5 minutes reading time (1061 words)

Invasion of the invasion: the most absurd and invasive tech screw-ups and contraventions of recent years

Invasion of the invasion: the most absurd and invasive tech screw-ups and contraventions of recent years

Chris Gilliard, a "professor and snowboarder" resident at Macomb Community College in Michigan, USA put an interesting question to Twitter over the Christmas period: "What’s the most absurd/invasive thing that tech platforms do or have done that sounds made-up but is actually true?". Our clear and present dystopia offered up hundreds of responses, to which we have summarised the best in this article.

All in all, it makes for some grim reading.

 

August 2005
Let's start with an oldie but goodie: Sony BMG (now Sony Music) sold CD albums which, unknowing to the end customer, installed two pieces of software which modified the user's OS to prevent the CD from being copied. The software could not be uninstalled easily, and in fact invited malware due to which it worked. Sony BMG later released a malware removal tool, which in itself also invited malware into the computer. ( # )

July 2009
Amazon began to seemingly randomly delete books from customer's Kindle accounts, including (cue the irony payoff) Nineteen Eighty-Four by George Orwell. (#)

January 2012
An eBay seller called Erica offered an antique French violin through the site. Its buyer questioned the authenticity of the violin. Rather than ask the seller to return the product for a refund, PayPal/eBay's return policy mandated that the item had to be destroyed. The result was that an antique violin was smashed to bits, with the photos of the destruction sent to Erica as proof of the refund request. (#)

May 2013
ESEA, a multiplayer eSports network, was found to contain malware in its anti-cheat client. Customers were complaining that their GPU usage was unconventionally high, making ESEA confirmed that the client was mining Bitcoin on users' GPUs. ESEA co-founder Erik Thunberg initially responded to user's complaints with "Lol that got aggressive quickly." ( # )

July 2014
Facebook and Cornell University changed the content in the news feeds of 600,000 FB users to test as to whether their behaviour was modified based on content being more positive or more negative. (#)

July 2014
Washboard, a laundry startup, went out of business in two weeks. In fact, "laundry startup" is putting gloss on a simply absurd business idea: laundromats in the US require quarters to pay for them. Washboard's job was to deliver a regular supply of quarters to subscribers, but the pricing model was such that $20 of quarters cost $27 to the customer. (#)

February 2017
CloudPets, a brand of internet-connected teddy bear, offered products which recorded the owner's voices. The voices, usually those of children alongside the email addresses of their parents and the exact location of the bear, were stored in a public-facing MongoDB database with no authentication. The user accounts of the "bears" also had no password strength checking. Finally, the entire database stack was brought down by hackers, who wanted ransom payments through Bitcoin. CloudPets were warned at least 4 times by concerned parents of these vulnerabilities. (#)

March 2017
This is a well-known one: Uber developed a programme called Greyball which supposedly "outed" law enforcement officials to the company, and prevented them from ordering a ride. (#)

March 2017
Vibrator maker WeVibe was ordered by the Canadian Court to pay C$10k to each customer, as it was disovered that its products were reporting information including room temperature and vibration intensity back to the company. (#)

April 2017
Email unsubscribe service Unroll.me was discovered to be selling on the details of its users. Unroll.me's technology scanned user inboxes, but as well as unsubscribing customers from given newsletters, the company was also scanning for receipts of Uber's competitors, and then selling on the details of those users to Uber. (#)

May 2017
A digital display for Peppe's Pizza in Oslo encountered a glitch. What the glitch uncovered was that the display's software attempted to recognize viewers' faces, gender, generation, facial expression, and dwell time. ( # )

May 2017
Leaked documents revealed that Facebook has the capacity to identify when teenagers felt insecure, worthless or needed a confidence boost, with the purpose of assisting marketers to target such audiences at an appropriate time and mood. (#)

July 2017
Roomba, maker of the iRobot, wanted to sell digital maps of customers' homes. We reported that here. (#)

July 2017
A chemical engineer explained on Reddit that he recently received a call from a colleague, saying that a factory's computer system was being shut down outside of their control. It turned out that someone in the factory had purchased a wifi-enabled coffee machine, which was supposed to be connected to an isolated network. However, the installer connected it to the same network running the factory computer systems by mistake. That coffee machine was running Windows XP infected with WannaCry, which then spread throughout the entire site. (#)

July 2017
Hackers infiltrated a casino by hacking its internet-connected fish tank. Data was being transferred to a device in Finland before the hack was discovered and stopped. (#)

August 2017
Lockstate, a provider of smart electronic locks and recommended by Airbnb, announced that one of its products had bricked. Replacement locks were promised within 14-20 days. (#)

October 2017
Mobile network operators in the US were trapped in the traffic. The Unique Identifier Header (UIDH) enabled websites visited by Verizon customers. ( # )

November 2017
A discovery of several receipts uploaded to Expensify on Amazon's Mechanical Turk service led the company to admit that it used MT for supporting its receipt-scannning service. Although Expensify claimed that the receipts were only visible to the people who had undertaken the work, a Twitter user easily found receipts with full names and addresses. (#)

December 2017
Mozilla hijacked Shield Studies, its program for alpha / beta testers, to push an alternate reality game based on the Amazon show Mr. Robot. Entitled My Reality Is Different To Yours, some users have believed that their copy of Firefox had been hijacked. ( # )

December 2017
Heaux, an app which markets itself as "a safe space for sex workers", forgot to do any user vetting whatsoever. This meant that people and authorities who wanted to harrass sex workers could also join with no restriction in doing so. (#)

December 2017
For poet and yoga teacher Emily Joy, Facebook advertised one of the Christmas presents from her husband on her computer, even though her husband, who is not even a Facebook user, used a different computer to make the purchase. (#)

Happy new year.

Is Bauhaus relevant to 21st century design?
A city is not a computer