Category Archives: facebook

New Data Leak Exposes 3M Facebook Users

Newly Discovered Data Leak Exposed Intimate Details of 3 Million Facebook Users

Facebook’s data privacy problems and reputation troubles have been snowballing over the last few months. A report recently released by New Scientist claims that sensitive information of more than three million Facebook users gathered by a quiz-app has been readily available online for the last four years. The news comes months after Facebook’s CEO Mark Zuckerberg was grilled before Congress for letting consultancy firm Cambridge Analytica improperly handle data for political purposes.

myPersonality

Developed by Cambridge University researchers, myPersonality was a Facebook app that allowed users to take psychometric tests and obtain instant results. The app was active between 2007 and 2012 and more than 6 million people participated in the project. All quiz answers were recorded, and roughly half of participants opted in to share the data from their Facebook profiles with the researchers. All of the data gathered by the app was stored in a database making it one of the most extensive social science research databases in history. The data was anonymized and then shared with academics around the world.

The database contained highly sensitive and revealing information of millions of Facebook users and even though the academics at the University of Cambridge never charged for access to the database and wanted to be used only for academic purposes, the login details giving access to the database were easily reachable online. Anyone interested in peeking into the personal lives of millions of Facebook users had to merely search for username and password on GitHub – the largest host of source code in the world.

While the data was anonymized and no names are known to have been exposed every single Facebook profile have been assigned with an ID that has been connected with their age, gender location, status updates, etc. With so much information attached to one ID, finding out the real identity of the person behind the profile would have been an easy task, and it might have been easily automated.

Currently, there isn’t a conclusive answer to the number of people who’ve had access to the database over the years, and for the ways, they might have used it. The report released by New Scientist suggests that Facebook has been aware of the quiz since 2011 but did not act up until last month.

Facebook suspended the app on April 7th. The app is one of 200 other banned apps that might have collected data in the same manner. The official website of myPersonality is currently offline too.

The news comes only days after Mark Zuckerberg confirmed that he will be facing MEPs in Brussels and will be meeting with French President Macron.

Download Panda FREE VPN

The post New Data Leak Exposes 3M Facebook Users appeared first on Panda Security Mediacenter.

Facebook App For Android Is Asking For “Superuser” Permission

Facebook’s Android App users freak out as the app is asking for ‘superuser’ privileges

Users of the official Facebook Android app are being asked something unusual from May 17th. The app is asking for “Superuser” permissions to the users’ phones. In other words, the official Facebook Android app is asking the users to grant the app full access to their devices “forever”. This pop-up request has created a lot of unrest among the users.

Apparently, for the past couple of days, Facebook’s Android app (com.facebook.katana) has been asking for superuser access to users’ devices. However, if a user tries to deny this request, it still continues asking until the user grants permission. This has led to panic among users who took to various internet forums looking for an explanation for the suspicious pop-ups.

“Today I was browsing Facebook when suddenly I got a superuser request popup,” one user wrote on XDA developer forums. “Could anyone explain why Facebook needs SU permissions?”

Another user commented, “Same happened to me too. Started yesterday afternoon. Facebook last updated 1 day ago, so it must have to do something with new version.”

Also, users from France, Australia, and the UK confirmed in the same thread that they too received the same pop-up from Facebook to grant root access.

Several Android security researchers who spoke with Bleeping Computer believe that the pop-ups are appearing because of a coding error.

Avast mobile security researcher Nikolaos Chrysaidos who took a look at the Facebook’s app source code told Bleeping Computer that it could most probably be a coding error. WhiteOps SDK, used for detecting ad fraud, is said to be the reason behind this Superuser permission.

He said, “The dialog started popping up on users that are in the beta channel. Along with other various checks. Facebook is probably integrating WhiteOps SDK, and they forgot to re-implement the ROOT checking functionality.”

When Facebook was contacted for a clarification on the situation, a spokesperson confirmed the pop-up dialog was caused by a ‘coding error’. According to the company’s official statement, the pop-up was only been seen by people who used rooted devices, and that too, only under certain circumstances. However, the company has fixed the problem with a new update.

“A coding error in one of our anti-fraud systems caused a small number of people running the Facebook app and certain permission management apps on rooted Android phones to see a request for additional access permissions. We do not need or want these permissions, and we have already fixed this issue. We apologize for any confusion.”

Since the issue has been fixed, all those users who were perturbed by the pop-ups can now breathe sigh of relief. With Facebook already facing criticism over its data and privacy policies due to Cambridge Analytica scandal, the “Superuser” permission issue has not only come at the wrong time for the social media giant but it has also added more fuel to the fire.

The post Facebook App For Android Is Asking For “Superuser” Permission appeared first on TechWorm.

A week in security (May 14 – May 20)

Last week, we looked at the deluge of incoming policies caused by GDPR, tackled Adobe Reader zero days, and ran through some iPhone security tips. We also caught some helpline scammers in the act, explored advergaming, got our Senate Bill game face on, and deep dived into Drupal vulnerabilities.

Other news

Stay safe, everyone!

The post A week in security (May 14 – May 20) appeared first on Malwarebytes Labs.

Advocacy Groups Call for the FTC To Break Up Facebook

An anonymous reader shares a report: Several advocacy groups have banded together for a campaign that calls upon the US Federal Trade Commission to intervene and break up Facebook into smaller companies -- and more specifically to split off the Messenger, Instagram, and WhatsApp services from the mother company. The campaign, named Freedom from Facebook, was set into motion today by eight groups -- Demand Progress, Citizens Against Monopoly, Content Creators Coalition, Jewish Voice for Peace, MoveOn, Mpower Change, Open Markets Institute, and SumOfUs, respectively. Through a dedicated website, the eight advocacy groups are urging users to file a petition with the FTC on the grounds that Facebook has become a monopoly. The campaign's motto is "It's time to make Facebook safe for democracy." "Facebook and Mark Zuckerberg have amassed a scary amount of power," the campaign's website reads. "Facebook unilaterally decides the news that billions of people around the world see every day."

Read more of this story at Slashdot.

Facebook, GDPR and the Right to Privacy: Three’s a Crowd?

Back in 2016 the European Union voted to pass the mother of all security laws, aimed at further extending the rights of its citizens to control how their data is used. The General Data Protection Regulation (GDPR) guards users against having their information shared without their explicit consent, and gives them the right to revoke that consent at any point.

Read: Does the GDPR Apply to You?

GDPR violations can see companies fined up to $20 million or 4% of their annual turnover, and even US-based companies are sweating bullets as they scramble for compliance; well, some of them anyway.

Hot off the congress roast, Mark Zuckerberg is of the mind that the world’s largest procrastination tool shouldn’t be extending the iron-curtain-level privacy rules the EU is pushing out on May 25 to its users outside the EU.  This, despite 50 million Facebook users’ profiles falling victim to the Cambridge Analytica data breach not so long ago.

Instead, Zuckerberg told Reuters that the largest social media platform in the world is committed ‘in spirit’ to extending GDPR-like privacy standards to the rest of its 2.2 billion-odd users worldwide.

The Cambridge Analytica mess has placed Facebook firmly in the gaze of EU lawmakers and that’s a sticky place to be when information is your business – even if you claim that you’re just a social media tool –. A report by the Guardian and the Danish Broadcasting Corporation earlier this week claimed that Facebook enabled advertisers to target users based on ‘interests related to political beliefs, sexuality and religion’; even without the GDPR, this is classified as sensitive information under EU data laws.

According to TechCruch, the social media giant can expect a swathe of legal challenges based on its current attitudes around privacy.

Following the last data breach, Facebook added extra layers of privacy protection across the board, leading Zuckerberg to believe that there are enough checks and balances to keep users safe without applying GDPR measures outside of the EU.

For the rest of us, however, the GDPR deadline isn’t just a suggestion. Thankfully, we’ve been doing our homework for some time now, so if you’re not quite ready or not sure if you are we’re here to get you across the finish line.

Read more: 72 Hours: Understanding the GDPR Data Breach Reporting Timeline

Study: Digital Self-Harm Among Teens Real; Here’s What Parents Need to Know

digital self-harmWhen we think of self-harm, most of us think about rituals such as cutting in which a person may physically cut themselves in an attempt to deal with overwhelming emotions. Very few of us, especially parents, think about self-harm manifesting itself in the digital realm. However, according to a new study published in the Journal of Adolescent Health, digital self-harm is “a new problem” that demands attention.

What is Digital Self-Harm?

Digital self-harm as defined by the Cyberbullying Research Center (CRC) is the “anonymous online posting, sending, or otherwise sharing of hurtful content about oneself.” A child engages in digital self-harm by creating a fake account that he or she then uses to post mean comments to his or her real social account — comments visible to the public. An example of digital self-harm might be a child posting anonymous comments to oneself such as: “You are a waste of space. Why don’t you just die?” or “You are so ugly, why do you keep posting pictures of yourself?”

Digital self-harm, more simply put, is self-cyberbullying. Digital self-harm has allegedly been linked to two high-profile bullying cases that ended in the self-bullying teens committing suicide. According to the study, 6% of teens surveyed admitted to digital self-harm and males were significantly more likely to take part in digital self-harm (7.1% compared to 5.3%).

Possible Motivations

The CRC study suggested that some kids (in their own words) engaged in digital self-harm to be funny, get attention, or because they had low self-esteem, self-hate or hoped to get a reaction from friends. In a recent NPR story, psychologists nodded to the motivation behind self-harm as the need for others to worry about them, to prove how tough they were, or to get an adult’s or their peers’ attention. One student cited in the NPR story said she posted bullying comments to herself as a way to “beat others to the punch,” in potentially rejecting her. Whatever the reasons for posting self-harming statements or threats, doing so rings an alarm for parents, educators, counselors, and law enforcement.

According to Cyberbullying Research Center’s study authors Sameer Hinduja and Justin W. Patchin, study takeaways include the fact that 1) Parents shouldn’t ignore the possibility that a hurtful message received online by their child was sent by their child. 2) Educators, law enforcement officers, or others charged with investigating cyberbullying incidents should remain open to the possibility of digital self-harm, and conduct a thorough examination of all available evidence to get to the bottom of the incident. 3) Any time a student experiences cyberbullying, there is a problem that needs to be resolved. Even if—no, especially if—the sender and receiver are the same person.

What Parents Can Do

Monitor social media. Self-harm — digital or otherwise — is serious. Whatever the motivation behind the act may be, digital self-harm highlights a deeper hurt that’s manifesting publically that needs immediate attention. One way parents can know if their child is self-harming is to monitor social media paying close attention to the tone of the social interactions. Go a step further than reading your child’s posts. Look at the comments closely. If there’s a negative or threatening comment, examine the attached account. Is it a real account? Ask your child about the person who posted the comments. Using a filtering tool to consistently know what apps your child uses may help you monitor more consistently and thoroughly.

Avoid judgment. The reasons why a child may engage in digital self-harm can vary from serious emotional issues to a passing curiosity. If you find your child is digitally self-harming, avoid being judgmental. It’s tempting to panic and respond by shutting down all your child’s social media, but don’t. Talk the issue through and try to get to the reasons behind the action. Validate your child’s emotions without diminishing them. You don’t have to agree with the way your child expresses his or her feelings, however, validation shows support and helps your child feel heard and understood. Assess the seriousness of the situation and, if necessary, promptly, get professional help from a counselor or therapist.

Listen, observe. Listening is perhaps one of the most underutilized connection tools a parent possesses. We can gather much about our child’s emotional and social health by listening more we talk in a conversation. Pay attention to body language and tone. Understand the signs of depression or emotional distress in your teen. According to HelpGuide.org, signs of depression in teens can include sadness or hopelessness, irritability/anger, tearfulness, isolation, loss of interest in schoolwork or friends, lack of motivation, changes in eating or sleeping, abnormal fatigue or complaints of body aches, thoughts or jokes about death or suicide. If you suspect that a teenager is suicidal, take immediate action. For 24-hour suicide prevention and support in the U.S., call the National Suicide Prevention Lifeline at 1-800-273-TALK.

toni page birdsong

 

 

Toni Birdsong is a Family Safety Evangelist to McAfee. You can find her on Twitter @McAfee_Family. (Disclosures).

