Friday, September 2, 2022

A Brief History of Killer Apps (Guest Post)

<< The Maddening Quiet (1962) 

 

Tristan here. Bad news: doctors said I have a pinched ulnar nerve from resting my elbow weird on stuff. Updates are going to slow a bit, but other members of the institute have agreed to do write-ups in my absence.

The first of these is written by Cecily Smith, and talks about various ways your cell phone can kill you. She's reluctant for it to be published and objects to the very concept of this blog, but smashed out something usable in the last week.


A Brief History of Killer Apps

Original Write-Up by Cecily Smith



Let me preface this by saying that you'll have to take my word for it on a lot of stuff here. Smartphone apps generally aren't forwards-compatible, so if you have an app on your phone from five years ago, there's no guarantee it'll work on newer operating systems. This applies to all devices, which means, I have to rely on emulators and testimony regarding their effects… but emulation doesn't replicate the anomalies these applications cause, meaning I'm working on testimony when it comes to these things.

Anyway.

The first-ever application (or ‘app’) put on Apple’s store was a television remote, released in May of 2008. Third-party apps began to be listed on the App Store in June 2008. The first death attributed to a smartphone app occurred on August 25th, 2008. This death was nothing of particular note; some poor soul in London was just bidding on an eBay auction while driving and missed the fact that the light had turned red.

This is a brief run-down of apps that have actively caused harm.

Name: Carpe Diem 

Category: Life Aid/Malware

Released: April 9th, 2009

Last Active: April 9th, 2009

Injuries and Deaths: 20 seizures

Carpe Diem was advertised as a daily planning app. In reality, the app was programmed to, after approximately two minutes of continuous operation, display a ‘screamer’ image with flashing lights and a loud sound, which was intended to cause epileptic seizures. Nobody died, thankfully, and it was pulled from the store before it hit 500 downloads. The App’s creator was arrested and was sentenced to six months in prison; the sentence was so light because legislation regarding computer programs that cause physical harm, as opposed to material or monetary harm, was and is still sparse.

Name: Cointraq

Category: Finance/Malware

Released: July 2017

Last Active: September 2017

Injuries and Deaths: Between 20 and 50 injuries, in addition to an unknown quantity of destroyed property.

Cointraq was a very dumb app. It was a 2017 Android application which advertised itself as a way to monitor various cryptocurrency markets in real time. It was also malware, which turned your smartphone into a crypto mining rig for the app’s creator. This wouldn’t have been a problem (at least, from a medical perspective) if they tried to mine using the CPU of the phone; however, they attempted to use the phone’s far less powerful GPU to mine. Most phones that downloaded it were bricked within a week, and the phones that weren’t bricked overheated, with some even catching fire. I doubt that all of the cases of exploding Samsung Galaxy Note 7s are related to Cointraq, but I’m willing to bet at least one is.

The precedent for apps that are harmful, but ultimately mundane, usually follow these trends-- malice, incompetence, critical user error, etc. I could write a whole essay on deaths caused by Pokémon Go, but if the Institute focused on ways that Pokémon was actively harmful, we’d never get anything done.

Anomalously dangerous apps take several forms, but commonly are novelties, or at least look like them. If you have a smartphone, you’re likely at least aware of apps that use your phone’s motion sensor to do things like simulate the pouring of liquids, roll dice, or do other relatively useless actions.


Name: Blut

Category: Digital toy/novelty

Released: 2011

Last Active: 2016

Injuries and Deaths: 52 confirmed; 71 total suspected.

A liquid simulation app that requested access to biometric data (i.e. what your phone’s fitness app could register). Users that granted access were allowed to play with a simulation of liquid blood. Several users poured the blood out of its digital container and suffered catastrophic hemorrhaging, with at least four users suffering complete exsanguination.

Name: Lucre

Category: Financial/Marketplace

Released: 2015

Last Active:
Ongoing

Injuries and Deaths:
89+, including one case of severe chronological alteration.

Lucre is an app dedicated to "creating a consumer-centric marketplace"-- a swap-meet app, where you could buy and sell unwanted items. You'd put something up for sale, ship it off to one of Lucre's warehouses, and when it got bought, you'd get the money. It advertised 'Insanely fast shipping', and it fulfilled its promise… but the creators of Lucre, Gordon Software LLC, cut corners, in the temporal sense.

