Category: Tech news

Earlier this week, a bug was found in FaceTime that could let others listen in to your Apple device’s microphone (or, in specific cases, view video from the camera) without you accepting the FaceTime call.

Apple disabled the Group FaceTime feature that enabled this bug server-side, thus preventing its future misuse while they worked on a proper patch. Apple says that patch should land later this week, but it sounds like that won’t be the end of it for the company.

New York Attorney General Letitia James and Governor Andrew Cuomo have just announced their intent to investigate the matter — how it happened, and what they call Apple’s “slow response.”

While Apple responded with its temporary fix once the bug started going viral, reports suggest that at least two users — a 14-year-old from Arizona and his mother — had been trying to no avail to warn Apple of this matter for more than a week prior.

While bugs happen, this is a particularly egregious and mystifying one. It’s like the perfect storm of bugs — there’s the bug that turns on the microphone early, then a second stage of the bug that for some logic-defying reason turns on the camera if the call recipient hits the power button to try to decline the call. Then it slipped through QA. Then, finally, it gets noticed by someone with good intentions who tries many ways to bring it to Apple’s attention, unsuccessfully. It slowly spreads from person to person, then goes viral on Twitter. This is the kind of bug that people will be reading about in their software engineering textbooks for years.

We’ve reached out to Apple for comment on the investigation, but none was given at the time of publishing.

Spin, the electric scooter company recently bought by Ford, still won’t be able to operate in San Francisco. Well, at least for now. This comes after Spin appealed the San Francisco Municipal Transportation Agency’s decision regarding electric scooter permits in the city. A neutral officer, James Doyle, has since denied Spin’s appeal.

“The SFMTA is pleased the hearing officer validated our permitting process, which above all, prioritized the public interest,” SFMTA Communications Manager Ben Jose said in a statement to TechCrunch. “The SFMTA developed a fair, thoughtful and transparent permit program. Permits were awarded to the companies with the best applications that demonstrated a commitment to operating a safe, equitable and accountable service.”

There is, however, a silver lining for Spin. The hearing officer recommends the SFMTA consider having Spin participate in the second half of the one-year pilot program. That’s because “Spin appears to be an experienced and capable operator, and because allowing additional operators will enhance the probability of success of the powered e-scooter share program in San Francisco,” Doyle wrote in his decision.

Citing Section 916 of the electric scooter program, which states that after the initial six-month period, the SFMTA may evaluate those with permits and reassess compliance, Doyle says that provides a “natural juncture” in the program. After the first six months of the program, the SFMTA can potentially increase the number of scooters from the current max of 625 to 2,500. This juncture, Doyle said, should be able to accommodate the addition of other operators.

“We were heartened by the Hearing Officer’s strong recommendation that Spin be granted a permit by the SFMTA at the six-month mark of the pilot,” a Spin spokesperson told TechCrunch via email. “While it’s disappointing that Spin can’t immediately serve our hometown, we appreciate the Hearing Officer’s acknowledgment of our experience and capabilities, and we look forward to working with the SFMTA to serve more San Franciscans with an alternative mobility mode and hire locally from the community.”

Currently, Skip and Scoot are the only two companies permitted to operate electric scooters in SF. Since deploying their respective fleets in October, both have experienced some growing pains — mostly pertaining to theft and vandalism. That has led both Scoot and Skip to add locks to their fleets.

Moving forward, it’s unclear if the SFMTA will take the recommendation, but Jose said, “The SFMTA will be consulting with the City Attorney’s Office to determine next steps as we near the second half of the pilot.

In response to TechCrunch’s investigation of Facebook paying teens and adults to install a VPN that lets it analyze all their phone’s traffic, Senator Mark Warner (D-VA) has sent a letter to Mark Zuckerberg. It admonishes Facebook for not spelling out exactly which data the Facebook Research app was collecting or giving users adequate information necessary to determine if they should accept payment in exchange for selling their privacy. Following our report, Apple banned Facebook’s Research app from iOS and shut down its internal employee-only workplace apps too as punishment, causing mayhem in Facebook’s office.