The post Study: Digital Self-Harm Among Teens Real; Here’s What Parents Need to Know appeared first on McAfee Blogs.

Facebook’s Android App Is Asking for Superuser Privileges, Users Say

Catalin Cimpanu, reporting for BleepingComputer: The Facebook Android app is asking for superuser permissions, and a bunch of users are freaking out about granting the Facebook app full access to their device, an understandable reaction following the fallout from the Cambridge Analytica privacy scandal. "Grants full access to your device," read the prompts while asking users for superuser permissions. These popups originate from the official Facebook Android app (com.facebook.katana) and are started appearing last night [UTC timezone], continuing throughout the day. Panicked users took to social media, Reddit, and Android-themed forums to share screengrabs of these suspicious popups and ask for advice on what's going on.

Read more of this story at Slashdot.

Malware Actors Targeting North Korean Defectors Using Facebook and Google Play

Security researchers found that hackers are using both Google Play and Facebook to actively target North Korean defectors with malware capable of stealing their information. McAfee Mobile Research Team discovered that the Sun Team hacking group is using Facebook to share links with North Korean defectors. At the time of analysis, these URLs directed targets […]… Read More

The post Malware Actors Targeting North Korean Defectors Using Facebook and Google Play appeared first on The State of Security.

Justice Department, FBI Are Investigating Cambridge Analytica

An anonymous reader quotes a report from CBS News: The Justice Department and FBI are investigating Cambridge Analytica, the now-shuttered political data firm that was once used by the Trump campaign and came under scrutiny for harvesting data of millions of users, The New York Times reported on Tuesday. The Times, citing a U.S. official and people familiar with the inquiry, reported federal investigators have looked to question former employees and banks connected to the firm. The Times reports prosecutors have informed potential witnesses there is an open investigation into the firm, whose profiles of voters were intended to help with elections. One source tells CBS News correspondent Paula Reid prosecutors are investigating the firm for possible financial crimes. A company that has that much regulatory scrutiny is almost guaranteed to have federal prosecutors interested, Reid was told. Christopher Wylie, a former Cambridge Analytica employee who spoke out about the data sharing practices, told the Times federal investigators had contacted him. The American official told the Times investigators have also contacted Facebook as a part of the probe.

Read more of this story at Slashdot.

Facebook Deleted 583 Million Fake Accounts in the First Three Months of 2018

Facebook said Tuesday that it had removed more than half a billion fake accounts and millions of pieces of other violent, hateful or obscene content over the first three months of 2018. From a report: In a blog post on Facebook, Guy Rosen, Facebook's vice president of product management, said the social network disabled about 583 million fake accounts during the first three months of this year -- the majority of which, it said, were blocked within minutes of registration. That's an average of over 6.5 million attempts to create a fake account every day from Jan. 1 to March 31. Facebook boasts 2.2 billion monthly active users, and if Facebook's AI tools didn't catch these fake accounts flooding the social network, its population would have swelled immensely in just 89 days.

Read more of this story at Slashdot.

Facebook suspends 200 apps for misusing user data

Facebook suspends 200 apps over data misuse investigation

In the wake of Cambridge Analytica scandal wherein 87 million Facebook users’ data were collected without their explicit consent, the social media giant has now suspended 200 apps on its platform over uncertainties of misusing user data as part of the first phase of an investigation into third-party apps. In order to avoid a second Cambridge Analytica data scandal, it has also investigated thousands of other apps that may have misused people’s personal data.

Ime Archibong, Facebook’s Vice President of Product Partnerships, in a company post on Monday said:

“We have large teams of internal and external experts working hard to investigate these apps as quickly as possible. To date thousands of apps have been investigated and around 200 have been suspended – pending a thorough investigation into whether they did in fact misuse any data. Where we find evidence that these or other apps did misuse data, we will ban them and notify people via this website. It will show people if they or their friends installed an app that misused data before 2015 – just as we did for Cambridge Analytica.”

This action taken by Facebook comes after CEO Mark Zuckerberg in March had promised that the company would “investigate all apps that had access to large amounts of information.”

In their audit, the company examined how many third-party apps especially those created before Facebook’s data policies were changed in 2014 had widespread access to user information. For those unaware, in 2014, Facebook had changed its policies to no longer allow developers accessibility to information of their app users’ friends. This year the company said it is further restricting the amount of information developers are supposed to gather.

The social network will be conducting a “thorough investigation” to check whether these apps have misused user data or not.

Ime Archibong, claims the audit is “in full swing”, and consists of two stages:

“First, a comprehensive review to identify every app that had access to this amount of Facebook data. And second, where we have concerns, we will conduct interviews, make requests for information (RFI) — which ask a series of detailed questions about the app and the data it has access to — and perform audits that may include on-site inspections.”

While Facebook did not mention the 200 suspended apps in question, there is also no clarity as to how long will the investigation take. However, Archibong in his post wrote, “There is a lot more work to be done to find all the apps that may have misused people’s Facebook data – and it will take time.”

Apparently, even the 200 suspended apps are expected to be further investigated via interviews and RFI requests. If the audit happens, the chances of the number of third-party apps going up is likely.

The post Facebook suspends 200 apps for misusing user data appeared first on TechWorm.

Facebook Faulted By Judge For ‘Troubling Theme’ In Privacy Case

schwit1 quotes a report from Bloomberg: A judge scolded Facebook for misconstruing his own rulings as he ordered the company to face a high-stakes trial accusing it of violating user privacy. The social media giant has misinterpreted prior court orders by continuing to assert the "faulty proposition" that users can't win their lawsuit under an Illinois biometric privacy law without proving an "actual injury," U.S. District Judge James Donato said in a ruling Monday. Likewise, the company's argument that it's immune from having to pay a minimum of $1,000, and as much as $5,000, for each violation of the law is "not a sound proposition," he said. Under the Illinois Biometric Information Privacy Act, the damages in play at a jury trial set for July 9 in San Francisco could easily reach into the billions of dollars for the millions of users whose photos were allegedly scanned without consent. Apart from his concerns about the "troubling theme" in Facebook's legal arguments, Donato ruled a trial must go forward because there are multiple factual issues in dispute, including a sharp disagreement over how the company's photo-tagging software processes human faces.

Read more of this story at Slashdot.

Facebook removes 200 suspicious apps

Following the Cambridge Analytica scandal, Facebook CEO Mark Zuckerberg announced on March 21 that the company would conduct an audit to identify suspicious applications that may have exploited user data.

So far, 200 applications have been detected and removed, but their names haven’t been made public yet. Users whose data has been misused will be immediately notified by Facebook. However, this casts doubt over the company’s ability to properly secure users’ information and right to privacy.

“To date thousands of apps have been investigated and around 200 have been suspended — pending a thorough investigation into whether they did in fact misuse any data,” reads an update written by Ime Archibong, VP of Product Partnerships. “Where we find evidence that these or other apps did misuse data, we will ban them and notify people via this website. It will show people if they or their friends installed an app that misused data before 2015 — just as we did for Cambridge Analytica.”

The main problem is that Facebook’s business model has always been based on sharing user data with applications and the sudden change of heart might not necessarily fix much because once the information leaves their servers, they lose control over it.

“The investigation process is in full swing, and it has two phases,” added Archibong. “First, a comprehensive review to identify every app that had access to this amount of Facebook data. And second, where we have concerns, we will conduct interviews, make requests for information (RFI) — which ask a series of detailed questions about the app and the data it has access to — and perform audits that may include on-site inspections.”

Soon after Facebook announced partial results of its app audit, New Scientist reported that the personal data of over 3 million Facebook users collected through the Cambridge Analytica personality test had in fact been accessible to anyone for the past four years.

Careless researchers expose millions of Facebook users’ sensitive data

If you needed another reason to stop sharing intimate information with apps on Facebook or Facebook itself, consider this newest revelation: academics at the University of Cambridge have been using the data harvested through myPersonality, a popular personality app, as a basis for a tool used for targeting adverts based on personality types. Access to the tool was reserved for those who paid for it but, by now, we’re all used to companies earning money … More

The post Careless researchers expose millions of Facebook users’ sensitive data appeared first on Help Net Security.

A week in security (May 7 – May 13)

Last week on Labs, we looked at the case of a fake Android AV, an annoying adware that goes by the name of Kuik, the return of threat actors behind the Shopper Stop tech scam, a new Netflix phishing scam, the recent zero-day vulnerability in Internet Explorer, and the insufficiency of merely relying on the presence of the green padlock. Also, in a brief blog post, we talked about why we removed the blacklist of tech support scammers we have been dutifully maintaining for years.

Other news

Stay safe, everyone!

The post A week in security (May 7 – May 13) appeared first on Malwarebytes Labs.

Nigelthorn malware infected over 100,000 systems abusing Chrome extensions

The Nigelthorn malware has already infected over 100,000 systems in 100 countries by abusing a Google Chrome extension called Nigelify.

A new strain of malware, dubbed Nigelthorn malware because it abuses a Google Chrome extension called Nigelify, has already infected over 100,000 systems in 100 countries, most of them in the Philippines, Venezuela, and Ecuador (Over 75%).

The new malware family is capable of credential theft, cryptomining, click fraud, and other malicious activities.

According to the experts, the threat actor behind this campaign has been active since at least March 2018.

The Nigelthorn malware is spreading through links on Facebook, victims are redirected to a fake YouTube page that asks them to download and install a Chrome extension to play the video. Once the victims accepted the installation, the malicious extension will be added to their browser.

“Radware has dubbed the malware “Nigelthorn” since the original Nigelify application replaces pictures to “Nigel Thornberry” and is responsible for a large portion of the observed infections.” reads the analysis published by Radware.

“The malware redirects victims to a fake YouTube page and asks the user to install a Chrome extension to play the video.”

The malware was specifically developed to target both Windows and Linux machines using the Chrome browser.

When a victim clicks on “Add Extension” is redirected to a Bitly URL from which they will be redirected to Facebook in the attempt to provide the credentials for his account.

In order to bypass Google Application validation tools, the threat actors used copycat versions of legitimate extensions and injected a short, obfuscated malicious script into them.

“To date, Radware’s research group has observed seven of these malicious extensions, of which it appears four have been identified and blocked by Google’s security algorithms. Nigelify and PwnerLike remain active,” reads the analysis.

After the malicious extension is installed, a JavaScript is executed to start the attack by downloading the malware configuration from the command and control (C&C) server, after which a set of requests is deployed.

The Nigelthorn malware is able to steal Facebook login credentials and Instagram cookies. The malware also redirects users to a Facebook API to generate an access token that is then sent to the Command and Control servers.

The malware propagated by using the stolen credentials, it sends the malicious link to the victim’s network either via messages in Facebook Messenger, or via a new post that includes tags for up to 50 contacts.

The Nigelthorn malware also downloads a cryptomining tool to the victim’s computer.

“The attackers are using a publicly available browser-mining tool to get the infected machines to start mining cryptocurrencies.” states Radware. “The JavaScript code is downloaded from external sites that the group controls and contains the mining pool. Radware observed that in the last several days the group was trying to mine three different coins (Monero, Bytecoin and Electroneum) that are all based on the “CryptoNight” algorithm that allows mining via any CPU.”

The malicious code uses numerous techniques to gain persistence on the infected system, such as closing the extensions tab if the user attempts to access it, or downloading URI Regex from the C&C and blocking users from accessing Facebook and Chrome cleanup tools or from making edits, deleting posts, and posting comments.