Items that were shipped using Lucre ended up becoming ‘chronologically altered’ (and not ‘chronologically confused’, despite it being a much better term). Items would arrive before they were even ordered, poofing out of existence after the buyer realized they didn’t want to order them anymore. (The universe is very tidy about paradoxes, when it comes to inorganic items.) Other times, the items would arrive reduced to their base components, whether that be individual circuit boards or shards of plastic and rubber. But two cases bucked this trend.

Firstly: I’ll let this article from the Orlando Sentinel circa 2017 speak for itself.

SEVEN LOCAL RESIDENTS HOSPITALIZED FOLLOWING EXPOSURE TO RADIOACTIVE MATERIALS

ORLANDO-- Seven individuals, all staff at the Green Well Bar and Grill in Orlando, were hospitalized following exposure to radioactive materials.

Clark Karpin, owner of the Green Well, said in a statement that symptoms of radiation sickness occurred after opening an online order from a small ‘swap-meet’ website, and that the order ‘just looked like ordinary equipment for brewing’.

Karpin had recently acquired a license to brew and bottle his own alcohol, and had ordered used brewery equipment from the internet. It is believed radioactive material was packaged with the items. Doctors expect Karpin and his six employees to make full recoveries.

The agents from the Department of Homeland Security are investigating, and declined to comment.

The second case cropped up much more recently; someone ordered an item when the app started up in 2017, and never received it… until March of this year. The contents were supposedly a french press coffee maker, and the owner, a small-time Youtuber, did an unboxing live stream.

When he opened the box, the live stream’s feed seemed to pause, but the video kept recording. As of writing, the stream has been ongoing for over five months, just the same angle of hands looking down at the coffee maker as they pull it out of the box. We’re trying to find out where he lives so that we can get him out of whatever he’s stuck in, because the stream is still going. Light changes through the windows of their house. But they don’t move.

I realize, at best, apps like this are adjacent to the media studies we dedicate ourselves to. They’re software, and mobile games generally don’t kill people. Most lost apps don’t kill people, and most of them don’t even display any anomalies. Lucre and Blut are two major exceptions, but there is a sort of third that’s an Unholy Grail for me-- basically it’s what the Kilauea Recording is for Tristan, something so dangerous it needs to be gone.

Name: N/A (designated ‘Scan’)

Category: Malware/Spyware/Stalkware/Data-Skimmer

Released: 2010 (?)

Last Active: Ongoing

Injuries and Deaths: Unknown, estimated to be over 5,000

I call this app Scan, based on the fact that the main UI element is a green button with that word on it. Pressing that button lets the app root through your phone’s data, everything from Facebook to your contacts, and from there, it extrapolates, searches, expands its net further and further until no data can escape it.

It can tell you what brand of wine your best friend likes. It can tell you what type of car your ex-girlfriend is now driving, and where she’s going to be spending vacation this year. It can track down your high school bully, the one who made your life hell, and tell you what pharmacy he goes to in order to get his antipsychotic prescription filled. And it proceeds to give you nudges in the right-- or wrong-- direction. One use of it and every machine I own started giving me advertisements for gun stores, fertilizer, and electronics manuals.

And it can do all that in less than twenty seconds after pressing the button. It’s like someone made a real-life version of a hacking app from a bad episode of CSI. Scan isn’t dangerous because of what it does; it’s dangerous because of what people are pushed to do with the information it gives them. The chain of bomb threats in Baltimore in late 2014? Connected to Scan. The 2012 assassination of three members of Brazil’s parliament? Scan facilitated that. Three of the dump sites from the “GUTS X6” killings (Tristan will probably write about that at a later date) showed up on Scan months before bodies were found there.

I use Scan myself. It’s useful for keeping tabs on other members of the Institute, making sure that, when we go off the grid, we do so of our own volition. But my main motive with using it is to figure out who made it and how to get rid of it. Digging through the code is fruitless; it looks like complete nonsense, to the point where I think it has to be some custom programming language that I’m unaware of. Part of the purpose of this blog is to try to get knowledge from the outside world; with that in mind, if you know anything about computers at all, get into contact with me, maybe you can figure out what the code actually does.

Until then, keep an eye on your screens. Who knows what they do when you're not watching?

--Cecily Out

The Anti-Drug Abberation >>

No comments:

Post a Comment