Italian consumer watchdog hands down €15M in fines to Apple and Samsung for slowing devices

Italy’s Autorità garante della concorrenza e del mercato, roughly equivalent to this America’s FTC, has fined Apple and Samsung a total of $15 million for the companies’ practice of forcing updates on consumers that may slow or break their devices. The amount may be a drop in the bucket, but it’s a signal that governments won’t always let this type of behavior fly.

The “unfair commercial practices” are described by the AGCM as follows:

The two companies have induced consumers – by insistently proposing to proceed with the download and also because of the significant information asymmetry of consumers vis-a-vis the producers – to install software updates that are not adequately supported by their devices, without adequately informing them, nor providing them an effective way to recover the full functionality of their devices.

Sounds about right!

In case you don’t remember, essentially Apple was pushing updates to iPhones last year that caused performance issues with older phones. Everyone took this as part of the usual conspiracy theory that Apple slows phones to get you to upgrade, but it turns out to have been more like a lack of testing before they shipped.

Apple addresses why people are saying their iPhones with older batteries are running ‘slower’

Samsung, for its part, was pushing Android Mashmallow updates to a number of its devices, but failed to consider that it would cause serious issues in Galaxy Note 4s — issues it then would charge to repair.

The issue here wasn’t the bad updates exactly, but the fact that consumers were pressured into accepting them, at cost to themselves. It would be one thing if the updates were simply made available and these issues addressed as they came up, but both companies “insistently suggested” that the updates be installed despite the problems.

In addition to this, Apple was found to have “not adequately informed consumers about some essential characteristics of lithium batteries, such as their average duration and deterioration factors, nor about the correct procedures to maintain, verify and replace batteries in order to preserve full functionality of devices.” That would be when Apple revealed to iPhone 6 owners that their batteries were not functioning correctly and that they’d have to pay for a replacement if they wanted full functionality. This information, the AGCM, suggests, ought to have been made plain from the beginning.

Samsung gets €5 million in fines and Apple gets €10 million. Those may not affect either company’s bottom line, but they are the maximum possible fines, so it’s symbolic as well. If a dozen other countries were to come to the same conclusion, the fines would really start to add up. Apple has already made some amends, but if it fell afoul of the law it still has to pay the price.

from Apple – TechCrunch https://ift.tt/2q8O4iV

A new ‘smart firewall’ iPhone app promises to put your privacy before profits

For weeks, a small team of security researchers and developers have been putting the finishing touches on a new privacy app, which its founder says can nix some of the hidden threats that mobile users face — often without realizing.

Phones track your location, apps siphon off our data, and aggressive ads try to grab your attention. Your phone has long been a beacon of data, broadcasting to ad networks and data trackers, trying to build up profiles on you wherever you go to sell you things you’ll never want.

Will Strafach knows that all too well. A security researcher and former iPhone jailbreaker, Strafach has shifted his time digging into apps for insecure, suspicious and unethical behavior. Last year, he found AccuWeather was secretly sending precise location data without a user’s permission. And just a few months ago, he revealed a list of dozens of apps that were sneakily siphoning off their users’ tracking data to data monetization firms without their users’ explicit consent.

Now his team — including co-founder Joshua Hill and chief operating officer Chirayu Patel — will soon bake those findings into its new “smart firewall” app, which he says will filter and block traffic that invades a user’s privacy.

“We’re in a ‘wild west’ of data collection,” he said, “where data is flying out from your phone under the radar — not because people don’t care but there’s no real visibility and people don’t know it’s happening,” he told me in a call last week.

At its heart, the Guardian Mobile Firewall — currently in a closed beta — funnels all of an iPhone or iPad’s internet traffic through an encrypted virtual private network (VPN) tunnel to Guardian’s servers, outsourcing all of the filtering and enforcement to the cloud to help reduce performance issues on the device’s battery. It means the Guardian app can near-instantly spot if another app is secretly sending a device’s tracking data to a tracking firm, warning the user or giving the option to stop it in its tracks. The aim isn’t to prevent a potentially dodgy app from working properly, but to give users’ awareness and choice over what data leaves their device.