Experts also described a YouTube fraud, the YouTube plugin is downloaded and executed, after which the malware attempts to access the URI “/php3/youtube.php” on the C&C to receive commands to watch, like, or comment on a video, or to subscribe to the page. These actions are likely an attempt to receive payments from YouTube.

“As this malware spreads, the group will continue to try to identify new ways to utilize the stolen assets. Such groups continuously create new malware and mutations to bypass security controls. Radware recommends individuals and organizations update their current password and only download applications from trusted sources,” concludes Radware.

Pierluigi Paganini

(Security Affairs – Nigelthorn malware, Facebook)

The post Nigelthorn malware infected over 100,000 systems abusing Chrome extensions appeared first on Security Affairs.

LEIA: o post censurado judicialmente do jornalista Milton Temer criticando a vereadora tucana Teresa Bergher sobre Israel

Uma juíza do Rio de Janeiro ordenou que o ex-deputado Milton Temer deletasse um post no Facebook no qual criticava uma vereadora tucana por sua defesa das políticas de Israel. A ordem judicial de censura, da juíza Tula Correa de Mello, da 20ª Vara Criminal, veio depois que a vereadora do PSDB, Teresa Bergher, processou Temer e exigiu a censura de seu post. O pedido, assinado na sexta-feira, foi noticiado pelo site Nocaute.

teresa-1526228916

Vereadora Teresa Bergher (PSDB-RJ)

Photo: Câmara Municipal do Rio de Janeiro

Temer, um jornalista e ex-deputado federal do PSOL, é um defensor vocal dos palestinos e um crítico da ocupação, agressão e apartheid de Israel. Bergher é uma defensora fanática do governo israelense; apesar de ter sido eleita para servir aos cariocas, sua página no Facebook e seu ativismo político são frequentemente dedicados à defesa de Israel.

No início deste mês, Bergher subiu à tribuna da Câmara Municipal para denunciar Temer pelo que classificou como declarações anti-semitas sobre Israel – ratificando os esforços da direita brasileira para proibir críticas ao governo israelense, explorando cinicamente as acusações de anti-semitismo e manchando quaisquer críticos de Israel como intolerantes.

Em resposta, Temer postou, no dia 8 de abril, em sua página no Facebook, essa resposta – que embora não fizesse menção ao nome de Bergher, deixava poucas dúvidas de que ele estava criticando suas opiniões políticas a respeito de Israel:

A linguagem usada por Temer – particularmente comparando a opressão israelense aos palestinos com o nazismo – é obviamente inflamatória e polêmica. É claro que algumas pessoas ficarão ofendidas com essa comparação.

Mas não há dúvida de que se trata de pura opinião política: concordâncias ou discordâncias a parte, comparar a ocupação israelense da terra palestina e a matança indiscriminada de manifestantes inocentes ao nazismo é uma opinião, não uma afirmação que se pretende factual (como as declarações difamatórias alegando falsamente que Marielle Franco estava ligada a traficantes de drogas: isso não era mera opinião política, mas difamação).

De fato, essa comparação entre a violência israelense contra os moradores de Gaza e os ataques nazistas ao Gueto de Varsóvia é uma opinião comumente expressa em todo o mundo por uma ampla gama de pessoas, incluindo membros judeus de parlamentos europeus que defenderam tal comparação. É uma maneira provocativa e agressiva de expressar essa opinião, mas a liberdade de expressão não tem sentido se alguém for proibido de expressar opiniões políticas pelo fato de que sejam provocativas e tenham o potencial de ofender.

O que é perigoso não é a liberdade de expressão de opiniões controversas, como as expressas por Temer, mas o abuso do poder de juízes que se utilizam da censura para punir aqueles que expressam idéias que os desagradam.

Juíza Tula Correa de Mello

Photo: Tribunal de Justiça do Estado do Rio de Janeiro

Por que é legalmente permitido a políticos como Bergher defender um governo que, há décadas, ocupa ilegalmente a terra, violando as resoluções da ONU e que rotineiramente mata crianças, mas legalmente proibido para Temer criticá-la por fazê-lo? Como a democracia e a liberdade de expressão podem sobreviver se nenhum de nós tem permissão para expressar opiniões políticas de que a juíza Correa de Mello ou a vereadora Teresa Bergher discordam?

Neste caso, o abuso de poder judicial é ainda mais extremo do que o usual caso de censura: a juíza não só ameaçou multar Temer em mil reais por dia, até que retire seu post do Facebook, como também ordenou que ele “se abstenha de reproduzir, em seu Facebook, ou em qualquer outro veículo de informação, afirmações e foto/imagens relacionadas aos fatos objeto desta ação.”

O que isso significa? O que Temer está proibido de dizer no futuro? Ele não tem permissão para comentar sobre a ordem de censura desta juíza, ou para criticar Israel e seus defensores em geral? A imprecisão dessa ordem é tão tirânica quanto a própria censura.

Além de perigosa, a ordem de censura judicial é intelectualmente ridícula. A juíza Correa de Mello inclui literalmente, em sua própria ordem, a linguagem usada por Temer para criticar a vereadora Bergher que pretende judicialmente suprimir. Ao fazê-lo, a juíza garante que as críticas a Bergher serão muito mais divulgadas do que se o post de Temer no Facebook não fosse censurado, já que qualquer notícia sobre a ordem de censura da juíza incluirá a mensagem que ela está tentando suprimir.

Assim, a conduta da juíza neste caso é um exemplo perfeito do que, nos Estados Unidos, é chamado de “efeito Streisand”, batizado com o nome da atriz norte-americana cuja tentativa de censurar fotografias de sua casa, feitas por um jornalista que buscava divulgar a erosão costeira, gerou muito mais atenção a essas fotografias. Ao tentar censurar as críticas de Temer a Bergher, a juíza Correa de Mello certamente assegurou que elas recebessem mais atenção.

miltontemerfo-1526231577

Jornalista e ex-deputado Milton Temer

Photo: TVBrasil

O mais perturbador disso tudo é que a tentativa de censura da juíza parece fazer parte do crescente fascismo no Brasil, que vem sendo utilizado para atacar as liberdades políticas básicas. Uma das posições mais importantes para o movimento Bolsonaro (como é o caso dos movimentos de extrema direita em todo o mundo) é a defesa absoluta de Israel – tanto por razões religiosas (a crença religiosa de que Deus quer que Israel tenha terras palestinas) quanto políticas (o apoio à violência israelense contra os muçulmanos).

Esse clima se torna ainda mais assustador quando uma juíza ordena a remoção de críticas a um político conservador por sua defesa extremista de Israel. Nas mídias sociais, alguns políticos brasileiros associaram essa censura à crescente onda fascista no país.

“Mais um caso esdrúxulo de perseguição judicial,” disse o senador Lindbergh Ferias (PT). “No Brasil do golpe, uma malta de reacionários sente-se livre para atingir seu ódio. Minha solidariedade, Milton!” Um dos colegas na Câmara de Vereadores, que senta no lado da Bergher, David Miranda (PSOL), acrescentou: “Essa censura ao Milton Temer é o mais recente ataque fascista à liberdade de expressão, impulsionado pelo movimento Bolsonaro, para proibir uma defesa dos palestinos. O fascismo no Brasil será esmagado.” E deputado Chico Alencar (PSOL), escreveu: “É inaceitável uma determinação judicial para que qualquer pessoa se “abstenha” de comentar qualquer assunto e que políticas de qualquer governo não possam ser criticadas.”

A questão chave aqui não é se alguém concorda com as opiniões de Bergher sobre Israel ou com as críticas de Temer. A questão é se um jornalista e cidadão brasileiro tem o direito de criticar as opiniões políticas de uma parlamentar eleita, mesmo que essa crítica seja expressa de maneira polêmica e provocativa. Qualquer sociedade que responda “não” a essa questão – que endosse o direito dos juízes de remover opiniões políticas controversas da internet e do debate público – não pode se considerar uma sociedade dotada de quaisquer direitos mínimos de liberdade de expressão.

Divulgação: o repórter deste artigo é o marido do Vereador David Miranda (PSOL-RJ)

The post LEIA: o post censurado judicialmente do jornalista Milton Temer criticando a vereadora tucana Teresa Bergher sobre Israel appeared first on The Intercept.

Russian Fake News Ecosystem Targets Syrian Human Rights Workers

Kremlin linked news sites like RT and Sputnik figure prominently in an online disinformation campaign portraying Syrian humanitarian workers (“White Helmets”) as terrorists and crisis actors, according to an analysis by researchers at University of Washington and Harvard.  An online “echosystem” of propaganda websites...

Read the whole entry... »

Related Stories

7 Chrome Extensions Spreading Through Facebook Caught Stealing Passwords

Luring users on social media to visit lookalike version of popular websites that pop-up a legitimate-looking Chrome extension installation window is one of the most common modus operandi of cybercriminals to spread malware. Security researchers are again warning users of a new malware campaign that has been active since at least March this year and has already infected more than 100,000 users

Smashing Security #077: Why Paris Hilton doesn’t use iCloud, lottery hacking, and Facebook dating

Smashing Security #077: Why Paris Hilton doesn’t use iCloud, lottery hacking, and Facebook dating

The tricky-to-pronounce Paytsar Bkhchadzhyan is jailed for hacking Paris Hilton, we hear the story of the man who hacked the lottery and almost got away with $16.5 million, and Facebook thinks it is the perfect partner to find you a date.

Find out in this special splinter episode of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Dave Bittner from The Cyberwire podcast.

Facebook is working on an ad-free subscription-based version

Are you ready for an ad-free Facebook experience?

Facebook has been conducting a market research among its consumers for an ad-free subscription version of the social network to see if they’d be interested in paying for their privacy, according to Bloomberg.

As per rumors in the past, Facebook has considered the idea of paid- subscription before as well, however, this time there’s more internal momentum to pursue it, which is mainly because the company is facing a crisis of public trust after the Cambridge Analytica privacy scandal.

It is a known fact that Facebook has been the leading platform for social media advertising and marketing due to its enormous online audience and high user engagement rates. The majority of the social network’s revenues are generated through advertising targeted with this user data.

Now, that consumer sentiment is changing and with mounting evidence that its huge user base is reaching saturation due to this insecurity about their privacy, Zuckerberg & Co. merely might be looking to diversify beyond its one-trick revenue policy. And that includes an ad-free iteration.

Though Facebook declined to comment on subscription-based ad-free service. Yet in recent weeks, one of the company’s highest-ranking executive has left open the possibility of a subscription option. During the company’s first-quarter earnings call last week, Chief Operating Officer Sheryl Sandberg said the company has “certainly thought about lots of other forms of monetization including subscriptions, and we’ll always continue to consider everything.”

Also, during his testimony to Congress, The chief executive Mark Zuckerberg told the lawmakers that there would “always be a version of Facebook that is free,” as the site says, “it’s free and always will be.”

The post Facebook is working on an ad-free subscription-based version appeared first on TechWorm.

Trivia Time: Test Your Family’s Password Safety Knowledge

Strong PasswordPasswords have become critical tools for every citizen of the digital world. Passwords stand between your family’s gold mine of personal data and the entirety of the internet. While most of us have a love-hate relationship with passwords, it’s beneficial to remember they do serve a powerful purpose when created and treated with intention.

But asking your kids to up their password game is like asking them to recite the state capitals — booooring! So, during this first week of May as we celebrate World Password Day, add a dash of fun to the mix. Encourage your family to test their knowledge with some Cybersavvy Trivia.

Want to find out what kind of password would take two centuries to crack? Or, discover the #1 trick thieves use to crack your password? Then take the quiz and see which family member genuinely knows how to create an awesome password.

We’ve come a long way in our understanding of what makes a strong password and the many ways nefarious strangers crack our most brilliant ones. We know that unique passwords are the hardest to crack, but we also know that human nature means we lean toward creating passwords that are also easy to remember. So striking a balance between strong and memorable may be the most prudent challenge to issue to your family this year.

