News in brief: Warning over Bitcoin scam app; Samsung facial recognition bypassed; Apple squares up to India

Your daily round-up of some of the other stories in the news

Don’t fall for this Bitcoin scam

With the (now slightly abating) boom in Bitcoin prices, it was only a matter of time before scams to entrap the unwary started popping up, designed to hook those not au fait with the nitty-gritty of how to use the cryptocurrency but who want to get in on the action.

And sometimes it’s the most unsophisticated scams that might tempt the vulnerable: researchers warned via Twitter on Tuesday of an app that promised the greedy or the unwary to double their cybermoney.

The app, called Bitcoin Doubler, throws up a dialog that asks users to enter their private key into a dialog box and click a Load Key and then Double button. To add insult to injury, it adds “If you make a mistake or need to double the value of multiple keys, click reset to start again.”

We hope we don’t have to remind Naked Security readers never to share private keys, but you never know when people will forget the ancient adage: if it sounds too good to be true, it is too good to be true.

Samsung facial recognition bypassed – again

Samsung may have worked hard not to repeat the problems its Galaxy Note 7 had with overheating batteries for its new Galaxy Note 8, but it appears the Korean giant seems not to have learned the lesson about easily fooled facial recognition.

As we reported back in April, the Galaxy S8’s facial recognition could be fooled with a photo of the user, and we recommended then that you don’t rely on that for authentication on your phone.

Now it seems that the Galaxy Note 8 can also be fooled with a photo – at least, in a demo device that developer Mel Tajon was able to bypass. The news organisation CNET later confirmed that its review device could also be bypassed by a photo.

So our advice stands: you don’t have to use facial recognition to unlock your phone, and you shouldn’t make it too easy, either.

As Paul Ducklin wrote at the time, “aim for the greatest amount of inconvenience you think you can tolerate, plus a bit extra” when it comes to unlocking your device.

Apple rejects Indian government app over privacy fears

Apple is refusing to add the Indian government’s anti-spam app to its App Store in the country, warning that it violates its privacy policy.

The Do Not Disturb app, from India’s Telecom Regulatory Authority, is designed to help users file complaints about spam calls and texts, but Apple is concerned that it would allow access to the device owner’s full call history.

Ram Sewak Sharma, the chairman of the regulator, told Bloomberg: “Nobody’s asking Apple to violate its privacy policy. It is a ridiculous situation; no company can be allowed to be the guardian of a user’s data.”

This latest skirmish over privacy for Indians comes in the wake of a ruling by the Supreme Court that the country’s constitution establishes a fundamental right to privacy, the conclusion of a challenge to the country’s widely criticised “Orwellian” Aadhaar digital ID scheme.

Sharma added: “The problem of who controls user data is getting acute and we have to plug the loose ends. This is not the regulator versus Apple, but Apple versus its own users.”

Catch up with all of today’s stories on Naked Security