Strafach described the app as “like a junk email filter for your web traffic,” and you can see from of the app’s dedicated tabs what data gets blocked and why. A future version plans to allow users to modify or block their precise geolocation from being sent to certain servers. Strafach said the app will later tell a user how many times an app accesses device data, like their contact lists.

But unlike other ad and tracker blockers, the app doesn’t use overkill third-party lists that prevent apps from working properly. Instead, taking a tried-and-tested approach from the team’s own research. The team periodically scans a range of apps in the App Store to help identify problematic and privacy-invasive issues that are fed to the app to help improve over time. If an app is known to have security issues, the Guardian app can alert a user to the threat. The team plans to continue building machine learning models that help to identify new threats — including so-called “aggressive ads” — that hijack your mobile browser and redirect you to dodgy pages or apps.

Screenshots of the Guardian app, set to be released in December (Image: supplied)

Strafach said that the app will “err on the side of usability” by warning users first — with the option of blocking it. A planned future option will allow users to go into a higher, more restrictive privacy level — “Lockdown mode” — which will deny bad traffic by default until the user intervenes.

What sets the Guardian app from its distant competitors is its anti-data collection.

Whenever you use a VPN — to evade censorship, site blocks or surveillance — you have to put more trust in the VPN server to keep all of your internet traffic safe than your internet provider or cell carrier. Strafach said that neither he nor the team wants to know who uses the app. The less data they have, the less they know, and the safer and more private its users are.

“We don’t want to collect data that we don’t need,” said Strafach. “We consider data a liability. Our rule is to collect as little as possible. We don’t even use Google Analytics or any kind of tracking in the app — or even on our site, out of principle.”

The app works by generating a random set of VPN credentials to connect to the cloud. The connection uses IPSec (IKEv2) with a strong cipher suite, he said. In other words, the Guardian app isn’t a creepy VPN app like Facebook’s Onavo, which Apple pulled from the App Store for collecting data it shouldn’t have been. “On the server side, we’ll only see a random device identifier, because we don’t have accounts so you can’t be attributable to your traffic,” he said.

“We don’t even want to say ‘you can trust us not to do anything,’ because we don’t want to be in a position that we have to be trusted,” he said. “We really just want to run our business the old fashioned way. We want people to pay for our product and we provide them service, and we don’t want their data or send them marketing.”

“It’s a very hard line,” he said. “We would shut down before we even have to face that kind of decision. It would go against our core principles.”

I’ve been using the app for the past week. It’s surprisingly easy to use. For a semi-advanced user, it can feel unnatural to flip a virtual switch on the app’s main screen and allow it to run its course. Anyone who cares about their security and privacy are often always aware of their “opsec” — one wrong move and it can blow your anonymity shield wide open. Overall, the app works well. It’s non-intrusive, it doesn’t interfere, but with the “VPN” icon lit up at the top of the screen, there’s a constant reminder that the app is working in the background.

It’s impressive how much the team has kept privacy and anonymity so front of mind throughout the app’s design process — even down to allowing users to pay by Apple Pay and through in-app purchases so that no billing information is ever exchanged.

The app doesn’t appear to slow down the connection when browsing the web or scrolling through Twitter or Facebook, on neither LTE or a Wi-Fi network. Even streaming a medium-quality live video stream didn’t cause any issues. But it’s still early days, and even though the closed beta has a few hundred users — myself included — as with any bandwidth-intensive cloud service, the quality could fluctuate over time. Strafach said that the backend infrastructure is scalable and can plug-and-play with almost any cloud service in the case of outages.

In its pre-launch state, the company is financially healthy, scoring a round of initial seed funding to support getting the team together, the app’s launch, and maintaining its cloud infrastructure. Steve Russell, an experienced investor and board member, said he was “impressed” with the team’s vision and technology.

“Quality solutions for mobile security and privacy are desperately needed, and Guardian distinguishes itself both in its uniqueness and its effectiveness,” said Russell in an email.

He added that the team is “world class,” and has built a product that’s “sorely needed.”

Strafach said the team is running financially conservatively ahead of its public reveal, but that the startup is looking to raise a Series A to support its anticipated growth — but also the team’s research that feeds the app with new data. “There’s a lot we want to look into and we want to put out more reports on quite a few different topics,” he said.

