- Everything we know so far about Peacock, NBC’s new streaming service Tuesday 7:42 PM
- Selena Gomez producing docuseries about immigration for Netflix Tuesday 7:11 PM
- How to stream Manchester City vs. Shakhtar Donetsk in Champions League action Tuesday 6:14 PM
- Milo Yiannopoulos threatens to crash furry convention he is barred from Tuesday 5:54 PM
- How to stream Juventus vs. Atletico Madrid in Champions League action Tuesday 5:52 PM
- How to stream Real Madrid vs. PSG in Champions League action Tuesday 5:24 PM
- No-fly zone implemented over Area 51 ahead of Alienstock festival Tuesday 5:16 PM
- TikTok accused of censoring content about Hong Kong protests Tuesday 5:04 PM
- Smoke ’em, pass ’em, Week 3: At the Bakery Tuesday 4:38 PM
- Alex Trebek says he will be undergoing chemotherapy again Tuesday 4:27 PM
- Dan Crenshaw roasted after attacking Sanders’ call for veteran care Tuesday 4:19 PM
- How to stream NXT for its USA network debut Tuesday 4:12 PM
- This website will show you how AI classifies you Tuesday 3:22 PM
- School tells Black 4-year-old to cut his hair or wear a dress Tuesday 3:17 PM
- Lizzo called a ‘snitch’ for accusing Postmates runner of stealing food Tuesday 2:30 PM
A popular app that claims to scan the Mediterranean Sea in real time for adrift refugees does not work as its developers claim it does and may be a ploy to win an advertising industry award, experts say.
The app, I Sea, was nominated at the Cannes Lions awards show, an international advertising festival held this week in France, causing some to question whether it was made as a publicity stunt.
Promoted by a video that reminds people of the more than 5,300 refugee deaths in the Mediterranean Sea in 2015, the I Sea app has gained widespread recognition in the past week thanks to coverage by Reuters, CBS News, Wired, Mashable, and more.
Apple‘s App Store listed the author of the app to be Grey Digital, an international digital advertising agency. The company has not yet responded to a request for comment. Kelveen Soh, an executive at the company who registered the app’s website, also did not respond.
Following publication, Apple removed the app from the App Store.
Grey wrote in a blog post that the app is in testing. However, the app’s website, the App Store page, and the media coverage failed to mention this pertinent detail.
Backlash against the app began Sunday night, when technologists including @SwiftOnSecurity began looking beyond the favorable press.
The app doesn’t split up the sea for users to scan and save refugees, as it promises to do. In fact, the location of the images the app offers to users are all the same, developer Matthieu Rivière found.
Even when it’s night in the Mediterranean Sea, the app shows pictures taken during the day.
Users are told to report alerts to the Malta-based Migrant Offshore Aid Station (MOAS) so that authorities can send help. Donations made through the app also point to MOAS, who did interviews with media to promote the app and is Grey’s client in this endeavor.
“Technology questions are not our area of expertise,” MOAS spokeswoman Anne Kennedy told the Daily Dot. She pointed us toward Grey for Good, the developers of the app, who still have not responded to multiple requests for comment.
Rosyna Keller, an iOS app developer and reverse engineering expert, dissected the app and found that it did almost nothing it claimed to do, including its core claim of locating refugees using real-time satellite imagery.
“The app promises to show recent or active satellite data and present the user with a way to report the location of suspicious objects (as in, they could be refugees that need help, or just plastic objects in the ocean) to some one (@moas_eu) that can investigate the issue and rescue people,” Keller explained in Twitter direct messages.
“But it can’t do that since it’s not showing any actual images,” Keller said. “It retrieves this static image and you can confirm that by comparing it, errors and all, to the one shown in the app.”
Keller explained his method for parsing the app’s functionality:
I downloaded the app using iTunes on my Mac. If you right click to reveal the app in the Finder, you can change the extension from ipa to zip in order to unzip the bundle. From there, you can examine the app structure. That’s how I learned they used the Google Maps API for something, along with their App Transport Security settings (which control TLS security requirements)
Then I ran Charles Proxy (https://www.charlesproxy.com ) on my Mac, set the correct proxy settings on my iOS device, and then ran the isea app on my iOS device. This told me how they got the weather (it retrieves [this]) and that their use of the Google Maps API was surprisingly bare. There was almost no data returned (because Google Maps doesn’t have satellite data for the area!). They were just using the API to map their fake, static image to the tiles Google Maps presents
The app promises to show real-time images of an area of the Mediterranean Sea totaling 2.5 million square kilometers. In fact, the app uses static images from 2015 that are no help to refugees today.
“We were dismayed to discover that real time images were not being used,” MOAS wrote in a statement following publication. “We have since discontinued our relationship with Grey for Good and spoken candidly about our disappointment to the media.”
I Sea App
In his 15 years of reverse engineering work in OS X and iOS, Keller said he’s never seen this kind of false advertising.
Keller says it’s possible “the app was meant to scam @moas_eu out of contracting money,” but it may simply be “a way to get attention, or it was a demo UI that was somehow put on the App Store prematurely based on what is connected and what isn’t connect.”
Despite it all, the app might win a few awards along the way.
Update 8:03am CT, June 20: Added additional contextual information about the app’s award nomination
Update 8:34am CT, June 20: Added additional expert sources who found discrepancies in the app’s functionalities.
Update 12:45pm CT, June 20: Apple has removed I Sea from the App Store.
Update 5:02pm CT, June 20: I Sea has won a bronze medal in the Cannes Lions Promo & Activation category.
Also added Grey Digital’s blog post about the app being in testing.
Update 9:03am CT, June 21: Added statement from MOAS indicating the end of its relationship with Grey.
Clarification: Grey Digital has its headquarters in New York, but the app was produced by its Singapore office.
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.