Warner wrote to Zuckerberg, “In both the case of Onavo and the Facebook Research project, I have concerns that users were not appropriately informed about the extent of Facebook’s data-gathering and the commercial purposes of this data collection. Facebook’s apparent lack of full transparency with users – particularly in the context of ‘research’ efforts – has been a source of frustration for me.”

Warner is working on writing new laws to govern data collection initiatives like Facebook Research. He asks Zuckerberg, “Will you commit to supporting legislation requiring individualized, informed consent in all instances of behavioral and market research conducted by large platforms on users?”

Senator Blumenthal’s fierce statement

Meanwhile, Senator Richard Blumenthal (D-CT) provided TechCrunch with a fiery statement regarding our investigation. He calls Facebook anti-competitive, which could fuel calls to regulate or break up Facebook, says the FTC must address the issue and that he’s planning to work with congress to safeguard teens’ privacy:

“Wiretapping teens is not research, and it should never be permissible. This is yet another astonishing example of Facebook’s complete disregard for data privacy and eagerness to engage in anti-competitive behavior. Instead of learning its lesson when it was caught spying on consumers using the supposedly ‘private’ Onavo VPN app, Facebook rebranded the intrusive app and circumvented Apple’s attempts to protect iPhone users. Facebook continues to demonstrate its eagerness to look over everyone’s shoulder and watch everything they do in order to make money. 

Mark Zuckerberg’s empty promises are not enough. The FTC needs to step up to the plate, and the Onavo app should be part of its investigation. I will also be writing to Apple and Google on Facebook’s egregious behavior, and working in Congress to make sure that teens are protected from Big Tech’s privacy intrusions.”

Senator Markey says stop surveiling teens

And finally, Senator Edward J. Markey (D-MA) requests that Facebook stop recruiting teens for its Research program, and notes he’ll push his “Do Not Track Kids” act in Congress:

“It is inherently manipulative to offer teens money in exchange for their personal information when younger users don’t have a clear understanding how much data they’re handing over and how sensitive it is. I strongly urge Facebook to immediately cease its recruitment of teens for its Research Program and explicitly prohibit minors from participating. Congress also needs to pass legislation that updates children’s online privacy rules for the 21st century. I will be reintroducing my ‘Do Not Track Kids Act’ to update the Children’s Online Privacy Protection Act by instituting key privacy safeguards for teens. 

But my concerns also extend to adult users. I am alarmed by reports that Facebook is not providing participants with complete information about the extent of the information that the company can access through this program. Consumers deserve simple and clear explanations of what data is being collected and how it being used.”

The senators’ statements do go a bit overboard. Though Facebook Research was aggressively competitive and potentially misleading, Blumenthal calling it “anti-competitive” is a stretch. And Warner’s questioning on whether “any user reasonably understood that they were giving Facebook root device access through the enterprise certificate” or that it uses the data to track competitors oversteps the bounds. Surely some savvy technologists did, but the question is whether all the teens and everyone else understood.

Facebook isn’t the only one paying users to analyze all their phone data. TechCrunch found that Google had a similar program called Screenwise Meter. Though it was more upfront about it, Google also appears to have violated Apple’s employee-only Enterprise Certificate rules. We may be seeing the start to an industry-wide crack down on market research surveillance apps that dangle gift cards in front of users to get them to give up a massive amount of privacy.

Warner’s full letter to Zuckerberg can be found below:

Dear Mr. Zuckerberg: 

I write to express concerns about allegations of Facebook’s latest efforts to monitor user activity. On January 29th, TechCrunch revealed that under the auspices of partnerships with beta testing firms, Facebook had begun paying users aged 13 to 35 to install an enterprise certificate, allowing Facebook to intercept all internet traffic to and from user devices. According to subsequent reporting by TechCrunch, Facebook relied on intermediaries that often “did not disclose Facebook’s involvement until users had begun the signup process.” Moreover, the advertisements used to recruit participants and the “Project Disclosure” make no mention of Facebook or the commercial purposes to which this data was allegedly put.

