Facebook’s ‘Protect’ feature on iOS essentially installs spyware on iPhone and iPad

facebook-vpn-onavo-spyware.jpg

Facebook is rolling out a new security feature called Protect to many users of its iOS app. While the name might make unknowing users feel good about installing the associated free app, the Facebook owned VPN is designed to collect and analyze user data to “improve Facebook products and services.”

As reported by TechCrunch, Facebook purchased the security software company Onavo back in 2013. It is the Facebook owned Onavo Protect iOS app that is linked to in the Facebook iOS app settings under the “Protect” label.

While the VPN app is designed to give users “peace of mind” and “an added layer of security” by routing your web browsing through its servers, the company also analyzes and collects users data to improve its services as well as Facebook’s products and services.

After a paragraph about the protection that Onavo provides and some bullet points on how the service works, the company states that it is essentially spyware, which is buried beneath the read more link on both the iOS App Store and the web.

To provide this layer of protection, Onavo uses a VPN to establish a secure connection to direct all of your network communications through Onavo’s servers. As part of this process, Onavo collects your mobile data traffic. This helps us improve and operate the Onavo service by analyzing your use of websites, apps and data. Because we’re part of Facebook, we also use this info to improve Facebook products and services, gain insights into the products and services people value, and build better experiences.

While some users may feel okay about trading their privacy for a free VPN client, many users are likely unaware that Onavo Protect is specialized spyware for Facebook, and may feel misled by the marketing of the app in Facebook’s settings and on the App Store.

TechCrunch reports that there are an estimated 33 million users who have Onavo Protect installed, with 38% being on iOS and the remaining 62% on Android.

Large-scale study shows Apple Watch & other wearables can detect early signs of diabetes

A large-scale study involving more than 14,000 Apple Watch and Android Wear users has shown that heart-rate data from the wearables can detect early signs of diabetes.

The study – a collaboration between UC San Francisco and digital health startup Cardiogram – was able to determine that 463 participants had previously undiagnosed diabetes …

 cardiogram-copy.jpgCardiogram co-founder Johnson Hsieh explained how the condition can be diagnosed using nothing more than heart-rate data.

Your heart is connected with your pancreas via the autonomic nervous system. As people develop the early stages of diabetes, their pattern of heart rate variability shifts. In 2015, the Framingham Heart Study showed that high resting heart rate and low heart rate variability predicts who will develop diabetes over a 12-year period. In 2005, the ARIC studyshowed that heart rate variability declines faster in diabetics than non-diabetics over a 9-year period.

Data from the Cardiogram app was analyzed by DeepHeart, a neural network.

14,011 users of Cardiogram for Apple Watch and Android Wear were recruited into UCSF’s Health eHeart Study. Then, 33,628 person-weeks of health sensor data was used to train a deep neural network by presenting it with samples from people with and without diabetes, hypertension, sleep apnea, atrial fibrillation, and high cholesterol.

The accuracy rate was found to be 85% – good enough to justify further medical tests to confirm the diagnosis. DeepHeart has previously been used to detect hypertension (chronic high blood pressure), sleep apnea, and atrial fibrillation.

These studies were presented at the American Heart Association’s annual scientific sessions in November 2017 and Heart Rhythm Society in May 2017.

The full paper for the diabetes study can be found here (a Dropbox link, which can cease working if extensively accessed).

Fellow co-founder Brandon Ballinger said that the next step would be to incorporate DeepHeart directly within the Cardiogram app.

There have been a number of stories of the Apple Watch alerting owners to undiagnosed health conditions, with some crediting the Watch for saving their life.

Cardiogram is a free download from the App Store.

iOS 11.3 will allow parents to approve family purchases using Face ID

iPhone X owners with children have been complaining for a while about the impossibility of approving purchases using Face ID. While on devices with Touch ID it has always been possible to approve purchases using the biometric authentication, the feature had not been implemented for Face ID …

It looks like this is going to change soon, according to our testing of the first iOS 11.3 beta. With this beta, we have been able to approve a purchase on a parent’s device using Face ID. The first time a purchase approval request is received, the parent must enter their password. After entering the password for the first time, iOS asks if the parent would like to enable Face ID for future approvals.

