Earlier this week at the Apple “Spring Forward” event Apple finally announced the long rumored AirTags tracking device. I did a story on why Tile can’t or won’t jump onto Apple’s Find My network which allows third party devices to work within the Apple ecosystem. But the real question is this. Now that AirTags actually exists, does Tile have anything to worry about?
Tile clearly thinks so. Almost the second that the “Spring Forward” event was over, Tile called Apple out:
Our mission is to solve the everyday pain point of finding lost and misplaced things and we are flattered to see Apple, one of the most valuable companies in the world, enter and validate the category Tile pioneered.
The reason so many people turn to Tile to locate their lost or misplaced items is because of the differentiated value we offer our consumers. In addition to providing an industry leading set of features via our app that works with iOS and Android devices, our service is seamlessly integrated with all major voice assistants, including Alexa and Google. And with form factors for every use case and many different styles at affordable prices, there is a Tile for everyone.
Tile has also successfully partnered with top brands like HP, Intel, Skullcandy and fitbit to enable our finding technology in mass market consumer categories like laptops, earbuds and wearables. With over 30 partners, we look forward to extending the benefits of Tile to millions of customers and enabling an experience that helps you keep track of all your important belongings.
We welcome competition, as long as it is fair competition. Unfortunately, given Apple’s well-documented history of using its platform advantage to unfairly limit competition for its products, we’re skeptical. And given our prior history with Apple, we think it is entirely appropriate for Congress to take a closer look at Apple’s business practices specific to its entry into this category. We welcome the opportunity to discuss these issues further in front of Congress tomorrow.
Let’s think about this for a second, Apple has opened up the Find My network to third parties. Sure that might be an optics exercise. But it also shows that if Tile really wanted to, they could join the party. But they’re either choosing not to, or they can’t. Something to consider is that if they did participate in the Find My network, they would have to have at least the trackers that are part of that network exclusively inside Apple’s ecosystem. Which means that they would be excluded from the Tile network. Something that I am sure isn’t palatable to Tile.
The other thing that I will say on this front is that Apple would be completely stupid to not allow Tile into the Find My party given how much scrutiny that they’re currently under from the US Congress among others for anti-trust reasons. Thus I have to wonder if this is all about the fact that Tile has just seen their life flash before their eyes because Apple just came out with a product that is potentially better.
Now if you ask me, here’s what Tile should really be worried about. Privacy. Apple as part of the Find My network has some pretty extensive privacy features. Here’s a paragraph from the Apple press release announcing AirTags:
AirTag is also designed with a set of proactive features that discourage unwanted tracking, an industry first. Bluetooth signal identifiers transmitted by AirTag rotate frequently to prevent unwanted location tracking. iOS devices can also detect an AirTag that isn’t with its owner, and notify the user if an unknown AirTag is seen to be traveling with them from place to place over time. And even if users don’t have an iOS device, an AirTag separated from its owner for an extended period of time will play a sound when moved to draw attention to it. If a user detects an unknown AirTag, they can tap it with their iPhone or NFC-capable device and instructions will guide them to disable the unknown AirTag.
Tile has nothing like this to stop unwanted tracking. And unless they get something like this as privacy matters to users these days, they may face mass defections of users that exist inside the Apple ecosystem who care about privacy. In my case, this feature alone is making me consider switching over my investment in the Tile ecosystem to AirTags because I care about privacy. But I will have to get one in house and test it out before I pull that trigger. Which if you clued in that this means that I will be reviewing AirTags, you get to move to the front of the class.
If anything, Tile needs to worry about being one step behind Apple in terms of privacy rather than go to congress and complain about any perceived anti-trust issues that it has with Apple. If they worry about the former, they have the chance to go head to head with Apple because:
- Tile was in this market first and has sizable lead.
- Tile has a cross platform product while Apple has a Apple centric product with limited Android support in the form of tapping an AirTag with an NFC enabled Android device to get directions to kill it or return it.
Let’s see if Tile chooses to do the right thing and match Apple in terms of privacy, or go down a path that will likely end in doom for them.
Guess What? Facebook Has A ‘Dangerous Vulnerability’ That Exposes Millions Of Email Addresses….. A Huge Reason To #DeleteFacebook
Posted in Commentary with tags Facebook on April 22, 2021 by itnerdA security researcher has made public a Facebook vulnerability exposing millions of user email addresses after Facebook allegedly dismissed the exploit when he reported it to them. Ars Technica has viewed a video created by the researcher demonstrates the exploit:
A video circulating on Tuesday showed a researcher demonstrating a tool named Facebook Email Search v1.0, which he said could link Facebook accounts to as many as 5 million email addresses per day. The researcher—who said he went public after Facebook said it didn’t think the weakness he found was “important” enough to be fixed—fed the tool a list of 65,000 email addresses and watched what happened next.
“As you can see from the output log here, I’m getting a significant amount of results from them,” the researcher said as the video showed the tool crunching the address list. “I’ve spent maybe $10 to buy 200-odd Facebook accounts. And within three minutes, I have managed to do this for 6,000 [email] accounts.”
Facebook said this in response:
In a statement, Facebook said: “It appears that we erroneously closed out this bug bounty report before routing to the appropriate team. We appreciate the researcher sharing the information and are taking initial actions to mitigate this issue while we follow up to better understand their findings.”
A Facebook representative didn’t respond to a question asking if the company told the researcher it didn’t consider the vulnerability important enough to warrant a fix. The representative said Facebook engineers believe they have mitigated the leak by disabling the technique shown in the video.
But here’s what the researcher said about how Facebook responded to his initial report:
The researcher, whom Ars agreed not to identify, said that Facebook Email Search exploited a front-end vulnerability that he reported to Facebook recently but that “they [Facebook] do not consider to be important enough to be patched.” Earlier this year, Facebook had a similar vulnerability that was ultimately fixed.
“This is essentially the exact same vulnerability,” the researcher says. “And for some reason, despite me demonstrating this to Facebook and making them aware of it, they have told me directly that they will not be taking action against it.”
Total #Fail for Facebook. But the #Fail gets worse:
An email Facebook inadvertently sent to a reporter at the Dutch publication DataNews instructed public relations people to “frame this as a broad industry issue and normalize the fact that this activity happens regularly.” Facebook has also made the distinction between scraping and hacks or breaches.
This is now an #EpicFail because it is clear that Facebook doesn’t care about its users and protecting them. If this combined with Facebook’s other #EpicFails doesn’t make you want to #DeleteFacebook, nothing will.
Leave a comment »