All posts in “Apps”

New malware masquerades as a ride-sharing app


An update to the venerable Faketoken.q Android malware has made it easier for the program to steal your credit card information from ride-sharing apps. Faketoken attacks Russian ride-sharing apps by overlaying text boxes on the credit card information pages that can capture your credit number and other important information.

Kaspersky writes:

After getting onto a smartphone (judging by the malware icon, Faketoken infiltrates smartphones through bulk SMS messages with a prompt to download some picture) and installing the necessary modules, the Trojan hides its shortcut icon and starts background monitoring of everything that happens in the system.

The trojan masquerades as a photo app on your phone and is specially camouflaged for maximum sneakiness. It then watches all your apps and uses a technique similar to Cloak & Dagger that overlays interface items onto running apps. This functionality is helpful in some cases but, as we see, is dangerous in others.

The trojan also goes after “apps for booking flights and hotel rooms, and apps for paying traffic tickets — as well as apps for booking taxis.”

How Facebook prioritizes privacy when you die


Should your parents be able to read your Facebook messages if you die? Facebook explained why it won’t let them in a post in its Hard Questions series today about social networking after death.

Facebook admits it doesn’t have all the answers, but it has come up with some decent solutions to some issues with what it calls Memorialized Profiles and a “Legacy Contact.” When you pass away, once Facebook is informed, the word “Remembering” appears above your name on your profile and no one else can sign in to your account.

The Legacy Contact is a friend you select in your Manage Account Settings while you’re still alive, though they’re not informed until your profile is memorialized. They can pin a post atop your profile, change your profile pic, respond to friend requests or have your account removed. But Facebook explains they can’t log into your account, change or delete old posts, remove friends or read your messages.

Similarly, Facebook won’t allow parents or anyone else to read your messages after you die. That’s because “In a private conversation between two people, we assume that both people intended the messages to remain private,” writes Monika Bickert, Facebook’s Director of Global Policy Management. The Electronic Communications Privacy Act and Stored Communications Act may also prohibit it from sharing private communications even with parental consent.

Facebook also tries to minimize the emotional impact of losing a loved one by no longer sending birthday reminders about writing on their wall. But there are still plenty of opportunities for hurt feelings. Facebook’s On This Day feature and others can surface old content from when that person was still alive, creating an unexpected experience of having to think about their death.

The company has built features to enhance empathy with its users, allowing them to avoid unnecessarily seeing their exes on the app after a break-up. But it’s tough to know what will be a sweet nostalgic reminder and what will be a heart-wrenching spiral into the past.

What’s important is that Facebook is at least thinking and talking about these issues. Now at 2 billion users, Facebook has become a ubiquitous utility that impacts every phase of our lives. “There’s a deep sense of responsibility in every part of the company,” says Facebook CPO Chris Cox. “We’re getting to the scale where we have to get much better about understanding how the product has been used.”

Instagram adds a new creative way to reply to a photo or story


Instagram inception, here we come. If somebody sends you a photo or video in a private conversation on Instagram, the app will now let you play around with the original photo so that you can reply in a creative way and keep the context of the conversation.

If you receive a photo or video, there’s now a reply button in the conversation thread. If you tap on this button, the original photo is instantly turned into a sticker in the top right corner. You can leave it there and reply with some context

But you can also move it around, tilt it and draw around it. If you’re replying to a video, it looks like Instagram only keeps a screenshot of the first frame.

If you tap on it, the original photo fills the top half of the screen. You can then take a selfie for the bottom half of the photo. It reminds me of Frontback, a photo-sharing app that lets you take a photo of what you have in front of you, and a photo of your reaction with a selfie. Instagram works the same way as it features both the context and your reaction.

The comparison stops there as you can still apply filters, draw on your photo, add stickers, write text and use all those creative tools together. Your reaction doesn’t have to be a photo either. You can record a video, a boomerang, use a selfie filter and more.

More importantly, this new reply mode isn’t limited to direct messages. If you’re watching a story, you can either send a text reply by tapping on the text field at the bottom of the screen, or you can send a photo/video reply by tapping on the camera icon at the bottom left of the screen. And that makes a lot of sense as you want to know the context when somebody is replying to part of your story.

‘Airbnb for boats’ startup Boatsetter buys competitor Boatbound


You don’t have to be rich or T-Pain to be “on a boat.” You can rent one plus a captain for the day from Boatsetter. And now it’s got boats in more than 300 locations around the U.S. since it just acquired rival maritime marketplace Boatbound.

Boatsetter will be taking select talent from Boatbound plus logistics tech and its inventory of vessels for rental. A source familiar with the transaction said the acquisition was paid for with Boatsetter stock valued in the low-millions range.

The deal makes Boatsetter the biggest peer-to-peer boat rental service in the States, and possibly the world.

To fund future acquisitions of other competitors, Boatsetter also is announcing it has added $4.75 million in funding to its December 2016 Series A round, bringing the startup to a total of $17.75 million raised.

“The primary uses of the funds are M&A, growth and international expansion,” Boatsetter CEO Jackie Baumgarten tells me. When asked if she’ll go after European counterpart Click To Boat, she said, “I think we’re best poised for a roll-up strategy. There’s an opportunity to acquire and roll up several of the players. It’s ripe for consolidation.”

Everyone’s a captain

Boatbound launched back in 2013, well before Boatsetter, and raised more than $5 million from 500 Startups, equity crowdfunding platforms and boat manufacturer Brunswick.

