Anti Spam League http://anti-spam-league.org/ Fri, 30 Sep 2022 01:38:45 +0000 en-US hourly 1 https://wordpress.org/?v=5.9.3 https://anti-spam-league.org/wp-content/uploads/2021/11/cropped-icon-32x32.png Anti Spam League http://anti-spam-league.org/ 32 32 Why Apple’s 30% tax on App Store NFT sales is getting mixed reactions https://anti-spam-league.org/why-apples-30-tax-on-app-store-nft-sales-is-getting-mixed-reactions/ Thu, 29 Sep 2022 23:00:00 +0000 https://anti-spam-league.org/why-apples-30-tax-on-app-store-nft-sales-is-getting-mixed-reactions/

Apple requires a 30% commission on all NFT transactions made through apps listed in the App Store, and a recent article highlighting this policy sparked a flurry of angry articles in the Web3 space. Apple does not accept cryptocurrency payments, nor does it allow NFTs to be denominated in their native cryptocurrencies, which makes listing and trading NFTs very difficult.


There’s nothing new about Apple’s 30% tax on App Store purchases, as it’s an important, albeit controversial, part of its multi-billion dollar business model. However, Apple also has a bitter history with NFT-related apps, such as removing NFT Play-To-Earn (P2E) games under South Korean regulatory pressure, or banning crypto wallet apps that manage NFTs. . However, Apple’s customer base is over a billion users, and listing an app on the iOS App Store provides a major source of traffic for many companies and startups, which can offset the commission of 30% with the right business models.

VIDEO OF THE DAY

Related: How NFT royalties work in the real world

A recent article by Information sparked controversy in the Web3 industry, detailing how Apple’s decision to soon allow NFT sales with its standard 30% sales tax presents a major roadblock to NFT startups. While a court ruling last year required changes to payments to allow links to off-platform payment channels, that simply means apps can direct users off-platform to make payments. However, this may not be useful for NFT trading. Because Apple will not accept cryptocurrency payments and will require all item listings to be denominated in dollars and paid for in fiat, NFT marketplaces face the hurdle of having to build additional infrastructure to support supports Apple’s payment system, and NFT dollar prices are constantly changing due to cryptocurrency. volatility. However, not all Web3 commentators are against this policy, as Apple’s reach extends to over a billion users and any kind of Web3 apps on its store could accelerate mass adoption, and a 30% commission for Apple is better than getting banned from the App Store. .


Few blockchains can scale to meet Apple’s user base

Onboarding a billion Apple users to Ethereum at this time would be catastrophic for Ethereum’s blockchain gas fees, even if only a fraction of them were to use NFTs. Fortunately, Ethereum’s popular NFT marketplace, OpenSea, uses the Immutable X scaling solution to facilitate gasless trading, which claims to support up to 9,000 transactions per second and could potentially handle the volume of the request for NFT on an iOS application. However, if an NFT application built on a ‘Layer-1’ blockchain (i.e. Ethereum or Solana) becomes popular enough, it could seriously harm the user experience of blockchain technology by sending gas fees “towards the Moon.

It’s possible that Ethereum’s blockchain competitor Solana could handle the volume of transactions without suffering a gas fee crisis, but Solana has been known to crash when overloaded with spam transactions. Additionally, Solana’s most popular NFT marketplace, Magic Eden, removed the NFT purchase functionality from its iOS app in protest at the 30% commission policy, although browsing the marketplace is still functional. Ultimately, it’s more likely that any NFT-related app or game that succeeds under Apple’s policies will have to be built from the ground up around those policies, and existing NFT marketplaces can’t do that.

While many in the Web3 community are outraged that they’ve received the same controversial treatment as all apps in Apple’s App Store, not everyone is mad at Apple for finally giving the go-ahead. to NFT sales on iOS apps. Unfortunately, NFTs are still too poorly understood and underdeveloped to sell to Apple’s Web2 customer base, many of whom view NFTs and cryptocurrencies as scams. Even if Apple didn’t impose harsh policies on iOS developers, a popular iOS NFT app that isn’t built on Immutable X or another gasless blockchain could potentially make its native blockchain unaffordable for everyone. However, if scaling issues can be avoided, a popular NFT-based app on AppleThe App Store could actually be invaluable to mass Web3 adoption, provided it’s designed around the 30% opportunity cost that hampers most startups.

