Turbotodd

Ruminations on tech, the digital media, and some golf thrown in for good measure.

Posts Tagged ‘facebook

Facebook’s Portal Doublethink

leave a comment »

CNET is reporting that Facebook’s new home smart video assistants, Portal and Portal Plus, are now available for sale on the Portal online store, Amazon and Best Buy.

Facebook Portal Plus is selling for $349, and has 1080p HD res and a 15.6-inch screen. The $199 Portal has a 720p, 10.1-inch screen. Both serve as Alexa speakers as well as offer Facebook’s “Hey, Portal” (so original!) voice service.

Yes, Facebook’s Portal product uses Alexa service because, well, why reinvent the home assistant and copying is the sincerest form of flattery.

As for a Facebook video product being unleashed into the privacy of your home??  Well, I would have used to say read Facebook’s privacy policy with care…

A post from Facebook on privacy and security for Portal alleges the following:

  • Facebook does not listen to, view or keep the contents of your Portal video calls. This means nothing you say on a Portal video call is accessed by Facebook or used for advertising.
  • Portal video calls are encrypted, so your calls are secure.
  • Smart Camera and Smart Sound use AI technology that runs locally on Portal, not on Facebook servers. Portal’s camera doesn’t identify who you are.

And as to how they use information from Portal:

  • Portal is integrated with some of your Messenger and Facebook experiences. When you use Portal, we process the same kinds of information as when you use Facebook products on your other devices. Some of this information, including the fact that you logged into your account or how often you use a feature or app, may be used to inform the ads you see across Facebook.
  • While we don’t listen to, view or keep the contents of your Portal video calls, or use this information to target ads, we do process some device usage information to understand how Portal is being used and to improve the product.

Read the full post for more details here.

At least one technology journalist, The Wall Street Journal’s Joanna Stern, isn’t having any of it. She wrote:

I just couldn’t bring myself to set up Facebook’s camera-embedded screen in the privacy of my family’s home. Can you blame me when you look at the last 16 months?

The personal data of millions of users was accessed for political purposes without consent. Whoops. False news articles were deliberately spread across our feeds to hoax us. Whoops again. Hackers gained access to nearly 50 million accounts, the largest-ever security breach at the social network. Giant whoopsies.

However, she did go on to write that “The Portal+, with its 15.6-inch giant rotatable screen, is one of the most immersive video-chatting experiences I’ve ever had.”

Doublethink?

Written by turbotodd

November 8, 2018 at 9:33 am

Posted in 2018, privacy, video

Tagged with

Midterm Election Cyber Shenanigans

leave a comment »

Happy Election Day for those of you here in the U.S.!

I hope you all got out to vote, either in advance in early voting or in what, I’m sure, are probably long lines today on actual election day.

I was waiting for any stories to break about any social media shenanigans going on today or leading up to election day.

I wasn’t disappointed (well, I was, but you know what I mean).

CNBC reports that Facebook felt compelled to block 115 accounts ahead of the midterms, with U.S. law enforcement having notified Facebook on Sunday of the accounts’ online activity, saying they believed the accounts “may be linked to foreign entities.”

From Facebook’s blog post:

Given that we are only one day away from important elections in the U.S., we wanted to let people know about the action we’ve taken and the facts as we know them today.

Our very early-stage investigation has so far identified around 30 Facebook accounts and 85 Instagram accounts that may be engaged in coordinated inauthentic behavior. We immediately blocked these accounts and are now investigating them in more detail. Almost all the Facebook Pages associated with these accounts appear to be in the French or Russian languages, while the Instagram accounts seem to have mostly been in English — some were focused on celebrities, others political debate.

Typically, we would be further along with our analysis before announcing anything publicly. But given that we are only one day away from important elections in the US, we wanted to let people know about the action we’ve taken and the facts as we know them today.

Once we know more — including whether these accounts are linked to the Russia-based Internet Research Agency or other foreign entities — we will update this post.

Facebook appears to have learned a lesson from 2016 — a strong offense can prevent later necessary defense. 

Meanwhile, a joint statement from DHS, the Justice Department, the Office of the Director of National Intelligence, and the FBI said the following:

Foreign actors — and Russia in particular — continue to try to influence public sentiment and voter perceptions through actions intended to sow discord.

