Skip to content

Google

Russian Influence Reached 126 Million Through Facebook Alone

Quote

Russian agents intending to sow discord among American citizens disseminated inflammatory posts that reached 126 million users on Facebook, published more than 131,000 messages on Twitter and uploaded over 1,000 videos to Google’s YouTube service, according to copies of prepared remarks from the companies that were obtained by The New York Times.

The new information goes far beyond what the companies have revealed in the past and underline the breadth of the Kremlin’s efforts to lever open divisions in the United States using American technology platforms, especially Facebook. Multiple investigations of Russian meddling have loomed over the first 10 months of the Trump presidency, with one leading to the indictments of Paul Manafort, the former Trump campaign chief, and others on Monday.

For Facebook, Google and Twitter, the discovery of Russian influence by way of their sites has been a rude awakening. The companies had long positioned themselves as spreading information and connecting people for positive ends. Now the companies must grapple with how Russian agents used their technologies exactly as they were meant to be used — but for malevolent purposes.

Rude Awaking? Bullshit. For whom? Connecting people for positive good? More bullshit! It is about hoovering up personal user data and selling it! Come on, wake up!

Just say no to Social Media. Just say no to Google. Demand privacy.

Facebook and Google promoted false news about Las Vegas

“Social media: The internet version of the supermarket tabloid. Written by the mindless for the mindless.” Unfortunately it is picked up by mainstream media and is swallowed and regurgitated by a good percentage of the 65% of Americans who get their “news” from social media. The article also points up to a failure in machine learning (AI) algorithms in use by the Facebook, Google and their ilk.

Quote

Facebook and Google promoted false news stories claiming that the shooter who killed more than 50 people in Las Vegas was a Democrat who opposed Donald Trump. The misidentification spread rapidly from dark corners of the internet to mainstream platforms just hours after hundreds were injured at a festival near the Mandalay Bay casino, the latest example of fake news polluting social media amid a breaking news story.

The flow of misinformation on Monday illustrated a particularly grim trend that has increasingly dominated viral online propaganda during US mass shootings – hyper-partisan trolls battling to blame the tragedy on opposing political ideologies. …

Despite the fact that the claims were unproven and coming from non-credible sources, Facebook’s “Safety Check” page, which is supposed to help people connect with loved ones during the crisis, ended up briefly promoting a story that said the shooter had “Trump-hating” views, along with links to a number of other hoaxes and scams, according to screenshots. At the same time, Google users who searched Geary Danley’s name were at one point directed to the 4chan thread filled with false claims.
..
False content can quickly move from social media to legitimate news sources, she added: “People are putting out crap information on purpose … It’s really easy to get shit into the news cycle by being on Twitter.”

A YouTube user also pushed an unsubstantiated rumor that the suspect was a Hillary Clinton supporter.

Google IMAP losing old security protocols this month

Quote

Google’s ongoing elimination of the antediluvian SSLv3 and RC4 protocols is taking another step on June 16.
From that date, Gmail’s IMAP and POP services will join its SMTP services in rejecting connections using those protocols.
Recognising, perhaps, that not everybody’s been paying attention, Mountain View is giving users and sysadmins time to adjust. It may take “longer than 30 days for users to be fully restricted from connecting” using clients that still run those protocols, the company’s announcement states.
However, most clients already support more modern TLS versions.
Beyond the deprecation date, sysadmins will start to see errors if they try running SSLv3 or RC4 in connection, and app developers are likewise warned they need to push out upgrades.
It’s been a year since the IETF put a bolt into the skull of SSLv3, issuing RFC 7568 as a not-so-gentle reminder to the industry.
And as a cipher, RC4 has been a dead duck for years.
So if your favourite mail app tells you “upgrade now”, you might want to ask why they’ve taken so long.

Took long enough!

Chrome trumps all comers in reported vulnerabilities

Quote

More vulnerabilities were discovered in Google Chrome last year than any other piece of core internet software – that’s according to research that also found 2014 clocked record numbers of zero-day flaws.

The Secunia Vulnerability Review 2015 report [PDF] is built on data harvested by the company’s Personal Software Inspector tool residing on “millions” of customer end points, each with an average of 76 installed applications.

It said the Chocolate Factory’s web surfer had more reported vulnerabilities than Oracle Solaris, Gentoo Linux, and Microsoft Internet Explorer which rounded out the top four among the analysed core products. ….Chrome leads the browser pack with 504 reported vulnerabilities followed by Internet Explorer with 289 and Firefox with 171. Some 1035 flaws were reported across all browsers including Opera and Safari, up from 728 in 2013.

Wait, but isn’t Google itself a threat?

Google Malvertising App

Quote

Android apps that should be innocuous are pimping smut by way of slack supervision of their advertising networks, with two app authors complaining to The Register that the root of the problem lies with The Chocolate Factory.

The authors of two popular Sydney public transport apps told us Google’s app monetisation service AdMob is failing to catch disallowed advertisements that should be easy to spot for the world-dominating ad-and-click network.

Malvertising is a rising problem because users are turning to ad blockers as a security precaution, both to protect against malware and to keep material they deem inappropriate out of their eyeballs. The latter outcome is made necessary by ads like those below, which The Register has observed in the Arrivo and TripView public transport timetable apps, both of which are likely to pop up on minors’ phones.

If, as it seems to this untutored eye, the ad got past filters by presenting its text as an image with extra space to defeat character recognition, Google deserves its backside kicked through all the letters of its Alphabet. Twice per letter, once per language.