Apps

SIM card vulnerability puts your sensitive information at risk

It’s called the SIMjacker

Published

on

SIM cards are very important. However, a new SIM card vulnerability found out by AdaptiveMobile Security might be putting our information at risk. The Simjacker exploit, which was recently found out and still being investigated on, allows malicious hackers to steal sensitive information from your phone through a SIM card.

Mechanism of attack

Infographic explaining the attack using Simjacker vulnerability | Photo by Simjacker.com

How does the Simjacker vulnerability work?

First, a hacker sends a malicious code to your phone through SMS. Then, the malicious code is read directly by your SIM card. The code then causes the [email protected] browser to send sensitive information to an accomplice device through SMS.

According to the report pulished by AdaptiveMobile Security regarding the vulnerability, the [email protected] browser is found on most SIM cards even though its development was abandoned many years ago. [email protected] browser was never updated, so it carries the risk of sending sensitive information to hackers when exploited successfully.

Sensitive information retrieved and transmitted by the [email protected] browser include location and the IMEI of an exploited device. The IMEI is a shorthand for International Mobile Equipment Identity, which is a 15 digit number unique to your smartphone that has some information about your device including its brand and model. As such, hackers can determine your exact location if you have a compromised SIM card, regardless of what device you have.

And the worst part of the attack is that you have no way of knowing that it has already been done since it all happens within the SIM card.

Origin and scope of the attack

The purpose for carrying an attack varies. However, the report traces the origin to an unspecified private company that works with governments to monitor individuals. So, there is a real possibility that it has been used to spy on us. And rightly so, since specific individuals were targeted in a certain country.

The report also warned that over one billion smartphones across all continents could be at risk to the vulnerability — and you could be one of them.

Response to the attack

In response to the discovered vulnerability, industry association SIMalliance has already put up recommendations for network providers to secure their networks. At this point in time, you can’t do anything to secure yourself from the vulnerability, unless you decided to go SIM-free.

But as a general rule of thumb, you shouldn’t just give your smartphone number like a free lunch. It also pays to update your smartphone once in a while, since some updates are designed to secure your phone from these kind of vulnerabilities and attacks.

Apps

Twitter adds draft, schedule tweets on the web

Sending tweets just got more flexible

Published

on

Photo by Yucel Moran on Unsplash

Sending tweets just got more flexible. Twitter is now adding an option for users to draft a tweet which they can continue later. Plus, there is now an option to schedule when a tweet should be posted.

Users don’t have to do anything to take advantage of these new features. Twitter has enabled these features just recently to everyone after experimenting with them in November.

For users who want to draft a tweet, they simply have to click “X” on the tweet window. A prompt to save the tweet will appear. Clicking “Save” will send the tweet to the “Unsent Tweet” where users can see a list of their drafted tweets.

It is important to note that drafted tweets will sync only on the web version of Twitter. There’s no option yet to see web version drafted tweets on the mobile app.

Meanwhile, those who wanted to schedule their tweets can do so by clicking on the new calendar icon on the bottom left of the tweet window. By doing so, a schedule option will appear, and users can change the date and time of the tweet’s post schedule.

Twitter Support prepared a little video for those who prefer to watch these new features in action:

These new features are surely a welcome addition to the platform. Perhaps, users who wanted to clarify their thoughts first before tweeting should greatly benefit from this feature. Now, if only Twitter would give its users an option to edit tweets. It’s still a pipe dream, but with new changes being introduced to the platform, it’s not impossible.

Source: The Verge

Continue Reading

Apps

Microsoft adds new spellcheck system for Chrome on Windows

Embracing an open-source ecosystem

Published

on

There’s no error in the headline, Microsoft is indeed helping Google’s Chrome browser work better thanks to a new spellcheck system. This move will not just help Chrome though, it’ll also enable Edge browser with improved spellcheck. Getting too confusing? Here’s a simple explanation.

The Chromium project is a free and open-source repository, just like Android. Anyone can use it, edit it, or build upon it. Google’s Chrome browser is based on this project, and so is Microsoft’s Edge. Other browsers utilizing this backend technology are Torch, Brave, Amazon Silk, and many more.

How is Microsoft helping Google? It’s bringing a new spell checker on Windows 8.1 and newer for all Chromium browsers.  Until now, Chromium browsers were leveraging open-source proofing tools for spell checking. By collaborating directly with Google’s Chromium engineers, Microsoft has enabled Windows Spellcheck for all Chromium browsers.

The new Windows Spellcheck will support URLs, acronyms, email addresses, additional languages along with various dialects, and a shared custom dictionary. The new system replaces Microsoft’s Hunspell Spellcheck tool.

The update is among more than 1,900 such changes Microsoft has contributed to the browser’s project. The new spell checker is live on Edge with version 83.

While this announcement may not seem to be very exciting, it underlines an essential change in Microsoft’s strategy. The software company has a notorious reputation of being against open-source. However, it has radically changed its position in the last handful of years. After the fall of Windows Mobile, it was a clear lesson that the future is about embracing an open eco-system instead of a partial one.

Continue Reading

Apps

IGTV will soon have ads and share revenue with creators

Can it take on YouTube?

Published

on

There’s some good news as well as bad news. How you perceive it, depends on your role. If you’re a content creator on IGTV, Instagram will share ad revenues with you. And, if you’re an IGTV viewer, the bad news is you’ll have to watch that ad, just like YouTube.

Facebook-owned Instagram has announced it’ll start serving IGTV with ads and share the revenue with influencers who create content for the platform. Instagram already has ads embedded while scrolling posts or sifting through stories. We expected the roll-out to happen in the near future considering Facebook’s reputation with ads and hunger for user data.

Instagram will share at least 55 percent of the revenue from these ads with creators. This should encourage users to upload more content on the platform and the strategy is a proven one today. Google’s YouTube has created a thriving community of YouTubers who’ve become a millionaire thanks to their regular content push and subscriber base.

It’s testing IGTV ads with a handful of U.S. based creators and advertisers and plans to expand that slowly in the coming months. Furthermore, creators can also charge for virtual badges that shall be visible during Instagram Live.

Currently, the most sought monetization method for influencers is to directly cut deals with brands. But this removes Instagram from the equation completely. Instead, it has already rolled out features like Shopping, and Live Shopping to keep the user within the app and complete the transaction.

IGTV was launched in June 2018 as a spinoff of Instagram where users can watch longer videos made for mobile devices. Viewers access IGTV videos directly through Instagram or the stand-alone IGTV app.

Continue Reading
Advertisement

Gadget Reviews

Trending