COP BLOCKED: Uber app thwarted arrests of its drivers by fooling police with 'ghost cars'

Ride-sharing tech bros accused of shady behavior shocker


Not content with cultivating a toxic, sexist and hostile corporate culture, Uber is on a collision course with cops worldwide.

The ride-sharing app maker produced – and, for years now, used – a software tool called Greyball that thwarts attempts by police to arrest or fine Uber drivers wherever the car-hailing service is restricted or banned from operating.

According to The New York Times, Greyball prevents officers from requesting Uber rides to collar or ticket drivers when they arrive for a pickup. Greyball is activated on accounts that belong to investigators: when enough "signals" were raised flagging the user as a cop, Uber enables Greyball mode for their account. Arresting a driver is presumably a pretty strong negative signal for your account.

Multiple employees at San Francisco-based Uber confirmed Greyball displayed fake "ghost" cars on the map in the smartphone application to fool cops into thinking the software was operating as normal. In reality, requests for rides would be assigned to these non-existent vehicles that would never show up, or if a real driver was selected, the driver would be told the ride was canceled due to the user breaking the app's terms and conditions.

The tool is, we're told, used by Uber in cities where the operation of Uber's service is largely restricted or outlawed, and therefore likely to draw the plod's attention. In one such city, Portland, in Oregon, US, the use of the tool was uncovered by authorities in 2014, when Uber was still wrangling with the city over whether it could operate its UberX service legally.

Today's yarn from the NYT claims that even after Uber struck a deal to operate in Portland, the Greyball code was used in that city and others around the globe where Uber operated under close scrutiny. In other words, its use is allegedly widespread – in Boston, Paris and Las Vegas, and Australia, China, Italy and South Korea, and beyond – and, basically, it may be seen as a mass obstruction of justice. The tool was reportedly cleared for use by Uber's legal team.

Uber told The Register that Greyball simply stamps out abusers of its platform, rival app makers, dangerous passengers, and, er, law enforcement: "This program denies ride requests to fraudulent users who are violating our terms of service—whether that’s people aiming to physically harm drivers, competitors looking to disrupt our operations, or opponents who collude with officials on secret ‘stings’ meant to entrap drivers.”

Chalk this up as one more public relations headache for Uber, which is already dealing with the fallout from a former employee's detailed account of the pervasive sexual harassment at Uber and management's turning of a blind eye to complaints.

And also last month Alphabet filed suit accusing Uber of stealing its self-driving car technology. And shortly after that, a video surfaced of CEO Travis Kalanick berating an Uber driver who complained about falling fares. ®

PS: Uber's senior veep Amit Singhal has left, veep for product and growth Ed Baker has quit, security engineer and renowned car hacker Charlie Miller has quit, and PRs are now pitching startups as "Lyft but for..." not "Uber but for..."

Similar topics


Other stories you might like

  • AI tool finds hundreds of genes related to human motor neuron disease

    Breakthrough could lead to development of drugs to target illness

    A machine-learning algorithm has helped scientists find 690 human genes associated with a higher risk of developing motor neuron disease, according to research published in Cell this week.

    Neuronal cells in the central nervous system and brain break down and die in people with motor neuron disease, like amyotrophic lateral sclerosis (ALS) more commonly known as Lou Gehrig's disease, named after the baseball player who developed it. They lose control over their bodies, and as the disease progresses patients become completely paralyzed. There is currently no verified cure for ALS.

    Motor neuron disease typically affects people in old age and its causes are unknown. Johnathan Cooper-Knock, a clinical lecturer at the University of Sheffield in England and leader of Project MinE, an ambitious effort to perform whole genome sequencing of ALS, believes that understanding how genes affect cellular function could help scientists develop new drugs to treat the disease.

    Continue reading
  • Need to prioritize security bug patches? Don't forget to scan Twitter as well as use CVSS scores

    Exploit, vulnerability discussion online can offer useful signals

    Organizations looking to minimize exposure to exploitable software should scan Twitter for mentions of security bugs as well as use the Common Vulnerability Scoring System or CVSS, Kenna Security argues.

    Better still is prioritizing the repair of vulnerabilities for which exploit code is available, if that information is known.

    CVSS is a framework for rating the severity of software vulnerabilities (identified using CVE, or Common Vulnerability Enumeration, numbers), on a scale from 1 (least severe) to 10 (most severe). It's overseen by First.org, a US-based, non-profit computer security organization.

    Continue reading
  • Sniff those Ukrainian emails a little more carefully, advises Uncle Sam in wake of Belarusian digital vandalism

    NotPetya started over there, don't forget

    US companies should be on the lookout for security nasties from Ukrainian partners following the digital graffiti and malware attack launched against Ukraine by Belarus, the CISA has warned.

    In a statement issued on Tuesday, the Cybersecurity and Infrastructure Security Agency said it "strongly urges leaders and network defenders to be on alert for malicious cyber activity," having issued a checklist [PDF] of recommended actions to take.

    "If working with Ukrainian organizations, take extra care to monitor, inspect, and isolate traffic from those organizations; closely review access controls for that traffic," added CISA, which also advised reviewing backups and disaster recovery drills.

    Continue reading

Biting the hand that feeds IT © 1998–2022