The company went on to process more than $25 million in booking requests. However, it also faced complaints about safety and insurance after a woman lost her leg in an accident after renting through Boatbound. The startup didn’t require people to rent a captain with a boat as Boatsetter does, which delayed rescue procedures after the renter was sucked into the boat’s propeller.

Boatbound quieted down since moving from San Francisco to Seattle 2016 to cut costs and push towards profitability. Now the nationally available service is somewhat oddly being acquired by a competitor that was only operating in one state.

The combined company hopes things will sail smoothly thanks to Boatbound’s technology for routing rental requests and Boatsetter’s focus on insurance.

Based out of Florida, Boatsetter is a three-party marketplace where private boat owners and professional charter companies, captains and renters meet. Users can pick from nearby boats, rent one with a captain attached or pick a separate captain, and quickly get out on the water at an affordable price. Since the private owners are just trying to make back some of the non-stop expenses of keeping a boat afloat, Boatsetter can be cheaper than going through a traditional rental company.

Baumgarten actually started a peer-to-peer boating insurance company called Cruzin that later merged with Boatsetter. That’s how Boatsetter provides $1 million in liability coverage, $2 million in boat damage coverage, plus additional umbrella coverage to make renters feel safe.

Boatsetter says it has 5,000 vetted boats available, and is poised for 5X growth this year to hit over 10,000 rentals. That’s because Boatsetter has only concentrated on Florida, while Boatbound works with vessels across the country. The business model sees Boatsetter take 28 percent of the rental fee from the owner, 10 percent of the captain’s fee and adds a 7.5 percent booking fee to the renter. Those combine into a healthy margin, considering Boatsetter doesn’t own or upkeep any boats.

Experience > possession

Now the 27-person startup has a new channel to chase the estimated $50 billion yearly total addressable market for boat rentals. Boatsetter has partnered with Airbnb’s new experiences platform to let people pay to learn to sail in the San Francisco Bay, take a lesson from a pro wakeboarder in Miami or have paella cooked fresh onboard by a chef in Barcelona.

Boatsetter’s biggest challenge will be developing awareness. Most people assume they need a ton of money or boating skills to get out on the water. But the world is shifting from a materialistic culture to an experiential culture. It’s why Airbnb is blowing up.

People want to do amazing things they can capture on their camera phones and share on their social networks. They want memories. And it’s hard to top gliding over the waves with friends on your own private boat… even if it’s just for the afternoon.

Facebook downranks video clickbait and fake play buttons


Ever gotten tricked into clicking a fake play button on Facebook that opens a link instead of starting a video? I did, repeatedly, and wrote a story in 2014 titled “Yo Facebook, Ban Links With Fake Video Play Buttons”.

Now Facebook is doing just that. Today it started downranking the News Feed presence of links that display a fake play button in the preview image, as well as videos that are actually just a static image uploaded as a video file. Publishers who use these scammy tactics will see a major decrease in the distribution of these stories. Facebook won’t completely delete these posts, though, unless they violate its other policies.

Here are two examples of fake play buttons that spammers used to steal your clicks:

Facebook has prohibited the use of fake play buttons in advertisements under its policy against depicting non-existent functionality for a few years, News Feed Product Manager Greg Marra tells me. But the scourage has remained in the News Feed.

“We’ve heard from people who are frustrated by fake play buttons” Marra says, hence today’s update. “Spammers are using these tactics to trick people into clicking links to low quality web pages.Facebook tells me its now training its machine vision artificial intelligence to classify and detect fake play buttons in preview images.

“While the prevalence is statistically low, the frustration expressed by people who use Facebook who encounter these deceptive practices is high” a spokesperson tells me.

Facebook says that if publishers want to denote there’s a video behind a link, they should indicate that through Open Graph meta tags. They could also use words like “Watch” or “Video” in the headline or description.

Fake video play buttons in News Feed link previews like the one on the left can mislead people into clicking out to ad-covered sites as shown on the right.

Facebook has had a similar problem with publishers looping pre-recorded videos and calling them live, or just putting up a computer graphic countdown and calling it Live. TechCrunch called on Facebook to ban these shenanigans back in January, and it cracked down on them in May.

There’s also been the issue of publishers putting fake Instant Articles “Lightning Bolt” icons on the preview images of links to non-Instant Articles on the standard web. That’s because people are more likely to click Instant Articles since they load faster.

Meanwhile, Facebook’s emphasis on video in News Feed has inspired the new menace of publishers uploading a static image as a video to get more eyeballs. These static image videos will be downranked too. Facebook is using a “motion scoring” system that detects movement inside a video to classify and demote these clips.

Today’s changes come as part of a massive, multi-pronged atack on clickbait. Facebook now downranks headlines that are misleading or withhold information in many languages, shows fewer links overshared by spammers, works with outside fact checkers to demote false news, promotes iand now shows Related Articles with different angles to make people suspicious of exaggerated clickbait.

With each of these updates, Facebook chips away at the clickbait problem, leaving more room in the News Feed for legitimate content. Getting burned by trying to watch a video which is just endless minutes of the same image erodes trust in the News Feed, making people less likely to watch videos in the future.

By excising these annoying experiences, users may be willing to browse longer, view more videos from friends and publishers, and watch lucrative video ads that fund Facebook’s soaring profits.