Find out the week’s top mobile stories from around the world. Headlines this week include… FTC lawsuit spotlights a major privacy risk, US blocks sales of some AI chips to China, Microsoft finds TikTok vulnerability and much more!
FTC lawsuit spotlights a major privacy risk: From call records to sensors, your phone reveals more about you than you think
The Federal Trade Commission filed suit against Kochava Inc. on Aug. 29, 2022, accusing the data broker of selling geolocation data from hundreds of millions of mobile devices. Consumers are often unaware that their location data is being sold and that their past movements can be tracked, according to the commission.
The FTC’s suit specified that Kochava’s data can be used to track consumers to sensitive locations, including “to identify which consumers’ mobile devices visited reproductive health clinics.”
Chip designer Nvidia said that US officials told it to stop exporting two top computing chips for artificial intelligence work to China, a move that could cripple Chinese firms’ ability to carry out advanced work like image recognition.
The company on Wednesday said the ban, which affects its A100 and H100 chips designed to speed up machine learning tasks, could interfere with completion of developing the H100, the flagship chip Nvidia announced this year. Nvidia said US officials told it the new rule “will address the risk that the covered products may be used in, or diverted to, a ‘military end use’ or ‘military end user’ in China.”
Microsoft said on Wednesday that it recently identified a vulnerability in TikTok’s Android app that could allow attackers to hijack accounts when users did nothing more than click on a single errant link. The software maker said it notified TikTok of the vulnerability in February and that the China-based social media company has since fixed the flaw, which is tracked as CVE-2022-28799.
The vulnerability resided in how the app verified what’s known as deeplinks, which are Android-specific hyperlinks for accessing individual components within a mobile app. Deeplinks must be declared in an app’s manifest for use outside of the app—so, for example, someone who clicks on a TikTok link in a browser has the content automatically opened in the TikTok app.
Mobile gaming companies are increasingly using misleading and sexualised advertising to acquire new users amid a wider slowdown in demand within the games industry.
The UK’s advertising regulator has hit out at a new trend in gaming ads that display sexist and non-consensual sexual imagery and often target vulnerable adults and children.
“This is a newer issue for us to look at,” said James Craig, senior regulatory policy executive at the Advertising Standards Authority. “We take any complaints on this very seriously because of the huge problems we’ve seen [so far]”.
Massive amounts of private data – including more than 300,000 biometric digital fingerprints used by five mobile banking apps – have been put at risk of theft due to hard-coded Amazon Web Services credentials, according to security researchers.
Symantec’s Threat Hunter Team said it discovered 1,859 publicly available apps, both Android and iOS, containing baked-in AWS credentials. That means if someone were to look inside the apps, they would have found the credentials in the code, and could potentially have used that to access the apps’ backend Amazon-hosted servers and steal users’ data. The vast majority (98 percent) were iOS apps.
Kenya has been at the forefront of Africa’s mobile money revolution ever since Safaricom launched the continent’s first mobile money platform M-Pesa, but Ethiopia has lagged behind its neighbor and other countries in the region.
In fact, it’s only this month that Ethiopian FinTech Kacha Digital Financial Services became the first private company in the East African nation to be awarded a mobile money license by the National Bank of Ethiopia.
Moreover, while M-Pesa went live in 2007, it wasn’t until last year that Ethiopia got its first nationwide mobile money service in Telebirr, provided by the state-owned telecoms company Ethio Telecom. Less than a week after its launch, more than 1 million people had registered a Telebirr account — an indication of the pent-up demand for a local mobile money service in the country.
The Holy Spirit appears to be moving within Sony, as they realize that putting all their eggs into a single basket, a PlayStation console, may not be the best idea in the face of increased competition from all sources and hardware manufacturing issues.
As such, we have seen movement for Sony to get a lot more involved in PC ports of their big games, doing so a bit faster and more often than they used to. But today another piece of the future has been revealed as Sony also wants that mobile games money.
Which? looks at how celebrity endorsement and big brand names promoting crypto and NFTs are skewing consumers’ investment decisions
Football clubs, celebrities and big brand names have all contributed to normalising these volatile digital assets, Which? warns.
In early 2022, a Which? employee ordered a pair of shoes online from Schuh. When the package arrived, it included an envelope marked ‘exclusive deals’. Inside was a leaflet from crypto exchange website Luno, offering £10 worth of free bitcoin in exchange for registering an account.
The popular Canadian coffee chain Tim Hortons recently experienced negative publicity after multiple government agencies shed light on the company’s mobile app privacy policies and data collection methods. An investigation concluded the Tim Hortons mobile app secretly collected sensitive user geolocation data without consent even when the app wasn’t in use. This discovery tarnished the reputation of a widely respected company with a long history of customer loyalty.
Deutsche Telekom’s T‑Mobile US is to use SpaceX’s Starlink satellite network to expand coverage across rural parts of the US – and SpaceX wants to attract other mobile operators around the world.
T‑Mobile US, which is 64.78% owned by Deutsche Telekom, says that, with Starlink’s help, it will be able to provide what it called “near complete coverage” in most places in the US – even in remote locations previously unreachable by traditional mobile signals.