Source: The News

]]> truecaller: Viceroy targets child safety and data protection of minors in second Truecaller report https://anti-spam-league.org/truecaller-viceroy-targets-child-safety-and-data-protection-of-minors-in-second-truecaller-report/ Thu, 29 Sep 2022 16:41:00 +0000 https://anti-spam-league.org/truecaller-viceroy-targets-child-safety-and-data-protection-of-minors-in-second-truecaller-report/ Mumbai: After shedding light on potential tax evasion and redundant business model, activist short seller Viceroy Research turned its attention on Thursday to how Truecaller’s software collects data from minors, a sensitive issue given the increased focus on data privacy globally.

Shares of Truecaller, backed by Sequoia, fell more than 2.3% during the day to 39.99 Swedish krona (SEK).

This follows its more than 20% rout on the Nasdaq Stockholm Large Cap stock market on Wednesday.

Viceroy Research, a US-based international investigative financial research group, said it has responded to calls from concerned data protection specialists in India regarding how Truecaller handles minor consent.

Granted, Truecaller’s privacy policy states that the company does not intentionally collect data from anyone under the age of consent required to enter into binding legal contracts.

Indian contract laws do not recognize minors – persons under the age of 18 – as competent persons to enter into a contract with. Obtaining the consent of the child has no legal validity in the country and therefore the consent of a guardian is essential.

“Truecaller registration does not ask for a user’s age (only access to all their other personal information). Truecaller indiscriminately collects data from users under the age of 18 in India, and even in worldwide,” said. “This data is uploaded to their public directory. Truecaller’s enhanced search spyware indiscriminately extracts contact data from minors and uploads this data to its public directory. Users cannot obtain the unilateral consent of their contacts, particularly if those contacts are minors. The data of minors (and of all users) is actively accessible to strangers online without their consent.”

A Truecaller spokesperson said the company had no comment at this time.

Truecaller is a software company that offers a global platform to verify contacts and block unwanted communications and calls.

Citing a Unicef ​​study, Viceroy said about 20% of India’s population is between 10 and 19 years old and are early adopters of the technology. “We believe minors make up a substantial portion of Truecaller’s user base and non-user repertoire.”

India is the largest market for Truecaller, which saw sales increase by 133% in the January-June period with 235.5 million monthly active users (MAUs) and 194.4 million active users dailies. It contributes nearly 80% of Truecaller’s revenue and more than 70% of daily active users, while 63% of its workforce is based in the country. Truecaller has, in some markets, also launched financial services for businesses.

According to research by McAfee, some 22% of Indian children have experienced cyberbullying at some point, 5% higher than the global average of 17%.

According to the study, smartphone use in the country among children aged 10-14 is 83%, which is 7% higher than the international average of 76%.

Viceroy said there was a registration screen for new Indian users and the enhanced search feature was available and automatically checked for non-European users on Truecaller until Wednesday.

“This feature has now been removed from the connection. We do not know where it is or if it is automatically enabled. There is still no control by Truecaller to verify that they do not collect and publish data from users. minors… By omission, it appears that Truecaller acknowledged that this enhanced search functionality was a violation of regulation and consumer trust,” he said.

Unlike Truecaller, over-the-top platforms like WhatsApp don’t have a directory. You cannot search for people by name and number in the app.

“When WhatsApp is used on a phone, it syncs with your contacts. But if you call someone else, unless they are in your contact list, it will report them as not in your contact showing only a phone number or potentially spam,” Fraser John Perring, founder of Viceroy Research, told ET.

“But with Truecaller you can download it and if I called you and you didn’t have my number it would still show up as a name or how someone else who is commonly known to both parties registered number.This is unique as it takes your phone data as well as full phone book data and then places it into an address book accessible to others, which others give their consent or not. For minors, for vulnerable people in society, it is dangerous and an absolute violation of privacy.

Legal sources said a case was recently brought to the Supreme Court by a law student who argued that simply having the Truecaller software on his phone makes the individual’s full directory available. for the company without others giving their consent in the first place. This amounts to a breach of privilege, the student said.

Although the case was dismissed, lawyers and public policy watchers said this issue would inevitably come up.

Viceroy Research was founded in 2016 by Perring, a British short seller, with his Australian partners Aiden Lau and Gabriel Bernarde.

Perring and Viceroy have garnered considerable media interest due to their reporting on companies like Wirecard. Viceroy is also known to bet against companies like Tesla, Grenke, Sofina Group and local edtech unicorn Byju’s.

