News Article | April 28, 2016
How often do you visit your doctor’s office? Three, four times per year? For most of us, our health is really about what happens between these visits: It’s the medications we take, our changing moods, or that decision to hit the gym more regularly. Apple sees a huge opportunity to connect patients, doctors, and caregivers using mobile technology. Its flagship devices, such as iPhone and Apple Watch, are continuously collecting health information using sensor-based technology. But the next step is to bring this data into the hands of a care team, including doctors, nurses, health coaches, and caregivers. Apple's CareKit service, which is available today via Github's open source community, is designed to make it easier for developers to do just that. Developers can use CareKit to help patients collect health data, manage their symptoms, and share a report with their care team—all via a mobile phone. The iPhone maker has kept CareKit under wraps since the service was unveiled in March. But its CareKit team has been quietly working with three startups that received early access to the code: One Drop, an app for diabetes management; Glow, maker of reproductive health apps; and Iodine, a medication management app for people with depression. The Cleveland Clinic is building an app for patients with respiratory conditions such as asthma, which will be available in the coming days. "We had about a month to play with CareKit," says Iodine founder and CEO Thomas Goetz. "It has been especially helpful for us to slot in important context in a way that makes sense to patients, like our trend data on what they can expect from an antidepressant." Goetz says his team opted to rip and replace its existing code in cases where they preferred the CareKit user experience. One example is a particularly nifty module called Connect, which makes it easy for patients to share a PDF health report via fax, email, or SMS. Developers using CareKit can take a pick 'n' mix approach to their development. The software framework includes four modules, which were designed by Apple's team with the following use cases in mind: administering a care plan, measuring symptoms, laying out insights via a dashboard to help judge whether treatments are working, and sharing health reports. For some hospitals, the premise behind CareKit is nothing new. Tech-savvy health systems such as Ochsner in New Orleans have even hired dedicated teams to track patients' symptoms once they leave the hospital via data from blood pressure cuffs, iPhones, wireless weight scales, and smartwatches. A suspicious event like a rapid weight gain might trigger a doctor or nurse to reach out to the patient and check in. In turn, their patients are using mobile technology to gather evidence about their symptoms to share with a specialist. A handful of developers have also been playing with mobile care plans for several years, including Glow. But they see CareKit as a new and improved user experience for iOS. "What CareKit can help us with is to facilitate a productive conversation between the consumer and the health care provider," says Jennifer Tye, the head of marketing at Glow, maker of four apps for women's health. But not every app maker will have much experience with health care, and that might result in a whole new set of challenges. Unlike ResearchKit, CareKit is not restricted to medical researchers with review board approvals. A teenage coder could use it to build an app to track a chronically ill parent's symptoms, such as the length of an epileptic seizure or the severity of a hand tremor. On the one hand, it would be inspiring to see young developers hacking together these kinds of apps. But will they ensure that patient privacy is protected, especially when they share patients' sensitive data with a third party? Apple is not taking a watchdog approach to mobile health, aside from the typical review process before an app is approved for the App Store. You might be wondering how Apple can expect hospitals to make an investment in caring for their patients remotely. Why should they care once the patient has been discharged? More hospitals are exploring the potential of mobile health in the aftermath of a policy shift toward value-based care, meaning payment based on outcomes and not pricey procedures. Recent health care reforms have put hospitals under the gun to ensure that patients don't end up right back in the emergency room 30 days after they're discharged. Some health systems have responded by sending nurses to a patient's home, which is expensive. So it wouldn't be surprising to see hospital development teams flocking to CareKit in the coming weeks. But it still remains to be seen whether these apps will integrate effectively with clinician workflow, which is essential to their success. Doctors are already overwhelmed with incumbent technology, and many harbor fears about medical liability if they accept more data from patients. It's easy to miss something in a weekly report. It also will be important for Apple's CareKit to integrate with major electronic health record systems such as Epic Systems and Cerner, to make it easier for doctors to review CareKit reports within a patient's medical record, which includes medical history, prescriptions, and more. But challenges aside, many health insiders have praised Apple's partnership-driven approach. "No company is going to solve the problems of health care tomorrow," says primary care doctor Jordan Shlain, who has advised Apple in the past. "Apple is helping facilitate rapid prototyping, so we can figure out what works and what doesn't in this broken, high-regulated system."
