Connect with us

Apps have learned to automatically install on devices through ads

Published

on

When a user tries to close an advertisement on a mobile device, the application starts downloading automatically.

There is a growing number of complaints from users on the web about intrusive ads that secretly install other applications on their devices.

How report participants in the discussion on Reddit, a number of advertising banners install software on devices without the knowledge of users and bypassing Google Play. Banners allegedly only advertise applications from the store, but when you try to close them, the process of downloading and installing software begins, which does not require any user participation.

Further research has shown that such activity is provided by the products of Texas-based company Digital Turbine – the DSP platform Appreciate and the DT Ignite system application, which bypasses interaction with the Play Store and the manual APK installation dialog. With the help of these products, the application from the advertisement is downloaded and installed on the device directly from the Digital Turbine servers, whether the user wants it or not.

It would seem that this software should have exploited some kind of vulnerability, but this is not the case. As it turned out, on some devices, DT Ignite is a pre-installed application, either by the telecom operator or by the manufacturer itself. That is, it is, in fact, a backdoor.

DT Ignite has been in the public eye since at least 2014. Seven years ago, it was used by telecom operators and mobile device manufacturers to secretly install unnecessary applications on users’ phones. The app was preinstalled on devices sold by carriers T-Mobile and Verizon, along with other unnecessary apps.

Be that as it may, until today, DT Ignite has not been used for advertising, let alone directly installing other applications through it. The new service is being provided through the Appreciate DSP platform acquired by Digital Turbine this year. She also owns a patent specifically for this functionality, registered in 2019.

If earlier DT Ignite was used to automatically install applications on phones from telecom operators, which in itself is already too much, now it is the same malware that spreads through mobile advertising, since it can be installed on the user’s device automatically. Among the services listed on the Digital Turbine website, there is even a “one-click installation of ad units” through the Appreciate DSP platform.

According to the company itself, ads should not install applications when the user tries to close it. According to Digital Turbine, it thoroughly checks DT Ignite packages before and after installation, the applications are published on Google Play and distributed through a secure channel.

Digital Turbine is currently presumably working on a “more official” commentary on the matter.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Security

Trump’s social network developers accused of illegal use of program code

Published

on

The Software Freedom Conservancy claims Trump Media and Technology Group copied the open source code of the decentralized social network Mastodon, created a new social network based on it.

The Software Freedom Conservancy (SFC), a not-for-profit organization that enforces the rights of open source software developers and the rules for using open licenses, accused in violation of the AGPLv3 license of the Trump social network developers Truth Social.

The Software Freedom Conservancy says that the developers of the service used the open source code of the decentralized social network Mastodon in violation of the license agreement.

Although the Mastodon code is free and free, the projects using it must comply with the terms of the Affero General Public License (or AGPLv3), among which is the mandatory availability of the project source code for all its users. Trump’s media company does not yet provide such an opportunity to TRUTH Social users and calls the social network a proprietary development.

The Software Freedom Conservancy gave Trump Media and Technology Group 30 days to improve, writes The Verge. Otherwise, the use of open source Mastodon will be prohibited for the company.

Continue Reading

Security

Facebook end-to-end encryption will give foreign intelligence services surveillance capabilities

Published

on

Former Facebook employee Frances Haugen criticized the company’s decision to transfer correspondence in its services to end-to-end encryption.

The introduction of end-to-end encryption in Facebook messengers could negatively affect the privacy of users and lead to increased surveillance by intelligence agencies. This opinion was expressed by a former employee of Mark Zuckerberg’s company, Frances Haugen, reports TASS.

According to her, after the launch of encryption in the Messenger application and the social network Instagram, which are owned by Facebook, the company will lose the ability to track possible “malicious operations of special services representatives.” “End-to-End Encryption Will Allow Facebook to Eliminate [от модерирования контента] and serve as an excuse for inaction, “Haugen said ahead of her October 25 speech in the British Parliament as part of discussions on online security bill.

The social network itself does not agree with this point of view. In their opinion, the introduction of end-to-end encryption in Facebook Messenger and Instagram applications, on the contrary, is aimed primarily at protecting the privacy of users and will protect them not only from foreign surveillance, but also from hackers.

Continue Reading

Security

On October 24, a bug in GPSD will send users 19 years back

Published

on

The effect of the error can lead to unpredictable failures on different systems, including those that do not directly use GPSD, since this application is used to obtain accurate time data on some NTP servers used for time synchronization.

A critical issue has been identified in the GPSD package, which is used to extract accurate time and position data from GPS devices, which will cause the time to shift 1024 weeks ago on October 24, i.e. time will be changed to March 2002. About it informs opennet.ru.

The issue appeared in releases 3.20 through 3.22 inclusive and was fixed in the GPSD 3.23 release (the fix was also backported to the 3.22 Debian package). All users of systems that use GPSD need to urgently install updates, or be prepared for a failure.

The effect of the error can lead to unpredictable failures on different systems, including those that do not directly use GPSD, since this application is used to obtain accurate time data on some NTP servers used for time synchronization. When the time is shifted, the systems can experience problems with authentication (for example, one-time passwords, Kerberos and other access verification mechanisms that have an expiration date will stop working), with the verification of certificates and with calculations that manipulate time ranges (for example, calculating the time of a user’s session).

GPSD is also used in car navigators, drones, robots, military equipment, marine and aviation navigation equipment, in various mobile devices, including those based on the Android platform, for many of which firmware updates are no longer available. Usually, on such devices, GPSD work is related to navigation and does not affect the setting of the system time.

The GPS protocol provides for a week counter, counting weeks from January 5, 1980. The problem is that when broadcasting, only 10 bits are allocated for this counter, which implies that it overflows every 1023 weeks (19.7 years). The first overflow occurred in 1999, the second in 2019, and the third in 2038. These events are tracked by manufacturers and have special handlers for them. Currently, a new GPS message format (CNAV) has been introduced in parallel, in which 13 bits are allocated for the counter (i.e. overflow is expected only in 2137).

In GPSD, in the logic of correcting the appearance of an extra second (added in order to synchronize the reference world atomic clock with the astronomical time of the Earth), an error was made due to which on October 24, 2021, 1024 will be prematurely subtracted from the counter of the number of weeks. As planned by the author of the code, the shift was supposed to occur on December 31, 2022, but the translation of this date into the number of weeks was not performed correctly and the number of weeks actually given in the check fell under October 2021 (the value is 2180 instead of 2600).

/* sanity check week number, GPS epoch, against leap seconds
* Does not work well with regressions because the leap_sconds
* could be from the receiver, or from BUILD_LEAPSECONDS. */
if (0 < session->context->leap_seconds &&
19 > session->context->leap_seconds &&
2180 < week) {
/* assume leap second = 19 by 31 Dec 2022
* so week > 2180 is way in the future, do not allow it */
week -= 1024;
GPSD_LOG(LOG_WARN, &session->context->errout,
"GPS week confusion. Adjusted week %u for leap %dn",
week, session->context->leap_seconds);
}

Continue Reading

Most Popular