]]>
YouTube announces new creator updates to the app and here’s what to expect / Digital Information World https://anti-spam-league.org/youtube-announces-new-creator-updates-to-the-app-and-heres-what-to-expect-digital-information-world/ Thu, 29 Sep 2022 06:03:00 +0000 https://anti-spam-league.org/youtube-announces-new-creator-updates-to-the-app-and-heres-what-to-expect-digital-information-world/

YouTube recently released several updates that the company is working on. This includes a few experiments and expansions in areas that fans have been calling for for some time.

For starters, spam and inappropriate comments is something that so many users complain about. And if you happen to be one of them, well, it’s your lucky day.

YouTube says it’s always looking for ways to improve the commenting experience for its creators. Many users have recently shared how they want to know when and if one of their comments has been deleted or not in cases where a particular Community directive has been violated.

YouTube says they are doing their best to try to protect the whole community from someone trying to spread hate and negativity via the comments section. This can be done via a single channel or a series of channels.

Therefore, the app is testing a new feature which is a comment notification that clarifies when and if their comment is removed for violating community guidelines. At the same time, the app is testing a new timeout feature that will put any user adding abusive comments consecutively on a pause to prevent this common practice. It would be up to 24 hours.

So what is the ultimate goal? Well, it is done to reduce the number of abusive or negative comments seen on an app. This is also done to prevent users from violating the community guidelines in place. Hopefully these users can take a moment to think about what they are doing wrong and try to change that to something more positive.

Next, the app is launching a new map visible in the content tab for Studio Mobile and Web in the app. This is done to allow users to view the number of views they are getting in different formats. Therefore, it could be in the form of vods, short films or even live streams.

It’s quite similar to the last performance map that was launched on the dashboard. It will review the ten latest Short Films, Vods and Live Streams on the app. The whole idea is to make you understand the classic range of the last 28 days. The app says that for live streams, all views are taken into account, whether live or archived.

YouTube also explains in detail how they approached a test launched last year regarding timestamps. This was a subset of community violations.

In this new experience, timestamps are available in emails and in the Studio call flow. This will happen whenever the app thinks some form of violation has occurred. Obviously, creators will receive more details about the violation in the Community Guidelines, as well as helpful resources in the Help Center related to a particular violation.

For better transparency, the YouTube platform has chosen to further extend this test. So now the company is offering coverage for at least three additional policies. Topics include child safety, s*icide, and self-harm, as well as those that include explicit or violent content.

Finally, the app has chosen to launch a new round of updates for its posts on the app. This will happen over the next few months and is designed to make it more fun, visually appealing, and super engaging. YouTube says the main goal here is to allow creators to have a deeper connection with all of their creators.

Content creators with access to the Community tab on their Android can take advantage of the feature that involves adding text, filters, and even stickers to posts right within the app. Soon it will also arrive on iOS.

Read next: YouTube Shorts adds many popular new features on TikTok to better compete with the app

]]>
Hiya and Ericsson Partner to Offer Network-Based Call Protection https://anti-spam-league.org/hiya-and-ericsson-partner-to-offer-network-based-call-protection/ Wed, 28 Sep 2022 17:57:00 +0000 https://anti-spam-league.org/hiya-and-ericsson-partner-to-offer-network-based-call-protection/

As more and more people suffer from spam and call scams, Hiya partners with Ericsson to launch anti-spam and call scam technology solution worldwide.

Image: ltyuan/Adobe Stock

Spam and scam calls have been a disturbing phenomenon lately across the globe. Unfortunately, many people have fallen victim to fraud, spam, and robocalls from criminals aimed at persuading the recipient to either purchase a service or divulge sensitive personal information that could lead to hacks. This situation has led to the emergence of several network-based call protection solutions to protect people and their businesses from unsolicited and fraudulent calls.

SEE: Mobile Device Security Policy (TechRepublic Premium)

Prepared to provide call protection solution services that will save more people from spam and fraudulent calls, Ericsson and Hiya announced a partnership agreement that will bring network-based protection to people around the world. Tagged Call Qualification, the solution should be available to all wireless operators using Ericsson’s IP Multimedia Subsystem.

With Call Qualification, Hiya and Ericsson are offering adaptive AI self-learning technology that can help customers detect and stop new and emerging scams that may occur through calls. In addition to Ericsson’s IMS IP, network-based call protection technology also works with Ericsson’s mobile switching system to provide coverage for 4G/5G as well as 2G/3G networks.

