Skip to content

WhatsApp co-founder joins call to #DeleteFacebook as fallout intensifies

Quote

Facebook’s troubles entered a fourth day with a rising chorus of people – including the co-founder of WhatsApp – joining the #DeleteFacebook movement as the Federal Trade Commission was reported to be investigating the company’s handling of personal data.

Momentum gathered behind the #DeleteFacebook campaign, with several media outlets publishing guides to permanently deleting your Facebook account. One surprising voice to emerge was that of Brian Acton, the co-founder of WhatsApp, which was bought by Facebook for $19bn in 2014.

Acton, who left WhatsApp in late 2017, posted to Twitter: “It is time. #deletefacebook.”

Meanwhile, in the United States, the FTC will examine whether the social networking site violated a 2011 agreement with the agency over data privacy, after reports that a firm called Global Science Research harvested information relating to 50 million Facebook profiles and provided the data to Cambridge Analytica

Of course this begs the question: Why on earth were you so ignorant to use FaceBook and What’s App (after Facebook bought it) in the first place?

Facebook Leak or OMG – you mean facebook has my data?

Well unless you live under a rock, Facebook has been caught once again with their pants down. Lets see…

LONDON — As the upstart voter-profiling company Cambridge Analytica prepared to wade into the 2014 American midterm elections, it had a problem.

The firm had secured a $15 million investment from Robert Mercer, the wealthy Republican donor, and wooed his political adviser, Stephen K. Bannon, with the promise of tools that could identify the personalities of American voters and influence their behavior. But it did not have the data to make its new products work.

So the firm harvested private information from the Facebook profiles of more than 50 million users without their permission, according to former Cambridge employees, associates and documents, making it one of the largest data leaks in the social network’s history. The breach allowed the company to exploit the private social media activity of a huge swath of the American electorate, developing techniques that underpinned its work on President Trump’s campaign in 2016.


But the full scale of the data leak involving Americans has not been previously disclosed — and Facebook, until now, has not acknowledged it. Interviews with a half-dozen former employees and contractors, and a review of the firm’s emails and documents, have revealed that Cambridge not only relied on the private Facebook data but still possesses most or all of the trove.

Read more

Oh I am so shocked, SHOCKED I Say

And today learned that Cambridge Analytica Suspends C.E.O. Amid Facebook Data Scandal

Cambridge Analytica, the political data firm with ties to President Trump’s 2016 campaign, suspended its chief executive, Alexander Nix, on Tuesday, amid the furor over the access it gained to private information on more than 50 million Facebook users.

The decision came after a television broadcast in which Mr. Nix was recorded suggesting that the company had used seduction and bribery to entrap politicians and influence foreign elections.

The suspension marked a new low point for the fortunes of Cambridge Analytica and for Mr. Nix, who spent much of the past year making bold claims about the role his outfit played in the election of Mr. Trump. The company, founded by Stephen K. Bannon and Robert Mercer, a wealthy Republican donor who has put at least $15 million into it, offered tools that it claimed could identify the personalities of American voters and influence their behavior.

So-called psychographic modeling techniques, which were built in part with the data harvested from Facebook, underpinned Cambridge Analytica’s work for the Trump campaign in 2016. Mr. Nix once called the practice “our secret sauce,” though some have questioned its effectiveness.

But in recent days, the firm has found itself under increased scrutiny from lawmakers, regulators and prosecutors in the United States and Britain following reports in The New York Times and The Observer of London that the firm had harvested the Facebook data, and that it still had a copy of the information.

Read more

As I said before, anyone who uses facebook, has an Alexa, smart TVs (for the clueless) and so forth really needs to get educated on privacy and IT Security. I will copy and post the “Whips” excellent comment to this article

Let’s be clear here: Facebook doesn’t steal our data; we give it to them, one Like at a time.

For decades, Europe has had a Data Protection Directive that runs circles around the U.S.’s, such as it is–and it’s about to get even stronger with the GDPR, which will improve user control over our own data.

Instead of Americans spewing moral outrage at the weekly corporate affront (last week Experian, this week Facebook, next week who knows), why not grow up and demand a national approach to data protection?

