The UpStream

Google to Begin Enormous Slaughter of Hazardous Apps

posted Saturday Feb 11, 2017 by Scott Ertz

Google to Begin Enormous Slaughter of Hazardous Apps

Google is definitely not a company known for security or privacy. There have been privacy concerns with products like Google Wave and security issues with allowing unsafe ads in Adsense. The lack of interest, however, is most obvious in Google Play. The company has rules for what must be included to submit an app. However, those rules are not enforced and unsafe apps flood the marketplace. Malware numbers are in the millions in the Play Store.

All of that could change, however, with an email that was sent to some developers recently. One of the policies that has been ignored in the Play Store has been the requirement for a detailed privacy policy if you use certain APIs. For example, if you access the microphone you must explain why and how the data will be used. Unfortunately, Google has never actually enforced the requirement of these documents. That is until now.

A recent email sent to developers who are missing the privacy policy informed them that apps will be removed from the Play Store if they fail to comply. This could signal a change inside of Google that they are going to actually start caring about your privacy and security. It's obviously an important topic as Android is installed on more types of devices and apps are available on even more. With televisions, phones, watches and even computers running Android applications, your security and privacy are more at risk than ever. The current email going around shows a date of March, 15th 2017 to fix the issue or apps will start disappearing from the store.

If you've interacted with the Play Store at all, you know that this could affect millions of applications that have either been lax on supporting, or have ignored the requirement entirely. Obviously this is good news for users of Android and Chrome OS.

People who are not terribly tech savvy are often tricked into downloading apps that look legitimate, but access your contacts, your account and other sensitive information without telling you what they intend to do with that data. Hopefully this change in policy at Google will begin to put an end to this deceptive practice that is so prevalent on the platform.

Floundering TIDAL Finds Strong Partner in Sprint

posted Sunday Jan 29, 2017 by Scott Ertz

Floundering TIDAL Finds Strong Partner in Sprint

Since Jay-Z bought TIDAL, and likely before, the company has had no end of issues. In fact, the purchase itself may have been an indication of issues, as the subscriber numbers that were reported and led to the purchase were incredibly inflated. Since then, artists have come and gone, as have customers. Last year, rumors suggested Apple was interested, which the company immediately denied. Why would they want another failing music service, anyway?

One of the reasons, of course, is the artist exclusives, something that Apple Music has tried to get into with varied success. This week, someone else decided that exclusive content was in their wheelhouse: US wireless carrier Sprint. Sprint has also been in a bit of trouble, actually having to compete for its #3 spot in the rankings with T-Mobile. Looking to give subscribers another reason to switch, other than the Verizon Guy, Sprint has picked up a 33% stake in TIDAL.

Jay-Z said of the acquisition,

Sprint shares our view of revolutionizing the creative industry to allow artists to connect directly with their fans and reach their fullest, shared potential. Marcelo understood our goal right away and together we are excited to bring Sprint's 45 million customers an unmatched entertainment experience.

Sprint CEO Marcelo Claure, who is joining the TIDAL Board of Directors, added,

Jay saw not only a business need, but a cultural one, and put his heart and grit into building TIDAL into a world-class music streaming platform that is unrivaled in quality and content. The passion and dedication that these artist-owners bring to fans will enable Sprint to offer new and existing customers access to exclusive content and entertainment experiences in a way no other service can.

As of now, it is unclear exactly how Sprint will fulfill its promise to "make TIDAL available to its 45 million post and prepaid customers," whether through included access, discounted rates or T-Mobile or AT&T-style bandwidth cap exemptions. It is definitely an interesting move at a time when the telecom companies are looking for new and interesting ways to differentiate themselves in a market where exclusive handsets are mostly a thing of the past.

Would free or reduced TIDAL access, or exclusive content, make you consider the switch to Sprint? Let us know in the comments.

Stolen Data Creates Panic in Popular Hacker Community

posted Sunday Jan 29, 2017 by Scott Ertz

When a data breach happens, the data that is collected does not just disappear. Often times, it is collected and sold to the highest bidder. Sometimes, that bidder can make the information publicly available, usually for a fee. One of the sites that collects and disseminates this information is LeakedSource, which makes the information searchable with a recurring membership. The site, and others like it, claim that they make the information available so that people can search to see what information is available about themselves.

Unfortunately, as soon as the information is searchable, it is available. Instead of searching for yourself, for example, you could search for Alphabet CEO Larry Page. Maybe he used a credit card at Home Depot or Target, or once had a Yahoo email account, whose password might still be in use on another service. If someone with nefarious intentions were to perform that search, it's possible that they could accomplish their goals with the information found.

This week, the site vanished, and the smart money is on a raid by law enforcement, looking for evidence of illicit behavior from the company. Management has been silent on social media, not indicating that the site is even offline, let alone raided. Once such behavior that might be in question, according to "Keen" who operates another notification service, is the purchase of stolen data. Rather than collecting publicly, or semi-publicly, available data sources, Keen claims that LeakedSource has been exclusively purchasing stolen data.

Obviously, paying for data in this manner for a site that makes the data available, encourages others to do it for the profit. Keen's evidence of this behavior is the existence of data from the E-Sports Entertainment Association (ESEA) breach, which was never made public. In fact, only the original hacker and the site had the data. That is pretty incriminating evidence against the site, no matter how circumstantial.