Reacting to the launch, Alex Algard, CEO and Founder of Hiya, said “Spam and call scams are a huge problem for individuals and businesses – and it’s only getting worse as the bad actors who make these calls are becoming more sophisticated in their tactics.Through our partnership with Ericsson, carriers can instantly access and deploy Hiya’s most advanced, AI-powered call protection features worldwide, providing subscribers with a superior voice calling and greater confidence in the network.

Reiterating the need for the partnership, David Bjore, Head of Communication Services for Ericsson’s Solutions Area, said that “spam, fraud and nuisance calls are a frustration that nearly everyone with a phone can identify. This is definitely an area that is likely to have a positive impact on subscriber satisfaction and customer loyalty if they can be stopped. This is exactly what we, in partnership with Hiya, aim for carrier customers to achieve with Call Qualification.

Why the partnership took place

The increasing rate of fraudulent calls could be one of the main reasons why this partnership happened. Hiya’s 2022 Call Status Report revealed that spam and fraudulent calls are on the rise globally, with a 13% increase from the previous year. The Hiya report further revealed that mobile subscribers now receive an average of 14 spam calls per month, and a quarter of consumers said they lost money to a phone scam with an average loss of $542 per victim. . Therefore, consumers and businesses expect network operators to take action and solve this problem.

A 2021 report from First Orion, a provider of digital calling experience services for network operators, suggested that consumers received around 110 billion fraudulent calls, resulting in 88 million scam victims and around $44.2 billion in losses. Similarly, according to Truecaller, another player in the call protection services industry, over the past twelve months the total money lost to fraudulent calls in the United States was valued at $29.8 billion. .

Although the United States has been a major target for spam and fraudulent calls in recent years, Truecaller’s top 20 countries affected by spam report places Brazil as the country most affected by fraudulent call incidents. , followed by Peru and Ukraine.

Given the increase in the number of fraudulent and scam calls witnessed by customers around the world, other mobile technology companies have also unveiled their spam call protection solutions in recent years. Some notable mentions include AT&T Call Protect for AT&T users, T-Mobile Name ID for T-Mobile users, and Truecaller.

The Future of the Spam Call Protection Industry

The announcement of the Ericsson-Hiya partnership to combat fraudulent and fraudulent calls could be the latest boost to the call protection solution. However, other spam call protection solutions have recently been launched.

For example, last year Teltech Systems launched RoboKiller’s Call Confidence API, enabling businesses to combat spam and robocalls by strengthening their network’s defenses against illegal phone scammers. In addition, another big player in the mobile communication technology industry, T-Mobile, launched a caller verification technology in 2019. Labeled Caller Verified, this solution offers its customers protection against scammers and spammers who use phone call techniques to diminish their customers.

With all these call protection services in place, it is hoped that more phone users will be protected from spam and fraudulent calls. Through this partnership, Hiya hopes to take advantage of Ericsson’s global market coverage to reach more international customers.

]]>
Malicious Oauth App Allows Attackers to Send Spam Through Enterprise Cloud Tenants https://anti-spam-league.org/malicious-oauth-app-allows-attackers-to-send-spam-through-enterprise-cloud-tenants/ Tue, 27 Sep 2022 15:40:00 +0000 https://anti-spam-league.org/malicious-oauth-app-allows-attackers-to-send-spam-through-enterprise-cloud-tenants/

Microsoft investigated a new type of attack where malicious OAuth apps were deployed to compromised cloud tenants before being used for mass spamming.

Image: Feng Yu/Adobe Stock

In this attack, as reported by Microsoft, the threat actors begin their operation by compromising particular users of the cloud tenant, as these users must have sufficient privileges to create applications in the environment and provide consent there. the administrator. These users were not using multi-factor authentication to log in to the cloud service.

To gain successful access to these cloud environments, attackers deployed credential stuffing attacks: they attempted to reuse valid credentials obtained from other services or applications. Such attacks work when individuals use the same username and password across many different online services or websites. For example, an attacker obtaining credentials stolen from an email account can use them to access social media services.

SEE: Mobile Device Security Policy (TechRepublic Premium)

In this case, the attackers used the credentials to access the cloud tenant. A single IP address performed the credential stuffing operation, hitting Azure Active Directory PowerShell applications for authentication. Microsoft researchers believe the attackers used a compromised credential dump.

How does the malicious app work?

The threat actor, once in possession of valid privileged user credentials, used a PowerShell script to perform actions in Azure Active Directory of all compromised tenants.

The first action was to register a new single-tenant application using a specific naming convention: a domain name followed by an underscore character, then three random alphabetic characters. The Exchange.ManageAsApp legacy permission was later added for application-only authentication of the Exchange Online PowerShell module.