Lets Encrypt/Certbot

Been busy updating and moving our server last few weeks so not much time for posting. I did try out Lets Encrypt. My experience is mixed. I wanted to put it on our *non store* sites like this one. (On our store we use a real paid for cert.) They seem to have a lot of issues with timeouts and no real solution. We were able to hit their limits. For every timeout we encountered, they had actually issued a cert, but we never got it.

It is a nice idea, but it is not with out controversy. Here is a good article:

Lets Encrypt Good, Bad, Ugly

Equifax finds 2.4 million more folk hit by breach

Well here is **no** surprise.
Quote

Embattled credit-reporting company Equifax has done some data crunching and discovered another 2.4 million people that had their information slurped by hackers.

The biz, which was subject to one of the biggest data breaches in US history last May, has already had to revise up the number of affected individuals.

The total stood at 145 million in the US and hundreds of thousands in the UK and Canada – but it’s now found a few more people that previously escaped its “forensic” testings.

In a statement released today, Equifax said that ongoing analysis of the stolen data had allowed it to confirm the identities of an additional 2.4 million folks in the US who had partial driving licence information taken.

“This information was partial because, in the vast majority of cases, it did not include consumers’ home addresses, or their respective driver’s license states, dates of issuance, or expiration dates,” the statement said.

Malicious Chrome extension is next to impossible to manually remove

Quote

Proving once again that Google Chrome extensions are the Achilles heel of what’s arguably the Internet’s most secure browser, a researcher has documented a malicious add-on that tricks users into installing it and then, he said, is nearly impossible for most to manually uninstall. It was available for download on Google servers until Wednesday, 19 days after it was privately reported to Google security officials, a researcher said.

Once installed, an app called “Tiempo en colombia en vivo” prevents users from accessing the list of installed Chrome extensions by redirecting requests to chrome://apps/?r=extensions instead of chrome://extensions/, the page that lists all installed extensions and provides an interface for temporarily disabling or uninstalling them. Malwarebytes researcher Pieter Arntz said he experimented with a variety of hacks—including disabling JavaScript in the browser, starting Chrome with all extensions disabled, and renaming the folder where extensions are stored—none of them worked. Removing the extension proved so difficult that he ultimately advised users to run the free version of Malwarebytes and let it automatically remove the add-on.

When Arntz installed the extension on a test machine, Chrome spontaneously clicked on dozens of YouTube videos, an indication that inflating the number of views was among the things it did. The researcher hasn’t ruled out the possibility that the add-on did more malicious things because the amount of obfuscated JavaScript it contained made a comprehensive analysis too time consuming. The researcher provided additional details in a blog post published Thursday.

Tiempo en colombia en vivo racked up almost 11,000 installs before Google removed it, but it may have found its way onto still more computers. That’s because a variety of abusive websites are using a technique that tricks inexperienced users into installing the extension. As Malwarebytes explained in late 2016, the forced install trick uses JavaScript to provide a dialog box that says visitors must install the extension before they can leave the page. Clicking cancel or closing the tab produces an unending series of variations on that message. Arntz said he privately reported the extension to Google on December 29 and that it remained available on the Chrome Store until Wednesday.

Arntz said he found a Firefox extension that also resisted user attempts to uninstall it, but the block was relatively easy to bypass. The researcher has yet to find any indication the add-on was available in the Firefox Extensions store.

Once again Caveat Emptor: Just because it is an app store, doesn’t mean its not malware.

Spectre and Meltdown Vulnerabilities

From our Partner ESET

On Wednesday, January 3rd, security researchers released details on vulnerabilities in several common processor designs. Some of these vulnerabilities specifically affect Intel chips, while other vulnerabilities are present in almost all AMD, ARM and Intel chips.  These weaknesses may place sensitive system data at risk of exposure to attackers.

As stated by researchers, there are theoretical ways that antivirus software could detect the problem. However, detection would have an extremely negative impact on device performance, and significantly influence user experience; it would be a less effective approach than prevention. Therefore, we are recommending that users take the following steps:

  • Keep track of any related patches for their systems and apply them as soon as possible
  • Keep all other software updated, including web browsers
  • Be on the lookout for phishing emails, which are still the number one way for hackers to get a foothold on your computer

More details are available in the following links:

Washington state: Comcast was “even more deceptive” than we thought

Quote

The attorney general of Washington has filed a new amended complaint in an ongoing lawsuit against Comcast, claiming that “new evidence” reveals “even more deceptive conduct than previously alleged.”

