Archive

Posts Tagged ‘Facebook’

Having sex online can seriously damage your economic health

April 15, 2014 Leave a comment

Get Safe Online is warning young males about the webcam scam sex blackmail. It seems to be targeting youngsters in Avon and Somerset because when I asked about other cases I was told, “The City of London police haven’t been able to provide any further stats, as this is a relatively new type of fraud.”

Strange, because it certainly isn’t new and is unlikely to be limited to Avon and Somerset.

Avon and Somerset Constabulary has dealt with several cases where, following connecting via social networking sites, victims (usually young males) are lured into taking off their clothes in front of their webcam – and sometimes performing sexual acts – which is videoed by the fraudster. The victims are then threatened with blackmail to avoid the video being published online and shared with their contacts. Investigations have revealed that most of these cases stem from abroad, making them difficult to trace.

That’s the scam in a nutshell. But it’s certainly not new – and you can get a more complete description from a report in the BBC from September 2012.

She said she was French, living in Lyon, but was on holiday in Ivory Coast. We then chatted for a bit on MSN and I could see a video of her. She was a very beautiful French-looking girl, very pretty.

She was dressed to begin with and asked whether I would be interested in going further. I asked what that meant and she said she wanted to see my body… everything.
Blackmail fraudsters target webcam daters

This particular case seems to have been in France, but adds another potentially more worrying aspect. The subsequent video was published with a caption saying the victim performed a sex act in front of a young girl – and that unless he pays €500 to take it down, the world would soon know he is a paedophile.

“At the moment we are persuaded that there are several blackmail attempts committed every day,” says Vincent Lemoine, a specialist in cybercrime in the Gendarmerie’s criminal investigations unit.

So it’s not new and already widespread. Perhaps it’s just newly migrated to the UK because, let’s face it, we Brits have a reputation for not even shaking hands without a formal introduction. But it is a problem and it’s very likely to be an increasing problem. I just wish that Get Safe Online would get real with the young of today. Its language simply doesn’t resonate.

“It’s terrible that fraudsters are targeting innocent people in such a personal way,” said Tony Neate, Chief Executive of Get Safe Online. The language is so British and understated. Terrible? Devastating and possibly life threatening (“His blackmailers were relentless and he could see no end to his ordeal. A week after the first demand, he killed himself.” BBC report) might be more accurate.

I also have some concerns over whether Get Safe Online actually understands young culture. The purpose of the warning is admirable – but the advice given somewhat misses the mark. “Be wary about who you invite or accept invitations from on social networking sites. Don’t accept friendship requests from complete strangers. You wouldn’t do this in real life!”

That’s the problem. That’s exactly what people actually do in real life. We dress up, go out on the town, hook up with a complete stranger and have sex. It’s called a one-night-stand and it’s what weekends were invented for. And all friends were strangers before they became friends, so saying don’t make friends with strangers is a bit silly.

So I would say to Get Safe Online, if you want to seriously warn the youngsters of today, Get Safe should first get real.

If you want more advice on the threat from Get Safe, there’s an outline on their site:

Get Safe warning

I think the illustration is meant to show a worried young man who is being blackmailed – but it could just be someone giving head to a stranger he just met on Facebook.

Categories: All, Security Issues

Don’t let the government or the tech giants fool you into thinking anything is changing

April 1, 2014 Leave a comment

When Bruce Schneier left the employ of BT, he finally got off the pot. His natural inclinations can now be seen. He still hasn’t criticised BT despite it being obvious that BT is no more innocent than any of the big American telecoms companies — but he told me (by email) at the time that he tried to avoid getting involved in foreign politics.

Bruce Schneier: photo by Doug Logan

Bruce Schneier — the ex-BT, anti-surveillance privacy guru

He hasn’t been 100% consistent in this. When Swedish journalists discovered Swedish involvement in the MITM NSA/GCHQ hacking program known as Quantum, he said, “Both Quantum and FoxAcid are NSA/GCHQ programs to attack computer users. The fact that Sweden is involved in these programs means that Sweden is involved in active attacks against internet users. It is not just passive monitoring. This is an active attack.”

One day we may yet hear what he knows about BT’s cooperation with GCHQ (Tempora et al).

In the meantime, he is now no longer backward in commenting on surveillance in general and the NSA in particular. An article in The Atlantic last week warns us not to listen uncritically to the protestations of either the NSA or the tech giants that now appear to be up in arms against this NSA hacking and surveillance.