He also obtained the consent of the administrator. The previously registered application was then granted global admin rights and Exchange Online admin rights.

The last step was to add app credentials. This way attackers could add their own credentials to the OAuth application.

Once all these steps were done, the attackers could easily access the malicious application, even if the password was changed from the compromised administrator account.

Why did they roll out the app?

The purpose of deploying the malicious application was to spread spam in bulk. To achieve this goal, the threat author modified the Exchange Online settings via the privileged malicious application, which allowed him to authenticate the Exchange Online PowerShell module.

The attackers created a new Exchange connector, which are instructions to customize how email flows to and from organizations using Microsoft 365 or Office 365. The new inbound connector was named using once again a convention specific denomination, this time using a “Ran_” string. followed by five alphabetic characters. The purpose of this connector was to allow emails from certain attacker infrastructure IP addresses to pass through the compromised Exchange Online service.

Twelve new transport rules were also created by the threat actor, named Test01 through Test012. The purpose of these rules was to remove specific headers from each incoming email:

  • X-MS-Exchange-ExternalOriginalInternetSender
  • X-MS-Exchange-SkipListedInternetSender
  • Receipt-SPF
  • Received
  • ARC-Authentication-Results
  • ARC-Message-Signature
  • DKIM-signing
  • ARC Seal
  • X-MS-Exchange-SenderADCheck
  • X-MS-Exchange-Authentication-Results
  • Authentication-Results
  • X-MS-Exchange-AntiSpam-MessageData-ChunkCount

Removing these headers allowed attackers to evade detections from security products and email providers blocking their emails, increasing the success of the operation.

Once the connector and transport rules are in place, the actor could start sending massive volumes of spam.

What was the experience of the threat actor?

The researchers mention that “the actor behind this attack has been actively running spam campaigns for many years.” Based on their research, Microsoft has established that the same actor sent large volumes of spam in a short time by connecting to mail servers from malicious IP addresses or by sending spam from a cloud-based legitimate bulk email infrastructure.

Microsoft researchers report that the threat actor also removed the malicious connector and associated transport rules after a spam campaign. The actor would then recreate it for a new spam wave, sometimes months after the first.

The threat actor triggered the spam campaign from a cloud-based outbound email infrastructure outside of Microsoft, primarily Amazon SES and Mail Chimp, according to Microsoft. These platforms allow mass mass emailing, usually for legitimate marketing purposes. Such a modus operandi can only come from an experienced spammer.

What did the threat actor send in spam?

The spam sent by this campaign contained two visible images in the body of the email, as well as dynamic and random content injected into the HTML body of the email, to avoid detection as spam, technical commonly used by this malicious actor.

The images entice the user to click on a link because they are allegedly eligible for a prize. A click redirects the user to a website operated by the attackers where they are asked to provide details for a survey and credit card information to pay for shipping the prize.

A small text at the very bottom of the webpage reveals that the user is not paying shipping costs but several paid subscription services in order to enter a lottery for the prize.

How to protect your organization from this threat

This attack would have failed if the first cloud tenants had been protected by MFA. It is strongly recommended that you always deploy MFA for any Internet-facing service or website.

Conditional Access policies can also be set to enable device compliance or trusted IP address requirements for login.

Careful monitoring of all access could also help detect such compromises. Unusual IP addresses connecting to a service should be flagged as suspicious and trigger an alert.

Microsoft also recommends enabling default security settings in Azure AD, as it helps protect the organizational identity platform by providing pre-configured security settings such as MFA, privileged account protection, etc.

Disclosure: I work for Trend Micro, but the opinions expressed in this article are my own.

]]>
Meta sued for tap-dancing around Apple’s new app privacy rules https://anti-spam-league.org/meta-sued-for-tap-dancing-around-apples-new-app-privacy-rules/ Tue, 27 Sep 2022 13:28:00 +0000 https://anti-spam-league.org/meta-sued-for-tap-dancing-around-apples-new-app-privacy-rules/

from private theater department

Last year, Apple received wide coverage about how the company was making privacy easier for its customers by introducing a new, simple opt-out button for users as part of an iOS 14.5 update.

Apple’s marketing and press reports heavily publicized the App Tracking Transparency system, which would have given consumers control over which apps could collect and monetize user data or track user behavior on the Internet. Advertisers (notably Facebook) cried like disappointed toddlers over Christmas, given the obvious fact that giving users more control over data collection and monetization means less money for them.

