Connect with us

Mobile

3D-printed heads let hackers – and cops – unlock your phone – TechCrunch

Published

on

There’s a lot you can make with a 3D printer: from prosthetics, corneas, and firearms — even an Olympic-standard luge.

You can even 3D print a life-size replica of a human head — and not just for Hollywood. Forbes reporter Thomas Brewster commissioned a 3D printed model of his own head to test the face unlocking systems on a range of phones — four Android models and an iPhone X.

Bad news if you’re an Android user: only the iPhone X defended against the attack.

Gone, it seems, are the days of the trusty passcode, which many still find cumbersome, fiddly, and inconvenient — especially when you unlock your phone dozens of times a day. Phone makers are taking to the more convenient unlock methods. Even if Google’s latest Pixel 3 shunned facial recognition, many Android models — including popular Samsung devices — are relying more on your facial biometrics. In its latest models, Apple effectively killed its fingerprint-reading Touch ID in favor of its newer Face ID.

But that poses a problem for your data if a mere 3D-printed model can trick your phone into giving up your secrets. That makes life much easier for hackers, who have no rulebook to go from. But what about the police or the feds, who do?

It’s no secret that biometrics — your fingerprints and your face — aren’t protected under the Fifth Amendment. That means police can’t compel you to give up your passcode, but they can forcibly depress your fingerprint to unlock your phone, or hold it to your face while you’re looking at it. And the police know it — it happens more often than you might realize.

But there’s also little in the way of stopping police from 3D printing or replicating a set of biometrics to break into a phone.

“Legally, it’s no different from using fingerprints to unlock a device,” said Orin Kerr, professor at USC Gould School of Law, in an email. “The government needs to get the biometric unlocking information somehow,” by either the finger pattern shape or the head shape, he said.

Although a warrant “wouldn’t necessarily be a requirement” to get the biometric data, one would be needed to use the data to unlock a device, he said.

Jake Laperruque, senior counsel at the Project On Government Oversight, said it was doable but isn’t the most practical or cost-effective way for cops to get access to phone data.

“A situation where you couldn’t get the actual person but could use a 3D print model may exist,” he said. “I think the big threat is that a system where anyone — cops or criminals — can get into your phone by holding your face up to it is a system with serious security limits.”

The FBI alone has thousands of devices in its custody — even after admitting the number of encrypted devices is far lower than first reported. With the ubiquitous nature of surveillance, now even more powerful with high-resolution cameras and facial recognition software, it’s easier than ever for police to obtain our biometric data as we go about our everyday lives.

Those cheering on the “death of the password” might want to think again. They’re still the only thing that’s keeping your data safe from the law.

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Mobile

Spotify’s Clubhouse rival, Greenroom, tops 140K installs on iOS, 100K on Android – TechCrunch

Published

on

Spotify’s recently launched live audio app and Clubhouse rival, Spotify Greenroom, has a long road ahead of it if it wants to take on top social audio platforms like Clubhouse, Airtime, Spoon and others, not to mention those from top social networks, like Twitter and Facebook. To date, the new Greenroom app has only been downloaded a total of 141,000 times on iOS, according to data from app intelligence firm Sensor Tower. This includes downloads from its earlier iteration, Locker Room — an app Spotify acquired to make its move into live audio.

On Android, Google Play data indicates the app has been installed over 100,000 times, but Sensor Tower cannot yet confirm this figure.

For comparison, Clubhouse today has 30.2 million total installs, 18.7 million of which are on iOS, Sensor Tower says.

Other top audio apps include Airtime, with 11.4 million iOS installs, out of a total of 14.3 million (including Android); and Spoon, with 7.6 million iOS installs, out of a total of  27.3 million.

International apps like UAE’s Yalla and China’s Lizhi are massive, as well, with the former sporting 48.1 total installs, 3.8 million of which are on iOS. The latter has 29.5+ million total installs, but only a handful on iOS.

There are other newcomers that have managed to stake smaller claims in the social audio space, too, including Fishbowl (759,000 total installs), Cappuccino (497,000 installs), Riff (339,000 installs) and Sonar (154,000 installs.)

Image Credits: Sensor Tower. The firm analyzed 34 social audio apps. The chart shows those with the most installs.  

Spotify Greenroom’s launch last month, meanwhile, seems to have attracted only a small fraction of Spotify’s larger user base, which has now grown to 365 million monthly active users.

The majority of Greenroom’s installs — around 106,000 — took place after Greenroom’s official launch on July 16, 2021 through July 25, 2021, Sensor Tower says. Counting only its Greenroom installs, the app is ranked at No. 12 among social audio apps. It follows Tin Can, which gained 127,000 installs since launching in early March.