The tech giants (Google, Facebook, Yahoo, Microsoft etcetera) all claim to be doing what they can to prevent further snooping. But they are not doing the one thing that would work — they are not encrypting user data on servers in a way that would be impossible for governments to demand the keys. And the reason they are not doing this is simply because the vendors and the governments both want the same thing — to be able to read our data.

The best we have are caveat-laden pseudo-assurances. At SXSW earlier this month, CEO Eric Schmidt tried to reassure the audience by saying that he was “pretty sure that information within Google is now safe from any government’s prying eyes.” A more accurate statement might be, “Your data is safe from governments, except for the ways we don’t know about and the ways we cannot tell you about. And, of course, we still have complete access to it all, and can sell it at will to whomever we want.”
Don’t Listen to Google and Facebook: The Public-Private Surveillance Partnership Is Still Going Strong

The reality is that for so long as the vendors want access to our data, the governments will be able to demand it. Neither of that is changing; although both sides are trying to pretend it is.

Categories: All, Politics, Security Issues

The UK government is simply lying about data protection reform

March 1, 2014 Leave a comment

This coming week the European Justice and Home Affairs Council (ie, national ministers from the individual national governments) will meet in Brussels. There are several items on the agenda.

Top of the list in a memo released by Viviane Redding is reform of the data protection laws. She says,

I am confident we will be able to build on the momentum injected into the negotiations by the Greek Presidency at the last informal Council meeting in January. Seeing the latest progress, I will continue working with Ministers for an adoption of the data protection reform before the end of this year.

Bottom of the list in a ministerial statement from Theresa May is reform of the data protection laws. She says,

There will be a state of play/orientation debate on the Proposal for a General data Protection Regulation. The UK continues to believe that this proposal is far from ready for a general agreement, and that no such agreement can occur until the text as a whole has been approved. The proposal remains burdensome on both public and private sector organisations and the Government would not want to see inflexible rules on transfers outside the European Economic Area which do not reflect the realities of the modern, interconnected world.

And yes, they really are talking about the same thing. Most of Europe has already agreed the data protection reform proposals; but the UK doesn’t like it and won’t play.

The problem is, providing more protection for our personal information is difficult for the UK. It would upset the three most powerful organizations in the country: GCHQ, Google and Facebook. GCHQ would have its ability to collect our private messages, photos, home videos and internet browsing habits severely curtailed — and of course nobody would want to see that.

Google and Facebook would no longer be able to ship our personal information to servers outside of the UK; that is, the US, from where the NSA/FBI could demand access while declining to allow us to be told (assuming they need to since GCHQ will probably have already intercepted the data via its taps on the fibre cables that run between the two continents and simply handed it en masse to the NSA for storage and safe keeping).

Since these negative arguments would not prove popular to the British public, they are being hidden in spurious and frankly false claims that data protection will cost business. Yes there will be some cost in protecting our data (not nearly as much as the government would like us to believe); but that will be more than compensated by the lower cost of doing business with dozens of different data protection regimes. The net effect of reforming data protection will be greater data protection at a lower overall cost.

But Theresa May doesn’t want us to understand that. She and David Cameron would like us to believe that they are protecting us when they are really just protecting vested interests and actually selling us down the river. They are willing to trade our privacy to keep GCHQ and big American business happy.

Categories: All, Politics

The American tech giants – Facebook in this instance – still don’t get it over the NSA spying programmes

February 25, 2014 Leave a comment
Zuckerberg at the 37th G8 summit in 2011 (Wikipedia)

Zuckerberg at the 37th G8 summit in 2011 (Wikipedia)

The following is a transcription of a brief interview given by Mark Zuckerberg. The original can be found on TechCrunch here.

I’ve tidied it up a bit – removed the ‘ums’ and ‘rights’ and ‘you knows’ – just to make it more legible. I struggled over that because they clearly demonstrate where Zuckerberg is comfortable and where he is not comfortable with what he says; but I went ahead because what he says rather than his level of comfort is important to me. Anyway, here’s what is left:

We take our role really seriously. I think its my job and our job to protect everyone who uses Facebook and all the information that they share with us. It’s our government’s job to protect all of us and also to protect our freedoms and protect the economy, and companies; and I think they did a bad job of balancing those things. So frankly I think that the government blew it. I think that they blew it on communicating what they [were doing]; basically the balance of what they were going for.

The morning after the start of [the scandal] breaking, people asked [the government] what they thought; and the government’s comment was, “Oh don’t worry, basically we’re not spying on any Americans.”

