The Apple $1 Billion Suit Over Facial Recognition Gone Wrong

The story from earlier already has a broken link. So here it is again from a different source. Teen hits Apple with $1B lawsuit over facial recognition arrest.

Ousmane Bah was arrested by New York Police Department officers on Nov. 29 after being accused of thefts at Apple Stores in Manhattan, Boston, New Jersey and Delaware, according to his lawsuit.

The lawsuit says the actual thief was caught stealing $1,200 worth of merchandise — specifically Apple Pencils — from the Boston store on May 31, 2018. The person then used a stolen ID that included Bah’s name, address and other personal details, but not his photo, according to the suit. This may actually have been a non-photo learner’s permit that Bah previously lost, the suit says. Bah is African American.

The lawsuit accuses Apple of negligence, emotional distress, defamation, slander, libel and fraudulent concealment.

Because they didn’t bother to look at the guy they arrested vs the security camera footage BEFORE they arrested him. Though that’s as much on the cops as on Apple.

Advertisements

Apple Defamed a Kid, He Wants His Payday

Facial recognition gone wrong. A teenager is suing Apple for $1 billion over facial recognition tech. OK that link is broken in a day. Here’s the CNET story. Teen hits Apple with $1B lawsuit over facial recognition arrest. Quotes are from the original. Not sure why that source booted the story…

An 18-year-old from New York is currently trying to take Apple for around 0.1 per cent of the company worth – $1 billion – for a facial recognition faux pas that has allegedly seen him charged in New York, Massachusetts, Delaware and New Jersey for thefts that were nothing to do with him.

The only way to get the tech giants to change their ways – short of antitrust action, which I don’t see happening – is to cause them real financial harm.

Facial recognition not being a reliable tool in law enforcement? We’re shocked. Absolutely shocked.

Apple Doesn’t Think They Should Play By the Same Rules as Everyone Else

They are Apple after all. Researcher Declines to Share Zero-Day macOS Keychain Exploit with Apple.

So this guy found a zero-day in the current version of Apple’s password manager. And he built a proof-of-concept. (You can see it demoed in a 1.5 minute video if you click the link above.) But he won’t share it with Apple because they don’t have a bug-bounty program. Because Apple is different from the rest of the tech companies in the world. Or something. (They are certainly more arrogant than your average tech company, and THAT is saying something.)

The vulnerability found by Henze in Apple’s macOS operating system last week is present “in the keychain’s access control” and it could allow a potential attacker to steal Keychain passwords from any local user account on the Mac, without the need of admin privileges nor the keychain master password.

This isn’t the first time Apple has built an encrypted system for which the cryptography was substandard. The original version of Messenger was supposed to be secure, but the encryption – developed by Apple, not industry standard – was substandard. (The rewrote it using an open-source encryption.)

As for the security researcher, Linus Henze…

Please note that even if it looks like I’m doing this just for the money, this is not my motivation at all in this case. My motivation is to get Apple to create a bug bounty program. I think that this is the best for both Apple and Researchers. I really love Apple products and I want to make them more secure. And the best way to make them more secure would be, in my opinion, if Apple creates a bug bounty program (like other big companies already have)

If he was just in it for the money, I’m sure that Zerodium would have been willing to pay him big bucks before his disclosure. (They will pay as much as $2 million for a zero day.)

But Apple expects you to spend weeks or months researching problems with their code, and then you should just hand over your findings to them free of charge. Because Apple.

He hasn’t given anything away, but now that people know about the existence of the zero-day, it is only a matter of time before the exploit is discovered by someone less ethical, and put to nefarious use.

“The Great Wall of Cupertino” – OR – How Not to Pitch to Bankers

Apple likes secrecy. Apple wants to do business with banks. Banking has all these pesky “transparency” regulations. Apple’s secret banking play hits a privacy pothole.

This is a pretty big story in and of itself, but the real issue is how Apple tripped over their collective – inflated – ego.

The first problem, as noted at Fudzilla, is that these people are not the idiots Apple expected them to be.

Apple turned everyone out the favorite lounge at the show and instituted secrecy – behind that Great Wall – for a pitch to the banking industry.

Apple thought it could resolve the issue by holding an exclusive presentation in the middle of a trade show for the bankers. This backfired because Apple bodged it by holding the secret presentation in the middle of an Aussie trade show and kicking out all the other riff-raff.

It tried to do its usual trick of hyping itself up and expect the bankers to follow like adoring children. Unfortunately for Apple, high-level Bankers did not get where the are today by believing that sort of rubbish. In fact, while Bankers might be Satan’s little helpers, at least they are not stupid Apple fanboys who think buying the iPhoneX is great because its maker tells them that it is.

Or as ITnews noted…(from the first link at the top of the post)

A gentleman from Switzerland seemed less impressed and described the Apple event as one giant stage managed ad and said it revolved around Apple talking about how good it was, how good its privacy is, and how nice its products are.

Our Geneva-based source added it appeared all the mystery and conspicuous exclusion had been engineered to create a buzz that was let down by a, well, an hour long ad.

“Apparantly I can also do some banking on my iPad and you can use an iPad in a bank,” the gentleman drolly said. “Great.”

Welcome to the Real World™ where people buying (or not) your services actually know what they are doing, and have to do a cost/benefit analysis before they do buy it (or don’t – as the case may be).

If the App is Free, That Means YOU Are the Product

They have to make money somehow, so it is by selling all of your information. Dozens of popular iPhone apps caught sending user location data to monetization firms.

A group of security researchers say dozens of popular iPhone apps are quietly sharing the location data of “tens of millions of mobile devices” with third-party data monetization firms.

Almost all require access to a user’s location data to work properly, like weather and fitness apps, but share that data often as a way to generate revenue for free-to-download apps.

There is a list of at least some of the apps involved, including those, like AccuWeather and NOAA Weather Radar that changed the code once they were busted. But some don’t.</p

Apple is demanding that all apps have a privacy policy by October 3, which will do nothing, but lets them pretend they are doing something. Have you EVER not installed an app or piece of software because something the privacy policy or the other disclaimers made you hesitant? And yes, I do read those and I do take them seriously. And when I don’t like something, I have been known to perpetrate misinformation. (You mean you don’t have disposable email addresses?)

What Price Lithium-Ion Batteries?

Do you care that children mine Cobalt in some of the worst conditions to produce those electric cars and cell phones? Would you care if wasn’t kids, just poor people in the Congo? Congo’s child labor spurs demand from Apple, Tesla for ethically produced cobalt

Good luck.

Cobalt helps power everything from smartphones to laptops to electric vehicles.

It’s a key ingredient in lithium batteries, a product that has seen an explosion in demand recently.

But 60 percent of the world’s cobalt comes from the Congo, where children often do much of the hard labor.

Of course that won’t eliminate the problem. It will just shift the distribution around. (It’s simple economics – there is so much cobalt available, and Apple/Tesla/Samsung/et al need it.) So that cobalt from the Congo will end up in your security camera, or the off-brand battery you order for your laptop. Or whatever. Anything with a memory that lives beyond a power outage probably has a lithium-ion battery today. While Apple can dictate terms, not every manufacturer can.