It’s 3 a.m. Do you know what your iPhone is doing?

Mine has been alarmingly busy. Even though the screen is off and I’m snoring, apps are beaming out lots of information about me to companies I’ve never heard of. Your iPhone probably is doing the same — and Apple could be doing more to stop it.

On a recent Monday night, a dozen marketing companies, research firms and other personal data guzzlers got reports from my iPhone. At 11:43 p.m., a company called Amplitude learned my phone number, email and exact location. At 3:58 a.m., another called Appboy got a digital fingerprint of my phone. At 6:25 a.m., a tracker called Demdex received a way to identify my phone and sent back a list of other trackers to pair up with.

And all night long, there was some startling behavior by a household name: Yelp. It was receiving a message that included my IP address -— once every five minutes.

Our data has a secret life in many of the devices we use every day, from talking Alexa speakers to smart TVs. But we’ve got a giant blind spot when it comes to the data companies probing our phones.

You might assume you can count on Apple to sweat all the privacy details. After all, it touted in a recent ad, “What happens on your iPhone stays on your iPhone.” My investigation suggests otherwise.

IPhone apps I discovered tracking me by passing information to third parties — just while I was asleep — include Microsoft OneDrive, Intuit’s Mint, Nike, Spotify, The Washington Post and IBM’s the Weather Channel. One app, the crime-alert service Citizen, shared personally identifiable information in violation of its published privacy policy.

And your iPhone doesn’t only feed data trackers while you sleep. In a single week, I encountered over 5,400 trackers, mostly in apps, not including the incessant Yelp traffic. According to privacy firm Disconnect, which helped test my iPhone, those unwanted trackers would have spewed out 1.5 gigabytes of data over the span of a month. That’s half of an entire basic wireless service plan from AT&T.

 

 source: securityweek.com

According to Phishing.org, the practice of phishing started around 1995. Nearly 25 years later, phishing is still used by attackers of all levels of sophistication. The 2018 Verizon Data Breach Investigations Report (VDBIR) ranks it as the third most common technique used in incidents and confirmed breaches and finds that 70 percent of breaches associated with nation-state or state-affiliated actors involved phishing. However, even low-level hackers are using phishing with success thanks to a rich ecosystem of threat actors on cybercriminal forums and messaging applications sharing tips and tools. 

Here are just a few examples of the techniques this wide swath of actors can choose from when executing their phishing campaigns.

Social media: The Sony Pictures Entertainment attack, the Bangladesh bank heist and the WannaCry outbreak all involved highly proficient, state-backed attackers using a variety of pretexts to convince targets to click on the link in their phishing emails. Pretexting involves masquerading as another entity to obtain the information desired from the target. In these campaigns, the phishing emails appeared to be official notification emails from Facebook or Google and the attackers also sent messages directly through social media sites like LinkedIn.

Expert assistance: Less sophisticated threat actors have access to a wide variety of forums and groups where they can learn the latest phishing techniques, as well as purchase step-by-step tutorials and phishing templates to conduct their own campaigns. Novices don’t even have to venture into the dark web to get access to these illicit tools – they are readily available on the surface web on well-known sites. 

Spoofing: Individuals are more likely to open an email when they believe it is from a legitimate sender, so attackers often choose to spoof or forge the email header in their messages to increase their chances of success. Spoofing is often used in Business Email Compromise (BEC) and can be quite convincing, as evidence by the fact that BEC and Email Account Compromise have cost organizations billions of dollars in losses over the last five years. Tutorials on spoofing techniques include everything from how to create, compromise or find a Simple Mail Transfer Protocol (SMTP) server from which to send the spoofed emails, to how to prevent emails from ending up in spam folders or the hosting IP from ending up on blacklists.

 source: technewsworld.com

Walmart last month announced that shoppers soon might see a lot more robots in its stores -- but the company wasn't referring to toy robots or even human assistant gadgets that are available for purchase. Walmart's new robots will be taking over repeatable, predictable and manual tasks that up to now have been carried out by human employees.

At Walmart stores, robots will scan shelf inventory and track boxes as part of the retail chain's inventory management. Walmart is hardly alone in deploying robots or artificial intelligence to handle these mundane tasks, however. Amazon has increased the use of AI in managing its facilities, and in the not-too-distant future, many employees can expect to work side-by-side with such machines on a daily basis.

Roughly 36 million Americans hold jobs that have a high exposure to automation, according to a January report from the Brookings Institution.

Upwards of 70 percent of tasks done by human workers soon could be performed by machines. This shift could affect not only factory and retail workers, but cooks, waiters and others in food services, as well as short-haul truck drivers and even clerical office workers.

The timeline could be from the next few years to the next two decades, according to the Brookings study, but economic factors likely will play a major role. An economic downturn, which could compel corporations to seek ways to reduce costs, could result in layoffs, with workers replaced by machines. This has happened in past recessions, so it is safe to assume that the impact could be more severe with the next downturn.

What AI Means for Jobs

With AI and robots handling more "mundane" tasks, what happens to those who typically held those jobs? This is not exactly a new debate.

In the 19th century, the Luddites, a secret and somewhat radical oath-based organization of English textile workers, took to destroying textile machinery as a form of protest. Members of the group were born in the harsh economic conditions of the Napoleonic Wars. The group took its name from Ned Ludd (possibly born Edward Ludlam), and it became so strong that it even clashed with the British Army.