Category Archives: Instagram

Should you delete yourself from social media?

You’re feeling like you’ve had enough. All the recent news—from Facebook’s Cambridge Analytica snafu to various abuses of Twitter vulnerabilities—has you wondering: Should I delete myself from social media?

Social networking does have its positive aspects. You can stay in touch with distant (or not) relatives, be included in the planning of social events within your circle of friends, get real-time updates on regional and national news, and promote your company, content, or other personal ventures. Plus, you get to experience all the cool memes a full two weeks after they’ve been posted on Reddit.

Then again, there are quite a few reasons—spanning security, privacy, and overall shady business practices—for leaving. In 2018 alone, Facebook experienced a security breach that impacted 50 million accounts, was responsible for a genocide incited using its platform, kept user data it said it deleted, and was caught abusing Apple development apps to test on children. Twitter, meanwhile, has not only been at the butt end of password bugs, hacks, and data breaches, but some could say these days is a general dumpster fire of bot accounts.

Instagram and Snapchat are not without their flaws, either. Hackers are targeting influencer accounts on Insta, while Snapchat has been the recipient of phishing attacks and security breaches.

Unfortunately, we can’t make the decision to quit social media for you. Instead, we recommend you make a list of pros and cons. Consider what data might be lost. Consider what time and peace of mind might be gained. Weigh the rewards against the risks. If you come away feeling ready to take a step back, but not quite quit cold turkey, we can help you with ways to tighten security and privacy settings. And if that’s not enough, we’ll show you how to delete your accounts.

Let’s start slowly

If you’re not quite ready to cut the chord, a good option for cooling down on social media is to adjust the privacy settings on all of your accounts. This is a sensible thing to do, even if you aren’t considering leaving. It also has the bonus side effect of increasing awareness of just how much you share on social media.

In a previous blog, we discussed how to secure your social media profiles in great detail. We recommend users who aren’t deleting themselves read this first to understand the intricacies. Next, here’s a quick and dirty list of links to follow in order to adjust privacy settings across the top four social networking platforms:

After adjusting the settings, it’s a good idea to monitor and track your social media usage moving forward, either for the purpose of time management, focus, or beating social media addiction. As more and more of our media consumption moves to smart phones, you can leverage several apps that will help you achieve these goals. These include:

Goodbye, top four!

Let’s say you sat down, had a good think, and decided that it’s time to move on from social media. You can begin by collecting the appropriate links. Below, we’ve included links to download your data from the most popular platforms. You should download your personal information from these social networking sites prior to the nuclear option, should you experience remorse. Plus, it’s a real eye opener to find out exactly how much data you generate and share on social networking platforms.

Facebook

Time to permanent deletion: Once 14 days have passed, your deletion request will be started. This can take upwards of 90 days to complete.

Twitter

Time to permanent deletion: It takes up to 30 days for Twitter to completely delete your account.

Instagram

Time to permanent deletion: Immediately!

Snapchat

Time to permanent deletion: 30 days

Google+

Ha ha ha, ho ho ho, he he he he. This one is mostly for the giggles. Google will abandon this particular endeavor on April 2, 2019. But if you feel the need to delete yourself before then, here’s what to do:

The right time

Security researchers love social media platforms. They’re a vast source of open-source intelligence (OSINT) and help us make attribution possible (provided your adversary has poor OPSEC). However, the reasons we enjoy social media may also be the reasons why regular consumers should take a beat and consider the benefits.

When you’re ready to make a decision, we’ve given you all the necessary links to back up and delete these accounts, as well as some material that may help you decide which ones to keep, and how to properly secure them.

If social media is causing anxiety, stress, or depression; if you’re tired of your data being mined and shared with third parties; if it’s starting to feel more like work to maintain instead of pleasure, then it may be time to shore up defenses and take a break, or even step away for good. And if that time comes, we’re here for you.

The post Should you delete yourself from social media? appeared first on Malwarebytes Labs.

