Posted on 11/15/2022 10:15:27 AM PST by FarCenter
US government agencies including the Army and Centers for Disease Control and Prevention pulled apps running Pushwoosh code after learning the software company – which presents itself as American – is actually Russian, according to Reuters.
Pushwoosh is a software company that provides code and data analysis for developers so they can automate custom push notifications based on smartphone users' online activity. This is the same kind of tracking data – aka commercial surveillance – that major US tech companies like Google and Meta have come under fire for collecting by privacy advocates and watchdog agencies alike.
However, in this case, it's a Russian company collecting and processing this data. That means in addition to regular old privacy concerns, there's also national security worries on the line – especially when the US military uses the code.
The US Army removed the app in March, we're told.
"The app in question was developed in 2016 by an individual who is no longer associated with the National Training Center (NTC) using a free version of Pushwoosh," US Army spokesperson Bryce Dubee told The Register, adding there was no contract. "NTC reports they did not have any knowledge that Pushwoosh code was part of the app and were not aware of Pushwoosh itself or that it was a Russian-owned company."
"As regulations and guidance have become more stringent since 2016, PM Army Mobile moved to have the app taken offline completely while conducting a routine review of authorized apps," Dubee continued. "Additionally, regulations do not authorize the use of free software when paid software is available, and consequently, the PM Army Mobile team would have immediately disallowed/disapproved the use of free software."
In addition to the US government agencies, consumer goods giant Unilever, the Union of European Football Associations, American gun lobby group National Rifle Association, and Britain's Labour Party also installed Pushwoosh code in their apps, Reuters reported.
Apps running Pushwoosh code are available on Google Play and Apple's App Store, and the company claims its code runs on more than 2.3 billion connected devices, according to its website.
Why hack computers when stupid people will install your spyware for you?
One thing I really hate about my generation is the obsessive compulsion so many of us have for installing all these trivial apps on their phones. As if having some stupid app is really going to improve your life!
Right now Python is all the rage. There is an official site on line that anyone can download code libraries from, unless their company or agency prevents them.
I wonder if all of the code in those libraries is copacetic?
What, their Kaspersky AV didn’t catch it? Lol.
There is a lot of open source software used by the military.
I know one image processing programs that I’m aware they use.
Open source does not mean it is easily bugged.
However, if some employees who want the latest/greatest demand to get software themselves, then even reliable sites could have been hacked since the last time they visited.
great vetting job...
Yes, it is possible.
But believe me, our military, especially the Navy have some incredible computer security personnel.
I have a relative that spent a tour at Ft. Meade for the Navy.
He started out as a Crypto operator. Did lots of other things. He spent a tour in Iraq was there when Fallujah was hot.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.