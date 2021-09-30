Proprietary Software Leftovers
Apple just provided the perfect example of why you can’t trust App Store review scores
But intentional or not, standard or not, the problem with star scores is there’s no way to tell whether they’re legitimate. We don’t know if someone pressed a five-star button because they loved the app, or thought they were rating the podcast itself, or just wanted to close the prompt as quickly as possible. We don’t know if Apple is prompting everyone, or just its most dedicated fans, or some other algorithmic subset that just happened to give it an advantage. Some bad actors reportedly even buy star scores for their egregious App Store scams, and it’s impossible for most App Store shoppers to tell. We’ve even seen an iOS app that refuses to open unless you give it a good score.
More than $500M for cybersecurity included in sweeping House-passed package
The package gives $100 million to CISA for cybersecurity risk mitigation issues, $100 million for cybersecurity workforce and training, $50 million for moving to a secure cloud architecture, and a further $50 million to research and develop strategies to secure industrial control systems.
The bill also designates $35 million for CISA to provide funding to the Multi-State Information Sharing and Analysis Center (MS-ISAC), $15 million for an effort to train teachers on cybersecurity, and $50 million for CISA’s CyberSentry program, which monitors the networks of critical infrastructure groups for threats.
Malware alert: Dozen plus Joker trojan-laced Android apps detected on Play Store
Despite the efforts put by Google to block malware-laced Android apps entering the Play Store, bad actors are still managing to slip through the security screening to prey on naive users. Tatyana Shishkova, Android Malware expert at Kaspersky has detected more than a dozen malicious Android apps with Joker trojan on Play Store. She has been sharing the links of the apps on Twitter and most of them have been taken down from Play Store.
Joker malware-based apps are notorious for spying on victims. Once installed on the phone, they are capable of tracking apps such as the default Messages app on the phone. They can read text messages and steal contact lists, personal photos, financial details, or trade secrets and send them to hackers in remote locations. All that while, victims never know what is happening on their devices.
ZombieTrackerGPS (ZTGPS) is a Fitness Tracker for Linux
ZombieTrackerGPS is a KDE native PIM application satisfying the same purpose as Garmin’s BaseCamp software, which unfortunately does not run on Linux. It’s a professional quality application with goal to fill a hole in the open source ecosystem and provide an alternative to mainstream software business models which monetize your data. It’s important to note that privacy of your data is a central design goal in ZTGPS Linux fitness tracker. All program data resides on your local disk. The software is written for the KDE desktop, but will work on other desktops if the KDE and Qt libraries are available. ZTGPS features local data storage, advanced sorting and query capabilities to let you see and manage your data, and a highly customizable interface to put you in control.
Mark Shuttleworth, Elio Qoshi & Debian/Ubuntu underage girls
The Free Software Fellowship recently published evidence of the Albanian gangmaster and Mozilla Tech Speaker recruiting and/or grooming teenage girls in a hackerspace. In 2019, when Dr Richard Stallman commented privately on the Epstein affair at MIT, his words were twisted beyond recognition and used as an excuse for a lynch mob to bully him into resigning. Yet what we see in Albania is far worse. It is not merely discussion about underage girls: if you hang around there long enough, it is very likely you will meet some of these women. These situations are inevitable in developing countries. Nonetheless, we have made the discovery that Elio Qoshi is now been employed by Mark Shuttleworth at Canonical Ltd (Ubuntu).
