Menu

Timesdelhi.com

April 22, 2019
Category archive

app-store

A powerful spyware app now targets iPhone owners

in Android/app maker/app-store/computing/data security/Delhi/Facebook/India/iOS/iPhone/iTunes/Lookout/mobile app/online marketplaces/Politics/privacy/Security/spy by

Security researchers have discovered a powerful surveillance app first designed for Android devices can now target victims with iPhones.

The spy app, found by researchers at mobile security firm Lookout, said its developer abused their Apple-issued enterprise certificates to bypass the tech giant’s app store to infect unsuspecting victims.

The disguised carrier assistance app once installed can silently grab a victim’s contacts, audio recordings, photos, videos and other device information — including their real-time location data. It can be remotely triggered to listen in on people’s conversations, the researchers found. Although there was no data to show who might have been targeted, the researchers noted that the malicious app was served from fake sites purporting to be cell carriers in Italy and Turkmenistan.

Researchers linked the app to the makers of a previously discovered Android app, developed by the same Italian surveillance app maker Connexxa, known to be in use by the Italian authorities.

The Android app, dubbed Exodus, ensnared hundreds of victims — either by installing it or having it installed. Exodus had a larger feature set and expanded spying capabilities by downloading an additional exploit designed to gain root access to the device, giving the app near complete access to a device’s data, including emails, cellular data, Wi-Fi passwords and more, according to Security Without Borders.

Screenshots of the ordinary-looking iPhone app, which was silently uploading a victim’s private data and real-time location to the spyware company’s servers (Image: supplied)

Both of the apps use the same backend infrastructure, while the iOS app used several techniques — like certificate pinning — to make it difficult to analyze the network traffic, Adam Bauer, Lookout’s senior staff security intelligence engineer, told TechCrunch.

“This is one of the indicators that a professional group was responsible for the software,” he said.

Although the Android version was downloadable directly from Google’s app store, the iOS version was not widely distributed. Instead, Connexxa signed the app with an enterprise certificate issued to the developer by Apple, said Bauer, allowing the surveillance app maker to bypass Apple’s strict app store checks.

Apple says that’s a violation of its rules, which prohibits these certificates designed to be used strictly for internal apps to be pushed to consumers.

It follows a similar pattern to several app makers, as discovered by TechCrunch earlier this year, which abused their enterprise certificates to develop mobile apps that evaded the scrutiny of Apple’s app store. Every app served through an app store has to be certified by Apple or they won’t run. But several companies, like Facebook and Google, used their enterprise-only certificates to sign apps given to consumers. Apple said this violated its rules and banned the apps by revoking enterprise certificates used by Facebook and Google, knocking both of their illicit apps offline, but also every other internal app signed with the same certificate.

Facebook was unable to operate at full capacity for an entire working day until Apple issued a new certificate.

The certificate Apple issued to Connexxa (Image: supplied)

But Facebook and Google weren’t the only companies abusing their enterprise certificates. TechCrunch found dozens of porn and gambling apps — not permitted on Apple’s app store — signed with an enterprise certificate, circumventing the tech giant’s rules.

After researchers disclosed their findings, Apple revoked the app maker’s enterprise certificate, knocking every installed app offline and unable to run.

The researchers said they did not know how many Apple users were affected.

Connexxa did not respond to a request for comment. Apple did not comment.

News Source = techcrunch.com

China’s YY eyes overseas live streaming with $1.45B Bigo buyout

in app-store/Asia/bigo/Cambodia/China/Delhi/Entertainment/huya/India/live streaming/Paraguay/Politics/Southeast Asia/Tencent/video hosting/vietnam/WeChat/YY by

One of China’s top live streaming companies YY bought a stake and obtained the right to purchase a majority share in Bigo last June, and now the other shoe has dropped after YY fully acquired the Singapore-based startup behind live streaming app Bigo Live and short-video service Like.

That’s according to an announcement YY made on Monday, which disclosed it has bought out the remaining 68.3 percent of all the issued and outstanding shares of Bigo for a price tag of about $1.45 billion.

Bigo’s connection to YY is deep-rooted. Li Xueling, a veteran Chinese journalist who’s also known as David Li, founded YY in 2005 well before the heyday of mobile-based live streaming apps. With the intent to bring the China-tested business to overseas markets, Li started Bigo in 2016 to replicate YY’s lucrative revenue model where the platform operator takes a cut whenever viewers reward streamers with virtual gifts, which can be cashed out.

YY racked up $675 million in net revenues and a net income of around $100 million from the fourth quarter of 2018, its latest earnings report shows.

The Bigo buyout is set to be a huge boost to YY’s international ambitions as its home market has been divided up between YY itself, its spin-off Huya that focuses on esports streaming and Huya’s archrival Douyu. Curiously, both Douyu and Huya are backed by Tencent, the company best known for the WeChat messenger but is also China’s largest games publisher.