Obviously data breaches are something that will not go away any time soon, but to create an environment where it is easily profitable for a hacker to make the attempt is not just criminal, it's unbelievably stupid. There was no way that this would be left alone, and prison is not a place that treats cyber criminals kindly.

Facebook Just Cannot Win with Oculus Purchase, Lawsuit

posted Sunday Jan 29, 2017 by Scott Ertz

Facebook Just Cannot Win with Oculus Purchase, Lawsuit

Since Facebook's $2 billion purchase of Oculus in 2014, the move has been questioned. What was Facebook's interest in getting into the VR market? Did they do their due diligence in researching the company? Would they be able to make anything out of Oculus or would they blunder the company's hype and lead?

The last question has been answered by Microsoft, HTC, Samsung, Sony and others, who have come into the space and successfully beaten the excitement out of Oculus, with the HTC Vive being the generally agreed upon leader. The due diligence question seems to have been answered, as well, with the lawsuit between Oculus and ZeniMax making its way to a jury, and a lot of information making its way to the world.

ZeniMax built VR technology, Rage VR, which never quite took off. While Oculus was getting off the ground, and before the purchase by Facebook, Oculus engineers engaged John Carmack, the founder of id Software, creators of Doom, and involved with the Rage VR test bed and the Doom BFG Edition demo for the platform. The problem is that the information Carmack shared was covered by NDA and could not be shared with Oculus engineers without compensation. This is ZeniMax's version of the story.

Oculus tells a different version, however. In fact, they claim that co-founder Palmer Luckey was responsible for the technology powering Rift. ZeniMax insists, however, that Luckey is a "hobbyist" and could not have been responsible for the complex work taking place within the engineering division. Oculus says that the technology that was used that is similar to Rage was publicly available, to which the question of why only Oculus had is was raised.

The jury is in deliberations, likely to last into the next week. ZeniMax is asking for $2 billion in damages and another $2 billion in compensation for the information. This could be a big problem for Facebook and investors, as well as anyone who is invested in the Oculus ecosystem, which could suddenly have a very large bill to pay.

Bootleg Blackphones Banned to Protect Consumers from Danger

posted Sunday Jan 29, 2017 by Scott Ertz

Bootleg Blackphones Banned to Protect Consumers from Danger

Any time security is involved, there are certain sacrifices that must be made. For example, to prevent people from stealing your money at the ATM, you have both an identification card and a PIN that must be presented. It's not a massive inconvenience, but it does add a little annoyance to the process. The same can be said for mobile devices - if you want a truly secure phone, like a Blackphone, you are going to have to pay for it.

Some people, however, thought they would shortcut the process and, instead of buying the devices directly from Silent Circle or one of their partners, bought them on eBay. Now, if you know anything about eBay, you know that electronics that sell for far below the retail price are either used, stolen or fake - usually the latter. Obviously you do not want to purchase a fake phone that is designed for security, because you can ensure that the myriad of illicit apps and exploits will be present on that device.

Unfortunately for these buyers, that is exactly what is at stake, as the devices being sold on eBay are absolutely fraudulent. To protect consumers who have been duped by a combination of their own poor thinking and semi-crafty criminals, Silent Circle has released an update to their Silent OS, version 3.0.8, which essentially disables the device and presents a message to device owners informing them of the scam in which they've gotten involved.

While some people would be pleased to find out that the company that is being falsely represented is looking out for the safety and security of people who don't even own one of their devices, some people have gotten upset with the move. Whether they like it or not, these people own fake devices which are a danger to both the consumer and the brand, and are officially bricked.

My recommendation for future purchases of security products is to avoid the potential of being scammed and buy the product from a legit source.

Following Live Theater is a Live Movie Streamed to Theater

posted Sunday Dec 18, 2016 by Scott Ertz

The usage of live video has grown rapidly in the past 2 years. Between specialty services like Livestream and Twitch, and general services like Periscope and Facebook Live, consumers have encouraged the growth of the medium. The addition of professionally produced content, like NBC's Hairspray Live and FOX's Grease: Live on television have brought attention from producers and Rifftrax Live has brought the idea of live content to movie theaters.

It would appear that what is either the next logical step, or possibly the bazar conclusion to the process, is Woody Harrelson producing what he is calling a live movie production. The movie, titled Lost in London, is a telling of Harrelson's personal experiences being arrested in London in 2002. The movie will be live streamed to 550 movie theaters nationwide on January 19, 2017.

It will, obviously star Woody Harrelson, but will also include big name participants like Owen Wilson and Willie Nelson. But, how does this production separate itself from an NBC live musical? Apparently it will be the overall scale of the production. Unlike Hairspray Live, which took place entirely on Universal's Hollywood backlot, Lost in London will be shot in 14 locations across London with a continuous shot.

The real question that must be asked here is why is this happening? The idea of bringing live theater to your living room makes sense; it allows people outside of New York and other big cities to experience live theater. What does a live movie streamed to movie theaters bring to the world? Other than the danger of something going wrong, or schadenfreude, it seems like there is no benefit.

Is this idea one that seems destined to create a new genre, or a one-off vanity project? Let us know your thoughts in the comments.

We're live now - Join us!



Forgot password? Recover here.
Not a member? Register now.
Blog Meets Brand Stats