Whisper CEO denies Guardian allegations that it tracks users locations

While on stage at the WSJD Live conference, Whisper CEO Michael Heyward defended his company against the Guardian‘s recent allegations that the anonymous sharing app stores and tracks its users locations. He told Wall Street Journal reporter Evelyn Rusli that not only were all the paper’s accusations wrong and misleading, but that he would fire the employee who supposedly told the Guardian that it would follow a particular Whisper user, who happens to be a lobbyist, for life. The company has already suspended its editorial staff to conduct an internal investigation and find out just who this person is. “This does not reflect our values and what we’re all about,” he said.

Heyward further said that the Guardian, who was one of Whisper’s media partners, came into the Whisper’s office “under false pretenses” and “made a lot of technical inferences from non-technical people.” Particularly, he said that Whisper can’t track GPS locations, though he does admit to collecting IP addresses that it deletes after seven days. “We use them for community safety purposes,” he said, adding that the company’s privacy policy has not changed despite what the Guardian has reported.

As for the accusation that it shares certain Whisper posts with the US Department of Defense, Heyward said a lot of anonymous posts come from military personnel who exhibit post-traumatic stress disorder. The company then collected that data — which are all publicly posted anyway — and compiled them in a study that the company shared with the office of Veteran Affairs. “To take that and misconstrue that as sharing user data for surveillance… it’s just misleading,” said Heyward. Another case in which Whisper does share user posts is any time a minor is at risk. “We’ll always proactively alert child protective services,” said Heyward. Apparently Whisper does this about 20 times per week. It also does this if someone posts a suicidal note or is a danger to themselves and others.

As for whether Whisper would take legal action against the Guardian, Heyward wouldn’t give a concrete answer, but it did as if that was a strong possibility. “The way the Guardian mischaracterized and misled their readers was hugely responsible,” he said. “We have to focus on doing right for our users and our company. I don’t have anymore to add.”

Filed under: Internet, Mobile

Comments

The FBI faked a news website to catch a bomb threat suspect

The DEA isn’t the only US law enforcement agency using impersonation on the web to catch suspects, it seems. The American Civil Liberties Union’s Christopher Soghoian has noticed documents showing that the FBI created a fake, spyware-laden version of the Seattle Times‘ website to catch a teen bomb threat suspect in 2007. When the teen clicked the link to check out an equally fake Associated Press story, the hidden software installed itself and sent both the target computer’s location and its internet address to officers. As you might gather, both civil liberty advocates and media outlets are furious — the FBI effectively conducted a phishing attack, and neither the AP nor the Times appreciate having their names and likenesses used without permission.

The FBI is defending its use of the tactic. It claims that it only resorts to these fake sites in “very rare circumstances” where it’s likely to eliminate a threat, and it notes that the Times trickery ultimately led to a conviction after the culprit pled guilty. However, all it’s saying is that the ends justified the means. This isn’t really a defense of the act itself, which has its share of ethical and legal problems. For any civilian, running a phishing site would be a criminal offense; also, the warrant request only said that the FBI would install the software through “communication,” not that it would imitate others to achieve its goal. There aren’t any signs of an impending investigation into the case, but the revelation certainly won’t improve the FBI’s chances of getting mandatory backdoor access to Americans’ devices.

[Image credit: Stephen Chernin/Getty Images]

Filed under: Internet

Comments

Via: Seattle Times, Gizmodo

Source: EFF (PDF), Christopher Soghoian (Twitter)

MapMyFitness gets Google Fit integration and an Activity Feed in update

We can expect a slew of fitness-related applications to receive updates in the coming weeks. Why? Because Google Fit is here. The activity tracking platform from Google collects data from outside apps and organizes it into a single profile. MapMyFitness has received an update today that includes this new Google Fit integration behind some other core changes. It has a new Activity Feed. This section takes what you and friends are doing and displays it for everyone to see. From there, you can compare yourself and see how far ahead (or even behind) you are. MapMyFitness also added Gear Tracker, a way for users to monitor their shoes purchased through Zappos.

Hit the break for download links.

Play Store Download Link

Source: MapMyFitness

Come comment on this article: MapMyFitness gets Google Fit integration and an Activity Feed in update

Verizon’s changes to mobile web traffic limit your privacy

Do you work hard to maintain privacy on your smartphone through tools like Do Not Track? If you’re on Verizon, your efforts might not be doing much good. Researchers have discovered that the carrier has been modifying some of its cellular web traffic to insert a Unique Identifier Header (UIDH) that helps create profiles for targeted ads. You can opt out of the associated ad program to avoid the sales pitches, but that doesn’t turn the headers off — a less-than-scrupulous website could still build a unique profile of your activity, whether it’s for simple advertising purposes or customizing phishing attacks.

The tracking isn’t always active, and it doesn’t function when you’re using secure websites, surfing on WiFi or connecting through a virtual private network. As such, it’s not a perfect mirror of what you’re doing; you don’t have to worry that Verizon is aware of your preferred bank or webmail service. However, secure sites aren’t really the problem here. The greater concern is that there’s no easy way to avoid this unique web ID when you’re away from home, which is frequently the case when you’re on your phone. The odds aren’t that high that sites will knowingly abuse Verizon’s altered web traffic, but many would argue that it shouldn’t even be an option.

[Image credit: AP Photo/John Minchillo]

Filed under: Cellphones, Wireless, Internet, Mobile, Verizon

Comments

Source: Wired, Jacob Hoffman-Andrews (Twitter)

Engadget Daily: Verizon’s Droid Turbo, YouTube’s music subscription service and more!

What has a whopping battery, metallized glass-fiber backside and beautifully crisp Quad HD display? Verizon’s Droid Turbo, that’s what. Want more? Of course you do — read on for all our news highlights from the last 24 hours, including YouTube’s music subscription service, Google’s fitness app and the PlayStation 2.0 update.

Filed under: Misc, Internet

Comments