Because Greenroom took over Locker Room’s install base, some portion of Greenroom’s total iOS installs (141K) included downloads that occurred when the app was still Locker Room. But that number is fairly small. Sensor Tower estimates Locker Room saw only around 35,000 total iOS installs to date. That includes the time frame of October 26, 2020 — the month when the sports chat app launched to the public — up until the day before Greenroom’s debut (July 15, 2021).

We should also point out that downloads are not the same thing as registered users, and are far short of active users. Many people download a new app to try it, but then abandon it shortly after downloading it, or never remember to open it at all.

That means the number of people actively using Greenroom at this time, is likely much smaller that these figures indicate.

Spotify declined to comment on third-party estimates.

While Sensor Tower looked at competition across social audio apps on the app stores, Spotify’s competition in the live audio market won’t be limited to standalone apps, of course.

Other large tech platforms have more recently integrated social audio into their apps, too, including Facebook (Live Audio Rooms), Twitter (Spaces), Discord (Stage Channels) and trading app Public. A comparison with Greenroom here is not possible, as these companies would have to disclose how many of their active users are engaging with live audio, and they have not yet done so.

Despite what may be a slower uptake, Greenroom shouldn’t be counted out yet. The app is brand-new, and has time to catch up if all goes well. (And if the market for live audio, in general, continues to grow — even though the height of Covid lockdowns, which prompted all this live audio socializing in the first place, seems to have passed.)

Spotify’s success or failure with live audio will be particularly interesting to watch given the potential for the company to cross-promote live audio shows, events, and artist-produced content through its flagship streaming music application. What sort of programming Greenroom may later include is still unknown, however.

Following Spotify’s acquisition of Locker Room maker Betty Labs, the company said it would roll out programmed content related to music, culture, and entertainment, in addition to sports. It also launched a Creator Fund to help fuel the app with new content. 

But so far, Spotify hasn’t given its users a huge incentive to visit Greenroom.

The company, during its Q2 2021 earnings, explained why. It said it first needed to get Greenroom stabilized for a “Spotify-sized audience,” which it why it only soft-launched the app in June. Going forward, Spotify says there will be “more tie-ins” with the main Spotify app, but didn’t offer any specifics.

“Obviously we’ll leverage our existing distribution on Spotify,” noted Spotify CEO Daniel Ek. “But this feels like a great way to learn, experiment and iterate, much faster than if we had to wait for a full on integration into the main app,” he added.

Continue Reading

Mobile

Google unveils its proposed ‘Safety Section’ for apps on Google Play – TechCrunch

Published

on

In the wake of Apple’s advances into consumer privacy with initiatives like App Tracking Transparency and App Store privacy labels, Google recently announced its own plans to introduce a new “safety section” on Google Play that offers more information about the data apps collect and share, and other security and privacy details. Today, the company is sharing for the first time what the new section’ user interface will look like, along with other requirements for developers.

In May, Google explained the safety section would be designed to easily communicate to users how apps are handling their data, so they could make informed choices. It said app developers would need to disclose to users whether their app uses security practices like data encryption, whether it follows Google Play’s Families policy for apps aimed at kids, whether users have a choice in data sharing, whether the app’s safety section had been verified by a third party, and if the app allowed users to request data deletion at the time of uninstall, among other things.

In the user interface concept Google debuted today, developers are now able to see how this feature will look to the end user.

Image Credits: Google

In the safety section, users will be able to see the developer’s explanation of what data the app collects followed by those other details, each with their own icon to serve as a visual indicator.

When users tap into the summary, they’ll be able to then see other details like what data is collected or shared — like location, contacts, personal information (e.g., name, email address), financial information and more.

They’ll also be able to see how the data is used — for app functionality, personalization, etc. — and whether data collection is optional. 

Image Credits: Google

Google says it wants to give developers plenty of time to prepare for these Play Store changes which is why it’s now sharing more information about the data type definitions, user journey and policy requirements of the new feature. 

It notes that all developers will have to provide a privacy policy by April 2022. Before, only apps that collected personal and sensitive user data were required to do so. Developers will also be required to share accurate and complete information about all the data in their safety section, including how it’s used by the app’s third-party libraries and SDKs. This is in line with what Apple demands for its apps.

Image Credits: Google

In October 2021, developers will be able to submit their information in the Google Play Console for review, ahead of the planned launch of the safety section in Google Play, which is scheduled for the first quarter of 2022.

The company also notes it’s offering some buffer time after the section’s launch before apps must have their safety section approved by Google. However, the company says apps will have to be approved by Q2 2022 or risk having their app submissions or app updates rejected. And if an app doesn’t provide an approved safety section, the app will say “No information available.”