A week in security (February 4 – 8)

Last week on Malwarebytes Labs, we took a closer look at the technical and reputational challenges for Facebook as it tries to integrate secure messaging across Messenger, WhatsApp, and Instagram. We explored Google’s latest attempts to change how the public sees—literally—web browser URLs, gave some of our best tips on how to safely browse the Internet at work, and detailed a unique spam campaign involving ebooks, the Amazon Kindle web store and… John Wick? Yep.

Other cybersecurity news

Stay safe, everyone!

The post A week in security (February 4 – 8) appeared first on Malwarebytes Labs.

Merging Facebook Messenger, WhatsApp, and Instagram: a technical, reputational hurdle

Secure messaging is supposed to be just that—secure. That means no backdoors, strong encryption, private messages staying private, and, for some users, the ability to securely communicate without giving up tons of personal data.

So, when news broke that scandal-ridden, online privacy pariah Facebook would expand secure messaging across its Messenger, WhatsApp, and Instagram apps, a broad community of cryptographers, lawmakers, and users asked: Wait, what?

Not only is the technology difficult to implement, the company implementing it has a poor track record with both user privacy and online security.

On January 25, the New York Times reported that Facebook CEO Mark Zuckerberg had begun plans to integrate the company’s three messaging platforms into one service, allowing users to potentially communicate with one another across its separate mobile apps. According to the New York Times, Zuckerberg “ordered that the apps all incorporate end-to-end encryption.”

The initial response was harsh.

Abroad, Ireland’s Data Protection Commission, which regulates Facebook in the European Union, immediately asked for an “urgent briefing” from the company, warning that previous data-sharing proposals raised “significant data protection concerns.”

In the United States, Democratic Senator Ed Markey for Massachusetts said in a statement: “We cannot allow platform integration to become privacy disintegration.”

Cybersecurity technologists swayed between cautious optimism and just plain caution.

Some professionals focused on the clear benefits of enabling end-to-end encryption across Facebook’s messaging platforms, emphasizing that any end-to-end encryption is better than none.

Former Facebook software engineer Alec Muffet, who led the team that added end-to-end encryption to Facebook Messenger, said on Twitter that the integration plan “clearly maximises the privacy afforded to the greatest [number] of people and is a good idea.”

Others questioned Facebook’s motives and reputation, scrutinizing the company’s established business model of hoovering up mass quantities of user data to deliver targeted ads.

John Hopkins University Associate Professor and cryptographer Matthew Green said on Twitter that “this move could potentially be good or bad for security/privacy. But given recent history and financial motivations of Facebook, I wouldn’t bet my lunch money on ‘good.’”

On January 30, Zuckerberg confirmed the integration plan during a quarterly earnings call. The company hopes to complete the project either this year or in early 2020.

It’s going to be an uphill battle.

Three applications, one bad reputation

Merging three separate messaging apps is easier said than done.

In a phone interview, Green said Facebook’s immediate technological hurdle will be integrating “three different systems—one that doesn’t have any end-to-end encryption, one where it’s default, and one with an optional feature.”

Currently, the messaging services across WhatsApp, Facebook Messenger, and Instagram have varying degrees of end-to-end encryption. WhatsApp provides default end-to-end encryption, whereas Facebook Messenger provides optional end-to-end encryption if users turn on “Secret Conversations.” Instagram provides no end-to-end encryption in its messaging service.

Further, Facebook Messenger, WhatsApp, and Instagram all have separate features—like Facebook Messenger’s ability to support more than one device and WhatsApp’s support for group conversations—along with separate desktop or web clients.

Green said to imagine someone using Facebook Messenger’s web client—which doesn’t currently support end-to-end encryption—starting a conversation with a WhatsApp user, where encryption is set by default. These lapses in default encryption, Green said, could create vulnerabilities. The challenge is in pulling together all those systems with all those variables.

“First, Facebook will have to likely make one platform, then move all those different systems into one somewhat compatible system, which, as far as I can tell, would include centralizing key servers, using the same protocol, and a bunch of technical development that has to happen,” Green said. “It’s not impossible. Just hard.”