In July 2013, the Information Commissioners Office (ICO) and telecommunications regulator, Ofcom, announced they were joining forces to tackle nuisance calls. Then, from last April, the ICO was given new powers to crack down on nuisance calls through an amendment to the Privacy and Electronic Communications Regulations. The results of which are now starting to be seen. Only last month the ICO issued its largest ever fine of £350,000 to Prodial, a company that had made more than 46m nuisance calls. Manchester based MyIML, a telemarking company selling solar panels was also recently fined £80,000 by the ICO for contacting people who had opted out of receiving marketing calls. Why are nuisance calls such an issue? One of the main reasons nuisance calls are such a big problem these days is that it has never been so easy or cheap to setup a call centre. Today's telephone network is one large computer and with business connection charges falling, all a telesales company needs is their own computer loaded with software – which is readily available from the web. With modern Voice over IP systems, call centres don't even need their own direct link to the telephone network, so long as they are connected to the internet. The telesales organisation's computer can then automatically dial telephone numbers, connecting those that answer through to telesales operators or a recorded message. There is generally considered to be three types of nuisance call. Live calls are unwanted calls from a real person, normally from a telesales company. Automated calls result in you hearing a pre-recorded marketing message when you answer the phone. And silent or abandoned calls are just that – when you answer the phone no-one's there. Then there's also the issue of unwanted SMS text messages. In January 2016, the ICO received 9,633 reports of nuisance calls to be investigated: 45% of these related to automated calls, 42.5% live calls and 12.5% SMS text messages. How can you stop nuisance calls? With nuisance calls becoming such a, well, nuisance, the telephone providers are now moving to tackle the problem at source. Talk Talk has expanded their HomeSafe system to monitor the frequency of calls and to automatically block those that exceed a threshold from even reaching a customer's phone. And in February this year, BT announced a similar service is to be rolled out across their network. But on top of this, there is also a lot you can do yourself to help reduce the number of calls. First off, you should always report nuisance calls to either the ICO or Ofcom – so they can be investigated. It's all too easy to get annoyed and slam the phone down, but if you take a minute to gather as much information as possible and pass it on to the relevant organisation, at least then you might be saving someone else from the nuisance of nuisance calls in the future. You should also register with the Telephone Preference Service. While this alone won't stop nuisance calls, because it relies on the compliance of organisations, it does act as a deterrent, and is well worth doing if you haven't done so already. Another way of managing nuisance calls, is by using caller line identification – which allows you to see the number of the person calling you. If you don't recognise it, you simply have the option of not answering. You can also use call blocking either on your phone or through your telephone provider to stop calls from specific numbers. Another tip, don't immediately speak but listen when answering the phone because if it remains silent, there's a good chance it's a telesales call. And of course, you've probably heard if before, but do be very careful of the small print on any paper or online form you complete, as you may inadvertently be allowing that organisation to contact you for marketing purposes - effectively saying yes to cold calling. Will they ever go away? Over the years, telecommunications firms have benefited from connecting companies to their networks and through the sale of services such as call blocking, so it is good to see some of that now being re-invested into tackling nuisance calls. However, the next challenges are already emerging with a growing number of nuisance calls now being directed towards mobile phones. "Spoofing" has also become a big issue, with telesales companies now able to deceive us, and the network providers, by faking their own telephone number to get you to take the call. So while it is good to see the regulators have begun the fightback with a renewed determination, sadly, so long as it remains profitable for telesales companies to operate, nuisance calls will continue to plague us. Even if overall volumes are reduced, each one we receive is still a nuisance. Explore further: Your call is important to the NSA and they could be recording you
News Article | September 12, 2016
Startup accelerator Spring, which launched last year, nurtures businesses that benefit adolescent girls in East Africa and South Asia. In 2015, the group organized a design-focused boot camp in Nairobi, Kenya, and similar projects are now set to take place in Pakistan, Bangladesh, and Nepal. Here are some of the businesses that took part in the Kenya sessions. Started by a pair of Georgia Institute of Technology grads, this company installs free toilets in homes that don’t have access to a sewer system (it charges a fee to cart away waste, which it then turns into charcoal briquettes). The Sanivation toilet addresses several issues related to public pit latrines, such as sanitation, privacy, and safety. "We look at girls as indirect consumers who can trigger purchases," says cofounder Andrew Foote, who assembled focus groups at schools in Kenya to help design toilets that would most appeal to young women. The Nairobi-based family-health company aims to reduce maternal and infant mortality by using SMS and voice technologies to send advice and reminders to expectant and new mothers. Spring helped Totohealth design a content system that’s aimed at teenagers. "[Teens] are more on their own than somebody who is carrying a pregnancy in a stable relationship," says Fonda Ruiter, a pediatric and public-health specialist at Totohealth. "They do not have the support an adult would have." Tiny Totos is working to improve day-care facilities in poor Nairobi neighborhoods. The company helps train caregivers to create safe and nurturing environments, and also provides funding and business coaching. "We just want kids to have a place where they can be kids," says Tiny Totos cofounder Emma Caddy. "To learn, be confident, and find a kick-start to rise above the squalor of their surroundings." Click here for the 2016 Innovation by Design Awards finalists and winners.
