CategoriesNewsPrivacySmart PhonesTechnology

What is Alphonso? Game Apps Use Smartphone Mics to Track Users

Gaming apps are widely used on many smart phones as a way to pass the time. Seemingly innocuous, mini games like bowling and pool can be addictive and fun for a variety of users. If you’re not paying close attention, however – you may be giving these apps more permissions than you bargained for.

A company called Alphonso is a service that provides software to app developers known as Automated Content Recognition or “ACR”. This ACR software, once installed, collects data about TV-viewing habits for advertisers by using the smartphone’s microphone. Yes, Alphonso actually listens to the sounds coming from your tv in order to target more relevant ads to you later.

Gaming app developers are using Alphonso in their apps in order to share data with advertisers. They are able to “listen in” in this way because the user gave permission to the app to use the microphone.

From Alphonso’s Privacy Policy for app Developers:

With your permission provided at the time of downloading the app, the ACR software receives short duration audio samples from the microphone on your device. Access to the microphone is allowed only with your consent, and the audio samples do not leave your device but are instead hashed into digital “audio signatures.” The audio signatures are compared to commercial content that is playing on your television, including content from set-top-boxes, media players, gaming consoles, broadcast, or another video source (e.g., TV shows, streaming programs, advertisements, etc.). If a match is found, Alphonso may use that information to deliver more relevant ads to your mobile device. The ACR software matches only against known, commercial audio content and does not recognize or understand human conversations or other sounds.

A big concern is that kids are being “tricked” into downloading these privacy-invading apps because they don’t always understand what they are agreeing to. There are some apps using Alphonso that are directed specifically toward kids. (Engadget)

According to Engadget, Alphonso says that its software doesn’t record human speech and they are in full compliance with the law. Others say that just because it is legal, doesn’t make it any less creepy and maybe is even unethical.

Over 250 games are currently using the Alphonso software.

For those interested, Alphonso does provide a “Mobile Opt-Out Guide” (found here) that will help explain how you can use your mobile device controls to revoke your consent for them to access your microphone.

Photo credit: Esther Vargas – “Smartphones”

CategoriesNewsSmart PhonesSocial Media

Facebook Messenger Adds New VoIP Feature

From Gadget Diary: “Facebook Group calling is now available and you can easily do a conference call using the feature.” Here is a sneak peak into the new Facebook Messenger Group Calling app:

Over the next 24 hours, Facebook is going to roll out a new VoIP feature that will allow its users to make group calls to each other. According to TechCrunch, you’ll be able to call up to 12 people simultaneously and it will ring to all of their apps at the same time. If a potential participant misses the call, they will have the option to join up by tapping a phone icon once they’re back at their phone. Video chat is not available yet, so it isn’t really a replacement for Skype or Google Hangouts at this time. However, calls can be made to any Facebook user anywhere in the world free of charge – which may be attractive to users who currently spend a lot of money on long distance calls.

Some people prefer to not have Facebook Messenger installed on their phones because it’s known to violate their privacy by tracking all kinds of phone data and is also a huge drain on both iPhone and Android phone batteries. Could this be a way for the company to get more people to install the app? Would you be willing to reinstall the app to save money on phone charges, or would you utilize one of the many other free VoIP services available? Do you think it’s a good idea to be able to call so many people at once with Facebook messenger? It could take ‘drunk-dialing‘ to a whole new level.

CategoriesInternetNewsPrivacySecurity

Skype Will Better Protect Users by Hiding IP Addresses

Skype has announced that in their new update, they will finally hide your IP address so that you are protected from “trolls”. This news is especially good for gamers who often find themselves DDoS’d by gaming rivals. There have been many YouTube tutorials helping Skype users find IP addresses through Skype calls. This sometimes leads to retaliation tactics against other gamers.

Here is an example of one such tutorial:

Instead of allowing users to opt-out of sharing IP addresses with contacts, Skype’s new update will automatically hide the IP address.

“Microsoft says the measure will “prevent individuals from obtaining a Skype ID and resolving to an IP address,” which won’t only protect gamers, but other Skype users who may be targeted by online trolls.” –Matt Brian, Engadget

Many believe that Skype is responding to the wishes pro-gamers have had for a long time. Some users were already using work-arounds to disguise their IP to protect themselves.

If you still need to get the latest version of Skype, you can find it here.

CategoriesInternetPrivacySecurity

How Do SSL Certificates Work?

How do you exchange private data over the internet? Part of the answer lies with SSL certificates. Secure Socket Layer (SSL) certificates work by creating a private line of communication in which allows private data to be delivered.

The main problem with communication and security over the internet is eavesdropping. Others may be able to access the data exchange between your computer and the website’s servers. This is also called a main-in-the-middle attack. SSL certificates are a way of ensuring that no one is able to intercept and decrypt this information.

To better understand how SSL certificates work, let’s imagine a boy is being picked up at the train station for the first time by someone who he’s never met. How can he know for sure to trust the person picking him up? The answer is simple. His parents write a letter signed by them stating they trust that individual. By trusting his parent’s authority, the boy can now trust the person picking him up.

This is quite similar to how SSL certificates work. Web sites can create certificates and have them signed by something called a CA or Certificate Authority. An example includes DigiCert. By having them signed, browsers can then identify website and servers by their certificate. They then know if they can trust them. This is the basic concept of how SSL Certificates help to identify and trust the websites we are communicating with.

What about actually communicating? What if two people want to talk in that same train station without worrying if someone else is listening? The answer lies with keys. To illustrate the concept of keys and how they help with encryption, imagine each of the two people have a box and a set of keys. The keys are labeled private and public. They exchange their public keys. Now, each person has a private key, the other’s public key, and a box.

The basic process works like this: One person writes a message and places it into the box. They then lock the box with the other’s public key. They then pass the box along. Once the box is at its destination, only the person holding the private key can open the box locked by its very own public key. If the other person wants to send a message back, they can send back a letter in the box locked with the other’s public key. The entire communication, also called a session, can go back and forth securely using this method.

This is much like how SSL certificates are used to create private and public keys. Web servers send the user a copy of its public key along with the certificate. The browser can then decide to trust the website based on this information. If it does, it can then send messages back and forth simply by encrypting and decrypting keys.

Identifying websites that have and use SSL are easy. Simply look for the lock at the top of the browser. Never exchange private data unless there is a lock up at the top of the browser. If there isn’t, there is not an acceptable level of encryption being used on that site. Anyone who sells anything online needs to have an SSL .All banks and e- commerce sites need to have an SSL to help ensure security.