Several foundational principles remain when it comes to creating strong passwords. Share them with your family and friends and take some of the worries out of password strength once and for all.

5 Password Power Principles

  1. Unique = power. A strong password includes numbers, lowercase and uppercase letters, and symbols. The more complicated your password is, the more difficult it will be to crack. Another option is a password that is a Strong Passwordpassphrase only you could know. For instance, look across the room and what do you see? I can see my dog. Only I know her personality; her likes and dislikes. So, a possible password for me might be #BaconDoodle$. You can even throw in a misspelling of your password to increase its strength such as Passwurd4Life. Just be sure to remember your intentional typos if you choose this option.
  2. Diverse = power. Mixing up your passwords for different websites, apps, and accounts can be a hassle to remember but it’s necessary for online security. Try to use different passwords for online accounts so that if one account is compromised, several accounts aren’t put in jeopardy.
  3. Password manager = power. Working in conjunction with our #2 tip, forget about remembering every password for every account. Let a password manager do the hard work for you. A password manager is a tech tool for generating and storing passwords, so you don’t have to. It will also auto-log you onto frequently visited sites.
  4. Private = power. The strongest password is the one that’s kept private. Kids especially like to share passwords as a sign of loyalty between friends. They also share passwords to allow friends to take over their Snapchat streaks if they can’t log on each day. This is an unwise practice that can easily backfire. The most Strong Passwordpowerful password is the one that is kept private.
  5. 2-step verification = power. Use multi-factor (two-step) authentication whenever possible. Multiple login steps can make a huge difference in securing important online accounts. Sometimes the steps can be a password plus a text confirmation or a PIN plus a fingerprint. These steps help keep the bad guys out even if they happen to gain access to your password.

It’s a lot to manage, this digital life but once you’ve got the safety basics down, you can enjoy all the benefits of online life without the worry of your information getting into the wrong hands. So have a fun and stay informed knowing you’ve equipped your family to live their safest online life!

toni page birdsong

 

 

Toni Birdsong is a Family Safety Evangelist to McAfee. You can find her on Twitter @McAfee_Family. (Disclosures).

The post Trivia Time: Test Your Family’s Password Safety Knowledge appeared first on McAfee Blogs.

PROTECTING YOUR PRIVACY – Part 2: How to Maximize Your Privacy on Social Media and in Your Browser

As social media sites become a bigger part of users' daily lives, they must be increasingly careful about their online privacy.

In the last post we highlighted the privacy risks associated with using popular social networking sites and browsers. You might not appreciate just how much of your personal data is being accessed by advertisers and other third parties via your social media accounts and internet browsing. Similarly, your privacy settings may have changed significantly since the last time you checked them, meaning that you’re now over-sharing via your updates and posts online.

This could lead to various unintended consequences. For example, a prospective employer may cut you from a shortlist of candidates because they don’t like what they see on your Facebook page. Or an enterprising burglar might see from a Twitter post that you’re not at home and raid your property. Hackers might even harvest the information you share and use your identity to apply for new bank cards in your name.

Fortunately, there are things you can do to protect your privacy online — both within the sites themselves and by using third-party tools like Trend Micro’s Privacy Scanner. Let’s take a look.

Changing your Privacy Settings

You can manually configure your Privacy Settings on sites including Facebook, Twitter, Google+, LinkedIn, and more, as well as in your browser. However, no two sites are the same, and some are easier than others to navigate.

Facebook:

The good news is that following the Cambridge Analytica scandal, Facebook has made several changes designed to make it easier for you to manage your privacy settings. A privacy shortcuts button   is now accessible from the top right of any Facebook page and will help you manage who can view your content; who can contact you; and how you can stop someone hassling you. In addition, anywhere you’re able to share your status updates, photos and other posts, there’s an “audience selector” tool which allows you to specify whether they can be seen by the Public (anyone on or off Facebook), Friends, or just you. Be aware that Facebook remembers your most recent setting.

The amount of data you share with apps is also increasingly important to users. Following the recent data leakage scandal, Facebook has promised to notify if it removes any apps for breaching terms of service; remove an app’s access if it hasn’t been used in three months; and will reduce the data that an app can request without app review. If you want to manually review what info your Facebook apps can access, click  in the top right, click Settings, then go to Apps and Websites on the left-hand side. You can choose between Active, Expired or Removed websites/apps and remove those you no longer wish to access your personal data.

Twitter:

As mentioned in the previous blog, Twitter is easier to manage than Facebook, but there are some settings users may prefer to enhance their privacy. In your account, click on Settings and Privacy then Privacy and Safety and you’ll be given several options. Tweets are public by default so if you want them to be private, and only shared with approved friends, click Protect your Tweets. Similarly, there are options to remove your geolocation, not allow users to tag you in photos, or let others find you by email address/phone number. Also switch personalization off to stop sharing data with advertisers and switch off Receive Direct Messages from anyone to avoid spam direct messages.

Browser (Chrome on Windows):

As the most popular browser in the world, Google Chrome tracks and sells much of your activity to advertisers as well as sharing it with other Google products. If you don’t want to sync your personal browsing history to all devices, including your work machine, then click on the three dots in the top right-hand corner, Settings, Sync, and then toggle off the features you don’t want. You’ll need to do the same at work or for other machines.

The browser also shares information with various other services. If you’re not happy with that happening, you can toggle them off by going to Settings, Advanced (at the bottom of the page). However, enabling Do Not Track will help prevent third-party sites storing your data, although it’s not 100% effective. It’s also a good idea to keep on the service protecting you and your device from dangerous sites.

Click on “content settings” to dive into additional privacy settings. Go into Cookies and “keep local data until you quit your browser” to limit what data sites can harvest from you. Finally, consider using a password manager from a third-party expert like Trend Micro instead of storing your passwords in the browser, since it’s far more secure.

Automate Privacy Settings with Trend Micro Privacy Scanner

If you want an easier way to manage your privacy on social media and browsers, consider the Trend Micro Privacy Scanner feature, which is available within Trend Micro Security on Windows and Mac, and within Mobile Security on Android and iOS. While we can’t help you with all your social network settings, we can certainly help you with quick and easy fixes on four major platforms, as well as their linked apps, and in Windows browsers.

For Windows, the social networks covered are Facebook, Twitter, Google+, and LinkedIn, as well as Internet Explorer, Chrome, and Firefox browsers. Privacy Scanner also works on Macs the same way for the same social networking platforms. And it works on Android (for Facebook) and iOS (for Facebook and Twitter). It’s turned on by default in Trend Micro Internet, Maximum and Premium Security and can also be launched from the Trend Micro Toolbar. Either click on the Privacy icon in the Console, or in the browser, select the Trend Micro Toolbar and “Check your Online Privacy.” Here are a few scenarios:

Facebook on Windows

A Facebook sign-in page is shown by default by the Privacy Scanner. Sign-in and then See Scan Results. Click Fix All and then Fix to fix all the issues highlighted, or click the drop down to tackle them individually. You can also view any apps here which may have privacy concerns. If you want to fix each separately click “Who can see each app and its posts?”

Once that has been completed you will get a message saying your friends’ accounts need help. In that case you can share a link to the Privacy Scanner with them on the social network.

Chrome on Windows

To start a scan, open up your browser. In the Trend Micro toolbar, select Check your online privacy. The Trend Micro Privacy Scanner portal will appear. Click on the browser you want to check. The scanner will show you where there are privacy concerns. Click Fix All and then Fix or manually fix/edit each one.

Twitter on iOS

To scan and fix Twitter via Trend Micro Mobile Security on iOS, swipe the Safe Surfing shield to the left and tap the Social Network Privacy Shield in the main Console. (Note: this UI will change in the Fall of 2018.) Tap the Twitter icon to sign-in and then Login to start the scan. Tap Improve Now or the individual settings panel to change the settings. The feature works similarly on Android.

Trend Micro Password Manager

Finally, Trend Micro Password Manager has been designed to help you protect the privacy of your account passwords across PCs, Macs, Android and iOS. It’s worth considering as an alternative to storing your online credentials in the browser, which exposes them to hackers. Trend Micro Password Manager is automatically installed with Trend Micro Maximum Security, but you can also install a free or paid stand-alone edition of the product, Password Manager.

  • Generates highly secure, unique and tough-to-hack passwords for each of your online accounts
  • Securely stores and recalls these credentials so you don’t have to remember them
  • Offers an easy way to change passwords, if any do end up being leaked or stolen
  • Makes it quick and easy to manage your passwords from any location, on any device and browser

At Trend Micro we understand that protecting your privacy and security online is becoming increasingly challenging. That’s why we’ve done our best to do the hard work for you—helping you to enjoy your digital life safely and easily.

For more info or to purchase Trend Micro Security for PC and Mac, as well as Trend Micro Mobile Security for iOS and Android, go here.

To watch a video on using Trend Micro Privacy Scanner, go here.

For more info on Trend Micro Password Manager go here, or to watch videos on using Password Manager go here.

The post PROTECTING YOUR PRIVACY – Part 2: How to Maximize Your Privacy on Social Media and in Your Browser appeared first on .

Cyber Security Roundup for April 2018

The fallout from the Facebook privacy scandal rumbled on throughout April and culminated with the closure of the company at the centre of the scandal, Cambridge Analytica.
Ikea was forced to shut down its freelance labour marketplace app and website 'TaskRabbit' following a 'security incident'. Ikea advised users of TaskRabbit to change their credentials if they had used them on other sites, suggesting a significant database compromise.

TSB bosses came under fire after a botch upgraded to their online banking system, which meant the Spanished owned bank had to shut down their online banking facility, preventing usage by over 5 million TSB customers. Cybercriminals were quick to take advantage of TSB's woes.

Great Western Railway reset the passwords of more than million customer accounts following a breach by hackers, US Sun Trust reported an ex-employee stole 1.5 million bank client records, an NHS website was defaced by hackers, and US Saks, Lord & Taylor had 5 million payment cards stolen after a staff member was successfully phished by a hacker.

The UK National Cyber Security Centre (NCSC) blacklist China's state-owned firm ZTE, warning UK telecom providers usage of ZTE's equipment could pose a national security risk. Interestingly BT formed a research and development partnership with ZTE in 2011 and had distributed ZTE modems. The NCSC, along with the United States government, released statements accusing Russian of large-scale cyber-campaigns, aimed at compromising vast numbers of the Western-based network devices.

IBM released the 2018 X-Force Report, a comprehensive report which stated for the second year in a row that the financial services sector was the most targeted by cybercriminals, typically by sophisticated malware i.e. Zeus, TrickBot, Gootkit. NTT Security released their 2018 Global Threat Intelligence Report, which unsurprisingly confirmed that ransomware attacks had increased 350% last year.  

A concerning report by the EEF said UK manufacturer IT systems are often outdated and highly vulnerable to cyber threats, with nearly half of all UK manufacturers already had been the victim of cybercrime. An Electropages blog questioned whether the boom in public cloud service adoption opens to the door cybercriminals.

Finally, it was yet another frantic month of security updates, with critical patches released by Microsoft, Adobe, Apple, Intel, Juniper, Cisco, and Drupal.

NEWS
AWARENESS, EDUCATION AND THREAT INTELLIGENCE
REPORTS

You vs. the Internet: 5 Hands-On Ways to Begin Safeguarding Your Family’s Privacy

Data mining. Privacy breaches. Malicious third parties. Do you ever feel like these scary sounding, albeit significant, concerns got left at the curb somewhere between carpool duty, doctor appointments, and trying to hit two softball games and a track meet in the same day?

You are far from alone. If asked, most of us would confess: Our digital safety habits aren’t keeping up with the wild pace of technology. We understand the risks to our privacy online, but few of us have the time to protect it.