Right. Wonderful. That’s really helpful to companies who are trying to serve people around the world, and [it's] really gonna inspire confidence in American internet companies. Thanks for going out there and being really clear about what you’re doing. I think that was really bad.

We’ve being pushing just to get more transparency on this, and I actually think we’ve made a big difference. The big question that you get from all the coverage is, what’s the volume of the total number of requests going on? Is it closer to a thousand requests that the government is making of us, or is it closer to 100 million? I mean, from the coverage and from what the government has said you would not know the difference. But we worked really hard with the government, behind the scenes, to get to the point where we could release the aggregate number of requests. It was around 9000 in the last half year.

Does that number tell us everything we want? No. And that’s why when the conversations get to the point where we weren’t going to make further progress, we decided to sue them so that we could reveal, is it 1000 or 2000 or 3000 or 4000 or 8000 of the 9000 requests. But the reality is, because of the transparency that we pushed for, now people can know and deserve to know that the number of requests that the government is making is closer to 1000 (it’s 9000 or less in the last six months), and definitely not, you know, 10 million or 100 million…

Really, Mark? Do you think that knowing the NSA made just over 1000 requests for your customers’ details rather than 9000 makes it all right – and that they can carry on, without judicial oversight, as they are? It’s the fact, not the volume, of NSA spying that is wrong, just plain wrong. Until the American tech giants stop hiding behind their really quite meaningless ‘transparency’ demands and empty successes over the NSA, then anger – and especially non-American anger – will remain at a high level.

Oh; and did I mention the word ‘hypocrite’? Facebook suggesting that the NSA isn’t taking sufficient care over users’ privacy? Really?

Categories: All, Politics, Security Issues

Randy Abrams bids farewell to Google+

January 10, 2014 Leave a comment

Yesterday Google announced a new feature in Gmail: it integrates with Google+. Gmail will now supply the address of anyone you follow even if you don’t have, and that person has never provided, the relevant email address.

There are obvious privacy issues here. But it’s not as simple as that and there are easy opt-outs. Nevertheless, you can see how some people might be concerned. Randy Abrams is one such person. In fact, he’s so concerned, he’s dumping G+.

spacer

Abramsbyebye

spacer

Is it just me? “I’m leaving G+ because of the way they treat their users. You can find me over at Facebook…” Does nobody else find that just a wee bit, well, strange…?

Categories: All, Security Issues

Who’s doing what to protect our data?

December 9, 2013 Leave a comment

The Electronic Frontier Foundation has a fascinating graphic on which companies are doing what things to protect their customers’ – our – data in the post Prism/Snowden era.

spacer

eff

What different companies are doing to protect their customers’ data – source: EFF

spacer

What really leaps out is that the companies is that provide consumer cloud services are on our side (Dropbox, Facebook, Google and Twitter); telecommunication companies are on their side (AT&T, Comcast, Verizon); and the main OS providers (Microsoft and Apple) aren’t really sure which side their bread is buttered.

Categories: All, Politics, Security Issues

Facebook updates, and updates and updates its Android app

June 26, 2013 Leave a comment

Back in April Google amended its Google Play developer policy. It was a simple addition: “An app downloaded from Google Play may not modify, replace or update its own APK binary code using any method other than Google Play’s update mechanism.”

Simple, but far-reaching. At a stroke, it eliminated the growing threat of ‘silent updates’ to Android apps. At the time, many people thought it was specifically aimed at arch display advertising rival, Facebook. It probably was.

Facebook had been secretly experimenting with silent updates to its new Facebook Home app. Once an app has been installed with acceptable and accepted permissions, it is able to update itself with new and expanded permissions secretly (silent updates); that is, without telling the user what was happening, or what new permissions were being enacted.

But by forcing those updates to go via the Play Store, Google is able to stop them being ‘silent’. Good job, really. Facebook’s Android app has been updated — but provided you got it from Play, it cannot update itself silently.

Sarah A. Downey, a lawyer and privacy strategist with Abine, did a simple blog: eighteen words and a graphic compilation of three screenshots:

spacer

3 pages of Facebook permissions

3 pages of Facebook permissions

spacer

Her comment: “Really, Facebook? Three screens of permissions? No thanks. We don’t have that kind of relationship.”

Says it all really. If Google hadn’t insisted on updates via Play, you might never know about it this update. And if you side-load an app — for example, straight from Facebook — you might still never know about it.

So, two lessons: get your apps from Play; and dump Facebook anyway.

Categories: All, Security Issues
Follow

Get every new post delivered to your Inbox.

Join 141 other followers