Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Businesses Privacy Social Networks Software

Surveillance Company Banjo Used a Secret Company and Fake Apps To Scrape Social Media (vice.com) 27

Posted by BeauHD from the top-secret dept.
An anonymous reader quotes a report from Motherboard: Banjo, an artificial intelligence firm that works with police used a shadow company to create an array of Android and iOS apps that looked innocuous but were specifically designed to secretly scrape social media, Motherboard has learned. The news signifies an abuse of data by a government contractor, with Banjo going far beyond what companies which scrape social networks usually do. Banjo created a secret company named Pink Unicorn Labs, according to three former Banjo employees, with two of them adding that the company developed the apps. This was done to avoid detection by social networks, two of the former employees said.

Three of the apps created by Pink Unicorn Labs were called "One Direction Fan App," "EDM Fan App," and "Formula Racing App." Motherboard found these three apps on archive sites and downloaded and analyzed them, as did an independent expert. The apps -- which appear to have been originally compiled in 2015 and were on the Play Store until 2016 according to Google -- outwardly had no connection to Banjo, but an analysis of its code indicates connections to the company. This aspect of Banjo's operation has some similarities with the Cambridge Analytica scandal, with multiple sources comparing the two incidents. [...] The company has not publicly explained how it specifically scrapes social media apps. Motherboard found the apps developed by Pink Unicorn Labs included code mentioning signing into Facebook, Twitter, Instagram, Russian social media app VK, FourSquare, Google Plus, and Chinese social network Sina Weibo. The apps could have scraped social media "by sending the saved login token to a server for Banjo to use later, or by using the app itself to scrape information," reports Motherboard, noting that it's not entirely clear which method Banjo used. "Motherboard found that the apps when opened made web requests to the domain 'pulapi.com,' likely referring to Pink Unicorn Labs, but the site that would provide a response to the app is currently down."

Last weekend, Motherboard reported that Banjo signed a $20.7 million contract with Utah in 2019 that granted the company access to the state's traffic, CCTV, and public safety cameras. "Banjo promises to combine that input with a range of other data such as satellites and social media posts to create a system that it claims alerts law enforcement of crimes or events in real-time."
This discussion has been archived. No new comments can be posted.

Surveillance Company Banjo Used a Secret Company and Fake Apps To Scrape Social Media More

Surveillance Company Banjo Used a Secret Company and Fake Apps To Scrape Social Media

Comments Filter:
  • Sue, grabitt and runn.

  • Banjo (sigh) (Score:1)

    by Anonymous Coward

    Q: What is the difference between a banjo and a chain saw?
    A: You can turn off a chainsaw.

    Q: What is the difference between a banjo and a Harley-Davidson motorcycle?
    A: You can tune a Harley.

    Q: What is the difference between a banjo and an Uzi submachine gun?
    A: An Uzi only repeats 40 times.

    Q: Why does everyone hate a banjo right off?
    A: Saves time.

    Q: Why is the banjo player a fiddle player's best friend?
    A: Without him, the fiddle would be the most hated instrument on earth.

    Q: How can you tell the difference b

  • Misappropriation (Score:3)

    by The-Ixian ( 168184 ) on Wednesday March 11, 2020 @09:27AM (#59817778)

    How dare they blaspheme the name of the Invisible Pink Unicorn, may her hooves never be shod!

    https://en.wikipedia.org/wiki/... [wikipedia.org]

    • First, Spaghetti Monsters are real, they live in data centers across the world. Second, I thought invisible pink unicorn was a LSD blotter design from the 70s along with those damn dancing bears.

    • Re: (Score:2)

      by gtall ( 79522 )

      First I've heard of it. It sounds similar to the concept Wolfgang Pauli used when he declared some researcher's theory was "not even wrong".

  • " The apps could have scraped social media "by sending the saved login token to a server for Banjo to use later, or by using the app itself to scrape information,"

    The fact that you can login to a server by reusing a token is very bad in itself. It is hard to believe in 2020 we haven't figured out authentication yet.
    • There is a popular media streaming website that if you use the user string for internet explorer 11 for 64 bit Windows XP, and you click on the login button, it does nothing but take you back to the home page.