News Article | September 1, 2016
Apple has issued an urgent security update to fix critical vulnerabilities in the laptop and desktop version of the Safari browser and the OS X operating system, which allowed sophisticated hackers to remotely take control of Apple computers. The new fixes come a week after malware hunters caught government hackers trying to exploit unknown flaws in the iPhone’s operating system to hack into the phones of a Dubai-based human rights activist and a Mexican journalist. Last week, Apple patched those vulnerabilities in an iOS update. But as it turns out, those unknown flaws, or zero-days, also affected Safari and Apple’s computer operating system OS X, given that the mobile and regular version of Safari share the same codebase. Apple quietly released the patch for Safari and for OS X on Thursday. According to Apple’s advisory, the vulnerability in Safari allowed hackers to execute arbitrary code on a victim’s computer by tricking him or her into visiting “a maliciously crafted website.” In simpler words, by tricking someone to clicking on a wrong link, hackers could then take over the victim’s Mac computer. This is the same technique that hackers using malware created by a shadowy Israeli surveillance vendor known as NSO Group, used in the attacks against the UAE dissident and the Mexican journalist. Read more: Hacker ‘Phineas Fisher’ Speaks on Camera for the First Time—Through a Puppet ”Not only could NSO infect iPhones at the touch of a link, but it seems that the vulnerabilities they were exploiting could be weaponized to target many different platforms,” Bill Marczak, a senior researcher at Citizen Lab, told Motherboard. The company credited Citizen Lab, a digital rights watchdog at the University of Toronto's Munk School of Global Affairs, and mobile security firm Lookout for discovering the flaw. Researchers at Citizen Lab, with the help of Lookout, analyzed the NSO malware behind the attack on the UAE activist Ahmed Mansoor two weeks ago, and alerted Apple right away. They discovered that the malware leveraged three unknown zero-days to allow attackers to take full control of the iPhone, allowing what is essentially a remote jailbreak of the device. Those same vulnerabilities could have been used against Mac users, and thanks to Apple's new patches, hackers won't be able to weaponize those bugs anymore. ”Kudos to apple for being proactive here. They are patching vulnerabilities that could have been weaponized against OS X users,” John Scott-Railton, another senior researcher at Citizen Lab, told Motherboard. ”In the end it goes back to Mansoor's vigilance. Here is someone whose willingness to share a single suspicous SMS with researchers is leading to improvements in the security for hundreds of millions.” Want more Motherboard in your life? Then sign up for our daily newsletter.