To bring the domestic rivalry into perspective, Nasdaq-listed YY recorded a monthly mobile user base of 90.4 million in the fourth quarter. Huya, which priced its U.S. initial public offering at $180 million last August, posted a monthly of 50.7 million users from the same period. Douyu hasn’t recently unveiled its size as the company is reportedly mulling to go public in the U.S., but third-party data analytics company QuestMobile put its MAU in December at 43 million.

“We are very excited to announce the completion of the acquisition of Bigo. It is an important milestone for YY group which demonstrated our confidence and commitment to the globalization strategy,” said Li of YY in a statement.

Huya and Douyu have also ventured beyond China for new growth with their respective overseas brands Nimo TV and Nonolive. In its Q4 earnings report, Huya singled out foreign markets as one area of focus in 2019 and its Nimo already enjoys having a powerful ally, Tencent, which signed an agreement last July to help it with gaming content and brand recognition.

Huya’s overseas brand Nimo TV

“In addition to our vigorous domestic growth, we have successfully leveraged our unique business model to enter new overseas markets,” said chief executive Dong Rongjie. “We believe we are delivering long-term value through strategic investments in overseas markets in 2019 and beyond.”

While anchoring in Southeast Asia, Bigo has debuted in over 100 countries worldwide and been in the top ten of Apple’s app store not just in neighboring countries like Vietnam and Cambodia but also in Paraguay, Yeman and Angola, according to data collected by app tracking service App Annie. Growth in India has been particularly strong this year as the country captured 32 percent of Bigo’s 11 million new Android users who downloaded the app via Google Play between January and February, according to data provided by SensorTower.

Li estimated in 2017 that Bigo was generating an annual revenue of $300 million at the time. Bigo claims 200 million registered users to date with MAUs reaching almost 37 million worldwide. Its popularity has, however, gone hand in hand with its reputation for hosting offensive content, but the startup has assured it deploys resources to closely screen content. Back in China, YY, Huya, Douyu and the likes are constantly grappling with the government’s tightening grip over online information, which puts the burden on media companies to keep a robust content monitoring team to not only rid illegal videos but also parse the country’s opaque definition of what’s considered “inappropriate”.

Update (March 5, 2019, 13:00pm): Added details on Bigo’s growth and Huya’s overseas expansion

News Source = techcrunch.com

Apple removes VoIP app clones from the App Store

in App Store clones/app-store/Apple/Apps/Delhi/India/mobile/Politics by

Following my report from yesterday, Apple has removed many of the apps I pointed out. When you try to find them on the App Store, they are no longer available.

App Store Review Guidelines are very clear when it comes to app duplicates. According to rule 4.3, you can’t release the same app multiple times on the App Store has it is considered as spamming.

But that rule has been poorly enforced and some companies have taken advantage of that. In my original report, I focused on one category in particular — VoIP apps that let you get a second phone number and send and receive calls and texts from that new number.

Developers release multiple versions of the same app so that they can use different names, different keywords and different categories. This way, they can cover a wide range of keywords when you’re searching for an app in the App Store.

So let’s look at the developers I called out yesterday. It’s still unclear if some of these apps will reappear after some changes.

TextMe, Inc.

BinaryPattern and Flexible Numbers LLC

Appverse Inc.

Dingtone Inc.

This case illustrates once again that Apple holds the keys to the App Store kingdom. The company acts as a judge and can make or break some companies.

Some of those companies have released clones of their apps and benefited from that strategy for many years. The main issue here is that App Store rules aren’t enforced consistently.

Plenty of clones in other categories

The clone plague is far from over. Many categories also use this App Store optimization strategy.

JPEG Labs has released four different apps that let you print photos in Walgreens or CVS stores around you. They all do the same thing but have different names and keywords. (They also tell you to leave a review right after opening the app.)

Photo Prints: 1 Hour Photos

Print Photos: 1 Hour Prints

Printmatic 1 Hour Photo Print

Same Day Canvas Photo Prints

When you can’t beat them, acquire them

Another good example is MailPix, Inc. You can find multiple copies of the same app. The company is also slowly expanding its App Store footprint by acquiring competitors and changing those apps into duplicated versions of the main app.

MailPix acquired Photobucket’s printing app to turn it into a clone.

News Source = techcrunch.com

Apple partners with Oakland nonprofit Dream Corps on Swift coding initiative

in app-store/Apple/Apps/coding/Delhi/developers/dream corps/India/iOS/learn to code/macos/nonprofit/Politics/programming/Swift/tvos/watchOS by

Apple this morning announced a new partnership designed to train more people to code using its own programming language, Swift. The company says it’s now working with the Oakland-based nonprofit organization Dream Corps on the initiative, which will see Apple providing technology along with curriculum guidance, professional support and advocacy to individuals in middle and high schools, college and beyond.

The nonprofit currently operates its own learn-to-code program called #YesWeCode, which has graduated 100 people to date and placed around 60 percent in tech jobs. Its long-term goal is to help 100,000 young people from underrepresented backgrounds to be able to train for jobs in tech.