But we also noted how Apple’s changes were a bit over the top. About a year ago, researchers started noticing that Apple’s opt-out system was really preventing app makers from accessing only one piece of data: your phone’s ID for advertisers, or IDFA. There were plenty of ways for companies to ignore Apple’s changes and track users anyway, so they quickly got to work doing just that.

This includes Meta. Apple security researcher Felix Krause discovered that Facebook was circumventing Apple’s system by directing any link a user clicks in the Facebook app to a new in-app browser window, where Meta has been able to inject code, modify external websites and track user behavior online… without the consent or knowledge of the user.

As a result, Meta now faces two different class action lawsuits accusing it of violating federal and state privacy laws, including the Wiretap Act, the California Invasion Act Privacy Policy (CIPA) and California’s violation of the Unfair Competition Act. Both lawsuits cite Krause’s research, noting that it “revealed that Meta injects code into third-party websites, a practice that allows Meta to track users and intercept data that would otherwise not be available to it. “.

Admittedly, this is the same company that was busted for offering users a “privacy-protecting VPN” that turned out to be little more than glorified spyware that tracked user behavior when they were going on other platforms. Meta has complained endlessly about Apple’s opt-in changes, saying they’re already costing the company around $10 billion in revenue a year.

But they’re lucky Apple (or the market in general) didn’t push things further. Keep in mind that Apple’s privacy changes, while important, are vastly overstated for branding purposes. Many app makers have been content to tap around the restrictions for some time, often without any sanction from Apple months after being contacted by journalists.

Filed Under: adtech, app tracking transparency, ios, privacy, security, monitoring, tracking

Companies: Apple, Meta

]]>
Hiya and Ericsson Partner to Provide Network-Based Call Protection to Wireless Carriers Worldwide https://anti-spam-league.org/hiya-and-ericsson-partner-to-provide-network-based-call-protection-to-wireless-carriers-worldwide/ Tue, 27 Sep 2022 13:00:00 +0000 https://anti-spam-league.org/hiya-and-ericsson-partner-to-provide-network-based-call-protection-to-wireless-carriers-worldwide/

SEATTLE–(BUSINESS WIRE)–Hiya, the leading cloud-based call performance management company, today announced a new partnership with Ericsson (NASDAQ: ERIC) to provide network-based call protection to mobile operators worldwide. The new offering, called Call Qualification, is a spam and call fraud protection service powered by Hiya Protect that is immediately available to all wireless carriers using the Ericsson IP Multimedia Subsystem (IMS).

Call Qualification integrates Hiya Protect directly into Ericsson IMS to combat the growing problem of spam and fraudulent calls across the world. Using Hiya’s Adaptive AI self-learning technology, operators can recognize and stop new and emerging scams in real time to stay one step ahead of fraudsters. This unique partnership offers carriers the fastest path to combat spam and call fraud protection and improve subscribers’ voice experience.

The joint solution also works for Ericsson’s Mobile Switching System (MSS) to provide coverage for 4G/5G as well as 2G/3G networks. Call qualification is instantly available for operators currently using Ericsson IMS and/or MSS. Ericsson’s global reach further enhances Hiya’s service and will deliver the broadest call protection solution in the industry.

“Spam and scam calls are a huge problem for individuals and businesses – and it’s only getting worse as the bad actors making these calls become more sophisticated in their tactics,” said Alex Algard, CEO and founder of Hiya. “Through our partnership with Ericsson, carriers can instantly access and deploy Hiya’s most advanced, AI-powered call protection features worldwide, providing subscribers with a superior voice call experience and greater trust in the network.”

“Spam, fraud and nuisance calls are a frustration that almost anyone with a phone can relate to,” said David Bjore, communications services manager for Ericsson Solutions. “This is definitely an area that is likely to have a positive impact on subscriber satisfaction and customer loyalty if they can be stopped. This is exactly what we, in partnership with Hiya, are aiming for. operator customers realize with Call Qualification.

Spam and fraudulent calls are on the rise

Spam and fraudulent calls are on the rise worldwide. According to Hiya’s 2022 Call Status Report, spam and fraudulent calls increased by 13% in 2022 and mobile subscribers now receive an average of 14 unwanted calls per month and a quarter of consumers said they lost money. money from a phone scam, with an average loss of $542 per victim. Consumers and businesses expect carriers to take action and fix this problem.

