WhatsApp limits message forwarding to fight 'fake news'

Giving each and every app access to personal information stored on Android smartphones such as your contacts, call history, SMS and photos may put you in trouble as bad actors can easily use these access to spy on you, send spam messages and make calls anywhere at your expense or even sign you up for a premium "service", researchers from cybersecurity firm Kaspersky have warned.

But one can restrict access to such information as Android lets you configure app permissions. 

Giving an app any of these permissions generally means that from now on it can obtain information of this type and upload it to the Cloud without asking your explicit consent for whatever it intends to do with your data.

Therefore, security researchers recommend one should think twice before granting permissions to apps, especially if they are not needed for the app to work. 

For example, most games have no need to access your contacts or camera, messengers do not really need to know your location, and some trendy filter for the camera can probably survive without your call history, Kaspersky said. 

While decision to give permission is yours, the fewer access you hand out, the more intact your data will be.

Here's what you should know to protect your data.

SMS: An app with permission to send and receive SMS, MMS, and WAP (Wireless Application Protocol) push messages, as well as view messages in the smartphone memory will be able to read all of your SMS correspondence, including messages with one-time codes for online banking and confirming transactions.

Using this permission, the app can also send spam messages in your name (and at your expense) to all your friends. Or sign you up for a premium "service." You can see and conrol which apps have these rights by going to the settings of your phone.

Calendar: With permission to view, delete, modify, and add events in the calendar, prying eyes can find out what you have done and what you are doing today and in the future. Spyware loves this permission.

Camera: Permission to access the camera is necessary for the app to take photos and record video. But apps with this permission can take a photo or record a video at any moment and without warning. Attackers armed with embarrassing images and other dirt on you can make life a misery, according to Kaspersky.

Contacts: With permission to read, change, and add contacts in your address book, and access the list of accounts registered in the smartphone, an app can send your entire address book to its server. Even legitimate services have been found to abuse this permission, never mind scammers and spammers, for whom it is a windfall.

This permission also grants access to the list of app accounts on the device, including Google, Facebook, and many other services.

Phone: Giving access to your phone means permission to view and modify call history, obtain your phone number, cellular network data, and the status of outgoing calls, add voicemail, access IP telephony services, view numbers being called with the ability to end the call or redirect it to another number and call any number.

This permission basically lets the app do anything it likes with voice communication. It can find out who you called and when or prevent you from making calls (to a particular number or in general) by constantly terminating calls. 

It can eavesdrop on your conversations or, of course, make calls anywhere at your expense, including to pay-through-the-nose numbers, Kaspersky warned.

Denser places, assumed by many to be more conducive to the spread of the coronavirus that causes COVID-19, are not linked to higher infection rates, say researchers.

The study, led by Johns Hopkins University, published in the Journal of the American Planning Association, also found that dense areas were associated with lower COVID-19 death rates.

"These findings suggest that urban planners should continue to practice and advocate for compact places rather than sprawling ones, due to the myriad well-established benefits of the former, including health benefits," says study lead author Shima Hamidi from Johns Hopkins Bloomberg School of Public Health in the US.

For their analysis, the researchers examined SARS-CoV-2 infection rates and COVID-19 death rates in 913 metropolitan counties in the US.

When other factors such as race and education were taken into account, the authors found that county density was not significantly associated with county infection rate.

The findings also showed that denser counties, as compared to more sprawling ones, tended to have lower death rates--possibly because they enjoyed a higher level of development including better health care systems.

On the other hand, the research found that higher coronavirus infection and COVID-19 mortality rates in counties are more related to the larger context of metropolitan size in which counties are located.

Large metropolitan areas with a higher number of counties tightly linked together through economic, social, and commuting relationships are the most vulnerable to the pandemic outbreaks.

According to the researchers, recent polls suggest that many US citizens now consider an exodus from big cities likely, possibly due to the belief that more density equals more infection risk.

Some government officials have posited that urban density is linked to the transmissibility of the virus.

"The fact that density is unrelated to confirmed virus infection rates and inversely related to confirmed COVID-19 death rates is important, unexpected, and profound," said Hamidi.

"It counters a narrative that, absent data and analysis, would challenge the foundation of modern cities and could lead to a population shift from urban centres to suburban and exurban areas," Hamidi added.

The analysis found that after controlling for factors such as metropolitan size, education, race, and age, doubling the activity density was associated with an 11.3 per cent lower death rate.

The authors said that this is possibly due to faster and more widespread adoption of social distancing practices and better quality of health care in areas of denser population.

The researchers concluded that a higher county population, a higher proportion of people age 60 and up, a lower proportion of college-educated people, and a higher proportion of African Americans were all associated with a greater infection rate and mortality rate.

Twitter has joined efforts to do away with racially loaded terms such as master, slave and blacklist from its coding language in the wake of the death of African-American George Floyd and ensuing Black Lives Matter protests.

The project started even before the current movement for racial justice escalated following the death of 46-year-old George Floyd in police custody in May.

The use of terms such as "master" and "slave" in programming language originated decades ago. While "master" is used to refer to the primary version of a code, "slave" refers to the replicas. Similarly, the term "Blacklist" is used to refer to items which are meant to be automatically denied.

The efforts to change these terms in favour of more inclusive language at Twitter were initiated by Regynald Augustin and Kevin Oliver and the microblogging platform is now backing their efforts.

"Inclusive language plays a critical role in fostering an environment where everyone belongs. At Twitter, the language we have been using in our code does not reflect our values as a company or represent the people we serve. We want to change that. #WordsMatter," Twitter's engineering team said in a post on Thursday.

As per the recommendations from the team, the term "whitelist" could be replaced by "allowlist" and "blacklist" by "denylist".

Similarly, "master/slave" could be replaced by "leader/follower", "primary/replica" or "primary/standby".

Twitter, however, is not the first to start a project to bring inclusivity in programming language.

According to a report in CNET, the team behind the Drupal online publishing software started using "primary/replica" in place of "master/slave" as early as in 2014.

The use of the terms "master/slave" was also dropped by developers of the Python programming language in 2018.

Now similar efforts are underway at Microsoft's Github and LinkedIn divisions as well, said the report.