News Article | August 26, 2016
Since early 2015, over a dozen UK companies have been granted licenses to export powerful telecommunications interception technology to countries around the world, Motherboard has learned. Many of these exports include IMSI-catchers, devices which can monitor large numbers of mobile phones over broad areas. Some of the UK companies were given permission to export their products to authoritarian states such as Saudi Arabia, the United Arab Emirates, Turkey, and Egypt; countries with poor human rights records that have been well-documented to abuse surveillance technology. “At a time when the use of these surveillance tools is still highly controversial in the UK, it is completely unacceptable that companies are allowed to export the same equipment to countries with atrocious human rights records or which lack rule of law altogether. There is absolutely a clear risk that these products can be used for repression and abuses,” Edin Omanovic, research officer at Privacy International, told Motherboard in an email. In 2015, the UK's Department for Business, Innovation and Skills (BIS) started publishing basic data about the exportation of telecommunications interception devices. Through the Freedom of Information Act, Motherboard obtained the names of companies that have applied for exportation licenses, as well as details on the technologies being shipped, including, in some cases, individual product names. The companies include a subsidiary of defense giant BAE Systems, as well as Pro-Solve International, ComsTrac, CellXion, Cobham, and Domo Tactical Communications (DTC). Many of these companies sell IMSI-catchers. IMSI-catchers, sometimes known as “Stingrays” after a particularly popular brand, are fake cell phone towers which force devices in their proximity to connect. In the data obtained by Motherboard, 33 licenses are explicitly marked as being for IMSI-catchers, including for export to Turkey and Indonesia. Other listings heavily suggest the export of IMSI-catchers too: one granted application to export to Iraq is for a “Wideband Passive GSM Monitoring System,” which is a more technical description of what many IMSI-catchers do. IMSI-catchers typically extract the phone SIM card's unique identifying number, or IMSI, but many models are capable of more powerful surveillance techniques as well. Cobham, which has been granted at least one license, advertises IMSI-catchers that can be used to intercept SMS messages and voice calls from mobile phones. “IMSI catchers are probably one of the most controversial and yet more demanded pieces of surveillance technology marketed today. They are of dubious legality and their use raises serious ethical and privacy concerns due to their invasiveness and wide reach,” Claudio Guarnieri, technologist at Amnesty International told Motherboard in an online chat. Some of the other export licenses for IMSI-catchers are marked as “temporary.” According to the Department for International Trade, which processed the Freedom of Information Request, this means the product has to be returned to the UK within one year. These licenses might be used for transferring equipment to be exhibited at a surveillance trade fair, or demoed to a potential client. A temporary license was granted for the export of an IMSI-catcher to Pakistan. In all, Motherboard received entries for 148 export license applications, from February 2015 to April 2016. A small number of the named companies do not provide interception capabilities, but defensive measures, for example to monitor the radio spectrum. The list of companies provided by the Department for International Trade For a few licenses, the department withheld product descriptions, saying their disclosure would harm commercial interests. The department declined to link any of the companies to specific license applications, but in some cases the data provides enough information to make a clear connection. For example, two temporary licenses are for “DNA Tracker,” a product made by Megablue Technologies Limited. DNA Tracker can not only track phones’ locations by their IMSI numbers, but also devices such as laptops through their individual MAC addresses. The data includes two successful license applications for temporary export of the product to China and Kuwait. The company's website suggests the gear could be deployed in airports, or for crowd monitoring and property protection. In another example, licenses refer to Marlin, a product made by TRL Technology Limited that can intercept calls made on the IsatPhone, Inmarsat and Thuraya satellite phone networks. According to the export data, permanent export licenses for Marlin were granted for Egypt, India, Indonesia, Israel, Kenya, Turkey and Vietnam (a license for export to Ethiopia was refused). A TRL Technology Limited Brochure showing the Marlin system, which is used for targeting various satellite phone networks. Image: Surveillance Industry Index Many of the countries that may have received products included in the export data have a history of abusing surveillance technology. Turkey framed a journalist using malware; the United Arab Emirates repeatedly spied on an activist, and the government of Saudi Arabia is suspected of hacking political targets. “As we learn time and time again, countries with bad human rights records often keep utilizing interception technology to perpetrate even more abuses and suppress dissent. British and European companies by now should very well know the risks involved in enabling and empowering some oppressive governments. Therefore it is imperative that companies as well as licensing authorities appropriately evaluate human rights implications when making business decisions,” Amnesty International’s Guarnieri said. Nick Haigh, external communications manager for BAE Systems Applied Intelligence, told Motherboard in an email, “It is against our policy to comment on contracts with specific countries or customers. BAE Systems works for a number of organisations around the world, within the regulatory frameworks of all relevant countries and within our own responsible trading principles.” All of the other companies linked to the interception tech exports did not respond to questions on which customers or countries they would sell to. A spokesperson from the Department for International Trade told Motherboard in an email that, “The UK government takes its arms export responsibilities very seriously and operates one of the most robust arms export control regimes in the world. We rigorously examine every application on a case-by-case basis against the Consolidated EU and National arms export licensing Criteria. We draw on all available information, including reports from NGOs and our overseas network as a key part of our assessment.” Export licensing requires the department to consider how the equipment will be used by the recipient country. The export dataset can be found here.