Skip to content

Category: Media

What happened to Google’s book scanning project

The Atlantic has a wonderful article about the Google book scanning project and what became of it.

In 2002, Google began mass scanning every book it could possibly their hands on, OCRing it and making it searchable. Authors and publishers soon began sueing Google from here to the south pole and back, but in the end realized that they did not actually want to win their lawsuits.

Leave a Comment

Bose Connect App creates illegal listening profiles

A class action lawsuit has been filed against Bose, by Kyle Zak, on the grounds of the Bose Connect App for their wireless headphones creating illegal listening profiles, and sharing data with data miners.

1. Defendant Bose manufactures and sells high-end wireless headphones and speakers. To fully operate its wireless products, customers must download Defendant’s “Bose Connect” mobile application from the Apple App or Google Play stores and install it on their smartphones. With Bose Connect, customers can “pair” their smartphones with their Bose wireless products, which allows them to access and control their settings and features.

2. Unbeknownst to its customers, however, Defendant designed Bose Connect to (i) collect and record the titles of the music and audio files its customers choose to play through their Bose wireless products and (ii) transmit such data along with other personal identifiers to third-parties—including a data miner—without its customers’ knowledge or consent.

Affected are all users of the Bose Connect App, that is minimum users of the QuietComfort 35, SoundSport Wireless, Sound Sport Pulse Wireless, QuietControl 30, SoundLink Around-Ear Wireless Headphones II, and SoundLink Color II (“Bose Wireless Products”), but possibly more.

Fun Fact: The German adjective meaning “evil” is “böse”.

3 Comments

Perceptual Ad Highlighter

Perceptual Ad Highlighter is a Chrome Plugin that detects and highlights ads using image/layout recognition on a rendered page/DOM tree.

As law required that ad-content is marked and visually identifyable as promoted content, the plugin renders the page and then visually analyzes the page layout to detect and mark ads.

The source is available on Github, and a paper describes the technology (PDF).

To turn this into a proper ad-blocker, a dual buffering approach would be necessary, in which the full page is rendered into a hidden buffer, including all ads. The perceptual adblocker would then identify the parts of the page that are content and copy them over into a secondary page that is shown to the user sans advertising. The extension could also simulate user interaction with the hidden page to fool robot detection Javascript.

1 Comment

Native Ad Blocking in Chrome

According to an article in The Verge, Google is rumored to implement native adblocking in Chrome.

The option would be opt-in, and it would remove any and all “unacceptable” ads as defined by Coalition for Better Ads industry group. Those types of ads include pop-up ads, autoplay videos, and what are known as prestitial ads, or those ads that are often fullscreen and show up before you’re taken to the homepage or desired website.

The majority of web users have installed adblockers by now, and adblockers have been increasingly recognized as a malware fighting tool, preventing drive-by exploits by targeted malvertising.

Native Adblocking would be a good way for Google to control the agenda, and to push the Coalition for Better Ads style of advertising – a way for the advertising industry to reign in the wild-west style of user profiling, malvertising, and generally making web browing a bad experience.

This is definitively a step into the right direction, but too little, too late.

 

2 Comments

Hacking “Smart” TVs via DVB-T

Ars Technica reports about a possible mass-hack of Smart TVs using the DVB-T signal:

The proof-of-concept exploit uses a low-cost transmitter to embed malicious commands into a rogue TV signal. That signal is then broadcast to nearby devices. It worked against two fully updated TV models made by Samsung. By exploiting two known security flaws in the Web browsers running in the background, the attack was able to gain highly privileged root access to the TVs. By revising the attack to target similar browser bugs found in other sets, the technique would likely work on a much wider range of TVs.

Multimedia Stream decoding is notoriously complicated, and prone to bugs, as Google demonstrated with a whole suite of problems in the Android Stream decoders. There is no reason to assume that it’s easier anywhere else.

The TV sets are being fed the signal with a low-power mobile transmitter, a small fake TV station, and the attack is on the web browser that is running permanently in the background.

Leave a Comment