The Market Ticker
Commentary on The Capital Markets- Category [Technology]

Gee, they'd never do anything like this at Facebook, would they?

A month later (after being effectively forced to load their messenger application - Ed), Facebook Messenger has reportedly been downloaded more than 500,000 times for Android devices alone. It also remains the number one most downloaded free app on the Canadian iTunes App Store.

Some of those who downloaded the app may be thinking twice this week about keeping the app around, however, in light of one iOS forensics and security researcher's recent assertions that Messenger is tracking more data than most people realize.

"Messenger appears to have more spyware type code in it than I've seen in products intended specifically for enterprise surveillance," tweeted Jonathan Zdziarski, a noted author and expert in iOS related digital forensics and security on Tuesday.


Facebook has denied the accusations, of course.

But heh, it's just a matter of these guys who do this stuff for a living looking at what it does and what it sends to "mother."

You decide who you wish to believe and whether you care if everything you do winds up in Zuckerburgler's hands.

View this entry with comments (registration required to post)

If you didn't have enough reasons before now you got another one.

Let’s be clear about one thing: right now we don’t yet know whether the nude celebrity photos hacking scandal can be blamed on security vulnerabilities in Apple AAPL +0.24% iCloud. Certainly this is being widely circulated and it was my first thought on Twitter TWTR +0.65% last night, but there is no proof.

Well, sure.  You could just believe it'll be ok -- especially if the issue isn't simply whether people have pictures of your hoo-hoo (or dong.)

There are those who claim these photos are "faked", but then there's this:

"To those of you looking at photos I took with my husband years ago in the privacy of our home, hope you feel great about yourselves," she tweeted. "Knowing those photos were deleted long ago, I can only imagine the creepy effort that went into this. Feeling for everyone who got hacked."

That sounds like an admission that they're real to me.

There's a huge problem here, if this is indeed a hack into cloud services, specifically, iCloud.  That's because deleting files from said cloud often doesn't really delete them.

It's kind of like a roach motel -- you can check out any time you'd like but you can never actually leave.

I have always found it hilariously stupid that people "trust" companies with this sort of thing, and that's just when you're talking about nudies.  When it comes to critical business data, or worse, customer data that could wind up being extremely damaging (e.g. medical or financial records and similar) it's even worse.

The common mantra today is that businesses should put data in the "cloud" because it's accessible everywhere and is "secure."  Oh really?  Secure eh?  Says who?  And who eats the liability when they're wrong?

That's the bigger problem, you see.  If someone breaks into my private infrastructure and steals something, the bad is on me; I know where the blame is, and I know where the liability lies.  It's mine, and since they're both in the same place I have a decent incentive to make sure that doesn't happen.

Now look at the case here; the liability is still yours as the business that put the data there but you have no control over it nor can you do anything about it before or after the fact!

Still comfortable with that allocation of risk, are you?  

Exactly how stupid are you if you're a CIO or CEO and have put your data anywhere other than on your own infrastructure where you can control it?

Answer: Very.

View this entry with comments (registration required to post)

2014-08-27 09:21 by Karl Denninger
in Technology , 237 references

Gee, there's no bias here, right?

What we need, then, is an equivalent universal inbox for messaging. No, not just for all your email and text messages. For everything. We need a smart inbox that'll sort messages by service, label them appropriately and will let you continue conversations within just one app.

I've had that for the last two+ years.  On my BlackBerry Z10.

Engadget knows this, because they "reviewed" said device.  And, after a few heated comments, they edited their piece to mention that -- below the fold, of course.

BlackBerry's Hub, present since the first release of BB10 devices, does exactly what is being described.  It places all inbox and notification information in one place and you can reply and manage them all there too.  Text messages, Facebook, Twitter, various Android apps (e.g. Snapchat, Instagram, etc), any number of email accounts -- I have three active -- phone calls, voicemails, etc.

In later (current) versions you can flag particular people as being "priority" contacts so anything they send you and any conversation you initiate shows up at the top in its own "priority" inbox as well.

Yes, I agree that this should be present on a "smart" device.  Apple and Google don't want it, however, because they want you to prefer their tools (e.g. Gmail) and putting everything in one place, along with letting you control it all, means they lose their ability to try to lever you.  In other words, they lose some of what they want -- you being the product that is being sold, that is.

Does all this matter?  You bet it does.  I rarely go into Facebook or Twitter, say much less the individual email application or even the text message system on my phone.  I do nearly all of my interaction with messaging services on The Hub, in one, unified place.

