minutes, gathering additional details, and proceeded to perform a risk assessment. Our determination was that both the DOS issue and meeting join with a camera on concern were both low risk because, in the case of DOS, no user information was at risk, and in the case of meeting join, users can choose their camera settings.”

While Apple has already patched the problem and Zoom has already made sure that their software can be totally uninstalled and deleted from a device, Karan Lyons published evidence of yet more video conferencing apps that could be maliciously opened with their cameras turned on due to a security flaw.

This means that even if Zoom was able to fix the problem with its own system, the patch did not work for other software that they power – and that includes RingCentral.

According to the security researcher, if you are a user of RingCentral, you should update your app as soon as possible as the newest update included the fix. If you are a former user, then you are going to need to do a little more work to check your computer.

Because just like Zoom, RingCentral secretly installed code to your computer that listens for remote calls and this feature cannot be removed by a simple app uninstall process. Similar to how Apple had to intervene with the Zoom situation, Apple also secretly released an update in order to remedy the problem caused by RingCentral.

Apple’s intervention was definitely necessary in this case because; without it, users wouldn’t be able to receive the update that would ultimately remove Zoom’s and RingCentral’s breadcrumbs from an affected device.

Furthermore, Lyon said that with the discovery of the unpatched vulnerability in RingCentral and Zhumu, it is more likely that other white-labeled services from Zoom experience similar problems.

When asked for comment, a RingCentral spokesperson said that the company has “taken immediate steps to mitigate these vulnerabilities for any customers who could be affected,” but that to the company’s knowledge the security flaw hasn’t been exploited in the wild.

Nonetheless, tech experts still believe that the mere fact that such vulnerability exists makes them “irresponsible.”

“Zoom’s efforts to circumvent Safari’s native security are completely irresponsible. The Web server ‘feature’ merely adds a small amount of convenience at a massive security cost. This is flagrant and deliberate security and privacy violation that raises serious concerns over Zoom’s internal security prioritization and threat modeling,” TidBITS Security Editor Rich Mogull said.

Continue Reading

Technology

Google Hits Back: ‘We Do Not Work With The Chinese Military’

Google denies all allegation made by Peter Thiel.

Published

on

Photo: Travis Wise | Flickr | CC BY 2.0

When White House Adviser and Facebook Board Member Peter Thiel suggested that Google should be investigated for its “treasonous” behavior, and for working with the Chinese military, President Donald Trump agreed.

But now, Google hits back to the allegations that the San Francisco-based tech superpower is working with China and its army. “As we have said before, we do not work with the Chinese military,” Google said in a statement shared with The Independent.

Earlier today, President Trump affirmatively responded to Thiel’s suggestion that the Federal Bureau of Investigation (FBI) and the Central Intelligence Agency (CIA) should investigate Google for its refusal to work with the US Department of Defense, and over the accusation that the company has a relationship with its Asian counterpart.

In a Twitter storm, President Trump praised Peter Thiel, saying that he is a “great and brilliant guy who knows this subject better than anyone.” The American chief-of-staff also echoed the sentiments of Thiel and pronounced that the “Trump Administration will investigate.”

The allegations made by Thiel stems from a previous deal that Google backed out from. In 2018, Google decided to withdraw from a contract between the tech superpower and the U.S. Department of Defense for the development of artificial intelligence (AI) technology citing that the projects have specific ethical issues that they cannot be involved in.

Thiel questions “how many foreign intelligence agencies have infiltrated your Manhattan Project for AI.” Furthermore, he also asked whether or not Google’s senior executives consider the possibility that the company has been infiltrated by foreign intelligence.

The “billionaire and tech businessman,” Thiel further questions if Google chose to work with the Chinese military instead of the US Department of Defense since “they are making the sort of bad, short-term rationalistic [decision] that if the technology doesn’t go out the front door, it gets stolen out the backdoor anyway?”

According to Axios’ report, there are no public documents that stipulate any infiltration by foreign intelligence of Google. However, they said that Thiel owns a company called Palantir, which works with the Trump Administration, and has access to millions worth of government data, including American private information. Nonetheless, it is still unclear if Thiel’s assertions are motivated by any personal and classified knowledge he drew from his relationship with the White House.

Trump vs. Google

Google and the White House having a beef against each other is not new. In fact, only recently, an exposé by the independent investigative journalist group, Project Veritas, alleges that several Google executives and senior employees have a political bias against President Trump and his administration.

A video released by Project Veritas, which has since been removed from the platform by Youtube, shows a senior employee at the company appearing to admit that the company plans to interfere in the next presidential election to stop Donald Trump.

The video is still available in the Project Veritas website and featured undercover footage of a top Google employee, Jen Gennai, who preaches that the company, Google, should not be broken up since they still need to stop the re-election of the President and only them can prevent the “next Trump situation.”

“Elizabeth Warren is saying we should break up Google. And like, I love her but she’s very misguided, like that will not make it better it will make it worse, because all these smaller companies who don’t have the same resources that we do will be charged with preventing the next Trump situation, it’s like a small company cannot do that,” the video revealed appearing to be said by Gennai.

In the same video, Gennai also appears to declare that Trump’s victory in the 2016 elections “screwed us (Google).”

“We all got screwed over in 2016; again it wasn’t just us, it was, the people got screwed over, the news media got screwed over, like, everybody got screwed over, so we’re rapidly like, happened there and how do we prevent it from happening again,” she added.

“We’re also training our algorithms, like, if 2016 happened again, would we have, would the outcome be different?”

Continue Reading

Trending