But there’s more to Facebook’s success than the technical know-how of its engineers. There’s also its reputation, which, as of late, portrays the company as a modern-day data baron, faceplanting into privacy failure after privacy failure.

After the 2016 US presidential election, Facebook refused to call the surreptitious collection of 50 million users’ personal information a “breach.” When brought before Congress to testify about his company’s role in a potential international disinformation campaign, Zuckerberg deflected difficult questions and repeatedly claimed the company does not “sell” user data to advertisers. But less than one year later, a British parliamentary committee released documents that showed how Facebook gave some companies, including Airbnb and Netflix, access to its platform in exchange for favors—no selling required.

Five months ago, Facebook’s Onavo app was booted from the Apple App Store for gathering app data, and early this year, Facebook reportedly paid users as young as 13-years-old to install the “Facebook Research” app on their own devices, an app intended strictly for Facebook employee use. Facebook pulled the app, but Apple had extra repercussions in mind: It removed Facebook’s enterprise certificate, which the company relied on to run its internal developer apps.

These repeated privacy failures are enough for some users to avoid Facebook’s end-to-end encryption experiment entirely.

“If you don’t trust Facebook, the place to worry is not about them screwing up the encryption,” Green said. “They want to know who’s talking to who and when. Encryption doesn’t protect that at all.”

If not Facebook, then who?

Reputationally, there are at least two companies that users look to for both strong end-to-end encryption and strong support of user privacy and security—Apple and Signal, which respectively run the iMessage and Signal Messenger apps.

In 2013, Open Whisper Systems developed the Signal Protocol. This encryption protocol provides end-to-end encryption for voice calls, video calls, and instant messaging, and is implemented by WhatsApp, Facebook Messenger, Google’s Allo, and Microsoft’s Skype to varying degrees. Journalists, privacy advocates, cryptographers, and cybersecurity researchers routinely praise Signal Messenger, the Signal Protocol, and Open Whisper Systems.

“Use anything by Open Whisper Systems,” said former NSA defense contractor and government whistleblower Edward Snowden.

“[Signal is] my first choice for an encrypted conversation,” said cybersecurity researcher and digital privacy advocate Bruce Schneier.

Separately, Apple has proved its commitment to user privacy and security through statements made by company executives, updates pushed to fix vulnerabilities, and legal action taken in US courts.

In 2016, Apple fought back against a government request that the company design an operating system capable of allowing the FBI to crack an individual iPhone. Such an exploit, Apple argued, would be too dangerous to create. Earlier last year, when an American startup began selling iPhone-cracking devices—called GrayKey—Apple fixed the vulnerability through an iOS update.

Repeatedly, Apple CEO Tim Cook has supported user security and privacy, saying in 2015: “We believe that people have a fundamental right to privacy. The American people demand it, the constitution demands it, morality demands it.”

But even with these sterling reputations, the truth is, cybersecurity is hard to get right.

Last year, cybersecurity researchers found a critical vulnerability in Signal’s desktop app that allowed threat actors to obtain users’ plaintext messages. Signal’s developers fixed the vulnerability within a reported five hours.

Last week, Apple’s FaceTime app, which encrypts video calls between users, suffered a privacy bug that allowed threat actors to briefly spy on victims. Apple fixed the bug after news of the vulnerability spread.

In fact, several secure messaging apps, including Telegram, Viber, Confide, Allo, and WhatsApp have all reportedly experienced security vulnerabilities, while several others, including Wire, have previously drawn ire because of data storage practices.

But vulnerabilities should not scare people from using end-to-end encryption altogether. On the contrary, they should spur people into finding the right end-to-end encrypted messaging app for themselves.

No one-size-fits-all, and that’s okay

There is no such thing as a perfect, one-size-fits-all secure messaging app, said Electronic Frontier Foundation Associate Director of Research Gennie Gebhart, because there’s no such thing as a perfect, one-size-fits-all definition of secure.