Have you given up? Perhaps you believe the internet is winning and that personal privacy is an outdated, even naïve, expectation online.

That sentiment is true but only to a small extent. Here’s what’s truer: With intention, a small chunk of time — and enlisting the whole family — you can begin to rewrite your privacy future.

You can take steps toward managing (and enjoying) your technology like a boss. Here’s how to get the whole crew on board for a family-wide privacy update.

5 Hands-On Ways to Begin Safeguarding Your Family’s Online Data

  1. Call a family huddle. Change takes action. A successful family-wide privacy update will require, well, the whole family. Call a family huddle. Ask each family member to inventory all devices including phones, tablets, PCs, toys, televisions, gaming systems. This list represents vulnerabilities or points of entry. Assign responsibility to each device. Just as you’d lock windows and doors, commit to securing down digital doorways. Huddle goals: Make privacy a family priority, discuss the online risks, challenge your digital-loving pack to higher digital standards, set up a reward system for keeping family devices safe. Remember: Technology is a privilege, not a right (no matter how culture positions it to the contrary).
  2. Upgrade privacy settings on social platforms. Any social platform — be it Facebook, Instagram, Snapchat or others — requires attention when it comes to protecting personal data. Go through each app and update your privacy settings. Educate yourself on what data you are sharing and with whom. Look closely at the information you’ve willingly shared, and make adjustments from there. For kids: Wipe social profiles clean of any personal information such as school name, age, address, phone number, email, location, and any other personal content.
  3. Scrub apps, update software, add security. Technology brings with it oodles of convenience. However, as with an automobile, our tech also needs maintenance to be enjoyed responsibly. Smartphones, tablets, televisions, and PCs require regular cleaning and updating. As a family, commit to making these changes. 1) Delete unused apps 2) Select “auto update” for software on both your mobile devices and computers 3) Install (and update) robust security software that protects devices against viruses, hackers, and spyware. Useful security software should also filter offensive content, pictures, and websites.
  4. Create strong, unique passphrases. As part of your family’s overall security update, make sure to create strong passwords for family devices. What’s a strong password? According to National Institute of Standards and Technology (NIST), think in terms of a passphrase rather than a password. Passphrases should be simple, long and memorable. They should contain lowercase letters and word associations only you would know. For instance: cottoncandyskies, burntsmoresinsummer, or poetrypinkpasta.Make sure everyone from the eight-year-old to the 18-year-old understands why it’s important to use strong, unique passphrases. To reinforce this, consider a reward for family members who stay on top of their digital housekeeping.
  5. Follow-through, follow-through, follow-through! The only plan of any value is the one that is executed. So much of parenting is spent communicating goals, but effective parenting happens in following through with those goals. Be a firm, focused digital parent. Don’t just communicate the digital risks; follow through to make sure your child makes the hands-on changes listed here to protect their online data. Sit down, watch them do it. Review devices and settings. Discuss and physically check off privacy basics which include: 1) Updating privacy settings on devices and social networks 2) Use strong passphrases 3) Not sharing personal information online 4) Deleting unused apps and auto-updating software 5) Making digital privacy a personal priority.

toni page birdsong

 

 

Toni Birdsong is a Family Safety Evangelist to McAfee. You can find her on Twitter @McAfee_Family. (Disclosures). 

The post You vs. the Internet: 5 Hands-On Ways to Begin Safeguarding Your Family’s Privacy appeared first on McAfee Blogs.

Recommended Reading: Facebook’s influence on Instagram

Instagram looks like Facebook's best hope
Sarah Frier,
Bloomberg Businessweek

With all the attention on Mark Zuckerberg's visit to DC this week, it can be easy to lose sight of an important detail: Facebook also owns Instagram. Of course, this means it also has access to the photo-sharing app's massive user base. Bloomberg Businessweek has a detailed look at the relationship between the two companies as Instagram approaches 1 billion total users.

#DeleteFacebook: Do You Really Need To?

Is it time to #deleteFacebook? Facebook’s long line of dramas has many of us rethinking our dependence on Mark Zuckerberg’s largest social media platform. While many of us were alarmed at the fake news allegations last year, the recent scandal with Cambridge Analytica has us genuinely spooked and now asking ourselves this question.

The fact that Facebook allowed British data analysis firm Cambridge Analytica to tap the Facebook profiles of more than 50 million users without their knowledge has many of us questioning both our – and our children’s – relationship with the social media platform. How compromised is our privacy? What’s really happening with our data? Is our every online move really being monitored?

The immediate reaction of many is to delete their Facebook accounts and insist their kids do the same. When news broke of the Cambridge Analytica scandal, the #deleteFacebook hashtag trended heavily on Twitter. Many high profile tech types deleted their personal and business Facebook accounts and, consequently, drove the Twittersphere into a frenzy.

To #DeleteFacebook Or Not To #DeleteFacebook?

But many of us can’t really afford to be idealists. Some of us run online businesses and rely heavily on Facebook. Others use Facebook for our jobs. Many of us (and our kids) use Facebook to run our social lives – organise events and parties, remember birthdays and stay in touch with friends and family across the world. And for nearly all of us, it is our digital scrapbook that preserves our important life events, shared moments and memories. In short, we would be lost without it.

While the black and white idealist in me absolutely agrees that we should delete Facebook, the realist in me acknowledges that life is often lived in the shades of grey. Facebook has spent more than a decade making itself a deeply entrenched part of our modern society. Saying farewell to this part of your life is a decision that I believe many of us would find almost impossible to make.

So, while deleting Facebook from your online life is the most drastic way of protecting your data, there are steps you can take to keep your account more secure and your personal information more private. Here are my top recommendations:

  1. Set up new logins for each app you are using.

    Setting up a new login and password for each app you’re using is a great way to protect yourself and your data online. Login may take fractionally longer but it will help ensure your data is not shared between different services.

  2. Review your third party apps – the ones you joined using Facebook.

    Facebook has made it just so easy for us to download apps using our Facebook settings that many of us have acquired quite the collection of apps. The problem is that Facebook provides these apps with our data including our name, location, email or even our friends list. So, review these apps, people! Not sure where to start? Go to Settings > Apps > Logged in with Facebook and remove anything that doesn’t absolutely need access to your Facebook profile. You will still have to contact the app developer to ensure they have deleted the data they already have gathered on you. Tedious but worth it!

  3. Don’t overshare on social media.

    Oversharing online gets many of us including our kids into trouble and allows cybercriminals and ‘data analysis types’ the ability to form an accurate picture of us very quickly! Being conscious of what is publicly available from your social media profiles is essential. Ensure every member of the family knows to NEVER share their telephone number, address or details of their school online. Also rethink whether you really want your relationship status made public, or the city of your birth.

  4. Cull your Friends list.

    The Cambridge Analytica scandal should provide us all with a reality check about how we manage online friends. In 2015, an app entitled ‘this is your digital life’ was developed by Cambridge Professor Dr Aleksandr Kogan and then downloaded by 270,000 users. Those who opted in allowed the app access to their information – including their friends – which then gave Kogan access to the data of over 50 million Facebook users. Facebook have reportedly since changed their terms of service and claim app developers can no longer access this detail, or at least, not at the same level of detail. So, go through your friend list and delete those you barely know or who were just passing acquaintances. Do you really want to share your personal or family updates with these people?

  5. Choose a different social media platform to connect to apps.

    If an app lets you choose which account you use to login, pick one which holds limited data about its users. Twitter could be a good choice as it tends to hold less personal information about you.

And while I salute those who are bold enough to #deleteFacebook and insist their kids do so, I know that it isn’t for me. I choose to stay. I’ll navigate my way around the risks and flaws, so I can enjoy the upside – belonging to my community, keeping my job and adding to my digital scrapbook.

Till next time,

Alex x

The post #DeleteFacebook: Do You Really Need To? appeared first on McAfee Blogs.

Weekly Cyber Risk Roundup: Orbitz Breach, Facebook Privacy Fallout

One of the biggest data breach announcements of the past week belonged to Orbitz, which said on Tuesday that as many as 880,000 customers may have had their payment card and other personal information compromised due to unauthorized access to a legacy Orbitz travel booking platform.

“Orbitz determined on March 1, 2018 that there was evidence suggesting that, between October 1, 2017 and December 22, 2017, an attacker may have accessed certain personal information, stored on this consumer and business partner platform, that was submitted for certain purchases made between January 1, 2016 and June 22, 2016 (for Orbitz platform customers) and between January 1, 2016 and December 22, 2017 (for certain partners’ customers),” the company said in a statement.

Information potentially compromised includes payment card information, names, dates of birth, addresses, phone numbers, email addresses, and gender.

As American Express noted in its statement about the breach, the affected Orbitz platform served as the underlying booking engine for many online travel websites, including Amextravel.com and travel booked through Amex Travel Representatives.

Expedia, which purchased Orbitz in 2015, did not say how many or which partner platforms were affected by the breach, USA Today reported. However, the company did say that the current Orbitz.com site was not affected.

2018-03-24_ITTGroups

Other trending cybercrime events from the week include:

  • State data breach notifications: Island Outdoor is notifying customers that payment card information may have been stolen due to the discovery of malware affecting several of its websites. Agemni is notifying customers about unauthorized charges after “a single authorized user of our software system used customer information to make improper charges for his personal benefit.” The Columbia Falls School District is notifying parents of a cyber-extortion threat involving their children’s personal information. Intuit is notifying TurboTax customers that their accounts may have been accessed by an actor leveraging previously leaked credentials. Taylor-Dunn Manufacturing Company is notifying customers that it discovered cryptocurrency mining malware on a server and that a file containing personal information of those registered for the Taylor-Dunn customer care or dealer center may have been accessed. Nampa School District is notifying a “limited number” of employees and Skamania Public Utility District is notifying customers that their personal information may have been compromised due to incidents involving unauthorized access to an employee email account.
  • Data exposed: A flaw in Telstra Health’s Argus software, which is used by more than 40,000 Australian health specialists, may have exposed the medical information of patients to hackers. Primary Healthcare is notifying patients of unauthorized access to four employee email accounts. More than 300,000 Pennsylvania school teachers may have had their personal information publicly released due to an employee error involving the Teacher Management Information System.
  • Notable ransomware attacks: The city of Atlanta said a ransomware attack disrupted internal and customer-facing applications, which made it difficult for citizens to pay bills and access court-related information. Atrium Hospitality is notifying 376 hotel guests that their personal information may have been compromised due to a ransomware infection at a workstation at the Holiday Inn Sacramento. Finger Lakes Health said it lost access to its computer system due to ransomware infection.
  • Other notable events: Frost Bank said that malicious actors comprised a third-party lockbox software program and were able to access images of checks that were stored in the database. National Lottery users are being advised to change their passwords after 150 accounts were affected by a “low-level” hack. A lawsuit against Internet provider CenturyLink and AT&T-owned DirecTV alleges that customer data was available through basic Internet searches.

SurfWatch Labs collected data on many different companies tied to cybercrime over the past week. Some of the top trending targets are shown in the chart below.

2018-03-24_ITT

Cyber Risk Trends From the Past Week

2018-03-24_RiskScoresFacebook has faced a week of criticism, legal actions, and outcry from privacy advocates after it was revealed that the political consulting Cambridge Analytica had accessed the information of 50 million users and leveraged that information while working with the Donald Trump campaign in 2016.

“Cambridge Analytica obtained the data from a professor at the University of Cambridge who had collected the information by creating a personality-quiz app in 2013 that plugged into Facebook’s platform,” The Wall Street Journal reported. “Before a policy change in 2015, Facebook gave app creators and academics access to a treasure trove of data, ranging from which pages users liked to details about their friends.”

It isn’t clear how many other developers might have retained information harvested from Facebook before the 2015 policy change, The Journal reported. However, Mark Zuckerberg said the company may spend “many millions of dollars” auditing tens of thousands of data collecting apps in order to get a better handle on the situation.