This arrangement comes in the wake of revelations that Facebook had previously engaged in similar efforts through a virtual private network (VPN) app, Onavo, that it owned and operated. According to a series of articles by the Wall Street Journal, Facebook used Onavo to scout emerging competitors by monitoring user activity – acquiring competitors in order to neutralize them as competitive threats, and in cases when that did not work, monitor usage patterns to inform Facebook’s own efforts to copy the features and innovations driving adoption of competitors’ apps. In 2017, my staff contacted Facebook with questions about how Facebook was promoting Onavo through its Facebook app – in particular, framing the app as a VPN that would “protect” users while omitting any reference to the main purpose of the app: allowing Facebook to gather market data on competitors.

Revelations in 2017 and 2018 prompted Apple to remove Onavo from its App Store in 2018 after concluding that the app violated its terms of service prohibitions on monitoring activity of other apps on a user’s device, as well as a requirement to make clear what user data will be collected and how it will be used. In both the case of Onavo and the Facebook Research project, I have concerns that users were not appropriately informed about the extent of Facebook’s data-gathering and the commercial purposes of this data collection.

Facebook’s apparent lack of full transparency with users – particularly in the context of ‘research’ efforts – has been a source of frustration for me. As you recall, I wrote the Federal Trade Commission in 2014 in the wake of revelations that Facebook had undertaken a behavioral experiment on hundreds of thousands of users, without obtaining their informed consent. In submitted questions to your Chief Operating Officer, Sheryl Sandberg, I once again raised these concerns, asking if Facebook provided for “individualized, informed consent” in all research projects with human subjects – and whether users had the ability to opt out of such research. In response, we learned that Facebook does not rely on individualized, informed consent (noting that users consent under the terms of the general Data Policy) and that users have no opportunity to opt out of being enrolled in research studies of their activity. In large part for this reason, I am working on legislation to require individualized, informed consent in all instances of behavioral and market research conducted by large platforms on users. 

Fair, robust competition serves as an impetus for innovation, product differentiation, and wider consumer choice. For these reasons, I request that you respond to the following questions: 

1. Do you think any user reasonably understood that they were giving Facebook root device access through the enterprise certificate? What specific steps did you take to ensure that users were properly informed of this access? 

2. Do you think any user reasonably understood that Facebook was using this data for commercial purposes, including to track competitors?

3. Will you release all participants from the confidentiality agreements Facebook made them sign?

4. As you know, I have begun working on legislation that would require large platforms such as Facebook to provide users, on a continual basis, with an estimate of the overall value of their data to the service provider. In this instance, Facebook seems to have developed valuations for at least some uses of the data that was collected (such as market research). This further emphasizes the need for users to understand fully what data is collected by Facebook, the full range of ways in which it is used, and how much it is worth to the company. Will you commit to supporting this legislation and exploring methods for valuing user data holistically?

5. Will you commit to supporting legislation requiring individualized, informed consent in all instances of behavioral and market research conducted by large platforms on users?

I look forward to receiving your responses within the next two weeks. If you should have any questions or concerns, please contact my office at 202-224-2023.

Your phone won’t last more than about 5 minutes in weather below -35 degrees Fahrenheit—just long enough for you to also get nibbled by frostbite.

After almost two years of public and regulatory scrutiny, Facebook continues to brazenly skirt every rule and attempt at oversight put before it.

A machine is mastering the complex physics of Jenga. That’s a big step in the daunting quest to get robots to manipulate objects in the real world.

Art studio or science lab? Photographer Stefanie Bürkle tries to break down the distinction in her new series.

An event called the Herculean Pull looks like it’s all about raw muscle power, but the real trick is to leverage torque.

It would update its windshield-mounted devices to identify the scourges, then share the info with local governments.

It might not feel that way for everyone, but longtime fans of the franchise will feel welcome in the series’ latest installment.

Opinion: The most promising news innovations of the past decade have been built on audience engagement and community needs.

TVs are on sale because of the Super Bowl, and we’ve rounded up our favorite discounted sets and soundbars.

Cold weather is no fun for battery-powered cars, but experienced owners have a few tips for getting by when the mercury drops.

The confrontational, sometimes Swiftian heart of Killer Mike’s show aims to reach common ground by way of unvarnished agitation.

If you tried to text Ashton Kutcher today, you were prompted to sign up for a new messaging service called Community.