Home / Software & Service News / Uber’s ‘Hell’ program tracked and targeted Lyft drivers

Uber’s ‘Hell’ program tracked and targeted Lyft drivers

In its quest to ensure Lyft remains in second place, Uber reportedly ran a program that exploited a vulnerability in its rival’s system. According to The Information, the ride-hailing company’s covert software-based program called “Hell” spied on its staunchest competitor’s drivers from 2014 to early 2016. It’s called Hell, because it served as the counterpart to “God View” or “Heaven,” Uber’s in-company app that tracked its own drivers and passengers. Unlike God View, which was widely available to corporate employees, only top executives along with select data scientists and personnel knew about Hell.

The program apparently started when Uber decided to create fake Lyft rider accounts and fooled its rival’s system into thinking they were in various locations around the city. Those fake riders were positioned in a grid to give Uber the entire view of a city and all of Lyft’s drivers within it. As a result, the company can see info on up to eight of its competitor’s nearest drivers per fake rider.

While keeping an eye on its rivals’ cars, though, Uber noticed that Lyft’s drivers are identified by special numbered IDs that never change like its own tokens do. That allowed the team running Hell to learn of each driver’s habits, which, in turn, helped them to figure out which drivers practice “double-apping.” In other words, they used the data they gathered to pinpoint the Lyft drivers that drove for them, as well.

Travis Kalanick and his select employees then executed a plan meant to entice double-appers to drive exclusively for them. First, the Hell program would send more riders to double-appers than to those who drove solely for Uber. Then, the company would give them special bonuses for meeting a certain number of rides per week. Considering the program’s data revealed that 60 percent of Lyft’s drivers were double-apping, Uber ended up doling out tens of millions of dollars a week in bonuses. Clearly, loyalty didn’t pay for those who stuck with Uber those years.

The program eventually ended in 2016 after Lyft raised a billion and started expanding to more cities. It would’ve caused the program’s bonus costs to shoot through the roof. Still, Kalanick would apparently often praise those who ran it while it was still active and comment on how perfectly it fitted his company’s culture of “hustle.”

We’re still waiting for Uber’s response to a request for statement. As for Lyft, a spokesperson told The Information: “We are in a competitive industry. However, if true, these allegations are very concerning.” A couple of law firms that worked with Uber in the past also told the publication that the company could face a number of allegations, including breach of contract, unfair business practices, misappropriation of trade secrets and violation of the federal Computer Fraud and Abuse Act.

Source: The Information

Click Here For Original Source Of The Article

About Ms. A. C. Kennedy

Ms. A. C. Kennedy
My name is Ms A C Kennedy and I am a Health practitioner and Consultant by day and a serial blogger by night. I luv family, life and learning new things. I especially luv learning how to improve my business. I also luv helping and sharing my information with others. Don't forget to ask me anything!

Check Also

Windows 10 included password manager with huge security hole

There's a good reason why security analysts get nervous about bundled third-party software: it can introduce vulnerabilities that the companies can't control. And Microsoft, unfortunately, has learned that the hard way. Google researcher Tavis Ormandy discovered that a Windows 10 image came bundled with a third-party password manager, Keeper, which came with a glaring browser plugin flaw -- a malicious website could steal passwords. Ormandy's copy was an MSDN image meant for developers, but Reddit users noted that they received the vulnerable copy of Keeper after clean reinstalls of regular copies and even a brand new laptop.

A Microsoft spokesperson told Ars Technica that the Keeper team had patched the exploit (in response to Ormandy's private disclosure), so it shouldn't be an issue if your software is up to date. Also, you were only exposed if you enabled the plugin.

However, the very existence of the hole has still raised a concern: are Microsoft's security tests as thorough for third-party apps as its own software? The company has declined to comment, but that kind of screening may prove crucial if Microsoft is going to maintain the trust of Windows users. It doesn't matter how secure Microsoft's code is if a bundled app undermines everything.

Source: Monorail, Tavis Ormandy (Twitter)

css.php