      I found it becase I wanted to scrape this media streaming website for possible videos that I wanted to watch later. I never could figure out why it wouldn't give me a login html page, until I figured out I didn't need a login page as the entire site of videos became available.

      I used actual Intern
  • Remember, it's pronounced "bahnyo".
  • There are probably other companies mining social media data using techniques that no one has seen before. Be prepared to see many more stories like this one, unless and until there are criminal penalties for these types of breaches of public confidence.
  • All that wonderful private information willingly posted to a central location ran by advertising companies where almost everyone can look at it. thre years ago i figured out the only way to keep my data safe on social media was to just not use it.

  • Privatizing criminal enforcement (Score:3)

    by rmdingler ( 1955220 ) on Wednesday March 11, 2020 @09:50AM (#59817838) Journal

    This is not completely unexpected, after the wave of prison privatizations in the 90's, yet it represents a troubling trend.

    For-profit prisons only work when the amount spent per prisoner is less than what the state spends.For-profit criminal enforcement only works when some metric like dollars per arrest becomes more attractive to law enforcement than doing things properly.

    Despite governmental cost overruns, some tasks are still better suited to government entities.

    • I would say that private prisons only really work if they lower the recidivism rate. If a prison actually did a better job reforming inmates, I wouldn't even care if it cost more because the long-term costs of having to arrest, prosecute, and jail a person again are going to be higher.

      Any model that doesn't consider that is doomed to fail or develop perverse incentive structures. I recall one example where a judge was convicted of receiving kickbacks from some prison that was lining its pockets with taxp

      • Until we create a system that rewards prisons based on their ability to reform inmates, why expect the private sector to do a better job?

        Be careful, industry could see lobotomies as effective solutions for reforming behavior.

  • The only way to keep data from being abused is to not collect it in the first place. Collecting and collating data on people's behaviour should be explicitly prohibited without approval similar to getting a warrant - demonstrate a clear need and what benefits it provides, and put a hard time limit on how long you can collect, then use, any data that pertains to people. Perhaps also require a warrant just to query said database. But mostly, just don't make them.

  • Presaged by license plate readers (Score:4, Interesting)

    by GlobalEcho ( 26240 ) on Wednesday March 11, 2020 @10:52AM (#59817964)

    We have seen this before with automatic license plate readers. There are significant legal limits on what information the US government and/or local government entities are allowed to collect. But there are essentially no restrictions on

        (1) What private companies are allowed to collect, and
        (2) What the governments are allowed to buy from those companies

    Thus, to create and expand the surveillance state, the government need only encourage the rise of these private entities. Say, by being a good customer.

  • We want to know (Score:3)

    by gnasher719 ( 869701 ) on Wednesday March 11, 2020 @11:58AM (#59818124)
    How many terrists are One Direction fans?
  • Has anyone watched the TV show called "Person of Interest"? This project that Banjo is try to do for Utah is similar to "the Machine" in the TV series.

  • This story actually answers my question! (Score:3)

    by istartedi ( 132515 ) on Wednesday March 11, 2020 @01:33PM (#59818518) Journal

    When I used to live in Redwood City, CA, I'd walk by an office with the Banjo log in the window. I got curious and wondered what they did. I hit their web site one time. It looked like a lame "me-too" social media company, and I figured it would go away soon but it stayed around a long time. I always sort of wondered "why?" but had concocted the explanation that it was just VCs willing to burn money longer than they should. It seemed reasonable enough. I guess I'm wrong.

    Now maybe we should really, Really, REALLY be wondering what's going on with the building across from Pete's coffee on Broadway. When I lived there, I saw them install massive cables in there. It used to be exposed, but now it's all covered with sheathing. There was another hipster startup in there too, I forget the name of it. They had pool tables and stuff in their lobby, and probably still do but they installed window treatments so you can't look in now.

    Shooting pool while watching every individual keystroke of this post as I enter it? Who knows?

Slashdot Top Deals

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (5) All right, who's the wiseguy who stuck this trigraph stuff in here?

Close