“In practice, for some people, secure means the government cannot intercept their messages,” Gebhart said. “For others, secure means a partner in their physical space can’t grab their device and read their messages. Those are two completely different tasks for one app to accomplish.”

In choosing the right secure messaging app for themselves, Gebhart said people should ask what they need and what they want. Are they worried about governments or service providers intercepting their messages? Are they worried about people in their physical environment gaining access to their messages? Are they worried about giving up their phone number and losing some anonymity?

In addition, it’s worth asking: What are the risks of an accident, like, say, mistakenly sending an unencrypted message that should have been encrypted? And, of course, what app are friends and family using?

As for the constant news of vulnerabilities in secure messaging apps, Gebhart advised not to overreact. The good news is, if you’re reading about a vulnerability in a secure messaging tool, then the people building that tool know about the vulnerability, too. (Indeed, developers fixed the majority of the security vulnerabilities listed above.) The best advice in that situation, Gebhart said, is to update your software.

“That’s number one,” Gebhart said, explaining that, though this line of defense is “tedious and maybe boring,” sometimes boring advice just works. “Brush your teeth, lock your door, update your software.”

Cybersecurity is many things. It’s difficult, it’s complex, and it’s a team sport. That team includes you, the user. Before you use a messenger service, or go online at all, remember to follow the boring advice. You’ll better secure yourself and your privacy.

The post Merging Facebook Messenger, WhatsApp, and Instagram: a technical, reputational hurdle appeared first on Malwarebytes Labs.

Scammers Steal Social Media Videos For Fake Fundraising Accounts

Earlier this month, a 4-year-old girl called Maya Tisdale was videoed by her parents taking her first independent steps. Maya was

Scammers Steal Social Media Videos For Fake Fundraising Accounts on Latest Hacking News.

Merging WhatsApp, Instagram, And Facebook Messenger – Zuckerberg’s Uncanny Idea

This one may not be good news for many. Zuckerberg has finally disclosed his idea of merging the three key

Merging WhatsApp, Instagram, And Facebook Messenger – Zuckerberg’s Uncanny Idea on Latest Hacking News.

Facebook to integrate Whatsapp, Messenger and Instagram

Don’t own any Facebook or WhatsApp account? no worries!


Mark Zuckerberg the chief executive of Facebook, plans to integrate the messaging service of various social networking platforms such as WhatsApp, Facebook Messenger, and Instagram.

This move is planned to establish his control over the company’s sprawling divisions.

It was necessary because “in past” it was clearly evident by the fact that the company’s business has been thumped by scandals.

The move is described by four people involved in the effort requires thousands of Facebook employees to reconfigure how WhatsApp, Instagram and Facebook Messenger function at their most basic levels.

Though all the three services will continue operating as stand-alone apps.

Zuckerberg also assured all of the apps to incorporate end-to-end encryption. This will protect messages from being viewed by anyone except the participants in the conversation.

After the changes take place, a Facebook user could be able to send an encrypted message to someone who has only a WhatsApp account.

Currently, it isn’t possible because the apps are separate.

But stitching the apps’ infrastructure together, Zuckerberg wants to increase the utility of the social network, keeping its billions of users highly engaged inside its ecosystem.

You can say this move is copied by another big tech company Apple.inc, as this company also had this strategy, in order to eliminate its competitors.

If users interact more frequently with Facebook’s apps, the company may also be able to build up its advertising business (which is the main source of their income) or add new services to make money, they said.

In a statement, Facebook said it wanted to “build the best messaging experiences we can; and people want messaging to be fast, simple, reliable and private.” It added: “We’re working on making more of our messaging products end-to-end encrypted and considering ways to make it easier to reach friends and family across networks.”

Summing up the whole hard effort to be taken by Facebook soon in the future.

Stay tuned for more such stories.

The post Facebook to integrate Whatsapp, Messenger and Instagram appeared first on TechWorm.