The privacy breach has already led to regulatory scrutiny and potential lawsuits around the globe. Bloomberg reported that the FTC is probing whether data handling violated terms of a 2011 consent decree. In addition, Facebook said it would conduct staff-level briefings with six congressional committees in the coming week. Some lawmakers have called for Zuckerberg to testify as well, and Zuckerberg told media outlets that he would be willing to do so if asked.

Facebook’s stock price has dropped from $185 to $159 over the past eight days amid the controversy, and several companies have suspended their advertising on Facebook or deleted their Facebook pages altogether due to the public backlash.

Cyberbullying – How Parents Can Minimize Impact On Kids

Cyberbullying: if you have a tween or teen and haven’t workshopped this with your kids then you need to put a time in the diary now. Cyberbullying is one of the biggest challenges our children’s generation will face and unfortunately, it isn’t going away.

The recent tragic suicide of 14 year old Aussie girl Amy ‘Dolly’ Everett as a result of online bullying needs to be a wake-up call for parents. Many kids who are bullied online feel completely ashamed and publicly humiliated and can’t see a way past the embarrassment. They don’t have the skills to handle it and don’t know where to seek help. Yes, we are first-generation digital parents BUT we need to prioritise our children’s safety and well-being online. And sort this out FAST!

How Big An Issue Is Cyberbullying?

Image of crying girl in silhouette surrounded by cyberbullying text messages.
Aussie tweens/teens aged 12-16 are the primary targets of cyberbullying. 63% of the victims are girls.

In its 2016-17 annual report, the Office of the e-Safety Commissioner reveals an increase of 60% in the reported cases of cyberbullying compared with the previous year. The report also shows that:

  • Aussie tweens/teens between the ages of 12 and 16 are the primary targets of cyberbullying
  • Girls made up 63% of the victims

And it isn’t just us parents that consider this to be a big issue – our teens are also concerned. A study of 5000 teens across eleven countries by Vodafone in 2015 showed that in fact over half the teens surveyed considered cyberbullying to be worse than face-to-face bullying, and that 43% believe it is a bigger problem for young people than drug abuse!

So, clearly we have a problem on our hands – and one that isn’t getting better over time.

Why Is Cyberbullying Occurring More Frequently?

Many parenting experts believe a lack of empathy to be a major factor in cyberbullying. In her book, Unselfie, US Parenting Expert Dr Michele Borba explains that we are in the midst of an ‘empathy crisis’ which is contributing to bullying behaviour. She believes teens today are far less empathetic than they were 30 years ago.

Giving children access to devices and social media before they have the emotional smarts to navigate the online world is another factor. You would be hard-pressed to find a child in Year 5 or 6 at a primary school in any Australian capital city who doesn’t have access to or own a smartphone. And once that phone has been given to your child, it’s impossible to supervise their every move. Within minutes they can join social media platforms (some creativity required on the age), enter chat rooms, and view highly disturbing images.

The younger the child, the less likely he or she is to have the emotional intelligence to either navigate tricky situations or make smart decisions online. Perhaps we should all take a lesson from Microsoft co-founder Bill Gates who made his kids wait till they were 14 until being given a phone?

How To Minimise The Risk Of Your Child Being Cyberbullied

There are no guarantees in life, but there are certain steps we can take to reduce the chance of our children being impacted by cyberbullying. Here are my top 5 suggestions:

  1. Communicate.
    Establishing a culture where honest, two-way communication is part of the family dynamic is one of the absolute best things you can do. Let your children know they can confide in you, that nothing is off-limits and that you won’t overreact. Then they will be more likely to open up to you about a problem before it becomes insurmountable.
  2. Understand Their World.
    With a deep understanding of your child’s world (their friends, their favourite activities, the movies they see) you’re better equipped to notice when things aren’t swimming along nicely. Establishing relationships with your child’s teachers or year group mentors is another way to keep your ear to the ground. When a child’s behaviour and activity level changes, it could be an indicator that all is not well. So some parental detective work may be required!
  3. Weave Cyber Safety Into Your Family Dialogue.
    We all talk about sun safety and road safety with our children from a young age. But we need to commit to doing the same about cyber safety. Teach your kids never to share passwords, never to give out identifying information of any kind online, never to respond to online trolls or bullies. Then they will definitely add a layer of armour to shield them from becoming a victim of cyberbullying.
  4. Limit Screen Time.
    I know it seems like an ongoing battle but limiting screen time for social media is essential. One of the easiest ways of doing this is by offering them attractive real-life options. Bike rides, beach visits and outings with friends and family are all good ways of redirecting their attention. And make sure their phone/tablet is out of easy reach at night. Yes, it is more effort but it is so worth it. Less time online = less risk!
  5. Teach Your Kids What To Do If They Are Cyberbullied.
    It is essential your kids know what to do if they are being cyberbullied. Blocking the bullying is critical, so take some time with your kids to understand the block features on the social networks they use. Collecting evidence is crucial, everything should be screen-shot – ensure your child knows how to do this. You can report the cyberbullying incident to the Office of the eSafety Commissioner who work to have offensive material removed and cyberbullying situations addressed. And why not check out the support offered by your child’s school? It’s important your kids know they have a number of trusted adults in their life they can get help from if things get tough.

So, let’s commit to doing what we can to protect our kids from cyberbullying. Your kids need to know that they can talk to you about anything that is bothering them online – even if it is tough or awkward. Dolly Everett’s final drawing, before she took her life, included the heart-rending caption ‘…speak even if your voice shakes.’ Please encourage your kids to do so.

Alex xx

The post Cyberbullying – How Parents Can Minimize Impact On Kids appeared first on McAfee Blogs.

Can’t Keep Up? 6 Easy Things You Can Do to Keep Your Kids Safe Online

Having a hard time doing what needs to be done to keep your kids safe online? Do you mentally shrink back when you realize you don’t do any of the tips experts so often recommend? Let the guilt go, parent because you are not alone.

Family life moves at warp speed. We want to keep up, we do everything we can to keep up, but sometimes — depending on the season of life — our best intentions get left on the roadside gulping dust.

So if you feel like you are falling behind, we put together this quick cheat sheet that will allow you to cover your safety bases and regain some ground on the technology front.

6 Easy Things You Can Do to Keep Your Kids Safe Online

Ask about apps

Restrictions on apps exist for a reason. Glance through your child’s home screen and ask about any app you don’t recognize. If you are unsure about an app’s functionality, audience, or risks, dig deeper. This step covers a lot of ground since apps are the #1 way tweens and teens gain access to mature content.

YouTube Safety Mode

Your kids probably spend a ton of time watching videos online andwho knows what their eyes have seen or what links they’ve clicked. What you may not realize is that YouTube has a safety feature that will block most inappropriate or sexual content from search, related videos, playlists, shows, and films. For kids under four, there’s YouTube Kids.

Google SafeSearch

While it’s not going to be as powerful as filtering software, Google has a SafeSearch feature that will filter explicit content (links, videos, and images) on any device. Google also has a reporting system if anything gets through their feature.

Verify Privacy Settings

This step is a five-minute conversation with your child that will remove some risks. If your child is on Facebook, Instagram, Snapchat or Twitter, make sure their privacy settings are marked “private.” This will keep anyone outside of their friend group from connecting with them. As part of the privacy settings chat, review strong password practices.

Relationship over rules

The #1 way to safeguard your kids against online risk, is making sure you have a strong relationship. Spend tech-free time together, listen and observe how your child uses and enjoys his or her devices. A healthy parent-child relationship is foundational to raising a wise digital citizen who can make good choices and handle issues such as cyberbullying, sexting, conflict, or online scams. Connect with your child daily. Talk about what’s new with school, their friends, and anything else important to them. Along the way, you’ll find out plenty about their online life and have the necessary permission (and trust) to work your concerns about online safety into any conversation.

Friend and follow but don’t stalk

Many parents cringe at the thought of opening a Twitter or Snapchat account, but if that is where your child spends most of his or her time, it’s time to open an account. It’s easy by the way. The wise rule here is that once you follow your child, give them space and privacy. Don’t chime in on the conversation or even compliment them. While they may appreciate your “likes” on Instagram, they aren’t too happy with “mom comments” as my daughter calls them. If you have a concern about a photo or comment your child has uploaded, handle it through a Direct Message or face to face but never in the public feed.

toni page birdsong

 

 

Toni Birdsong is a Family Safety Evangelist to McAfee. You can find her on Twitter @McAfee_Family. (Disclosures). 

The post Can’t Keep Up? 6 Easy Things You Can Do to Keep Your Kids Safe Online appeared first on McAfee Blogs.

6 Tips to Help Protect and Improve Your Child’s Online Reputation

Not the better choice. Take it down, please.

That’s the short, efficient text message I’ve sent more times than I can count over the years while monitoring and coaching my kids’ online content choices.

My daughter is now a senior in high school with her eyes fixed on college. And while she can take credit for her strong grades and test scores, I will (unapologetically) take credit for influencing her digital reputation, which impacts everything from college applications to scholarships to career opportunities.

Looking back, it hasn’t been easy. There have been arguments. There have been tears. There have been consequences and days I despised the invention of the smartphone. There were other days I watched helplessly as other kids — kids I knew— made choices online that would have long-lasting consequences. Still, our family made it through (mostly) unscathed. Thankfully, my daughter is walking into the next phase of life with a solid understanding of how to shape and manage her online reputation. The best part: I trust her.

If you are frustrated, weary, or just fed up with the daily battle over your child’s online choices and trying to wrangle their daily digital activity, here’s a word of encouragement just for you. You can do this. Stay the course. Be consistent and persistent. Your efforts will be worth it as your kids earn their digital wings and fly without you one day.

6 Tips to Protect Your Child’s Online Reputation

Be a coach, not a critic

The most effective tool you have in your parenting arsenal is building a good relationship with your child. Build your relationship with your child before you throw down the rules. Approach monitoring your child’s digital life as a coach and not as a 24/7 critic. Take the time to understand your child’s favorite apps, their online friend groups, and what they love most about connecting and sharing with others online. Taking the time to understand your teen’s digital life will permit you to be a coach they will listen to (not just a parent throwing out random rules). The secret to connecting with teens? Listen attentively. Teens will talk to adults that they feel want to hear what they have to say.

Help them hone their “knower”

As adults, we have an inner “knower,” or a wise voice that knows the better choice. Kids, on the other hand, have a further to go before their knower, or their conscience takes over. Remember, as intelligent as your child may be, there’s still critical physiological (brain) and emotional (maturity) development taking place. In that process, help your kids to listen to that small inner voice that advises them against unwise choices such as using profanity online, sending racy photos, impulsive comments, or making a snap judgment. Most colleges and employers will think twice before considering a person who is disrespectful or irresponsible online.

Encourage discernment

Things once considered personal have found their way into the digital mainstream. Don’t assume your kids have the same understanding of modesty or privacy as you. Remember: They take more cues from their peers than you these days. Kids often vent and work out their problems through public posts, which can impact his or her online reputation. Things such as a family crisis, legal issues, or a relationship dispute should not be shared or worked through online. While it may feel right at the moment, over-sharing personal issues can lead to online shaming and deep wounds for a child if bullies and trolls are on the loose. When difficult circumstances arise, encourage your child to log off and talk face to face with you, friends, or a counselor. Online shaming and hate, as captured in the book, Shame Nation, has become an epidemic. Knowing how to avoid online hate begins with coaching kids on sound judgment.

Google it, and revise it

To get a clear picture of your child’s digital footprint and what a school or employer sees, Google your child’s name and piece together the picture yourself. Examine the social networks, links, and sites that have cataloged information about your child. One of the best ways to replace damaging digital information is by creating positive information that overshadows it. Encourage your child to set up a Facebook page that reflects their best self — their values, their goals, and their character. Make the page public so others can easily view it. They may also consider setting up a LinkedIn page that highlights specific achievements, specific goals, and online endorsements from teachings and employers.