Exactly as it should be.

BlackBerry: Messaging done right.

PS: BB10 devices, such as the Z10, the Z30, the Q10 and upcoming Passport and Classic, also run Android apps....

View this entry with comments (registration required to post)

Be careful out there.

I found a particularly-pernicious bit of spyware today and had some fun getting rid of it.

It's called Metroids and when loaded (usually as part of a bundle with some sort of free utility or other legitimate package) it displays a "cute" rendition of the game Asteroids on top of all your browser windows.  The theory is that it brings you great "offers."

Needless to say that display is damned annoying and if you manage to accidentally load it you will instantly head over to the Program window and uninstall it.

All good, right?

Not so fast, Kemosabe!

Unknown to you it dropped a service into Windows under an obscure apparently-random letter name (very clever guys, trying to hide your intentions) when it had administrative privilege during installation -- privilege it retains, incidentally.  The problem is that the service survives the uninstall, and worse, it is capable of and does "hook" a browser session even without an extension loaded!

The odds are very good you'll never know it's there since it doesn't call itself what it is and in addition it claims to have uninstalled when you told it to.  But it didn't, and it's still creating and, presumably, transmitting data about whatever you do.  If you find the working directory and kill it (it's in AppData) it will be re-created as soon as you open a new browser window, or if you have one open.  Since it's running with privileges an ordinary user account can't stop the service either and worse, it has access to everything on the machine.

Malwarebytes can find it as can someone who knows what they're doing, but most anti-virus systems will not pick it up -- including Avast.

I have no idea how extensive the data it is collecting and sending is once it "claims" to be uninstalled but this is an especially nasty little piece of **** due to its persistent nature, that it is running with privileges and thus could get to anything on the machine and the fact that you'll get infested with it from perfectly "legitimate" downloads -- not browsing porn sites or other similar places.

I'm not usually one to say "there ought to be a law", but I will this time: If you as a software author or distributor allow your code to be bundled with such an "installer" -- anything that leaves a piece of itself behind after being de-installed specifically and/or attempts to obscure its components and functions by calling itself anything other than what it is -- that ought to be treated as felony computer fraud and abuse and you, along with the entity that wrote that crap, ought to go to prison.

Yeah, I know how to get rid of it and did with no harm done.  But I know what I'm looking for.

Most people don't and won't even know it's there.

View this entry with comments (registration required to post)

Heh heh, time for this one again.


Almost a third of smartphone users do not download any apps for their devices in a typical month, according to a report by Deloitte that predicts the volume of app store sales is hitting a ceiling.

The average number of apps downloaded on a monthly basis has decreased considerably in 2014, the firm found in a survey of people in the UK. As smartphones saturate mobile markets in the US and Europe, developers must rely on customers continuing to download new apps for their businesses to grow.

And there's more.

9 out of 10 users never pay for "premium" applications or features, leaving on-screen advertising "it" in terms of revenue.  And that's a problem, because there's little screen real estate (and never will be lots) nor is anyone going to put up with a material part of what is there being consumed by advertising.

There is no "industry" in general for this crap.  Oh sure, there are those few who make it big and make a lot of money, but that's always true.  What's almost-always false, however, is the hype machine that builds around a "new" technology.  It was not long ago that colleges and other so-called "professionals" counseled young people to go into this "field" because there was "great growth there" and it was a good way to make money.

Uh, nope.  Not for long, and in truth, not really ever.

View this entry with comments (registration required to post)

Main Navigation
Full-Text Search & Archives
Archive Access
Get Adobe Flash player
Legal Disclaimer

The content on this site is provided without any warranty, express or implied. All opinions expressed on this site are those of the author and may contain errors or omissions.


The author may have a position in any company or security mentioned herein. Actions you undertake as a consequence of any analysis, opinion or advertisement on this site are your sole responsibility.

Market charts, when present, used with permission of TD Ameritrade/ThinkOrSwim Inc. Neither TD Ameritrade or ThinkOrSwim have reviewed, approved or disapproved any content herein.

The Market Ticker content may be reproduced or excerpted online for non-commercial purposes provided full attribution is given and the original article source is linked to. Please contact Karl Denninger for reprint permission in other media or for commercial use.

Submissions or tips on matters of economic or political interest may be sent "over the transom" to The Editor at any time. To be considered for publication your submission must include full and correct contact information and be related to an economic or political matter of the day. All submissions become the property of The Market Ticker.