The 10 year challenge is taking the Internet by storm

The first few days of the new 2019 started with a new social media craze that is making its way to the timelines of hundreds of millions of people across all major social media networks – the 10 year challenge. Unless you are one of the few people who does not use social media, you most likely have already noticed the new viral trend that consists of side-by-side memes of people from ten years ago and today. Millions of people have already participated, and a whole list of celebrities have shared their before-and-after memes with their followers. The challenge is about to blow out of proportion as more and more people are entering it by the second.

What exactly is the 10 year challenge?

The challenge consists of people posting then-and-now images of themselves. The old photos go as far as 2008 and are usually compared to recent photos uploaded to social media. The viral social media trend come in many forms. Some of the popular hashtags that reflect the hottest social media challenge are #10YearChallenge, #GlowUpChallenge, #2009vs2019, #HowHardDidAgingHitYou, and #agechallenge. The challenge is currently making its way through all major social media platforms including Facebook, Twitter, Instagram, etc.

Who is behind the challenge?

Currently, it is unknown if someone started the challenge intentionally. Multiple reporters have been speculating that this might be Facebook’s way to collect data that could be mined to train facial recognition algorithms on age progression and age recognition. Nicholas Thompson, the editor of Wired, succeeded in muddying the waters by tweeting “Let’s say you wanted to train a facial recognition algorithm on aging. What would do? Maybe start a meme like #10yearchallenge”. While this is a question that certainly gives you food for thought, it is still unknown if the challenge was ignited intentionally by a private company and if yes, what might have been its motives to do it.

Why did the 10 year challenge start now?

When Facebook was founded in 2004, the platform’s initial purpose was to be used as a networking tool for students in Ivy League universities. However, a few years after its launch, Facebook become open for everyone. Roughly 10 years ago, in 2009, Facebook started adding hundreds of millions of new users every day. Some say that the 10 year challenge is getting viral right now because of Facebook’s memories tool that brings images from the past to users’ timelines. Social media users are so fascinated by the difference between the 10 year old “memory” they see, and their current profile picture, that they decide to share it with friends and family.

Which celebrities have participated in the 10 year challenge?

The viral trend got popularized by some high profile celebrities such as Reese Witherspoon, Ellen DeGeneres, Nicki Minaj, Trevor Noah, Caitlyn Jenner, and Tyra Banks. Most of them jumped on the bandwagon to simply show how well they still look and how they haven’t aged at all.

How to enter the 10 year challenge?

If you want to enter the viral challenge all you have to do is dig out a 10 year old photo of yourself and splice it with a current one. The result should be a side-by-side photograph of yourself ten years apart similar to the before-after diet advertisements that we all see all the time on social media. If you want your side-by-side photo to get noticed, you can post it on any social media channels with the following hashtags #10YearChallenge, #GlowUpChallenge, #2009vs2019, #2008vs2018, #HowHardDidAgingHitYou, and #agechallenge.

Download Panda FREE VPN

The post The 10 year challenge is taking the Internet by storm appeared first on Panda Security Mediacenter.

Helping Kids Deal with the Digital Rejection of ‘Ghosting’

digital rejection of ghosting

digital rejection of ghostingRejection is the unspoken risk that is present when we enter into any relationship be it a friendship or a love relationship. It’s a painful, inescapable part of life that most of us go to great lengths to avoid. That said, there’s a social media phenomenon called “ghosting” that can take the pain of rejection to surprising depths — especially among teens.

Ghosting is when a person (or friend group) you’ve been talking to online suddenly stops all communication without any explanation.

Digital Dismissal

If you’re on the receiving end of the ghosting, consider yourself ghosted. Text conversations abruptly stop. You get blocked on all social media accounts. The ghost untags him or herself in all past photos on your profiles and deletes all past comments; theirs and yours. Direct messages (if not blocked) are marked as “seen” but never get a response.

Ghosting makes it feel as if a relationship never existed, which can leave anyone — child, teen, or adult — feeling hurt, frustrated, betrayed and even traumatized.