Turn off tagging

Like it or not, we all get judged by the company we keep. This hard and fast rule also applies to kids the online world. Your child’s online behavior may get an A+, but reckless friends can sink that grade fast. To make sure your child doesn’t get tagged in risky photos on Twitter, Instagram, or Facebook, make sure privacy settings prevent tagging or require user approval. Also, encourage your kids to pay more attention to unflattering Snapchat photos and Snapchat story photos that other people post about them that can be problematic if shared elsewhere.

Get proactive & practical 

With a few safeguards in place, you can help protect your child’s reputation. 1) Privacy settings. By adjusting privacy settings to “friends only,” mistakes can be minimized. However, we know that anything uploaded can be shared and screen captured before it’s deleted so tightening privacy settings isn’t a guarantee. 2) Parental controls. Your kids may not like having filters on their phone or PC, but like eating vegetables, it’s what’s best for them. By using additional filtering, you could be closing off digital roads and relationships that could be harmful to your child’s reputation. Also, double-check that social settings are marked private.

 

toni page birdsong

 

 

Toni Birdsong is a Family Safety Evangelist to McAfee. You can find her on Twitter @McAfee_Family. (Disclosures). 

The post 6 Tips to Help Protect and Improve Your Child’s Online Reputation appeared first on McAfee Blogs.

Is Your Teen Using Tinder? Here’s What You Need to Know

Teens on Tinder

Teens are curious. 
It’s fun to meet and date people they don’t see in the hallways every day. 
It feels good when someone swipes right and finds them attractive.
Flirting is fun. 

These are just a few reasons many teens are exploring Tinder these days, the dating app popular in the twenty- and thirty-something crowd.

While Tinder isn’t new (launched in 2012), app trends among teens change constantly, and this is a recent one. We’ve got a lot on our digital radar as parents but apps that match (underaged) users within a defined geographic area get popular, it quickly shoots to the top of our radar. So, let’s take a look.

What’s the Big Deal

Tinder allows users 18 and over to register for nearby “matches” but because Tinder links to Facebook accounts for verification, underage users can easily input a false birthdate to circumvent the rules.Teens on Tinder

To tweens and teens, chatting with people nearby sounds fun, but to parents, the app opens the door to anything from pedophiles to bullies to stalkers to abuse. From a parent’s point of view, when the dating pool widens, so too do the risks. High school students are not immune from abuse. In fact, according to LoveIsRespect.org, every year, approximately 1.5 million high school students nationwide experience physical abuse from a dating partner; one in three adolescents in the U.S. is a victim of physical, sexual, emotional or verbal abuse from a dating partner.

Tinder allows users to connect three main social accounts: Spotify, Instagram, and Facebook, which can easily put personal information into the hands of the wrong people. Users are also encouraged to give the name of their High School and their workplace to further refine matching.

Emotional Risks

While our first thought is physical danger, using dating apps too early also threatens a child’s emotional health and confuses their still-developing social and interpersonal skills.  The risk of heartbreak, betrayal, and emotional abuse can be devastating for kids who aren’t ready to date — let alone wisely discern an endless pool of possible matches.Teens on Tinder

Too, there’s no shortage on Tinder of teens making it clear that they are just looking for a “hookup” or a “good time.” So, allowing tweens into that arena before they are ready can carry huge emotional and physical consequences.

Worth Distortion

Dating apps can also distort your child’s understanding of a worthy partner and reinforce looks-based relationships. If choosing a mate is as natural as swiping left (don’t like) and swiping right (like), then the hope of someday meeting “the one” could become a whole lot more difficult, if not impossible. And how much easier can your child’s uniqueness and worth be overlooked with just a swipe? Using dating apps before you are ready is an emotional wreck waiting to happen.

Under 18 

Monitor apps. Check your child’s phone for the Tinder app icon (see below). Don’t forget: Kids hide apps behind vault apps that may look like a game, a calculator, or a safe. So, do some clicking. If you discover your son or daughter is using Tinder ask them why and have them walk you through how they use it personally. Discuss the reasons against using the app, listen to their reasoning, decide on a family plan moving forward. If they are under 18, consider having them delete the app.

Tinder app icon.

Factors such as age and maturity will, no doubt, affect every family’s dating app plan. My daughter is almost 18, a high school senior, and heading to college in a blink. So, my conversation will be dramatically different from the parent of a 13-year-old.

 

Discuss the bigger picture. In a swipe right culture, values can quickly vanish. If you allow your child to date, discuss his or her relationship values. What makes a person attractive? What character traits do you desire? What expectations do you have of a relationship?

Over 18

Look beyond profiles. Advise your teen to do some sleuthing and look beyond a person’s Tinder profile for red flags revealing inconsistencies in truthfulness and character. Tinder warns: “Bad actors often push people to communicate off the platform immediately. It’s up to you to research and do your due diligence.”

Set up ground rules. Face-t0-face meetings with a stranger outside of Tinder (or any online platform) should be in a public location. Your child should always drive his or her vehicle and have their phone fully charged. Make sure inform you of who they are meeting with and where.

Reality Check

Kids establishing online friendships is here to stay. Some of your child’s best friends will likely be found online. Dating apps aren’t “bad,” but people can be careless and abusive when using them. And, using dating apps under 18, as many kids are doing today, only invites premature risk.

Remember, a digital connection may not have been the way you met friends or love interests in your day, but it’s a natural channel today. Be open to the social shift but equally alert and willing to exercise full-throttle parenting to keep your kids safe.

 

toni page birdsong

 

 

Toni Birdsong is a Family Safety Evangelist to McAfee. You can find her on Twitter @McAfee_Family. (Disclosures). 

The post Is Your Teen Using Tinder? Here’s What You Need to Know appeared first on McAfee Blogs.

Could You Have a Toxic Relationship with Your Smartphone?

It’s the elephant in the room no one wants to talk about: our devotion to and dependence on our smartphones. For most of us, our children included, smartphones have become an appendage; a limb of voracious digital consumption and social obligation that keeps us scrolling, refreshing, swiping, and responding with no end in sight.

Any friend or psychologist would encourage us to rid ourselves of toxic relationships that hinder — even threaten — our emotional and physical well-being, but what if that relationship is with a smartphone? Would you be willing to give it up (or reset the relationship) if you knew it was toxic?

Researchers are increasingly debating the impact of the smartphone on our emotional well-being, and the debate often returns to striking a balance between the ethical design of technology versus corporate profitability. One of the most compelling arguments is that of researcher Tristan Harris, a former Google Design Ethicist, on a crusade to inspire people to stop clicking and start caring about how technology is intentionally designed to shape the behavior of the people who use it. Harris has launched a nonprofit called Time Well Spent. His viral TED Talk proposes a renaissance in online design that can free tech users from being manipulated by apps, websites, and advertisers as the race for user attention increases.

From Facebook notifications to Snapstreaks to YouTube auto plays, Harris argues that our online behavior is anything but random. Instead, our thoughts and feelings are being carefully manipulated by technologists behind the scenes persuasively competing for more and more our attention.

Not convinced you among the tech lemming crowd? I wasn’t either. But the discussion got me thinking and inspired me to make some specific changes to test my smartphone dependence.


5 Ways to Drastically Reduce Smartphone Dependence

  • Turn your phone to grayscale mode (google how to do this – it’s amazing)
  • Turn off all push notifications (reclaim your attention span).
  • Park your phone in one physical location (stop carrying it everywhere).
  • Stand up when you use your phone (no more getting cozy for hours).
  • Ban your phone from the bedroom (get an alarm clock).

I made these changes for a week and here’s what happened.

Not as interesting, right?
Grayscale mode, iPhone.

Absolutely no fun in sight for the first three days. Initially, I felt overcome with a sense of vulnerability, panic even that suddenly, somehow, I wasn’t in control of something. I felt an overwhelming need to check my phone every 15-30 minutes. That time gradually increased to about an hour by the third day. Not having my phone nearby, I was sure I’d miss out on something important. For the first few days, I constantly felt as if I had lost something and I’d get up and wander around before realizing my phone was docked safely in the kitchen — just like when I was growing up and had to physically walk to the kitchen to use the phone. I resolved to check my phone once every three hours rather than carry it with me from room to room. When I did check it, surprisingly, the world had not collapsed without my attention to it. I found an average of three texts (two from family with non-critical comments, and usually, one discount text from a retailer).

Because I turned my screen grayscale (wow, what a game changer!) I didn’t feel the anticipation of checking social media, scrolling, reciprocating, uploading, or commenting. My phone in the grayscale mode made using it stale, almost irritating. I realized looking at my phone in grayscale that I being overly influenced and pulled by pretty pictures and all the colors, sounds, links, and prompts, which had come to own my attention. Sadly, I was giving my time to this relationship without any meaningful, lasting benefit coming back to me. I was in a toxic relationship, and something had to change.

By the end of the week, I felt awesome, empowered almost. I had successfully distanced myself from a toxic relationship and redefined it on my terms. I also realized something profound: There’s an unspoken cost to unbalanced technology use I’m not willing to hand over any longer, and that is my time.

When I parked my phone in the kitchen, banned it from the bedroom, and refused to sit down with it, I noticed patches of extra time magically appear in my day. What could I do with all the time I once poured into my phone? As it turns out, quite a lot.

I’m keeping my new habits, and I’m encouraging my family to do the same for a good reason. Here’s what we know: Kids are spending more time on digital devices than ever before, and that trend has no reason to reverse. Anxiety disorders linked to social media use is at an all-time high. Also, researchers are confirming the link between technology, depression, and suicide among youth.

I’m not willing to just go with the flow on this one. There’s just too much is at stake.

Take the challenge: Are you willing to take specific steps (like the ones listed above) to rethink and redefine your relationship with your smartphone?

Let us know the highs and lows of your experience by commenting below. We’re cheering you on.

 

toni page birdsong

 

 

Toni Birdsong is a Family Safety Evangelist to McAfee. You can find her on Twitter @McAfee_Family. (Disclosures). 

 

The post Could You Have a Toxic Relationship with Your Smartphone? appeared first on McAfee Blogs.

Safer Internet Day 2018: How To Develop Online Respect At Home

Today is Safer Internet Day – an annual global event aimed at encouraging a better internet. And this year’s theme is a beauty: ‘Create, Connect and Share Respect. A Better Internet Starts With You.’

As a mum and technology educator, I believe respect is at the core of all positive and safe online (and offline) behaviours. Kids with a healthy amount of respect in their ‘tool box’ will almost always have more successful social interactions. But it’s important to look at respect in two ways: respect for others and, just as importantly, respect for ourselves.

Respecting Others Online

Respecting others online means you acknowledge them and are considerate of their opinions and privacy. Yet it does not mean that you have to agree with everything they say or do. To borrow the words of pop icon, Taylor Swift:

‘We don’t need to share the same opinions as others, but we need to be respectful.’

In my view, a lack of respect for conflicting opinions online is where a lot of teens (and adults) come unstuck. Many interpret an opposing opinion as criticism and respond aggressively. This can quickly turn a civil exchange of opinions into an exchange of insults! In other words, a large part of showing respect online is being mindful of the way you communicate. And this means:

  • being aware of your tone;
  • not using bad language or insulting others; and
  • avoiding use of upper case as it is considered shouting and can rapidly escalate an argument.

So, whether your child is a Tay-Tay fan or not, her words of wisdom need to be shared.

Respecting Yourself Online

On the other hand, a healthy dose of respect for yourself can be very helpful when dealing with the negativity that can sometimes be experienced online. As American poet Henry Wadsworth Longfellow said:

‘He that respects himself is safe from others. He wears a coat of mail that no one can pierce.’

