Nextgendaily   Jointservers   Zymernation   Wdphg

Daily News Roundup: TrueCaller’s Privacy Implications

TrueCaller is an app for Android and iPhone that’s useful for identifying spam callers. When someone calls you and it turns out to be spam, you mark it that way, and anyone else using TrueCaller sees a warning.

Alternatively, you can provide the real name attached to a number if you happen to know the person who called, which makes the service a bit like a crowd-sourced phonebook you share with everyone. But it’s the shared function that has some disturbing implications.

A broadcast journalist named Chloe detailed how the app outed her and could have potentially put her in danger. Due to the sensitivity of her work, and the fact that she often travels to places hostile against journalists, she keeps a low profile. She doesn’t appear on screen, restricts her use of her social media, and so on. When she arrives in a new country, she buys a new sim card and phone number to speak with sources.

Imagine her surprise when she used her phone to call for a cab, and the cab driver asked about her job as a journalist. He showed his TrueCaller app, which identified by her name and where she worked.

When she called a source, the app pinged them to tag her number with an identification. They put in her name and media outlet. That action spread her identity to anyone using TrueCaller. If the country had been hostile to journalists, she could have been in serious trouble.

The problem here is that TrueCaller doesn’t ask permission to add a person to its database. When provided information, it doesn’t reach out to the owner of the number with an invite, confirmation, or even a method to check the accuracy of the information.

Imagine for a moment if every time you sent a letter to a friend, they could check a box that handed out your name and return address to everyone else who receives mail from the post office. It’s a similar concept.

TrueCaller has a method to unlist your phone number, but if somebody marked you number as spam (a distinct possibility with RoboCalls), you can’t use it. For most people, the way TrueCaller handles other’s people data without consent may not be a huge issue. But for anyone who needs anonymity—or just likes their privacy—it could potentially be a huge problem.

This isn’t the first time this topic has come up. Years ago, an app called Mr. Number shut down its similar crowd-sourcing feature when Google changed its terms of service. That change specifically states “we don’t allow unauthorized publishing or disclosure of people’s non-public contacts,” and remains in effect to this day. Which means TrueCaller’s functionality seems to violate those terms of service as well. [ifex]

In Other News:

  • Google had a weekend outage: Google Cloud services went down over the weekend, taking Youtube, Gmail, Snapchat, Discord, and more with it for many people. We’re still waiting to hear what happened, but at least we can get back to watching our cat videos and sending selfies. [Android Authority]
  • Apple’s WWDC is today: Apple’s Worldwide Developers Conference starts today, with a keynote that should come with interesting announcements. Rumors include a new dark mode for tablets and phones, redesigned apps, and the ability to use an iPad as a second display for Mac devices. [MacRumors]
  • Cuphead is coming to Tesla: Cuphead, the incredibly tricky hand-drawn game that originated on Xbox is making the jump to another console. Or rather, a car. Tesla is working on bringing the game to its tablet dashboard, complete with controller support. Neat? [Digital Trends]
  • Oppo and Xiaomi tease under-screen cameras: Move over hole punch, goodbye notch—two phone makers are showing off a camera that lives beneath the screen. Unlike the hole punch concept, when not in use the area the camera lives in works as a display. The idea seems less prone to failure than pop-out hardware at least. [TechCrunch]
  • Pokémon Go drops Apple Watch Support: Pokémon Go developer Niantic announced it is dropping Apple Watch support after July 1st. You’ll find all the features the Watch app brought to the game elsewhere, so the developer decided to stop splitting its attention. It’s a sad day for your two friends still playing the game. [Nintendo Life]
  • Sim swap attacks lead to stolen cryptocurrency: Sim swap attacks are more common these days. Bad actors use social engineering to convince a mobile carrier to move your phone number to their sim. Once they have access to your account, they can reset any account that uses it for confirmation. In this case, to steal cryptocurrency. [ZDNet]
  • NorthFace apologies for gaming Wikipedia: NorthFace recently swapped images in Wikipedia entries of famous locations for photos prominently featuring the company logo. All to get to the top of Google Image search results. The company called it a collaboration, but Wikipedia didn’t know and took everything down. Now the company is sorry for its actions (or at least for getting caught). Maybe the logo can go in an entry for “gross.” [BBC]
  • Microsoft may be working on a dual-display device: According to “sources,” Microsoft gave an early preview of an upcoming device to some employees. We’ve seen persisting rumors of a dual-screen device for years now, so perhaps this is finally a runup to the real thing. Or there’s always the possibility it will never see the light of day. Until we have something more than unnamed sources, the latter seems just as likely as the former. [The Verge]

In an unexpected turn of events, doctors had to put out a fire in a man’s chest during surgery recently. The astounding part is, once they extinguished the chest fire, the rest of the operation went well, and the man was unharmed.

The fire came about from a series of unfortunate events. During heart surgery, the doctors cracked opened the man’s sternum, a normal part of the procedure, and discovered parts of his lung stuck to the bone. To continue with the surgery, the doctors needed to move those bits of the lung which had air-filled blisters. While they were detaching the lung from the sternum, they managed to pierce one of the blisters, which of course caused an air leak.

When this happens, surgeons turn up your anesthesia and add oxygen to the mix (as much as 100% oxygen), so you don’t drown. And then, with an oxygen-rich area, the tools they use to cut through tissue caused a spark near a dry surgical pack. The only result could be fire.

After the surgeons calmly put out a fire in a man’s chest, finished the surgery, saved his life, and left him none the worse for the ordeal (what have you done this week?), they decided to investigate if this had occurred before and discovered multiple matching cases.

Amazingly, in every case, the patient came out of the ordeal unharmed. It does leave one wondering if perhaps something should be changed to prevent future chest fires. In the meantime, when it comes to multitasking under intense pressure, I’ll bow to the greater skills of surgeons everywhere. [Gizmodo]