- Man asks woman to stop speaking Spanish on a plane—and bystanders start speaking Spanish Today 12:55 PM
- Schumer calls on FBI, FTC to investigate FaceApp Today 12:41 PM
- Netflix loses subscribers—but hopes some tentpole shows can save it Today 12:10 PM
- Man utterly roasted for saying woman can’t ask for equality in revealing clothing Today 12:07 PM
- Instagram struggles to remove photos of Bianca Devins’ dead body Today 11:14 AM
- ‘Storm Area 51’ creator says its gotten so big he’s worried about the FBI Today 10:49 AM
- Everyone loves Q baby, the baby who apparently supports QAnon Today 9:53 AM
- Thread about ‘depression meals’ is inspiring lots of relatable answers Today 9:36 AM
- How long is ‘Avengers: Infinity War’? Today 9:30 AM
- Rand Paul ripped for halting 9/11 Victim Fund re-authorization bill Today 9:18 AM
- Here’s what’s coming and going on Hulu in August 2019 Today 7:00 AM
- ‘Game of Thrones’ creators drop out of Comic-Con at last minute Today 6:38 AM
- Inside Britt McHenry’s war on women Today 6:30 AM
- The glorious highs and unexpected quirks of 4K streaming Today 6:00 AM
- Southwest Airlines passengers receive free Nintendo Switch consoles and Mario Maker 2 Wednesday 9:10 PM
I Sea, the app that claims to help save refugees, is a fake, experts say
Despite it all, the app might win a few awards along the way.
A popular app that claims to scan the Mediterranean Sea in real time for adrift refugees does not work as its developers claim it does and may be a ploy to win an advertising industry award, experts say.
The app, I Sea, was nominated at the Cannes Lions awards show, an international advertising festival held this week in France, causing some to question whether it was made as a publicity stunt.
Promoted by a video that reminds people of the more than 5,300 refugee deaths in the Mediterranean Sea in 2015, the I Sea app has gained widespread recognition in the past week thanks to coverage by Reuters, CBS News, Wired, Mashable, and more.
Apple‘s App Store listed the author of the app to be Grey Digital, an international digital advertising agency. The company has not yet responded to a request for comment. Kelveen Soh, an executive at the company who registered the app’s website, also did not respond.
Following publication, Apple removed the app from the App Store.
Grey wrote in a blog post that the app is in testing. However, the app’s website, the App Store page, and the media coverage failed to mention this pertinent detail.
Backlash against the app began Sunday night, when technologists including @SwiftOnSecurity began looking beyond the favorable press.
The app doesn’t split up the sea for users to scan and save refugees, as it promises to do. In fact, the location of the images the app offers to users are all the same, developer Matthieu Rivière found.
Even when it’s night in the Mediterranean Sea, the app shows pictures taken during the day.
Users are told to report alerts to the Malta-based Migrant Offshore Aid Station (MOAS) so that authorities can send help. Donations made through the app also point to MOAS, who did interviews with media to promote the app and is Grey’s client in this endeavor.
“Technology questions are not our area of expertise,” MOAS spokeswoman Anne Kennedy told the Daily Dot. She pointed us toward Grey for Good, the developers of the app, who still have not responded to multiple requests for comment.
Rosyna Keller, an iOS app developer and reverse engineering expert, dissected the app and found that it did almost nothing it claimed to do, including its core claim of locating refugees using real-time satellite imagery.
“The app promises to show recent or active satellite data and present the user with a way to report the location of suspicious objects (as in, they could be refugees that need help, or just plastic objects in the ocean) to some one (@moas_eu) that can investigate the issue and rescue people,” Keller explained in Twitter direct messages.
“But it can’t do that since it’s not showing any actual images,” Keller said. “It retrieves this static image and you can confirm that by comparing it, errors and all, to the one shown in the app.”
Keller explained his method for parsing the app’s functionality:
I downloaded the app using iTunes on my Mac. If you right click to reveal the app in the Finder, you can change the extension from ipa to zip in order to unzip the bundle. From there, you can examine the app structure. That’s how I learned they used the Google Maps API for something, along with their App Transport Security settings (which control TLS security requirements)
Then I ran Charles Proxy (https://www.charlesproxy.com ) on my Mac, set the correct proxy settings on my iOS device, and then ran the isea app on my iOS device. This told me how they got the weather (it retrieves [this]) and that their use of the Google Maps API was surprisingly bare. There was almost no data returned (because Google Maps doesn’t have satellite data for the area!). They were just using the API to map their fake, static image to the tiles Google Maps presents
The app promises to show real-time images of an area of the Mediterranean Sea totaling 2.5 million square kilometers. In fact, the app uses static images from 2015 that are no help to refugees today.
“We were dismayed to discover that real time images were not being used,” MOAS wrote in a statement following publication. “We have since discontinued our relationship with Grey for Good and spoken candidly about our disappointment to the media.”
I Sea App
In his 15 years of reverse engineering work in OS X and iOS, Keller said he’s never seen this kind of false advertising.
Keller says it’s possible “the app was meant to scam @moas_eu out of contracting money,” but it may simply be “a way to get attention, or it was a demo UI that was somehow put on the App Store prematurely based on what is connected and what isn’t connect.”
Despite it all, the app might win a few awards along the way.
Update 8:03am CT, June 20: Added additional contextual information about the app’s award nomination
Update 8:34am CT, June 20: Added additional expert sources who found discrepancies in the app’s functionalities.
Update 12:45pm CT, June 20: Apple has removed I Sea from the App Store.
Update 5:02pm CT, June 20: I Sea has won a bronze medal in the Cannes Lions Promo & Activation category.
Also added Grey Digital’s blog post about the app being in testing.
Update 9:03am CT, June 21: Added statement from MOAS indicating the end of its relationship with Grey.
Clarification: Grey Digital has its headquarters in New York, but the app was produced by its Singapore office.
Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.