Network integration enables instant activation

Network integration is the most scalable way to protect all users from spam and fraudulent calls because there’s no need to download or configure an app; it is quick to deploy, easy to manage and continuously updated. By integrating with Ericsson IMS and other network elements, carriers can deploy Hiya across their networks for a native user experience across all devices. Call Qualification operates today at Ericsson’s D-15 Laboratories, a state-of-the-art innovation center in Silicon Valley. The first joint customers are already in the works and plan to launch the new service later this year.

Hiya and Ericsson offer a global solution

Operators around the world must tackle the growing problem of spam and fraud and simultaneously support subscribers on a combination of 5G, 4G, 3G and 2G networks. Call qualification can provide instant protection against fraud, tagging for spam, and new services carriers can provide to consumers and businesses. Ericsson’s global reach further enhances Hiya’s service and will deliver the broadest call protection solution in the industry.

To learn more about this solution and Hiya’s voice performance platform, visit hiya.com/protect.

About Hiya

Global enterprises, carriers and consumers trust Hiya to deliver secure, engaging connections and stop unwanted calls. Built on the world’s leading voice performance platform, Hiya connects businesses to their customers, helps carriers secure their networks, and protects people from spam and fraudulent calls. Hiya’s SaaS applications, Hiya Connect and Hiya Protect, serve more than 200 million users, power services like AT&T Call Protect, Rogers Spam Call Detect and Samsung Smart Call, and provide voice performance insights to businesses around the world entire. Learn more at www.hiya.com.

About Ericsson

Ericsson enables communications service providers to capture the full value of connectivity. The company’s portfolio covers the following business areas: networks, software and cloud services, enterprise wireless solutions, global communications platform, and technologies and new businesses. It is designed to help our customers go digital, increase efficiency and find new sources of revenue. Ericsson’s investments in innovation have brought the benefits of mobility and mobile broadband to billions of people around the world. Ericsson shares are listed on Nasdaq Stockholm and Nasdaq New York. www.ericsson.com

]]> British Columbia’s most notable road conditions website is down | infonews https://anti-spam-league.org/british-columbias-most-notable-road-conditions-website-is-down-infonews/ Sun, 25 Sep 2022 21:29:42 +0000 https://anti-spam-league.org/british-columbias-most-notable-road-conditions-website-is-down-infonews/

Image Credit: Shutterstock


September 25, 2022 – 2:29 pm






British Columbia’s most notable website for road conditions and alerts is down this afternoon.

The DriveB.C. website has been unreachable since September 25 due to a network outage issue, according to the state-owned company’s Twitter page.

“We are experiencing network outage issues, it is currently under review. We appreciate your patience at this time. Apologies for any inconvenience. We will communicate again when they are back up and running properly” , according to DriveB.C.

He did not give an estimate of when the website will be back up and running and all ministry websites are currently down.


DriveB.C.’s Twitter page is still active at this time.




To contact a reporter for this story, email Carli Berry or call 250-864-7494 or email the editor. You can also submit photos, videos or news tips to the newsroom and be entered to win a monthly prize draw.


We appreciate your comments and opinions on our stories, but play well. We will not censor or delete comments unless they contain off-topic statements or links, unnecessary vulgarity, false facts, spam or obviously fake profiles. If you have any concerns about what you see in the comments, email the editor in the link above.


 

News from © iNFOnews, 2022

infonews

]]>
iOS 16 Mail app may crash with this text string https://anti-spam-league.org/ios-16-mail-app-may-crash-with-this-text-string/ Thu, 22 Sep 2022 16:08:00 +0000 https://anti-spam-league.org/ios-16-mail-app-may-crash-with-this-text-string/

Every now and then we see a flaw in iOS that can render an entire app unusable. In the past, these bugs affected apps like Safari and Messages. A new bug in iOS 16, however, can completely prevent you from accessing the Mail app with a single email containing strange text in the “from” field. Here are the details and how they impact each courier…

iOS 16 Mail app crash due to malicious text

The flaw was discovered by the folks at Equinux, which offers a VPN Tracker service for Mac and iPhone. The team discovered this bug in iOS 16 while scanning spam.

We started seeing iOS mail issues for several people on our team: Mail was crashing immediately on launch.

It turns out that the team had all received the same spam message. Looking at the raw source of the message didn’t immediately reveal any red flags – it was a fairly basic HTML email. However, a look at the mail headers showed that the spammers had done something unusual in the “from” field.

Usually, the “From” field in an incoming email looks like this:

  • From: sender@example.com.