The lawsuit, which was initially submitted in August 2016, alleged that hundreds of thousands of Washington residents were “deceived” into paying “at least $73 million in subscription fees over the last five years for a near-worthless ‘protection plan.’”

According to the amended complaint, which was filed in King County Superior Court on Thursday, newly obtained recorded calls between Comcast and its Washington customers who subscribed to its “Service Protection Plan” show “that Comcast may have signed up more than half of all SPP subscribers without their consent. Comcast deceived consumers even when mentioning the SPP, telling them the SPP plan was ‘free’ when they signed up, when in fact, Comcast would automatically charge them every month after the first month.”

This what happens in monopolies and oligopolies. Unfortunately, senior executives will never go to jail and business will be as usual. That is because of the very corrupt lobbyist ridden culture in the states and in Washington. Is it time for citizens to deliver justice to those guilty directly? Perhaps. But that assumes they will involved and get organized to form the type of organizations capable of effecting real change. Given the fact the civic understanding and participation is poor in the U.S., I doubt things will change. But enough is enough, to is time to get involved.

Updated! Vulnerability in Cyberoam appliance

1) Stay on Version 10.6.5 – In our testing of Version 10.6.6. of CROS (Cyberoam Firmware), we discovered a bug that causes blocking of certain web content. We request customers stay on 10.6.5 until this is fixed.

2)To get patched for the SQL Vulnerability simply make sure that “Allow Over-the-air Hotfix” option is enabled on Cyberoam device as shown in the image below. Devices that already have this option enabled will automatically fetch the fix and remain protected.

Click here for larger image in browser

(System>Maintenance>Updates and then check the “Allow Over-the-air Hotfix Box)

To see if you are patched, You can login to the SSH/telnet console session of the unit and execute following command to check Hot Fix version:

console> cyberoam diagnostics show version-info

The Hot Fix version should be displayed as 1 or higher.

 

——–
Full Knowledge-base Article:
here

——
Other news
– Over the next two weeks we will be updating our store site for Fortinet & Meraki. Other updates after these.

Our Blog Site: Here

Contact US

 

Vulnerability Affecting Cyberoam Appliances

A SQL injection vulnerability has been discovered in Cyberoam appliances running the Cyberoam operating system (CROS) that allows for unauthenticated remote code execution.

A small percentage of appliances have been impacted by a cryptominer that consumed CPU cycles, and our investigations have found no evidence that any data has been compromised or exfiltrated from those appliances.

For customers running CROS version 10.6.1 and above that use the default setting of automatic updates, the hotfix was automatically installed, and there is no action required. Customers who have changed their default settings will need to apply the update manually.
Remediation

CROS Version

Patch Distributed

Version 10.6.3 and above

December 7, 2017

Version 10.6.1, 10.6.2.x

December 8, 2017

All versions prior to 10.6.1

Upgrade to current CROS version

 
Full Knowledge-base Article here

Google Chrome vows to carpet bomb meddling Windows antivirus tools

Quote

Browser will block third-party software from mucking around with pages next year.

By mid-2018 Google Chrome will no longer allow outside applications – cough, cough, antivirus packages – to run code within the browser on Windows.

“In the past, this software needed to inject code in Chrome in order to function properly; unfortunately, users with software that injects code into Windows Chrome are 15 per cent more likely to experience crashes.”

In particular, the target here seems to be poorly coded AV tools can not only crash the browser or cause slowdowns, but also introduce security vulnerabilities of their own for hackers to exploit.

Rather than accept injected code, Chrome will require applications to use either Native Messaging API calls or Chrome extensions to add functionality to the browser. Google believes both methods can be used to retain features without having to risk browser crashes. With Chrome 68, the browser will block third-party code in all cases except when the blocking itself would cause a crash. In that case, Chrome will reload, allow the code to run, and then give the user a warning that the third-party software will need to be removed for Chrome to run properly. The warning will be removed and nearly all code injection will be disabled in January of 2019.

“While most software that injects code into Chrome will be affected by these changes, there are some exceptions,” said Hamilton.

“Microsoft-signed code, accessibility software, and IME software will not be affected.”