A new study from Pew Research purports to test the “Web IQ” of Internet users. I took this quiz myself, although I admit my knowledge of some of the questions may have been spoiled because I first found out about the quiz from an article that launched straight into a discussion of the questions (and answers) without warning. To prevent this from happening here, you may want to take the quiz yourself before clicking “Continue Reading.”
The EFF, Amnesty International, Digitale Gesellschaft, and Privacy International have teamed up to release an anti-surveillance program called Detekt. Detekt rightly cautions users against being lulled into a false sense of security; the failure by Detekt to find any traces of spyware on your computer does not mean that spyware doesn’t exist. In fact, even if Detekt finds something, that doesn’t mean there is additional spyware that it failed to detect.
The program doesn’t appear or claim to be the definitive solution to the surveillance of journalists by repressive regimes; it only claims to detect FinFisher and Hacking Team RCS. In fact, Continue reading 4 Organizations Release Anti-Surveillance Software
Twitter has started gathering the names of the apps you have on your phones/tablets. The new feature is called “Twitter app graph.” They are claiming they only gather the names of the apps rather than the data stored within them.
According to Mashable, this snooping only happens if you are using their mobile app. If this is correct, you have 2 options if you want to continue using Twitter without allowing them to gather this data:
1. Use Twitter from a browser rather than installing their app.
2. Follow the opt-out procedure here.
Twitter seems to be doing this so they can personalize the ads they deliver to you based on the apps you have installed. It is up to you to decide whether they have any business knowing the names of the other apps you have installed on your mobile device, and what you should do about it.
Twitter has just made every public Tweet made since the inception of Twitter available through its search engine. The Guardian has suggested several approaches to scrubbing potentially embarrassing Tweets from being found through this search engine. The approaches range from deleting a single Tweet to closing your entire Twitter account.
The consequences to not exercising discretion in sharing information (or allowing others to share it) on social media can be serious. College admissions officers commonly use social networks to find out more about their applicants. Employees at fast food restaurants have lost their jobs. Continue reading Twitter Makes Every Public Tweet Searchable
McAfee has released a list of 12 holiday scams. Here are some thoughts I had on the items in the list:
1. Clicking any links in e-mails and using them to give personal information are generally bad ideas, and shipping notification e-mails are no exception. If you placed an order, they already have all the information they need to ship you the item, so why would they need to ask you for it again?
2. This tip isn’t very specific, but it brings to mind shady sites that steal your credit card information instead of actually shipping you items. It may help to look up stores at the BBB. For example, if you type in www.newegg.com into the search box, you will see that the store has an A+ rating, and then you can see why the store received that rating if you’re interested.
3. It’s important to always Continue reading My Thoughts On McAfee’s 12 Scams of The Holidays
Last month, authorities charged a man with the murder of a college student who was trying to sell a car on Craigslist. They allege that he killed the victim so that he could keep the money and the car. It wouldn’t be the first time someone was charged with murdering someone they met on Craigslist. Philip Markoff, a medical student who committed suicide while awaiting trial for murder, was also accused of killing at least one victim he had met on Craigslist. It’s a chilling reminder of the dangers you may face when you arrange to meet in person someone you’ve only communicated with online.
Need a reason not to use free hotel wi-fi without a VPN? How about spear-phishing and targeted attacks against you by people who your real name, your room number, and expected arrival and departure times? According to the article, some of the tactics used include Adobe Flash zero-day exploits, fake software updates containing malware, and embedded iFrames redirecting to phony installers.
When you connect to any wi-fi network, you must assume it is hostile and act accordingly. Even if you’re not a senior company executive, here’s an example of the types of attacks that could be used by a rogue Wi-Fi network against various password managers; if you use one, yours could be among them. It’s interesting to note that iFrames are also involved in one of the “sweep attacks” described by the paper.
Want to know if the messaging app or program you’re using is truly secure? The EFF recently rated the security of 39 different apps/services/programs based on these 7 categories:
1. Encrypted in transit?
2. Encrypted so the provider can’t read it?
3. Can you verify contacts’ identities?
4. Are past comms secure if your keys are stolen?
5. Is the code open to independent review?
6. Is security design properly documented?
7. Has the code been audited?
Go here to see the results. The EFF says they plan to do closer examinations in the future.