But the maliciously crafted email has a “From” field that contains a few extra characters, which is enough to cause trouble.

This means, according to Equinux, “anyone can send any iOS 16 user an email that can lock them out of their inbox.” They have created a form field on their website that you can use to test the flaw, which they call “Mailjack”.

Mailjack may impact the Mail app on any device running iOS 16 (the stable release), iOS 16.0.1 on the iPhone 14, and the latest iPadOS 16 betas, but there are a few caveats. Some email services, including Gmail, Outlook, and Hotmail, rewrite incoming emails to prevent such things from happening.

Additionally, Gmail and Yahoo block such malicious emails entirely. But one email service that does nothing to protect against these emails is iCloud Mail, Apple’s proprietary option. There are also a number of IMAP mail services that “do not correct or rewrite incoming mail”.

An easy way to test is to use your iCloud email account, but note that it may be marked as spam (you should check your spam folder). Note that not all email providers will forward the message as they might rewrite the emails before delivering them to the device.

The email could also be trapped in the “Spam” inbox. In this situation, the Mail app will crash every time you check your spam inbox. This is better than if the email were to appear in your main inbox, but emails can escape to the main inbox quite easily depending on the sender.

The solution to this problem, for now, is to delete the email from your account on a device that’s not running iOS 16 or through another email client:

As soon as you delete the email from your account using another device, another email client, or the web, Mail updates your inbox and stops crashing. Moving the email to a subfolder of an IMAP email account will also fix your inbox, but Mail will crash again if you navigate to that folder.

We’ve contacted Apple for comment. For now, you can test the Mailjack flaw yourself on the Equinux website or just check out the GIF below. (I tested it and don’t recommend trying it, but that’s up to you.)

FTC: We use revenue-generating automatic affiliate links. After.


Check out 9to5Mac on YouTube for more Apple news:

]]>
Home-use smartphone app could let users check blood oxygen levels https://anti-spam-league.org/home-use-smartphone-app-could-let-users-check-blood-oxygen-levels/ Mon, 19 Sep 2022 21:07:15 +0000 https://anti-spam-league.org/home-use-smartphone-app-could-let-users-check-blood-oxygen-levels/

Respiratory conditions such as COVID-19 impair the body’s ability to draw oxygen from the lungs, which is why patients’ blood oxygen levels often need to be checked. New research now suggests that people could track these levels at home, using their smartphones.

Usually, blood oxygen saturation is monitored using a device called a pulse oximeter, which is clipped onto a finger or earlobe. These tools are usually applied and monitored by trained technicians in hospitals or clinics. Oximeters connected to the smartphone do exist, but they are one more item that home users should purchase.

In search of a simpler and less expensive alternative, scientists from the University of Washington and the University of California at San Diego have developed an experimental application. They started with six volunteers between the ages of 20 and 34 – three men, three women, one of whom was African American and the others were Caucasian.

To train the deep learning-based algorithm used by the app, four of these people wore a standard oximeter on one finger and placed another finger on the same hand above the camera lens and flash. smartphone camera. Over a period of 15 minutes, they breathed in a mixture of oxygen and nitrogen, to slowly lower their blood oxygen levels.

As they did, the phone recorded a flash-lit video of blood flowing in and out of their finger. The app continuously analyzed the amount of light absorbed by the blood, in the green, red and blue color channels. The amount absorbed varied with the amount of oxygen in their blood.

When the blood oxygen readings obtained by the oximeter were compared to the light intensity measurements from the phone, it was possible to determine which specific readings corresponded to which specific light measurements. The app was therefore able to learn the amount of oxygen present in the blood at any given time, based on the amount of light absorbed by the blood.

When the app was then tested on the six volunteers, it was found to be able to measure blood oxygen levels up to 70%, which is the lowest value that commercial oximeters have to measure. In contrast, a healthy person should have a blood oxygen level of at least 95% and generally requires medical attention if that level drops below 90%.

In its current form, the app is able to accurately spot low levels 80% of the time. It is believed that this number should improve significantly as the technology develops, which will involve training the application on a much larger data set.

“That way, you could have multiple measurements with your own device for free or at low cost,” said Dr. Matthew Thompson of the University of Washington, co-author of a paper on the research. “In an ideal world, this information could flow seamlessly to a doctor’s office. It would be really beneficial for telemedicine appointments or for triage nurses to be able to quickly determine if patients need to go to the ER. or if they can continue to stay at home.”

The article was recently published in the journal npj Digital Medicine.

Source: University of Washington

]]>