[These attacks can come in the form of] spreading false information about political processes and candidates, lying about their own interference activities, disseminating propaganda on social media and through other tactics [and that Americans should be aware of such efforts].

Uh, wasn’t that kind of a given?!

I guess everybody’s vote counts in the 2018 midterms — including Vlad’s!

Written by turbotodd

November 6, 2018 at 2:25 pm

Posted in Uncategorized

Tagged with , ,

Another Facebook Breach

leave a comment »

Happy Friday!

Well, depending on who you ask.

The BBC, Gizmodo, and others are reporting a new Facebook data breach, this time of private Facebook messages of at least 81,000 unfortunate souls.

It’s being reported the culprit was a Chrome Extension exploit, and is apparently not related to the more widespread September breach previously reported of 120 million Facebook accounts.

Some details:

The hackers, who may be Russian since they reached out to the BBC Russian Service, appear to have the Facebook messages of at least 81,000 people, mostly of Russians and Ukrainians, but also from people in the U.S., UK, and Brazil, according to the BBC.

“Browsers like Chrome can be very secure, but browser extensions can introduce serious gaps in their armor. The addition of browser extensions increases what is otherwise a small attack surface. Malicious extensions can be used to intercept and manipulate the data passing through the browser,” said Rick Holland, CISO of Digital Shadows, which helped the BBC analyze the breach.

As to the content of those messages:

Many of the messages are relatively benign and include simple chats about going on vacation and attending concerts. But as you’d expect, there are also more sensitive discussions, including “intimate correspondence between two lovers,” as the BBC describes it.

Hoped all 81K Facebook users whose private messages were sold!

Written by turbotodd

November 2, 2018 at 3:24 pm

Facebook’s Teen Problem

leave a comment »

CNBC had a story out yesterday citing data from investor analyst firm Piper Jaffray which indicated that teens are abandoning Facebook “at a staggering rate.”

But went on to say they’re still “flocking to sister app Instagram.”

Palo Alto, we have a problem.

The CNBC article indicated that just over a third of teenagers use the core Facebook platform at least once a month.

I wonder if a third of those are from Russia??

That number is “down significantly from 52 percent of teens two years ago and from close to two-thirds of teens in spring of 2016.”

On the plus side, Instagram “edged out SnapChat as the most-used social platform by teenagers for the first time” since Piper Jaffray started conducting its survey.

So, marketeers everywhere, uh, take more pictures?  

Maybe you can use that newfangled Apple iPhone XR, which is getting rave reviews across the board (and which comes in several hundred dollars less than the iPhone XS).

Speaking of Russians, The New York Times is reporting that the U.S. Cyber Command is now targeting individual Russian operatives “to try to deter them from spreading disinformation in elections.”

The campaign, which includes missions undertaken in recent days, is the first known overseas cyberoperation to protect American elections, including the November midterms.

Senior defense officials said they were not directly threatening the operatives. Still, former officials said anyone singled out would know, based on the United States government’s actions against other Russian operatives, that they could be indicted or targeted with sanctions. Even the unstated threat of sanctions could help deter some Russians from participating in covert disinformation campaigns, said Andrea Kendall-Taylor, a former intelligence official now with the Center for a New American Security.

Huh.  That only took a couple of years to get rolling.

Written by turbotodd

October 23, 2018 at 4:38 pm

Facebook Security Flaw

leave a comment »

The New York Times is reporting that Facebook said today an attack on its computer network led to the exposure of information from nearly 50 million of its users.

Facebook said it discovered the breach earlier this week, “finding that attackers had exploited a feature in Facebook code that allowed them to take over user accounts.”

The Times reports that Facebook said it did not know the origin or identity of the attackers, nor had it fully assessed the scope of the attack, and is in the beginning stages of its investigation.

Here’s Facebook’s detailed explanation of the exploit and the actions it says it has taken:

Our investigation is still in its early stages. But it’s clear that attackers exploited a vulnerability in Facebook’s code that impacted “View As”, a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.

Here is the action we have already taken. First, we’ve fixed the vulnerability and informed law enforcement.