The change will help to highlight how many active developers are present on Google Play, as those will be the ones who will adopt the new policy and showcase how their apps collect and use data.

The question that remains is how stringent Google will be about enforcing its new guidelines and how carefully apps will be reviewed. One interesting note here is that conscientious developers will be able to submit their safety section for a third-party review and then be able to promote that to users concerned app data privacy and security.

This could help to address some potential criticism that these safety sections aren’t factual. That’s been a problem for Apple since the launch of its App Store privacy labels, in fact. The Washington Post discovered that a number of apps were displaying false information, making them less helpful to the users whose data they aimed to protect.

When reached for comment, however, Google declined to share more details about how the third-party verification process will work.

Continue Reading

Mobile

Twitter ‘acqui-hires’ the team from subscription news app, Brief – TechCrunch

Published

on

Twitter’s recent acquisition spree continues today as the company announces it has acqui-hired the team from news aggregator and summary app Brief. The startup from former Google engineers launched last year to offer a subscription-based news summary app that aimed to tackle many of the problems with today’s news cycle, including information overload, burnout, media bias, and algorithms that promoted engagement over news accuracy.

Twitter declined to share deal terms.

Before starting Brief, co-founder and CEO Nick Hobbs was a Google product manager who had worked on AR, Google Assistant, Google’s mobile app, and self-driving cars, among other things. Co-founder and CTO Andrea Huey, meanwhile, was a Google senior software engineer, who worked on the Google iOS app and had a prior stint at Microsoft.

Image Credits: Brief

While Brief’s ambitious project to fix news consumption showed a lot of promise, its growth may have been hampered by the subscription model it had adopted. The app required a $4.99 per month commitment, despite not having the brand-name draw of a more traditional news outlet. For comparison, The New York Times’ basic digital subscription is currently just $4 per week for the first year of service, thanks to a promotion.

Twitter says the startup’s team, which also includes two other Brief employees, will join Twitter’s Experience.org group where they’ll work on areas that support the public conversation on Twitter, including Twitter Spaces and Explore.

While Twitter wouldn’t get into specifics as to what those tasks may involve, the company did tell TechCrunch it hopes to leverage the founders’ expertise with Brief to build out and accelerate projects in both those areas.

Explore, of course, is Twitter’s “news” section, where top stories across categories are aggregated alongside trending topics. But what it currently lacks is a comprehensive approach to distilling the news down to the basic facts and presenting balance, as Brief’s app had offered. Instead, Twitter’s news items include a headline and a short description of the story, followed by notable tweets. There’s certainly room for improvement there.

It’s also possible to imagine some sort of news-focused product built into Twitter’s own subscription service, Twitter Blue — but that’s just speculation at this point.

Twitter says it proactively reached out to Brief with its offer. As part of its current M&A strategy, the company is on the hunt for acquiring talent that will complement its existing teams and help to accelerate its product developments.

Over the past year, Twitter has made similar acqui-hires, including those for distraction-free reading service Scroll, social podcasting app Breaker, social screen-sharing app Squad, and API integration platform Reshuffle. It also bought products, like newsletter platform Revue, which it directly integrated. The company even held acquisition talks with Clubhouse and India’s ShareChat, which would have been much larger M&A deals.

“We’re really glad we ended up at Twitter,” Hobbs told TechCrunch.

“Andrea and I founded Brief to build news that fostered a healthy discourse, and Twitter’s genuine commitment to improve the public conversation is deeply inspiring,” he said. “While we can’t discuss specifics on future plans, we’re confident our experience at Brief will help accelerate the many exciting things happening at Twitter today,” he added.

Hobbs said the team remains optimistic about the future of paid journalism, too, as Brief demonstrated that some customers would pay for a new and improved news experience.

“Brief pioneered a fresh vision for journalism, focused on getting you just the news you need rather than as much as you could withstand,” remarked Ilya Kirnos, founding partner and CTO at SignalFire, who backed Brief at the seed stage. “That respect for its readers made SignalFire proud to support founders Nick Hobbs and Andrea Huey, who are now bringing that philosophy to the top source of breaking news — Twitter.”

To date, Brief had raised a million in seed funding from SignalFire and handful of angel investors, including Sequoia Scouts like David Lieb, Maia Bittner, and Matt Macinnis.

As a result of today’s deal, Brief will wind down its subscription app on July 31. The company says it will alert its current user base today via a notification about its forthcoming shutdown but the app will remain on the App Store offering new features that allow users to explore its archives.

Continue Reading

Trending