Press

The app for the drug store allows you to get coupons as well as refill your prescription and find nearby pharmacies. The store-locator feature contains the privacy flaw, which has resulted in the app sending out GPS coordinates to outside entities, said Serge Egelman, director of security and privacy research at the International Computer Science Institute. ICSI is affiliated with the University of California at Berkeley.

In a paper presented at Usenix 2017, titled "Detecting Credential Spearphishing in Enterprise Settings," Grant Ho, Mobin Javed, Vern Paxson, and David Wagner from UC Berkeley, and Aashish Sharma of The Lawrence Berkeley National Laboratory (LBNL), describe a system that utilizes network traffic logs in conjunction with machine learning to provide real-time alerts when employees click on suspect URLs embedded in emails.

Damon McCoy, an NYU Tandon assistant professor of computer science and engineering and one of the paper's co-authors, explained that combining these techniques to identify sex ads by both author and Bitcoin owner represents a considerable advancement in assisting law enforcement and nonprofit organizations. "There are hundreds of thousands of these ads placed every year, and any technique that can surface commonalities between ads and potentially shed light on the owners is a big boost for those working to curb exploitation," he said.

"More than 50 percent of Google Play apps targeted at children under 13—we examined more than 5,000 of the most popular (many of which have been downloaded millions of times)—appear to be failing to protect data. In fact, the apps we examined appear to regularly send potentially sensitive information—including device serial numbers, which are often paired with location data, email addresses, and other personally identifiable information—to third-party advertisers"