A teen named Jess* shared her ghosting experience and described feeling “helpless, confused, and worthless,” when a person she considered a boyfriend suddenly disappeared from her life after five months and started talking to another girl online. “One minute we were close and sharing all kinds of deep stuff and then, ‘poof’! He blocked me from his social media, stopped answering my texts, and started ignoring me at school. It’s as if I never existed to him.”

Rejection = Pain

In one study, MRI images showed that the same areas of the brain become activated when we experience a social rejection as when we experience physical pain, which is why rejection can hurt so much. According to Dr. Guy Winch, rejection destabilizes our need to belong and causes us to question our self-worth. “We often respond to romantic rejections by finding fault in ourselves, bemoaning all our inadequacies, kicking ourselves when we’re already down, and smacking our self-esteem into a pulp.” Rather, he clarifies, rejection is often just a matter of being mismatched in several areas such as chemistry, goals, and commitment level.

Micro-rejection 24/7

Thanks to social media, ghosting is not only a term but a common (albeit cruel) way to end an online relationship. Because it’s digital it’s easier for some people to view others as avatars; and easier to block rather than confront. It doesn’t help that the online culture fosters micro-rejections at every turn especially for tweens and teens. With every photo that is uploaded, so too, is a young person’s bid for approval. It’s not uncommon that a child’s happiness (or lack of) is influenced by the number of likes and comments a photo racks up.

While it may be impossible to protect our kids from painful digital rejections, we can equip them to handle it when and if it comes their way. Here are a few ideas that may help ease the pain of being ghosted.

Acknowledge the hurt

digital rejection of ghostingNo doubt, being ghosted hurts and can be embarrassing for your child (or anyone for that matter) to even talk about so tread lightly if you suspect it. Listen more than you speak and empathize more than advise if you learn this is a situation your child is experiencing. Acknowledge the real pain of being cut off, dismissed, blocked, and ignored. Ghosting can happen between two people or even with a friend group. If you have a similar situation and can relate, share that experience with your child.

Help frame the situation

Tweens and teens often do not have the tools they need in their emotional toolbox to deal with confrontation. Nor are they pros at communicating. So, rather than exit a relationship properly, some kids will find it easier to disappear with a simple click or two. Help your child understand the bigger picture that not all people will act with integrity or kindness. And, not all people are meant to be your friend or romantic match, and that’s okay. There are plenty of people who will value, love, and treat them with respect.

Help set healthy standards

Being ghosted, while painful, is also an opportunity to help your son or daughter define or re-define his or her standards. Ask: What qualities and characteristics you value in a friend or love interest? What values do you need to share with another person before trusting them? What warning signs should you look for next time that a person isn’t friend material? Advise: Don’t always be the person initiating every conversation, pay attention to the quality of interactions, don’t pursue people who are unresponsive or constantly “busy.”

Discourage retribution

digital rejection of ghostingWhile some ghosting situations are mild and dismissed quickly, others can cause the person ghosted to feel humiliated, angry, and vengeful. Lashing out at or trolling a ghost online as payback isn’t the answer and will only prolong the pain of being ghosted. Encourage your child that discovering the person’s character now is a gift and that moving on with wisdom and integrity (minus conflict) is the fastest way to heal.

Help them move on

One huge pain point for people who have been ghosted is that he or she did not get any closure or insight as to why the relationship ended. To help with this, you might suggest your son or daughter write a letter to get all the feelings out — but never mail it. Need the satisfaction of posting that letter online (minus names)? There’s a site for that (warning: language).

Beware of haunting

Haunting is when a ghost tries to reconnect in small ways over time. He or she may resurface to leave a comment or periodic likes to test the re-entry climate. Some may even send a direct message trying to explain the poor behavior. While every situation is different, warn your kids against reconnecting with anyone who would ghost a relationship. Encourage your child to invest time in friends who value friendships and honor the feelings of others.

*Name changed

The post Helping Kids Deal with the Digital Rejection of ‘Ghosting’ appeared first on McAfee Blogs.