Security flaw in Grindr exposed locations to third-party service

How Complete Beginners are using an ‘Untapped’ Google Network to create Passive Income ON DEMAND

Users of Grindr, the popular dating app for gay men, may have been broadcasting their location despite having disabled that particular feature. Two security flaws allowed for discovery of location data against a user’s will, though they take a bit of doing.

The first of the flaws, which were discovered by Trever Faden and reported first by NBC News, allowed users to see a variety of data not available normally: who had blocked them, deleted photos, locations of people who had chosen not to share that data and more.

The catch is that if you wanted to find out about this, you had to hand over your username and password to Faden’s purpose-built website, C*ckblocked (asterisk original), which would then scour your Grindr account for this hidden metadata.

Of course it’s a bad idea to surrender your credentials to any third party whatsoever, but regardless of that, this particular third party was able to find data that a user should not have access to in the first place.

The second flaw involved location data being sent unencrypted, meaning a traffic snooper might be able to detect it.

It may not sound too serious to have someone watching a Wi-Fi network know a person’s location — they’re there on the network, obviously, which narrows it down considerably. But users of a gay dating app are members of a minority often targeted by bigots and governments, and having their phone essentially send out a public signal saying “I’m here and I’m gay” without their knowledge is a serious problem.

I’ve asked Grindr for comment and confirmation; the company told NBC News that it had changed how data was handled in order to prevent the C*ckblocked exploit (the site has since been shut down), but did not address the second issue.

Mobile – TechCrunch

Cash For Apps: Make money with android app

L’Oreal Buys Augmented Reality Beauty App, Allowing Robots To Point Out Our Every Flaw

How Complete Beginners are using an ‘Untapped’ Google Network to create Passive Income ON DEMAND

Makeup-users, get ready. AI is ready to tell us we look ugly.

The app ModiFace scrutinizes your skin type, points out what’s wrong with your face, (you’ve got wrinkles here, a spot there), and suggests cosmetics that might be able to repair or cover those flaws.

If you just thought, “Hey, making people feel insecure is a great way to get people to buy cosmetics,” you’re not alone. French cosmetic giant L’Oreal recently purchased the Canadian company for an undisclosed (but likely astronomical) sum.

In theory, the tool sounds kind of cool. The company has published more than 200 scientific studies and holds 30 patents in development of this technology, so there’s reason to believe it works better than some of the other makeup apps already out there (ModiFace would probably become the best-known of these once L’Oreal makes it ubiquitous). And because it’s an app, it doesn’t require investment in a whole new piece of hardware, the way Amazon smartmirror would.

Plus it sounds pretty convenient. Trying a new foundation without having to go to the store and covering my hand with poorly-colored product? Yes, please.

But there’s an obvious downside to ModiFace: it provides users with a limited definition of what it means to look beautiful.

That standard is getting narrower all the time thanks to social media. Despite some effort to expand beauty standards to people of different colors, shapes, and sizes, the popularity of sites like Instagram and Snapchat make the same old beauty standards seem attainable and immediate, the airbrushing and photoshopping seem less obvious.

“We are on the verge of a very, very serious problem,”Jane Cunningham, the author of Britishbeautyblogger.com, told The Guardian in 2015. “The world of vloggers and YouTubers has created a perverse, homogenized sense of distorted ‘beauty’ with no diversity or reality… Society is losing all perspective on the diversity of beauty and it’s contributing to an alarming growth in dysmorphia.” Recent scientific literature has confirmed this assessment.

Consumers, especially women, don’t need another faceless entity pointing out every little flaw. That’s especially true for women of color, for whom facial recognition software can be inaccurate. Might ModiFace direct non-white users towards more limited products for their skin tones, or push them to ascribe to a particular aesthetic they may not agree with? Well, it wouldn’t be the first time. And it’s not clear from ModiFace’s marketing materials whether the tool works for non-cis women — a growing market of makeup consumers (in 2016 L’Oreal itself used a male model to advertise cosmetics).

A tool like ModiFace might be useful for some makeup users, or convenient even. But for others, it will just be another entity telling them they’re not young enough, not white enough, not pretty enough.

The post L’Oreal Buys Augmented Reality Beauty App, Allowing Robots To Point Out Our Every Flaw appeared first on Futurism.

Futurism

Cash For Apps: Make money with android app

Android Phones with iPhone X-Like Notch: The So-Called Design Flaw Brings the Android World to a Standstill

How Complete Beginners are using an ‘Untapped’ Google Network to create Passive Income ON DEMAND

Android Phones with iPhone X-Like Notch

When I first had a glance at iPhone X, I couldn’t help admiring the gorgeous design. The only thing that, sort of, prevented me from branding it as out-of-the-box was—the Notch. Initially, I just didn’t like the tiny cutout that seemed to prick my eyes. However, as time went by, I made peace with the cutout.

They say, “If something hurts your soul at the very first interaction, the pain is never forgotten—even if it brings the storm of bliss later.” Though my eyes no longer find notch a roadblock, they have always wished a life beyond the bumper…

Android Phones with iPhone X-Like Notch

Android Phones with iPhone X-Like Notch

When I got to know that Apple was planning to slim down the screen bumper, I thought the tech giant had heard my prayer. But just when I started to breathe a bit easier, a host of Android smartphones with iPhone X-like notch flooded the Internet. Surprisingly, all of them looked almost a carbon copy of Apple’s flagship. Take a look at them to believe!

One Plus 6

OnePlus 6 iPhone X-Like Notch Android Phone

One Plus is widely claimed to be the one that produces smartphones that give high-end flagship a run for their own money. The company always claims to be in a different league. Hence, I’m really surprised to come to know how desperate it is to get its upcoming smartphone fashioned into an iPhone X avatar!

LG G7

LG G7 iPhone X-Like Notch Android Phone

Come on, LG! You can do much better than copying the design of iPhone. A company as big and reputed as you doesn’t have to emulate anyone to survive. Ideally, I would love to see you being just LG as whenever you have tried to be yourself you have looked so adorable.

Huawei P20

Huawei P20 iPhone X-Like Notch Android Phone

I respect your recent metamorphosis rise and also believe that you can give Samsung and Apple a strong fight. But to be number one, you have to bring in something different than your biggest rivals don’t have.

I have come to know that you are going to launch three cool P20 series smartphones. The only thing that has saddened me is that they all look a blatant copy of iPhone X. Seriously; I didn’t expect that from you—especially after that the ruckus you tried to create about Face ID’s failed demo!

OPPO F7

Oppo F7 2 iPhone X-Like Notch Android Phone

As one of the fastest growing smartphone companies in the world, you have everything to be a showstopper! I liked the design of your R9 and also recommended some of my friends who like using Android. But when I came to know that your F7 looks so similar to iPhone X, I felt a tad disappointed.

ASUS Zenfone 5Z

When everyone else seems to be so charmed by the design of iPhone X, it’s really hard to resist. I truly understand that.

I hope your mid-budget smartphone with the stunning 6.2-inch all-screen display, 8MP front, and 8MP+12MP dual rear cameras do really well!

Vivo V9

Vivo V9 iPhone X-Like Notch Android Phone

Having snapped a few looks at the leaked images of Vivo V9, I can say they look enormously attractive, but the smartphone looks no different than the ones mentioned above. I just hope you can pull off the gorgeous edge-to-edge display and raw power of iPhone X!

Other Lesser Known Smartphone Makers are also In the Fray…

There are three more smartphones like Leagoo S9, Oukitel U18 and Sharp Aquos S3 that are also attracting a lot of eyeballs thanks to their design. From outside, the only thing that seems to be common on all of them is the—low-price!

Seeing so many smartphones with the notch, I have decided to wear glass to safeguard my eyes from top-notch cutouts. I was trying my best to run away from the notch; now thousands seem to surround me.

Apple, if your ugly cutout can create such a huge sensation, imagine what would happen if an elegant one is unleashed from your kitty. Truly, your name as the trendsetter stands vindicated…

Enjoyed reading this article? Download our app and remain connected with us via Facebook, Twitter, and Google Plus to read more such stories.