As the team continue to find new threats, the better the app will become.

The app’s early adopter program is open, including its premium options. The app is expected to launch fully in December.

from iPhone – TechCrunch https://ift.tt/2yVIW5M

Apple’s Tim Cook makes blistering attack on the “data industrial complex”

Apple’s CEO Tim Cook has joined the chorus of voices warning that data itself is being weaponized again people and societies — arguing that the trade in digital data has exploded into a “data industrial complex”.

Cook did not namecheck the adtech elephants in the room: Google, Facebook and other background data brokers that profit from privacy-hostile business models. But his target was clear.

“Our own information — from the everyday to the deeply personal — is being weaponized against us with military efficiency,” warned Cook. “These scraps of data, each one harmless enough on its own, are carefully assembled, synthesized, traded and sold.

“Taken to the extreme this process creates an enduring digital profile and lets companies know you better than you may know yourself. Your profile is a bunch of algorithms that serve up increasingly extreme content, pounding our harmless preferences into harm.”

“We shouldn’t sugarcoat the consequences. This is surveillance,” he added.

Cook was giving the keynote speech at the 40th International Conference of Data Protection and Privacy Commissioners (ICDPPC), which is being held in Brussels this year, right inside the European Parliament’s Hemicycle.

“Artificial intelligence is one area I think a lot about,” he told an audience of international data protection experts and policy wonks, which included the inventor of the World Wide Web itself, Sir Tim Berners-Lee, another keynote speaker at the event.

“At its core this technology promises to learn from people individually to benefit us all. But advancing AI by collecting huge personal profiles is laziness, not efficiency,” Cook continued.

“For artificial intelligence to be truly smart it must respect human values — including privacy. If we get this wrong, the dangers are profound. We can achieve both great artificial intelligence and great privacy standards. It is not only a possibility — it is a responsibility.”

That sense of responsibility is why Apple puts human values at the heart of its engineering, Cook said.

In the speech, which we previewed yesterday, he also laid out a positive vision for technology’s “potential for good” — when combined with “good policy and political will”.

“We should celebrate the transformative work of the European institutions tasked with the successful implementation of the GDPR. We also celebrate the new steps taken, not only here in Europe but around the world — in Singapore, Japan, Brazil, New Zealand. In many more nations regulators are asking tough questions — and crafting effective reform.

“It is time for the rest of the world, including my home country, to follow your lead.”

Cook said Apple is “in full support of a comprehensive, federal privacy law in the United States” — making the company’s clearest statement yet of support for robust domestic privacy laws, and earning himself a burst of applause from assembled delegates in the process.

Cook argued for a US privacy law to prioritize four things:

1. data minimization — “the right to have personal data minimized”, saying companies should “challenge themselves” to de-identify customer data or not collect it in the first place
2. transparency — “the right to knowledge”, saying users should “always know what data is being collected and what it is being collected for, saying it’s the only way to “empower users to decide what collection is legitimate and what isn’t”. “Anything less is a shame,” he added
3. the right to access — saying companies should recognize that “data belongs to users”, and it should be made easy for users to get a copy of, correct and delete their personal data
4. the right to security — saying “security is foundational to trust and all other privacy rights”

“We see vividly, painfully how technology can harm, rather than help,” he continued, arguing that platforms can “magnify our worst human tendencies… deepen divisions, incite violence and even undermine our shared sense or what is true or false”.

“This crisis is real. Those of us who believe in technology’s potential for good must not shrink from this moment”, he added, saying the company hopes “to work with you as partners”, and that: “Our missions are closely aligned.”

He also made a sideswipe at tech industry efforts to defang privacy laws — saying that some companies will “endorse reform in public and then resist and undermine it behind closed doors”.

“They may say to you our companies can never achieve technology’s true potential if there were strengthened privacy regulations. But this notion isn’t just wrong it is destructive — technology’s potential is and always must be rooted in the faith people have in it. In the optimism and the creativity that stirs the hearts of individuals. In its promise and capacity to make the world a better place.”

“It’s time to face facts,” Cook added. “We will never achieve technology’s true potential without the full faith and confidence of the people who use it.”

