Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

4/3/2012
06:46 PM
Thomas Claburn
Thomas Claburn
Commentary
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Girls Around Me App: Not Today's Creepiest Stalker

Was the Girls Around Me app tasteless and juvenile? Of course. But we should be far more concerned about being stalked by law enforcement agencies and our cell phone companies.

10 Top iOS 5 Apps
10 Top iOS 5 Apps
(click image for larger view and for slideshow)
Over the weekend, Russian app developer i-Free withdrew its Girls Around Me app, which last week faced a chorus of criticism on various websites for being a stalking tool. It allowed a user to map the location of nearby women and glean information about them, using public Facebook and Foursquare data.

The company said it removed its app from the iTunes App Store because Foursquare, swayed by the controversy, disallowed the app's access to its geolocation API, thereby preventing the app from working properly. The app had been downloaded over 70,000 times.

I-Free defended itself in a statement provided to the Wall Street Journal. "Girls Around Me does not provide any data that is unavailable to the user when he uses his or her social network account, nor does it reveal any data that users did not share with others," the company said.

Girls Around Me might have been tasteless, juvenile, and cynical, but in that it has plenty of company. App stores are full of crassly conceived software. What it's not is creepy, a term used by Cult of Mac to describe the app.

Creepy implies intent. It would be creepy if i-Free designed its app to be used for stalking and harassment. But there isn't any evidence of that intent. Nor is there any evidence that the app has been involved in an actual case of harm.

Certainly, Girls Around Me could be used for stalking, but the same can be said of binoculars. Binoculars are a tool that might be creepy in certain people's hands. But mainly, they're just a tool with legitimate uses.

[ Read 8 Tablets Fit For Windows 8 Beta. ]

Girls Around Me also is a tool, one that aggregates and correlates public data. Its primary crime appears to have been violating Foursquare's rules on aggregating API data from multiple locations. Most Internet users have probably committed a similar website rules violation at one time or another. Just as consumers gloss over privacy policies, i-Free's developers probably didn't read Foursquare's rules very closely.

Where does all this data come from? It's made available by users of Facebook and Foursquare. The thing that's really creepy about Girls Around Me is that it reveals people's proclivity for self-harm. Internet users had privacy before they started using social networks. Now they freak out when they see what can be done with the data they have so blithely shared.

The irony of this particular controversy is that it comes amid a far creepier revelation: According to documents obtained by the ACLU, law enforcement agencies routinely track people using cell phone data, often without warrants and with the cooperation of telecommunications companies--which generate revenue from customer data by charging service fees to law enforcement. You supply the data; your phone company gets paid.

Unlike aggregating public social network data, government scrutiny of cell phone data is a potential violation of constitutionally protected rights: The limited privacy rights enshrined in the U.S. Bill of Rights concern beliefs, home privacy, protection from government searches and seizures, and protection against self-incrimination. The protection against self-incrimination might as well be scrapped if participation in modern society entails unavoidable self-surveillance.

If you want creepy, consider this passage from a collection of documents compiled to help law enforcement personnel obtain cell phone data. It was posted by privacy researcher Christopher Soghoian. Though it is unattributed, the passage also appears in a 2006 newsletter posted in April 2011, where it's credited to California Deputy Attorney General Robert Morgester.

"Cellular phones have become the virtual biographer of our daily activities," Morgester wrote. "It [sic] tracks who we talk to and where we are. It will log calls, take pictures, and keep our contact list close at hand. In short it has become an indispensable piece of evidence in a criminal investigation."

The question we should be asking is not whether Girls Around Me encourages stalking. It's whether we as users of technology can have privacy if we choose it. Or is the unwritten rule of a mobile service contract that we shall submit a full account of our activities to be documented by our virtual biographer?

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
kupjones
50%
50%
kupjones,
User Rank: Apprentice
4/6/2012 | 2:07:28 PM
re: Girls Around Me App: Not Today's Creepiest Stalker
My fear is you have this completely wrong - at least with law enforcement (in this country) we have some chance of eventually uncovering government abuse - and there are private orgs established to track this abuse. The Black Helicopters are there -- but at least we know they are there.

Contrast that against millions of free-agent abusers -- the thought is staggering. We've taken our eye off the real ball -- the fact that we are posting our lives onto a medium that is inherently not private, there for the millions to see. If this doesnt scare you, nothing will.
YMOM100
50%
50%
YMOM100,
User Rank: Apprentice
4/7/2012 | 7:27:47 PM
re: Girls Around Me App: Not Today's Creepiest Stalker
Wait, what? Since when does creepy imply intent? A guy with skin problems and greasy hair, missing an eye, checking out a girl at a bar may well be perceived as creepy whether he intended to or not. This app is creepy whether the devs intended it to be or not. You may want to consider supporting your premises with evidence in the future, as you may find holes in your logic before they get published!
holyfire001202
50%
50%
holyfire001202,
User Rank: Apprentice
5/7/2012 | 12:51:33 PM
re: Girls Around Me App: Not Today's Creepiest Stalker
YMOM, You're missing a piece. You stated the intent in that sentence. "...checking out a girl at a bar". His intent is to do whatever he's thinking about doing to-or for- this girl at the bar. The fact that we don't know what he's thinking makes him creepy. Now, If we saw a guy with skin problems and greasy hair missing an eye sitting at a bar having a laugh with another guy sitting next to him, he wouldn't be creepy, huh? Because all of a sudden his intent is having a good time with his friend, rather than [whatever he wanted to do] with that girl.
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/5/2020
How AI and Automation Can Help Bridge the Cybersecurity Talent Gap
Peter Barker, Chief Product Officer at ForgeRock,  6/1/2020
Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic
Kelly Jackson Higgins, Executive Editor at Dark Reading,  6/2/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13864
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from a stored XSS vulnerability. An author user can create posts that result in a stored XSS by using a crafted payload in custom links.
CVE-2020-13865
PUBLISHED: 2020-06-05
The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS vulnerabilities. An author user can create posts that result in stored XSS vulnerabilities, by using a crafted link in the custom URL or by applying custom attributes.
CVE-2020-11696
PUBLISHED: 2020-06-05
In Combodo iTop a menu shortcut name can be exploited with a stored XSS payload. This is fixed in all iTop packages (community, essential, professional) in version 2.7.0 and iTop essential and iTop professional in version 2.6.4.
CVE-2020-11697
PUBLISHED: 2020-06-05
In Combodo iTop, dashboard ids can be exploited with a reflective XSS payload. This is fixed in all iTop packages (community, essential, professional) for version 2.7.0 and in iTop essential and iTop professional packages for version 2.6.4.
CVE-2020-13646
PUBLISHED: 2020-06-05
In the cheetah free wifi 5.1 driver file liebaonat.sys, local users are allowed to cause a denial of service (BSOD) or other unknown impact due to failure to verify the value of a specific IOCTL.