After enabling Face ID, when a new approval request is received, tapping the “Buy” button launches Face ID authentication instead of the standard password prompt.

Apple Confirms Fix is Coming Next Week for Malicious Link That Freezes Messages App.

A software update coming next week will fix an issue that allows a malicious link to freeze the Messages app on the iPhone and iPad, Apple confirmed to MacRumors this morning.

Image result for imessage bug
Apple is likely talking about iOS 11.2.5, which is nearing the end of the beta testing period. iOS 11.2.5 beta 6, as we discovered yesterday, does indeed address the issue and prevents the malicious link from working.

The malicious link first surfaced on Tuesday after it was shared on Twitter. When texted to an iOS device, it is able to cause the Messages app on the iPhone or iPad to freeze up and become unusable. Macs are also affected, and we expect to see a Mac fix in macOS 10.13.3.

A user who receives the link will see their Messages app freeze entirely, and the fix appears to require users to quit out of the Messages app and then delete the entire conversation with the person who sent the link to restore the app to working condition.

The link initially went to a webpage on GitHub, but GitHub took it down on Wednesday, limiting its spread. Most users are not likely to be impacted at this point because the original link has been disabled, but if you do get a text with a bad link before iOS 11.2.5 is released, deleting the Messages conversation is a reliable fix.

In response to investor letter, Apple says improved parental controls coming in future update.

Earlier today, Apple investors published an open letter, “Think Differently About Kids,” asking the company to improve the parental control features in iOS. Apple has now responded to the letter, saying that new features and enhancements are planned for a future update…

Image result for apple product

First reported by WSJ, Apple’s statement points out that “effectively anything” a child could access online on iOS can be blocked by parents. The company also says, however, that it has “new features and enhancements” planned for the future to improve parental controls.

“We think deeply about how our products are used and the impact they have on users and the people around them,” Apple said in the statement. “We take this responsibility very seriously and we are committed to meeting and exceeding our customers’ expectations, especially when it comes to protecting kids.”

The company added that it is “constantly looking” for ways to improve its devices and said that it plans new features that will make the tools it provides parents “even more robust.”

At this point, it’s unclear what specific features Apple has planned for improved parental controls. The shareholder letter outlined features that would limit on-screen time, hours of use, improved monitoring, and more.

Currently, iOS offers features that allow parents to turn off features like Siri and FaceTime, as well as set minimum ages for certain content in the iTunes Store. The extent of the new features remains to be seen, but at least we now know that this is an area in which Apple is working.

 

A teardown of iMac Pro looks inside the powerful all-in-one

Some things of note from the teardown are as follows:

The iMac Pro features a massive dual fan cooler to help keep the CPU and GPU cool. Notably, the iMac Pro is remarkably quiet, even when performing intense operations that would normally cause the 5K iMac to sound like a jet preparing ready for takeoff.

The lack of a full sized desktop hard drive frees up considerable space inside the iMac Pro’s chassis for the larger cooling system along with other vital components. Another casualty of the new cooling system is the lack of an external RAM door, which allowed 5K iMac owners to upgrade the machine’s RAM with ease.

As previously noted, the iMac Pro uses standard 288-pin RAM sticks, which can technically be user-replaced, but are much more difficult to access. Apple says that you can upgrade the RAM but it’ll need to be done by authorized repair personnel. We were able to perform the RAM upgrade itself, maxing out the machine with four 32GB sticks of RAM for a total of 128GB.

After continuing the teardown : the GPU is soldered down to the logic board, meaning that it’s non-upgradable for adventurous iMac Pro owners. The good news is that the CPU is not soldered down, meaning that it may be able to be upgraded. We noted that the CPU appears to be custom silicon provided by Intel, instead of an off-the-shelf Intel Xeon W class chip.

The teardown also confirms that the display is the same 5K display found in the 2017 5K iMac. That means there are no screen enhancements for the iMac Pro, which may be a bit disappointing for users looking for something brighter than the 500 nit-rated LG manufactured unit.

Unsurprisingly, the iMac Pro gets a low repairability score of 3. That said, it’s still possible to upgrade the RAM, and it may even be possible to upgrade the CPU and SSDs in the future. Unfortunately the GPU is soldered into place, but with Thunderbolt 3-enabled GPUs, that becomes less of an issue.