Opening the conference before the Apple CEO took to the stage, Europe’s data protection supervisor Giovanni Buttarelli argued that digitization is driving a new generational shift in the respect for privacy — saying there is an urgent need for regulators and indeed societies to agree on and establish “a sustainable ethics for a digitised society”.

“The so-called ‘privacy paradox’ is not that people have conflicting desires to hide and to expose. The paradox is that we have not yet learned how to navigate the new possibilities and vulnerabilities opened up by rapid digitization,” Buttarelli argued.

“To cultivate a sustainable digital ethics, we need to look, objectively, at how those technologies have affected people in good ways and bad; We need a critical understanding of the ethics informing decisions by companies, governments and regulators whenever they develop and deploy new technologies.”

The EU’s data protection supervisor told an audience largely made up of data protection regulators and policy wonks that laws that merely set a minimum standard are not enough, including the EU’s freshly painted GDPR.

“We need to ask whether our moral compass been suspended in the drive for scale and innovation,” he said. “At this tipping point for our digital society, it is time to develop a clear and sustainable moral code.”

“We do not have a[n ethical] consensus in Europe, and we certainly do not have one at a global level. But we urgently need one,” he added.

“Not everything that is legally compliant and technically feasible is morally sustainable,” Buttarelli continued, pointing out that “privacy has too easily been reduced to a marketing slogan.

“But ethics cannot be reduced to a slogan.”

“For us as data protection authorities, I believe that ethics is among our most pressing strategic challenges,” he added.

“We have to be able to understand technology, and to articulate a coherent ethical framework. Otherwise how can we perform our mission to safeguard human rights in the digital age?”

from Apple – TechCrunch https://ift.tt/2ApiEuJ

Mozilla is matching all donations to the Tor Project

Firefox parent Mozilla is returning to back the Tor Project, its long-time ally, after it committed to matching all donations made to fund Tor, the open source initiative to improve online privacy which has just started its annual end of year funding drive.

Tor announced Mozilla’s support today, extending the pair’s partnership which last year helped Tor raise over $400,000 from a similar campaign last year. That is a small seed round for a tech startup, but it represents an important source of income for Tor, which began soliciting ‘crowdfunded’ donations in 2015 in a bid to offset its reliance on government grants.

The company’s latest publicly available accounts cover 2015 when Tor received a record $3.3 million in donations. That’s up from $2.5 million in 2014 and it represented Tor’s highest year of income to date, but state-related grants accounted for 86 percent of the figure. That was an improvement on previous years, but Tor Research Director and President Roger Dingledine admitted that the organization has “more work to do” to change that ratio.

Tor hasn’t made its latest (2016) financials available as of yet, but the past year has seen the organization make big leaps in its product offerings, which are still best known for being used by NSA whistleblower Edward Snowden. Tor launched its first official mobile browser for Android in September and the same month it released Tor Browser 8.0, its most usable browser yet which is based on Firefox’s 2017 Quantum structure. It is also worked closely with Mozilla to bring Tor into Firefox itself as it has already done with Brave, a browser firm led by former Mozilla CEO Brendan Eich.

Beyond the browser and the Tor network itself, which is designed to minimize the potential for network surveillance, the organization also develops a range of other projects. Around two million people are estimated to use Tor, according to data from the organization.

“The Tor Project has a bold mission: to take a stand against invasive and restrictive online practices and bring privacy and freedom to internet users around the world. But we can’t do it alone,” Sarah Stevenson, who is fundraising director at the Tor Foundation, wrote in a blog post.

“Countries like Egypt and Venezuela have tightened restrictions on free expression and accessing the open web; companies like Google and Amazon are mishandling people’s data and growing the surveillance economy; and some nations are even shutting off the internet completely to quell possible dissidence,” she added.

If you feel suitably compelled, you can donate to the Tor Project’s campaign right here.

from Android – TechCrunch https://ift.tt/2O1BRpC
via IFTTT

Apple’s next iOS update will fix accidental selfie softening

Last month, the internet was a buzz with reports that Apple was sweetening up selfies on the iPhone XS and XS Max. The shots appeared to have an effect applied, in a manner similar to “beauty” filters offered on competing handsets. Apple denied it was intentionally touching photos, but not before it earned the predictable name, “Beautygate.”