If you respect yourself, you will know when you are being treated badly and will have the courage to stand up for yourself. Self-respect also means you will treat others well and know that, by doing so, others will treat you well in return.

As parents, it is essential that we teach our kids self-respect. Showing and telling them they are worthy, valuable and important is a very good place to start. Teaching them about appropriate boundaries around their physical and mental health is also essential. So is instilling in them that no one has the right to jeopardise their physical or emotional safety. Your kids need to know that if they are on the receiving end of behaviour that isn’t appropriate, they can come to you or other nominated trusted adults in their life.

Don’t Forget About Empathy!

In my opinion, empathy is the perfect partner to respect. This is the ability to identify with and feel for another person’s concerns, and is a key element of emotional intelligence (EQ). It is an essential foundation upon which positive interactions – both offline and online – are built.

According to US parenting expert Dr Michele Borba our generation of children are experiencing an ’empathy crisis’ which is contributing to bullying and poor academic performance. She believes empathy is such a powerful emotion it can halt violent and cruel behaviour and encourage us to treat others kindly. Which makes it an essential element of positive online interactions.

So, Where Do We Go From Here?

I strongly encourage you to take some time today to consider the theme of this year’s Safer Internet Day. Do you need to fine-tune your approach to respect and empathy at home? Is there a way of weaving some of these messages into your family dialogue? And most importantly: are you modelling respect and empathy for your kids to see and copy?

Till next time!

Stay Safe Online,

Alex x

The post Safer Internet Day 2018: How To Develop Online Respect At Home appeared first on McAfee Blogs.

Facebook Phishing Targeted iOS and Android Users from Germany, Sweden and Finland

Two weeks ago, a co-worker received a message in Facebook Messenger from his friend. Based on the message, it seemed that the sender was telling the recipient that he was part of a video in order to lure him into clicking it.

Facebook Messenger message and the corresponding Facebook Page

The shortened link was initially redirecting to Youtube.com, but was later on changed to redirect to yet another shortened link – po.st:

Changes in the Picsee short link

The po.st shortened link supported two types of redirection links – original link and smart links. If the device that accessed the URL was running in iOS or Android, it was redirected to the utm.io shortened link, otherwise it was redirected to smarturl.it.

The short link with the smart links

So for the iOS and Android users, they were served with the following phishing page:

Phishing page for utm.io short link

For the rest of the devices, the users ended up with the smarturl.it link that went through several redirections which eventually led to contenidoviral.net. That page contained an ad-affiliate URL which redirected to mobusi.com, a mobile advertising company.

Phishing page’s ad-affiliate URL

Based on the data from the links, the campaign began last October 15th when it targeted mostly Swedish users. On the 17th, it moved to targeting Finnish users. Then from 19th onwards, it mostly went after German users.

The total number of clicks for the entire campaign reached almost 200,000, where close to 80% of the visitors were from Germany, Sweden and Finland.

Statistics from po.st tracking page

The campaign ran for two weeks with a main motive of stealing Facebook credentials from iOS and Android users. The cybercriminals used those stolen credentials to spread the malicious links, and subsequently gather more credentials. However, while in the process of stealing the credentials, the cybercriminals also attempted to earn from other non-iOS and non-Android users through ad-fraud.

This practice of using email addresses in place of unique names as account credentials creates a big opportunity for phishers. Just by launching this Facebook phishing campaign, they can mass harvest email and password credentials that are later on used for secondary attacks such as gaining access to other systems or services that could have a bigger monetary value because of password reuse.

We highly recommend the affected users to change their passwords as soon as possible, including other systems and services where the same compromised password was used.

URLs:

  • hxxp://lnk[.]pics/19S3Y
  • hxxp://lnk[.]pics/18JDK
  • hxxp://lnk[.]pics/196OV
  • hxxp://lnk[.]pics/18XH7
  • hxxp://lnk[.]pics/196PN
  • hxxp://lnk[.]pics/19LBP
  • hxxp://lnk[.]pics/18YZV
  • hxxp://lnk[.]pics/18QZW
  • hxxp://lnk[.]pics/196PA
  • hxxp://lnk[.]pics/19XK7
  • hxxp://lnk[.]pics/18HFX
  • hxxp://lnk[.]pics/19S3L
  • hxxp://lnk[.]pics/18J7S
  • hxxp://lnk[.]pics/19XKF
  • hxxp://lnk[.]pics/19K94
  • hxxp://lnk[.]pics/19LBW
  • hxxp://pics[.]ee/188g7
  • hxxp://pics[.]ee/18cdl
  • hxxp://po[.]st/ORyChA
  • hxxp://smarturl[.]it/02xuof
  • hxxp://utm[.]io/290459
  • hxxp://at.contenidoviral[.]net

Twitter – Den of Iniquity or Paragon of Virtue… or Someplace in Between?


Twitter - Den of Iniquity or Paragon of Virtue or Someplace in Between


Recently there's been some coverage of Twitter's propensity for porn. Some research has shown that
one in every thousand tweets contains something pornographic. With 8662 tweets purportedly sent every second, that's quite a lot.

Now, this is not something that has escaped our notice here at Smoothwall HQ. We like to help our customers keep the web clean and tidy for their users, and mostly that means free of porn. With Twitter that's particularly difficult. Their filtering isn't easy to enforce and, while we have had some reasonable results with a combination of search term filtering and stripping certain tweets based on content, it's still not optimal. Twitter does not enforce content marking and 140 characters is right on the cusp of being impossible to content filter.

That said - how porn riddled is Twitter? Is there really sex round every corner? Is that little blue bird a pervert? Well, what we've found is: it's all relative.

Twitter is certainly among the more gutter variety of social networks, with Tumblr giving it a decent run for boobs-per-square-inch, but the likes of Facebook are much cleaner — with even images of breastfeeding mothers causing some controversy.

Interestingly, however, our back-of-a-beermat research leads us to believe that about 40 in every 1000 websites is in some way linked to porn — these numbers come from checking a quarter of a million of the most popular sites through Smoothwall's web filter and seeing what gets tagged as porn. Meanwhile, the Huffington Post reports that 30% of all Internet traffic is porn - the biggest number thus far. However, given the tendency of porn toward video, I guess we shouldn't be shocked.

Twitter: hard to filter, relatively porn-rich social network which is only doing its best to mirror the makeup of the Internet at large. As a school network admin, I would have it blocked for sure: Twitter themselves used to suggest a minimum age of 13, though this requirement quietly went away in a recent update to their terms of service.

Facebook’s new terms, is the sky falling?

You have seen them if you are on Facebook, and perhaps even posted one yourself. I’m talking about the statements that aim to defuse Facebook’s new terms of service, which are claimed to take away copyright to stuff you post. To summarize it shortly, the virally spreading disclaimer is meaningless from legal point of view and contains several fundamental errors. But I think it is very good that people are getting aware of their intellectual rights and that new terms may be a threat.

Terms of service? That stuff in legalese that most people just click away when starting to use a new service or app. What is it really about and could it be important? Let’s list some basic points about them.

  • The terms of service or EULA (End User License Agreement) is a legally binding agreement between the service provider and the user. It’s basically a contract. Users typically agree to the contract by clicking a button or simply by using the service.
  • These terms are dictated by the provider of the service and not negotiable. This is quite natural for services with a large number of users, negotiating individual contracts would not be feasible.
  • Terms of service is a defensive tool for companies. One of their primary goals is to protect against lawsuits.
  • These terms are dictated by one part and almost never read by the other part. Needless to say, this may result in terms that are quite unfavorable for us users. This was demonstrated in London a while ago. No, we have not collected any children yet.
  • Another bad thing for us users is the lack of competition. There are many social networks, but only one Facebook. Opting out of the terms means quitting, and going to another service is not really an option if all your friends are on Facebook. Social media is by its nature monopolizing.
  • The upside is that terms of service can’t change the law. The legislation provides a framework of consumer and privacy protection that can’t be broken with an agreement. Unreasonable terms, like paying with your firstborn child, are moot.
  • But be aware that the law of your own country may not be applicable if the service is run from another country.
  • Also be aware that these terms only affect your relationship to the provider of the service. Intelligence performed by authorities is a totally different thing and may break privacy promises given by the company, especially for services located in the US.
  • The terms usually include a clause that grant the provider a license to do certain things with stuff the users upload. There’s a legitimate reason for this as the provider need to copy the data between servers and publish it in the agreed way. This Facebook debacle is really about the extent of these clauses.

Ok, so what about Facebook’s new terms of service? Facebook claim they want to clarify the terms and make them easier to understand, which really isn’t the full story. They have all the time been pretty intrusive regarding both privacy and intellectual property rights to your content, and the latest change is just one step on that path. Most of the recent stir is about people fearing that their photos etc. will be sold or utilized commercially in some other way. This is no doubt a valid concern with the new terms. Let’s first take a look at the importance of user content for Facebook. Many services, like newspapers, rely on user-provided content to an increasing extent. But Facebook is probably the ultimate example. All the content you see in Facebook is provided either by the users or by advertisers. None by Facebook itself. And their revenue is almost 8 billion US$ without creating any content themselves. Needless to say, the rights to use our content is important for them. What Facebook is doing now is ensuring that they have a solid legal base to build current and future business models on.

But another thing of paramount importance to Facebook is the users’ trust. This trust would be severely damaged if private photos start appearing in public advertisements. It would cause a significant change in peoples relationship with Facebook and decrease the volume of shared stuff, which is what Facebook lives on. This is why I am ready to believe Facebook when they promise to honor our privacy settings when utilizing user data.

Let’s debunk two myths that are spread in the disclaimer. Facebook is *not* taking away the copyright to your stuff. Copyright is like ownership. What they do, and have done previously too, is to create a license that grant them rights to do certain things with your stuff. But you still own your data. The other myth is that a statement posted by users would have some kind of legal significance. No, it doesn’t. The terms of service are designed to be approved by using the service, anyone can opt to stop using Facebook and thus not be bound by the terms anymore. But the viral statements are just one-sided declarations that are in conflict with the mutually agreed contact.

I’m not going to dig deeper into the changes as it would make this post long and boring. Instead I just link to an article with more info. But let’s share some numbers underlining why it is futile for ordinary mortals to even try to keep up with the terms. I browsed through Facebook’s set of terms just to find 10 different documents containing some kind of terms. And that’s just the stuff for ordinary users, I left out terms for advertisers, developers etc. Transferring the text from all these into MS Word gave 41 pages with a 10pt font, almost 18 000 words and about 108 000 characters. Quite a read! But the worst of all is that there’s no indication of which parts have changed. Anyone who still is surprised by the fact that users don’t read the terms?

So it’s obvious that ordinary user really can’t keep up with terms like this. The most feasible way to deal with Facebook’s terms of service is to consider these 3 strategies and pick the one that suits you best.

  1. Keep using Facebook and don’t worry about how they make money with your data.
  2. Keep using Facebook but be mindful about what you upload. Use other services for content that might be valuable, like good photos or very private info.
  3. Quit Facebook. That’s really the only way to decline their terms of service.

By the way, my strategy is number 2 in the above list, as I have explained in a previous post. That’s like ignoring the terms, expecting the worst possible treatment of your data and posting selectively with that in mind. One can always put valuable stuff on some other service and post a link in Facebook.

So posting the viral disclaimer is futile, but I disagree with those who say it’s bad and it shouldn’t be done. It lacks legal significance but is an excellent way to raise awareness. Part of the problem with unbalanced terms is that nobody cares about them. A higher level of awareness will make people think before posting, put some pressure on providers to make the terms more balanced, and make the legislators more active, thus improving the legal framework that control these services. The legislation is by the way our most important defense line as it is created by a more neutral part. The legislator should, at least in theory, balance the companies’ and end users’ interests in a fair way.

 

Safe surfing,
Micke

 

Image: Screenshot from facebook.com