“I see Dream Corps as a peace corps for the American Dream,” said CEO Vien Truong, in a statement. Truong joined the organization in 2015, and is herself the youngest of 11 children born to an immigrant couple who migrated from Vietnam in the 1970’s, Apple also noted.

“It’s about making sure that we can help support people who lived or grew up in communities like mine. And this partnership with Apple will help unlock the untapped genius and talent within those communities, which will allow a new generation to achieve their dreams,” she added.

Dream Corps is now working with the Mayor’s Office and City of Oakland to find a location for a dedicated space to support the program with Apple and other workforce development initiatives. Apple says it’s expected to launch its program later this year in the Bay Area.

Apple’s investment in programming training and development is part of its larger Community Education Initiative. But partnerships like this aren’t the only way Apple is pushing people to learn to code with Swift.

Since the language’s introduction in 2014, Apple has rolled out several programs and tools aimed at helping introduce more people to Swift, including the 2016 launch of kids coding app Swift Playgrounds, expansions of its own “Everyone Can Code” program across the U.S. and elsewhere in the world; the addition of free coding sessions at its retail stores; and it has offered educational tools, software and curriculum for teachers.

For Apple, all of this is about ensuring there’s a new generation of developers learning its tools and Swift, in order to develop new apps for its platforms, iOS, macOS, watchOS and tvOS.

At last year’s WWDC event, WWDC, Apple CEO Tim Cook said there were 20 million registered developers on iOS, who collectively made about $100 billion in revenues, while the App Store saw some 500 million visitors per week.

As more of Apple’s business shifts to its growing Services business instead of just iPhone sales, it’s critical to ensure the developer pipeline remains open and accessible.

News Source = techcrunch.com

US iPhone users spent, on average, $79 on apps last year, up 36% from 2017

in app-store/Apps/Delhi/India/mobile/Politics/subscriptions by

Apple’s push to get developers to build subscription-based apps is now having a notable impact on App Store revenues. According to a new report from Sensor Tower due out later this week, revenue generated per U.S. iPhone grew 36 percent, from $58 in 2017 to $79 last year. As is typical, much of that increase can be attributed to mobile gaming, which accounted for more than half of this per-device average. However, more substantial growth took place in the categories outside of gaming — including those categories where subscription-based apps tend to rule the top charts, the firm found.

According to the report’s findings, per-device app spending in the U.S. grew more over the past year than it did in 2017.

From 2017 to 2018, iPhone users spent an average of $21 or more on in-app purchases and paid app downloads — a 36 percent increase compared with the 23 percent increase from 2016 to 2017, when revenue per device grew from $47 to $58.

However, 2018’s figure was slightly lower than the 42 percent increase in average per-device spending seen between 2015 and 2016, when revenue grew from $33 to $47, noted Sensor Tower.

As usual, mobile gaming continued to play a large role in iPhone spending. In 2018, gaming accounted for nearly 56 percent of the average consumer spend — or $44 out of the total $79 spent per iPhone.

But what’s more interesting is how the non-gaming categories fared this past year.

Some categories — including those where subscription-based apps dominate the top charts — saw even higher year-over-year growth in 2018, the firm found.

For example, Entertainment apps grew their spend per device increase by 82 percent to $8 of the total in 2018. Lifestyle apps increased by 86 percent to reach $3.90, up from $2.10.

And though it didn’t make the top five, Health & Fitness apps also grew 75 percent year-over-year to account for an average of $2.70, up from $1.60 in 2017.

Other categories in the top five included Music and Social Networking apps, which both grew by 22 percent.

This data indicates that subscription apps are playing a significant role in helping drive iPhone consumer spending higher.

The news comes at a time when Apple has reported slowing iPhone sales, which is pushing the company to lean more on services to continue to boost its revenue. This includes not just App Store subscriptions, but also things like Apple Music, Apple Pay, iCloud, App Store Search ads, AppleCare and more.

As subscriptions become more popular, Apple will need to remain vigilant against those who would abuse the system.

For example, a number of sneaky subscription apps were found plaguing the App Store in recent weeks. They were duping users into paid memberships with tricky buttons, hidden text, instant trials that converted in days and the use of other misleading tactics.

Apple later cracked down by removing some of the apps, and updated its developer guidelines with stricter rules about how subscriptions should both look and operate.

A failure to properly police the App Store or set boundaries to prevent the overuse of subscriptions could end up turning users off from downloading new apps altogether — especially if users begin to think that every app is after a long-term financial commitment.

Developers will need to be clever to convert users and retain subscribers amid this shift away from paid apps to those that come with a monthly bill. App makers will need to properly market their subscription’s benefits, and even consider offering bundles to increase the value.

But in the near-term, the big takeaway for developers is that there is still good money to be made on the App Store, even if iPhone sales are slowing.

News Source = techcrunch.com

1 2 3 10
Go to Top