undefined | Better HN

0 pointsdataviz10004mo ago0 comments

They provide an SDK for mobile developers. Here is a video of how it works. [0]

[0] https://www.youtube.com/watch?v=1a9HLrwvUO4&t=15s

0 comments

Also see https://www.youtube.com/watch?v=AGaiVApKfmc - "Avoid restrictions and blocks using the fastest and most stable proxy network"...they're pretty upfront with this, aren't they?

Oh, and they will sell you the datasets they've already scraped using mobile devices: https://brightdata.com/lp/web-data/datasets

This actually explains a phishing attack where I received a text from somebody purporting to be a co-worker asking for an Apple gift card. The name was indeed an employee from a different part of the large company I worked for at the time, but LinkedIn was the only possible link I could figure out that was at least somewhat publicly available information.

This should probably be required in all CS curriculum: https://ocw.mit.edu/courses/res-tll-008-social-and-ethical-r...

nerdponx4mo ago

It should be illegal, but this stuff is propping up the appearance of a healthy economy so nobody will touch it.

VladVladikoff4mo ago

That scam definitely uses linked in as the source. We get a lot of those BEC emails and it’s always the people who are on LinkedIn. Also keep in mind LinkedIn has had big database leaks in the past, you might not even need to scrape them, just download a huge database from a leaks site.

cuu5084mo ago

IMO Google Play should check apps for presence of this SDK and other similar SDKs, and, upon detection, treat these apps as malware.

VladVladikoff4mo ago

I was wondering if they already do but maybe it’s a cat and mouse game where those companies obfuscate their code to avoid automated detection.

1 more reply

VladVladikoff4mo ago

WOW that video! Ain’t no way anyone has EVER read those terms. This feels so insidious that it really should be illegal. Wonder if this exists in the EU or if they have shut it down already?

arethuza4mo ago

That video has the app asking the user to confirm the use of their device to run a proxy within the app - but is there any hard requirement for this, could apps use this SDK and silently run as a proxy?

alamortsubite4mo ago

My take is it's mostly irrelevant, but read the lobsters post mentioned elsewhere.

alamortsubite4mo ago

Yes, and it doesn't matter if they do read the terms- to the average user they sound totally innocuous, especially placed next to a big shiny "GET 500 FREE COINS" button.

seemaze4mo ago

That's sleazy. It's slipping drugs into a kids lunchbox and letting smuggle it across the border..

arethuza4mo ago

I suspect most people, even when told exactly what the app using that SDK would be doing, wouldn't actually see the potential problems...

kijin4mo ago

Until one day, they get swatted for accessing child porn.

Actually, that might be one way to draw attention to the problem. Sign up to some of these shady "residential proxy" services, and access all sorts of nasty stuff through their IPs until your favorite three-letter agency takes notice.

j / k navigate · click thread line to collapse

0 comments

TYPE_FASTER4mo ago

Also see https://www.youtube.com/watch?v=AGaiVApKfmc - "Avoid restrictions and blocks using the fastest and most stable proxy network"...they're pretty upfront with this, aren't they?

Oh, and they will sell you the datasets they've already scraped using mobile devices: https://brightdata.com/lp/web-data/datasets

This should probably be required in all CS curriculum: https://ocw.mit.edu/courses/res-tll-008-social-and-ethical-r...

nerdponx4mo ago

It should be illegal, but this stuff is propping up the appearance of a healthy economy so nobody will touch it.

VladVladikoff4mo ago

cuu5084mo ago

IMO Google Play should check apps for presence of this SDK and other similar SDKs, and, upon detection, treat these apps as malware.

VladVladikoff4mo ago

I was wondering if they already do but maybe it’s a cat and mouse game where those companies obfuscate their code to avoid automated detection.

1 more reply

VladVladikoff4mo ago

WOW that video! Ain’t no way anyone has EVER read those terms. This feels so insidious that it really should be illegal. Wonder if this exists in the EU or if they have shut it down already?

arethuza4mo ago

alamortsubite4mo ago

My take is it's mostly irrelevant, but read the lobsters post mentioned elsewhere.

alamortsubite4mo ago

Yes, and it doesn't matter if they do read the terms- to the average user they sound totally innocuous, especially placed next to a big shiny "GET 500 FREE COINS" button.

seemaze4mo ago

That's sleazy. It's slipping drugs into a kids lunchbox and letting smuggle it across the border..

arethuza4mo ago

I suspect most people, even when told exactly what the app using that SDK would be doing, wouldn't actually see the potential problems...

kijin4mo ago

Until one day, they get swatted for accessing child porn.

j / k navigate · click thread line to collapse