The post Android Phones with iPhone X-Like Notch: The So-Called Design Flaw Brings the Android World to a Standstill appeared first on .


Cash For Apps: Make money with android app

Amazon flaw costs Apple accessory maker nearly $100k as counterfeiter takes over legitimate listing

How Complete Beginners are using an ‘Untapped’ Google Network to create Passive Income ON DEMAND

Amazon has come under fire in the past for its lackluster approach to handling counterfeit products. Now, the online retailer is facing a broader problem, with counterfeiters going as far as to take over a company’s legitimate product listing…

more…

9to5Mac

Cash For Apps: Make money with android app

Intel reportedly notified Chinese companies of chip security flaw before the U.S. government

 Intel is not having that great of year thus far in the face of a slew of information about security flaws in it hardware coming out — and you can add another new report from The Wall Street Journal today, which suggests that Intel didn’t immediately notify the U.S. government of the issues, to that list. The Journal is reporting that Intel notified some of its customers of the… Read More
Mobile – TechCrunch

Security flaw in Moto G5 Plus Prime Exclusive grants access to phone with the tap of a lockscreen ad

Amazon has been running its Prime Exclusive program for some time now. Essentially, the company partners with phone manufacturers to offer noticeably lower prices on devices in exchange for preloaded Amazon apps and advertisements on the lock screen. However, it appears that these lockscreen ads have led to a security flaw on one Prime Exclusive device, the Moto G5 Plus.

Read More

Security flaw in Moto G5 Plus Prime Exclusive grants access to phone with the tap of a lockscreen ad was written by the awesome team at Android Police.

Android Police – Android news, reviews, apps, games, phones, tablets

AMD chips vulnerable to both variants of Spectre security flaw, firmware updates coming this week

Though AMD’s initial response to Spectre security flaw was positive as the company said the impact is ‘near zero’, today it confirmed that the processors are vulnerable to both variants of the Spectre security flaw. The company further added that it is rolling out firmware updates available for Ryzen and EPYC owners this week. AMD will be rolling out the patches to suppliers who will be pushing them to the users. The company didn’t mention anything about the performance impact. AMD says that Google Project Zero Variant 1 (Bounds Check Bypass or Spectre could be contained with an operating system patch. It is been working with Microsoft to roll out the patches for the majority of AMD systems and is also closely following up to correct the issue that paused the distribution of patches for some older AMD processors. Linux vendors are also rolling out patches across AMD products. The variant two; Branch Target Injection or Spectre is also applicable to AMD processors. While it is hard for the variant two to exploit AMD processors, the company said that it is working to further mitigate the threat. It also mentioned that patches and firmware updates to older processors will be rolled out over the coming …
Fone Arena

Intel facing multiple class action suits over chip security flaw

Intel is facing at least three class action lawsuits over a recently revealed security flaw. The complaints, published by Gizmodo, were filed in Oregon, California, and Indiana by owners of Intel CPU-based computers. They allege that the vulnerability, which Intel learned about several months ago, makes its chips inherently faulty. Intel has helped provide security patches, but the complaints raise concerns that these patches will hurt computer performance, and aren’t an adequate response to the problem.

Researchers revealed two major CPU bugs, dubbed Spectre and Meltdown, earlier this week. The Meltdown flaw is specific to Intel chips, and it strikes at the heart of how CPUs process information. Security patches offer a workaround, but T…

Continue reading…

The Verge – All Posts

Massive Intel Chip Security Flaw Threatens Computers

A design flaw in all Intel chips produced in the last decade is responsible for a vulnerability that puts Linux, Windows and macOS-powered computers at risk, according to multiple press reports. The flaw reportedly is in the kernel that controls the chip performance, allowing commonly used programs to access the contents and layout of a computer’s protected kernel memory areas. The Linux kernel community, Microsoft and Apple have been working on patches to their operating systems to prevent the vulnerability.
TechNewsWorld