Turns out it wasn’t just your imagination. The shots were getting softer, as a result of a software bug, according to the company. As The Verge reports, however, Apple will be fixing things with the upcoming iOS 12.1 update. Apple has since confirmed the fix with TechCrunch, noting that it’s also available in the current beta.

The long and short of what’s happening is this: the HDR processing has been defaulting to a longer shutter speed. That coupled with a loss of front-facing OIS leads to shakier images and blurrier photos. In other words, your phone wasn’t making you prettier, so much as a bit more blurry.

Honestly though, sometimes we’ll take what we can get.

The beta of the update is available now and should be rolling out to everyone else soon.

from iPhone – TechCrunch https://ift.tt/2S63sJP

Apple’s morning show drama adds Steve Carell to the cast

Apple’s still-untitled morning show drama already has some serious star power, with Jennifer Aniston and Reese Witherspoon as its leads. Now it’s adding Steve Carell to the cast.

This will be Carell’s first regular role on a TV show since his seven seasons starring in the U.S. version of “The Office.” He’ll be playing Mitch Kessler, a morning show anchor who’s struggling to stay relevant. And no, it’s not the first time he’s playing a news anchor.

The series will focus on the world of morning TV, drawing material from reporter Brian Stelter’s book “Top of the Morning.” (Stelter serves as a consultant.) It was one of the first shows that Apple announced as part of its push into original streaming content, with two seasons of 10 episodes each already ordered. The company plans to start production in Los Angeles next week.

Aniston and Witherspoon (who’s working on more than one show with Apple) are both serving as executive producers, as is director Mimi Leder (who directed many of the best episodes of “The Leftovers”) and showrunner Kerry Ehrin (who previously co-created “Bates Motel”).

In other Apple streaming news, regular TechCrunch readers may be aware that I am extremely excited about the upcoming adaptation of Isaac Asimov’s “Foundation” novels. Well I’m even more excited with today’s announcement from comics writer and fantasy novelist Saladin Ahmed that he’s joining the show.

Still unclear: What Apple’s streaming service will be called, and what, if anything, it will cost viewers.

from Apple – TechCrunch https://ift.tt/2Sb6RXG

YouTube’s beta program will test stability, not new features

Google sometimes experiments with new features in beta versions of its various Android applications on Google Play. However, the recently spotted YouTube beta program will not, unfortunately, be a testbed for upcoming additions to the video-sharing service. Instead, Google says it only plans to test the stability of the YouTube app at this time, not features.

The company quietly rolled out a YouTube beta program last week on Google Play, where it was soon spotted by the folks at Android Police.

Originally, the belief was that Google would use this new beta to try out features it was planning to bring to the YouTube app – in fact, that’s what Google’s own help documentation about the beta said!

Not only that, but the documentation urged testers not to share information about the features they see in the app until they’re publicly launched.

That all sounds pretty exciting, right? (At least for us early adopters who love to get mess around with the latest new thing before anyone else.)

But after asking Google for more information on the program, the company updated its help documentation to remove the wording about “experimental features.” It now says testers will only help YouTube to stabilize its app.

We also understand, too, that YouTube has always run a beta program, the only change is that, as of last week, it become more broadly accessible.

Users can now join the program to help YouTube test stability of the app and can then opt out at any time they choose. At this point, however, Google doesn’t plan on trying out new features in the beta build. That could, of course, change at any time in the future. So if you really want to be the first to know, you may want to join the beta program just in case.

But YouTube for a long time now has been testing its new additions by way of server-side testing. It even decided this year to be more public about those tests – disclosing its experiments by way of its @TeamYouTube handle and the Creator Insider channel.

For example, this is where the company first announced its test of a new Explore tab on iPhone a few months ago, and more recently said it would try different ways of inserting ads into videos, to see if users prefer fewer interruptions even if it meant multiple ads per interruption.

YouTube beta program members may or may not be opted into those same experiments, as they roll out. It will depend on if they’re in the testing bucket that’s targeted at that time.

from Android – TechCrunch https://ift.tt/2PgnJh7
via IFTTT