Second, we have reset the access tokens of the almost 50 million accounts we know were affected to protect their security. We’re also taking the precautionary step of resetting access tokens for another 40 million accounts that have been subject to a “View As” look-up in the last year. As a result, around 90 million people will now have to log back in to Facebook, or any of their apps that use Facebook Login. After they have logged back in, people will get a notification at the top of their News Feed explaining what happened.

Third, we’re temporarily turning off the “View As” feature while we conduct a thorough security review.

This attack exploited the complex interaction of multiple issues in our code. It stemmed from a change we made to our video uploading feature in July 2017, which impacted “View As.” The attackers not only needed to find this vulnerability and use it to get an access token, they then had to pivot from that account to others to steal more tokens.

The Times goes went on to write that:

One of Facebook’s most significant challenges has been convincing its users that it is responsible enough to handle the incredible wealth of data the company handles. More than 2 billion people use Facebook every month, and another two billion separately use WhatsApp, a messaging app owned by Facebook, and Instagram, the Facebook-owned popular photo-sharing app.

You know the drill.  Check your password, change it, etc ad nauseum ad infinitum.

Written by turbotodd

September 28, 2018 at 12:22 pm

Posted in 2018, cybersecurity

Tagged with , ,

A Social Bill on Capitol Hill?

leave a comment »

Happy hump day.

Well, I didn’t have the opportunity to watch all of the Senate hearings where our illustrious senators grilled Facebook COO Sheryl Sandberg and Twitter CEO Jack Dorsey.

For Google, there was an empty chair, as Larry Page opted not to show or send a representative.

From what I’ve gathered thus far, the two executives told lawmakers they feel they are better prepared to combat foreign interference on their platforms.

The Washington Post reports that Sandberg said "We were too slow to spot this and too slow to act. That’s on us. This interference was completely unacceptable. It violated the values of our company and of the country we love. We are more determined than our opponents and we will keep fighting."

Dorsey, on the other hand, explained that "We found ourselves unprepared and ill-equipped for the immensity of the problems we’ve acknowledged. Abuse, harassment, troll armies, propaganda through bots and human coordination, disinformation campaigns and divisive filter bubbles — that’s not a healthy public square."

One highlight of the hearing occurred when a female protester stood up at the back of the hearing room towards the end of the session.

To overshadow (err, physically shadow ban?) the protester, Rep. Billy Long of Missouri launched into full auctioneer filibuster mode until such time as said protester could be removed fro the hearing room.

God, how I love the U.S. Congress.

We can probably start the countdown on how long it takes for a social media or overall Internets regulation bill to roll down Capitol Hill.

Schoolhouse Rock, everybody….

https://www.youtube.com/watch?v=tyeJ55o3El0

Written by turbotodd

September 5, 2018 at 2:15 pm

Facebook Deletes 600+ Accounts Linked to Influence Campaigns from Iran and Russia

leave a comment »

Happy Thursday.

Facebook has once again removed multiple pages, groups and accounts for coordinated and authentic behavior on Facebook and Instagram.

The company indicated that “some of this activity originated in Iran, and some originated in Russia.”

The Verge reported that Facebook took down 652 fake accounts and pages that published political content, the existence of which was first uncovered by the cybersecurity firm FireEye.

“These were networks of accounts that were misleading people about who they were and what they were doing,” CEO Mark Zuckerberg said in a call with reporters. “We ban this kind of behavior because authenticity matters. People need to be able to trust the connections they make on Facebook.”

Separately, CNBC is reporting that Apple has removed Facebook’s Onavo security app from the App Store because it does not comply with its privacy rules.

Citing a Wall Street Journal story from Wednesday, Apple officials told Facebook that Onavo violated the company’s rules on data collection by developers, and suggested last Thursday that Facebook voluntarily remove the app. 

Facebook acquired Israel-based Onavo in 2013, snapping up the free security app that lets users access a virtual private network, or VPN, to browse the web and download apps with a greater degree of privacy. Facebook in the past has offered that service to users without clearly disclosing that it owns the app, and has collected data about what other types of apps those customers use.

Written by turbotodd

August 23, 2018 at 9:55 am

Posted in Uncategorized

Tagged with , ,

%d bloggers like this: