Blog of the website «TechCrunch» Прогноз погоды

People

John Smith

John Smith, 49

Joined: 28 January 2014

Interests: No data

Jonnathan Coleman

Jonnathan Coleman, 32

Joined: 18 June 2014

About myself: You may say I'm a dreamer

Interests: Snowboarding, Cycling, Beer

Andrey II

Andrey II, 41

Joined: 08 January 2014

Interests: No data

David

David

Joined: 05 August 2014

Interests: No data

David Markham

David Markham, 65

Joined: 13 November 2014

Interests: No data

Michelle Li

Michelle Li, 41

Joined: 13 August 2014

Interests: No data

Max Almenas

Max Almenas, 53

Joined: 10 August 2014

Interests: No data

29Jan

29Jan, 32

Joined: 29 January 2014

Interests: No data

s82 s82

s82 s82, 26

Joined: 16 April 2014

Interests: No data

Wicca

Wicca, 37

Joined: 18 June 2014

Interests: No data

Phebe Paul

Phebe Paul, 27

Joined: 08 September 2014

Interests: No data

Артем Ступаков

Артем Ступаков, 93

Joined: 29 January 2014

About myself: Радуюсь жизни!

Interests: No data

sergei jkovlev

sergei jkovlev, 59

Joined: 03 November 2019

Interests: музыка, кино, автомобили

Алексей Гено

Алексей Гено, 8

Joined: 25 June 2015

About myself: Хай

Interests: Интерес1daasdfasf, http://apple.com

technetonlines

technetonlines

Joined: 24 January 2019

Interests: No data



Main article: Hack

<< Back Forward >>
Topics from 1 to 10 | in all: 678

Three-quarters of Americans lack confidence in tech companies’ ability to fight election interference

23:54 | 25 February

A significant majority of Americans have lost faith in tech companies’ ability to prevent the misuse of their platforms to influence the 2020 presidential election, according to a new study from Pew Research Center, released today. The study found that nearly three-quarters of Americans (74%) don’t believe platforms like Facebook, Twitter and Google will be able to prevent election interference. What’s more, this sentiment is felt by both political parties evenly.

Pew says that nearly identical shares of Republicans and Republican-leaning independents (76%) and Democrats and Democrat-leaning independents (74%) have little or no confidence in technology companies’ ability to prevent their platforms’ misuse with regard to election interference.

And yet, 78% of Americans believe it’s tech companies’ job to do so. Slightly more Democrats (81%) took this position, compared with Republicans (75%).

While Americans had similar negative feelings about platforms’ misuse ahead of the 2018 midterm elections, their lack of confidence has gotten even worse over the past year. As of January 2020, 74% of Americans report having little confidence in the tech companies, compared with 66% back in September 2018. For Democrats, the decline in trust is even greater, with 74% today feeling “not too” confident or “not at all” confident, compared with 62% in September 2018. Republican sentiment has declined somewhat during this same time, as well, with 72% expressing a lack of confidence in 2018, compared with 76% today.

Even among those who believe the tech companies are capable of handling election interference, very few (5%) of Americans feel “very” confident in their capabilities. Most of the optimists see the challenge as difficult and complex, with 20% saying they feel only “somewhat” confident.

Across age groups, both the lack of confidence in tech companies and a desire for accountability increase with age. For example, 31% of those 18 to 29 feel at least somewhat confident in tech companies’ abilities, versus just 20% of those 65 and older. Similarly, 74% of youngest adults believe the companies should be responsible for platform misuse, compared with 88% of the 65-and-up crowd.

Given the increased negativity felt across the board on both sides of the aisle, it would have been interesting to see Pew update its 2018 survey that looked at other areas of concern Republicans and Democrats had with tech platforms. The older study found that Republicans were more likely to feel social media platforms favored liberal views while Democrats were more heavily in favor of regulation and restricting false information.

Issues around election interference aren’t just limited to the U.S., of course. But news of Russia’s meddling in U.S. politics in particular — which involved every major social media platform — has helped to shape Americans’ poor opinion of tech companies and their ability to prevent misuse. The problem continues today, as Russia is being called out again for trying to intervene in the 2020 elections, according to several reports. At present, Russia’s focus is on aiding Sen. Bernie Sanders’ campaign in order to interfere with the Democratic primary, the reports said.

Meanwhile, many of the same vulnerabilities that Russia exploited during the 2016 elections remain, including the platforms’ ability to quickly spread fake news, for example. Russia is also working around blocks the tech companies have erected in an attempt to keep Russian meddling at bay. One report from The NYT said Russian hackers and trolls were now better at covering their tracks and were even paying Americans to set up Facebook pages to get around Facebook’s ban on foreigners buying political ads.

Pew’s report doesn’t get into any details as to why Americans have lost so much trust in tech companies since the last election, but it’s likely more than just the fallout from election interference alone. Five years ago, tech companies were viewed largely as having a positive impact on the U.S., Pew had once reported. But Americans no longer feel as they did, and now only around half of U.S. adults believe the companies are having a positive impact.

More Americans are becoming aware of how easily these massive platforms can be exploited and how serious the ramifications of those exploits have become across a number of areas, including personal privacy. It’s not surprising then that user sentiment around how well tech companies are capable of preventing election interference has declined, too, along with all the rest.

 


0

New Early Stage speakers to talk fundraising strategies, growth marketing and PR

19:44 | 18 February

TC Early Stage SF goes down on April 28, and we are getting pretty damn excited about it!

The show will bring together 50+ experts across startup core competencies, such as fundraising, operations and marketing. We’ll hear from VCs on how to create the perfect pitch deck and how to identify the right investors for you. We’ll hear from lawyers on how to navigate the immigration process when hiring, and how to negotiate the cap table. And we’ll hear from growth hackers on how to build a high-performance SEO engine, and PR experts on how to tell your brand’s story.

And that’s just the tip of the iceberg.

Today, I’m pleased to announce four more breakout sessions.


Lo Toney

Toney is the founding managing partner of Plexo Capital, which was incubated and spun out from GV. Before Plexo, Toney was a partner with Comcast Ventures, where he led the Catalyst Fund, and then moved to GV where he focused on marketplace, mobile and consumer products. Toney also has operational experience, having served as the GM of Zynga Poker, the company’s largest franchise at the time.

Think Like a PM for VC Pitch Success

Your pitchdeck is not just a reflection of your business, it’s a product unto itself. Your startup’s success, and avoiding the end of your runway, depends on the conversion rate of that product. Hear from Plexo Capital founding partner Lo Toney about how thinking like a PM when crafting your pitch deck can produce outstanding results.


Krystina Rubino and Lindsay Piper Shaw

Shaw and Rubino are marketing consultants for Right Side Up, a growth marketing consultancy. Prior to Right Side Up, Shaw scaled podcast campaigns for brands like quip, Lyft and Texture, and has worked with brands like McDonald’s, Honda, ampm, and Tempur Sealy. Rubino has worked with companies across all stages and sizes, including Advil, DoorDash, P&G, Lyft and Stitch Fix.

Why You Need Podcasts in Your Growth Marketing Mix

Podcast advertising is widely viewed as a nascent medium, but smart companies know it can be a powerful channel in their marketing mix. Opportunity is ripe — get in early and you can own the medium, box out competitors and catapult your growth. Krystina Rubino and Lindsay Piper Shaw have launched and scaled successful podcast ad campaigns for early-stage startups and household name brands and will be sharing their strategies for companies to succeed in this often misunderstood channel.


Jake Saper

Jake Saper, the son of serial co-founders, has been obsessed with entrepreneurialism from a young age. His origin in venture capital started at Kleiner Perkins, and he moved on to become a partner at Emergence in 2014, where he became a Kauffman Fellow. He serves on the boards of Textio, Guru, Ironclad, DroneDeploy, and Vymo, and his self-described “nerdy love” of frameworks has only grown over the years.

When It Comes to Fundraising, Timing Is Everything

There are some shockingly common timing mistakes founders make that can turn an otherwise successful fundraise into a failure. We’ll talk through how to avoid them and how to sequence efforts from the time you close your seed to ensure you find the right partner (at the right price!) for Series A and beyond.


April Conyers

Conyers has been in the communications industry for 15 years, currently serving as the senior director of Corporate Communications at Postmates . Before Postmates, Conyers served as a VP at Brew PR, working with clients like Automattic, NetSuite, Oracle, Doctor on Demand and about.me. During that time, she also found herself on BI’s “The 50 Best Public Relations People In The Tech Industry In 2014” list.

The Media Is Misunderstood, But Your Company Shouldn’t Be

With the media industry in a state of flux, navigating the process of telling your story can be confusing and overwhelming. Hear from Postmates Senior Director of Corporate Communication April Conyers on how startups should think about PR, and how to get your message across in a hectic media landscape.


Early Stage SF goes down on April 28, with more than 50 breakout sessions to choose from. However, don’t worry about missing a breakout session, because transcripts from each will be available to show attendees. And most of the folks leading the breakout sessions have agreed to hang at the show for at least half the day and participate in CrunchMatch, TechCrunch’s great app to connect founders and investors based on shared interests.

Here’s the fine print. Each of the 50+ breakout sessions is limited to around 100 attendees. We expect a lot more attendees, of course, so signups for each session are on a first-come, first-serve basis. Buy your ticket today and you can sign up for the breakouts we are announcing today, as well as those already announced. Pass holders will also receive 24-hour advance notice before we announce the next batch. (And yes, you can “drop” a breakout session in favor of a new one, in the event there is a schedule conflict.)

So get your TC Early Stage: San Francisco pass today, and get the inside track on the sessions we announced today, as well as the ones to be announced in the coming weeks.

Possible sponsor? Hit us up right here.

 


0

TechCrunch’s Top 10 investigative reports from 2019

17:30 | 19 January

Facebook spying on teens, Twitter accounts hijacked by terrorists, and sexual abuse imagery found on Bing and Giphy were amongst the ugly truths revealed by TechCrunch’s investigating reporting in 2019. The tech industry needs more watchdogs than ever as its size enlargens the impact of safety failures and the abuse of power. Whether through malice, naivety, or greed, there was plenty of wrongdoing to sniff out.

Led by our security expert Zack Whittaker, TechCrunch undertook more long-form investigations this year to tackle these growing issues. Our coverage of fundraises, product launches, and glamorous exits only tell half the story. As perhaps the biggest and longest running news outlet dedicated to startups (and the giants they become), we’re responsible for keeping these companies honest and pushing for a more ethical and transparent approach to technology.

If you have a tip potentially worthy of an investigation, contact TechCrunch at tips@techcrunch.com or by using our anonymous tip line’s form.

Image: Bryce Durbin/TechCrunch

Here are our top 10 investigations from 2019, and their impact:

Facebook pays teens to spy on their data

Josh Constine’s landmark investigation discovered that Facebook was paying teens and adults $20 in gift cards per month to install a VPN that sent Facebook all their sensitive mobile data for market research purposes. The laundry list of problems with Facebook Research included not informing 187,000 users the data would go to Facebook until they signed up for “Project Atlas”, not receiving proper parental consent for over 4300 minors, and threatening legal action if a user spoke publicly about the program. The program also abused Apple’s enterprise certificate program designed only for distribution of employee-only apps within companies to avoid the App Store review process.

The fallout was enormous. Lawmakers wrote angry letters to Facebook. TechCrunch soon discovered a similar market research program from Google called Screenwise Meter that the company promptly shut down. Apple punished both Google and Facebook by shutting down all their employee-only apps for a day, causing office disruptions since Facebookers couldn’t access their shuttle schedule or lunch menu. Facebook tried to claim the program was above board, but finally succumbed to the backlash and shut down Facebook Research and all paid data collection programs for users under 18. Most importantly, the investigation led Facebook to shut down its Onavo app, which offered a VPN but in reality sucked in tons of mobile usage data to figure out which competitors to copy. Onavo helped Facebook realize it should acquire messaging rival WhatsApp for $19 billion, and it’s now at the center of anti-trust investigations into the company. TechCrunch’s reporting weakened Facebook’s exploitative market surveillance, pitted tech’s giants against each other, and raised the bar for transparency and ethics in data collection.

Protecting The WannaCry Kill Switch

Zack Whittaker’s profile of the heroes who helped save the internet from the fast-spreading WannaCry ransomware reveals the precarious nature of cybersecurity. The gripping tale documenting Marcus Hutchins’ benevolent work establishing the WannaCry kill switch may have contributed to a judge’s decision to sentence him to just one year of supervised release instead of 10 years in prison for an unrelated charge of creating malware as a teenager.

The dangers of Elon Musk’s tunnel

TechCrunch contributor Mark Harris’ investigation discovered inadequate emergency exits and more problems with Elon Musk’s plan for his Boring Company to build a Washington D.C.-to-Baltimore tunnel. Consulting fire safety and tunnel engineering experts, Harris build a strong case for why state and local governments should be suspicious of technology disrupters cutting corners in public infrastructure.

Bing image search is full of child abuse

Josh Constine’s investigation exposed how Bing’s image search results both showed child sexual abuse imagery, but also suggested search terms to innocent users that would surface this illegal material. A tip led Constine to commission a report by anti-abuse startup AntiToxin (now L1ght), forcing Microsoft to commit to UK regulators that it would make significant changes to stop this from happening. However, a follow-up investigation by the New York Times citing TechCrunch’s report revealed Bing had made little progress.

Expelled despite exculpatory data

Zack Whittaker’s investigation surfaced contradictory evidence in a case of alleged grade tampering by Tufts student Tiffany Filler who was questionably expelled. The article casts significant doubt on the accusations, and that could help the student get a fair shot at future academic or professional endeavors.

Burned by an educational laptop

Natasha Lomas’ chronicle of troubles at educational computer hardware startup pi-top, including a device malfunction that injured a U.S. student. An internal email revealed the student had suffered a “a very nasty finger burn” from a pi-top 3 laptop designed to be disassembled. Reliability issues swelled and layoffs ensued. The report highlights how startups operating in the physical world, especially around sensitive populations like students, must make safety a top priority.

Giphy fails to block child abuse imagery

Sarah Perez and Zack Whittaker teamed up with child protection startup L1ght to expose Giphy’s negligence in blocking sexual abuse imagery. The report revealed how criminals used the site to share illegal imagery, which was then accidentally indexed by search engines. TechCrunch’s investigation demonstrated that it’s not just public tech giants who need to be more vigilant about their content.

Airbnb’s weakness on anti-discrimination

Megan Rose Dickey explored a botched case of discrimination policy enforcement by Airbnb when a blind and deaf traveler’s reservation was cancelled because they have a guide dog. Airbnb tried to just “educate” the host who was accused of discrimination instead of levying any real punishment until Dickey’s reporting pushed it to suspend them for a month. The investigation reveals the lengths Airbnb goes to in order to protect its money-generating hosts, and how policy problems could mar its IPO.

Expired emails let terrorists tweet propaganda

Zack Whittaker discovered that Islamic State propaganda was being spread through hijacked Twitter accounts. His investigation revealed that if the email address associated with a Twitter account expired, attackers could re-register it to gain access and then receive password resets sent from Twitter. The article revealed the savvy but not necessarily sophisticated ways terrorist groups are exploiting big tech’s security shortcomings, and identified a dangerous loophole for all sites to close.

Porn & gambling apps slip past Apple

Josh Constine found dozens of pornography and real-money gambling apps had broken Apple’s rules but avoided App Store review by abusing its enterprise certificate program — many based in China. The report revealed the weak and easily defrauded requirements to receive an enterprise certificate. Seven months later, Apple revealed a spike in porn and gambling app takedown requests from China. The investigation could push Apple to tighten its enterprise certificate policies, and proved the company has plenty of its own problems to handle despite CEO Tim Cook’s frequent jabs at the policies of other tech giants.

Bonus: HQ Trivia employees fired for trying to remove CEO

This Game Of Thrones-worthy tale was too intriguing to leave out, even if the impact was more of a warning to all startup executives. Josh Constine’s look inside gaming startup HQ Trivia revealed a saga of employee revolt in response to its CEO’s ineptitude and inaction as the company nose-dived. Employees who organized a petition to the board to remove the CEO were fired, leading to further talent departures and stagnation. The investigation served to remind startup executives that they are responsible to their employees, who can exert power through collective action or their exodus.

If you have a tip for Josh Constine, you can reach him via encrypted Signal or text at (585)750-5674, joshc at TechCrunch dot com, or through Twitter DMs

 


0

Microsoft and NSA say security bug affects millions of Windows 10 computers

21:00 | 14 January

Microsoft has released a security patch for a dangerous vulnerability affecting hundreds of millions of computers running Windows 10.

The vulnerability is found in a decades-old Windows cryptographic component, known as CryptoAPI. The component has a range of functions, one of which allows developers digitally sign their software, proving that the software has not been tampered with. But the bug may allow attackers to spoof legitimate software, potentially making it easier to run malicious software — like ransomware — on a vulnerable computer.

“The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider,” Microsoft said.

Microsoft said it found no evidence to show that the bug has been actively exploited by attackers, and classified the bug as “important.”

Independent security journalist Brian Krebs first reported details of the bug.

The National Security Agency confirmed in a call with reporters that it found the vulnerability and turned over the details to Microsoft, allowing the company to build and ready a fix.

Only two years ago the spy agency was criticized for finding and using a Windows vulnerability to conduct surveillance instead of alerting Microsoft to the flaw. The agency used the vulnerability to create an exploit, known as EternalBlue, as a way to secretly backdoor vulnerable computers. But the exploit was later leaked and was used to infect thousands of computers with the WannaCry ransomware, causing millions of dollars worth of damage.

Anne Neuberger, NSA’s director of cybersecurity, told TechCrunch that once the vulnerability was discovered, it went through the vulnerabilities equities process, a decision-making process used by the government to determine if it should retain control of the flaw for use in offensive security operations or if it should be disclosed to the vendor.

“Our goal is to be a good cybersecurity partner,” she said.

Neuberger confirmed Microsoft’s findings that NSA had not seen attackers actively exploiting the bug.

Jake Williams, a former NSA hacker and founder of Rendition Infosec, told TechCrunch that it was “encouraging” that the flaw was turned over “rather than weaponized.”

“This one is a bug that would likely be easier for governments to use than the common hacker,” he said. “This would have been an ideal exploit to couple with man in the middle network access.”

Microsoft is said to have released patches for Windows 10 and Windows Server 2016, which is also affected, to the U.S. government, military, and other high-profile companies ahead of Tuesday’s release to the wider public, amid fears that the bug would be abused and vulnerable computers could come under active attack.

The software giant kept a tight circle around the details of the vulnerabilities, with few at the company fully aware of their, sources told TechCrunch. Only a few outside the company and the NSA — such as the government’s cybersecurity advisory unit Cybersecurity and Infrastructure Security Agency — were briefed.

CISA also issued a directive, compelling federal agencies to patch the vulnerabilities.

Williams said this now-patched flaw is like “a skeleton key for bypassing any number of endpoint security controls,” he told TechCrunch.

Skilled attackers have long tried to pass off their malware as legitimate software, in some cases by obtaining and stealing certificates. Last year, attackers stole a certificate belonging to computer maker Asus to sign a backdoored version of its software update tool. By pushing the tool to the company’s own servers, “hundreds of thousands” of Asus customers were compromised as a result.

When certificates are lost or stolen, they can be used to impersonate the app maker, allowing them to sign malicious software and make it look like it came from the original developer.

Dmitri Alperovitch, co-founder and chief technology officer at security firm CrowdStrike, said

that the NSA-discovered bug was a “critical issue.”

“Everyone should patch. Do not wait,” he said.

 


0

Mozilla says a new Firefox security bug is under active attack

18:10 | 10 January

Mozilla has warned Firefox users to update their browser to the latest version after security researchers found a vulnerability that hackers were actively exploiting in “targeted attacks” against users.

The vulnerability, found by Chinese security company Qihoo 360, was found in Firefox’s just-in-time compiler. The compiler is tasked with speeding up performance of JavaScript to make websites load faster. But researchers found that the bug could allow malicious JavaScript to run outside of the browser on the host computer.

In practical terms, that means an attacker can quietly break into a victim’s computer by tricking the victim into accessing a website running malicious JavaScript code.

But Qihoo did not say precisely how the bug was exploited, who the attackers were, or who was targeted.

Browser vulnerabilities are a hot commodity in security circles as they can be used to infect vulnerable computers — often silently and without the user noticing — and be used to deliver malware or ransomware. Browsers are also a target for nation states and governments and their use of surveillance tools, known as network investigative techniques — or NITs. These vulnerability-exploiting tools have been used by federal agents to spy on and catch criminals. But these tools have drawn ire from the security community because the feds’ failure to disclose the bugs to the software makers could result in bad actors exploiting the same vulnerabilities for malicious purposes.

Mozilla issued the security advisory for Firefox 72, which had only been out for two days before the vulnerability was found.

Homeland Security’s cyber advisory unit, the Cybersecurity and Infrastructure Security Agency, also issued a security warning, advising users to update to Firefox 72.0.1, which fixes the vulnerability. Little information was given about the bug, only that it could be used to “take control of an affected system.”

Firefox users can update their browser from the settings.

 


0

Facebook data misuse and voter manipulation back in the frame with latest Cambridge Analytica leaks

18:17 | 6 January

More details are emerging about the scale and scope of disgraced data company Cambridge Analytica’s activities in elections around the world — via a cache of internal documents that’s being released by former employee and self-styled whistleblower, Brittany Kaiser.

The now shut down data modelling company, which infamously used stolen Facebook data to target voters for President Donald Trump’s campaign in the 2016 U.S. election, was at the center of the data misuse scandal that, in 2018, wiped billions off Facebook’s share price and contributed to a $5BN FTC fine for the tech giant last summer.

However plenty of questions remain, including where, for whom and exactly how Cambridge Analytica and its parent entity SCL Elections operated; as well as how much Facebook’s leadership knew about the dealings of the firm that was using its platform to extract data and target political ads — helped by some of Facebook’s own staff.

Certain Facebook employees were referring to Cambridge Analytica as a “sketchy” company as far back as September 2015 — yet the tech giant only pulled the plug on platform access after the scandal went global in 2018.

Facebook CEO Mark Zuckerberg has also continued to maintain that he only personally learned about CA from a December 2015 Guardian article, which broke the story that Ted Cruz’s presidential campaign was using psychological data based on research covering tens of millions of Facebook users, harvested largely without permission. (It wasn’t until March 2018 that further investigative journalism blew the lid off the story — turning it into a global scandal.)

Former Cambridge Analytica business development director Kaiser, who had a central role in last year’s Netflix documentary about the data misuse scandal (The Great Hack), began her latest data dump late last week — publishing links to scores of previously unreleased internal documents via a Twitter account called @HindsightFiles. (At the time of writing Twitter has placed a temporary limit on viewing the account — citing “unusual activity”, presumably as a result of the volume of downloads it’s attracting.)

Since becoming part of the public CA story Kaiser has been campaigning for Facebook to grant users property rights over their data. She claims she’s releasing new documents from her former employer now because she’s concerned this year’s US election remains at risk of the same type of big-data-enabled voter manipulation that tainted the 2016 result.

“I’m very fearful about what is going to happen in the US election later this year, and I think one of the few ways of protecting ourselves is to get as much information out there as possible,” she told The Guardian.

“Democracies around the world are being auctioned to the highest bidder,” is the tagline clam on the Twitter account Kaiser is using to distribute the previously unpublished documents — more than 100,000 of which are set to be released over the coming months, per the newspaper’s report.

The releases are being grouped into countries — with documents to-date covering Brazil, Kenya and Malaysia. There is also a themed release dealing with issues pertaining to Iran, and another covering CA/SCL’s work for Republican John Bolton’s Political Action Committee in the U.S.

The releases look set to underscore the global scale of CA/SCL’s social media-fuelled operations, with Kaiser

that the previously unreleased emails, project plans, case studies and negotiations span at least 65 countries.

A spreadsheet of associate officers included in the current cache lists SCL associates in a large number of countries and regions including Australia, Argentina, the Balkans, India, Jordan, Lithuania, the Philippines, Switzerland and Turkey, among others. A second tab listing “potential” associates covers political and commercial contacts in various other places including Ukraine and even China.

A UK parliamentary committee which investigated online political campaigning and voter manipulation in 2018 — taking evidence from Kaiser and CA whistleblower Chris Wylie, among others — urged the government to audit the PR and strategic communications industry, warning in its final report how “easy it is for discredited companies to reinvent themselves and potentially use the same data and the same tactics to undermine governments, including in the UK”.

“Data analytics firms have played a key role in elections around the world. Strategic communications companies frequently run campaigns internationally, which are financed by less than transparent means and employ legally dubious methods,” the DCMS committee also concluded.

The committee’s final report highlighted election and referendum campaigns SCL Elections (and its myriad “associated companies”) had been involved in in around thirty countries. But per Kaiser’s telling its activities — and/or ambitions — appear to have been considerably broader and even global in scope.

Documents released to date include a case study of work that CA was contracted to carry out in the U.S. for Bolton’s Super PAC — where it undertook what is described as “a personality-targeted digital advertising campaign with three interlocking goals: to persuade voters to elect Republican Senate candidates in Arkansas, North Carolina and New Hampshire; to elevate national security as an issue of importance and to increase public awareness of Ambassador Bolton’s Super PAC”.

Here CA writes that it segmented “persuadable and low-turnout voter populations to identify several key groups that could be influenced by Bolton Super PAC messaging”, targeting them with online and Direct TV ads — designed to “appeal directly to specific groups’ personality traits, priority issues and demographics”. 

Psychographic profiling — derived from CA’s modelling of Facebook user data — was used to segment U.S. voters into targetable groups, including for serving microtargeted online ads. The company badged voters with personality-specific labels such as “highly neurotic” — targeting individuals with customized content designed to pray on their fears and/or hopes based on its analysis of voters’ personality traits.

The process of segmenting voters by personality and sentiment was made commercially possible by access to identity-linked personal data — which puts Facebook’s population-scale collation of identities and individual-level personal data squarely in the frame.

It was a cache of tens of millions of Facebook profiles, along with responses to a personality quiz app linked to Facebook accounts, which was sold to Cambridge Analytica in 2014, by a company called GSR, and used to underpin its psychographic profiling of U.S. voters.

In evidence to the DCMS committee last year GSR’s co-founder, Aleksandr Kogan, argued that Facebook did not have a “valid” developer policy at the time, since he said the company did nothing to enforce the stated T&Cs — meaning users’ data was wide open to misappropriation and exploitation.

The UK’s data protection watchdog also took a dim view. In 2018 it issued Facebook with the maximum fine possible, under relevant national law, for the CA data breach — and warned in a report that democracy is under threat. The country’s information commissioner also called for an “ethical pause” of the use of online microtargeting ad tools for political campaigning.

No such pause has taken place.

Meanwhile for its part, since the Cambridge Analytica scandal snowballed into global condemnation of its business, Facebook has made loud claims to be ‘locking down’ its platform — including saying it would conduct an app audit and “investigate all apps that had access to large amounts of information”; “conduct a full audit of any app with suspicious activity”; and “ban any developer from our platform that does not agree to a thorough audit”.

However, close to two years later, there’s still no final report from the company on the upshot of this self ‘audit’.

And while Facebook was slapped with a headline-grabbing FTC fine on home soil, there was in fact no proper investigation; no requirement for it to change its privacy-hostile practices; and blanket immunity for top execs — even for any unknown data violations in the 2012 to 2018 period. So, ummm

In another highly curious detail, GSR’s other co-founder, a data scientist called Joseph Chancellor, was in fact hired by Facebook in late 2015. The tech giant has never satisfactorily explained how it came to recruit one of the two individuals at the center of a voter manipulation data misuse scandal which continues to wreak hefty reputational damage on Zuckerberg and his platform. But being able to ensure Chancellor was kept away from the press during a period of intense scrutiny looks pretty convenient.

Last fall, the GSR co-founder was reported to have left Facebook — as quietly, and with as little explanation given, as when he arrived on the tech giant’s payroll.

So Kaiser seems quite right to be concerned that the data industrial complex will do anything to keep its secrets — given it’s designed and engineered to sell access to yours. Even as she has her own reasons to want to keep the story in the media spotlight.

Platforms whose profiteering purpose is to track and target people at global scale — which function by leveraging an asymmetrical ‘attention economy’ — have zero incentive to change or have change imposed upon them. Not when the propaganda-as-a-service business remains in such high demand, whether for selling actual things like bars of soap, or for hawking ideas with a far darker purpose.

 


0

Essential tools for today’s digital nomad

18:37 | 6 December

Dave Williams Contributor
A serial entrepreneur in the digital marketing, advertising, and ad tech industries, Dave Williams founded and sold 360i, IgnitionOne, BLiNQ Media, and other ventures and is now the CEO and Co-founder of NOMADX, with his base in Lisbon, Portugal.

The world isn’t ready for the digital nomad movement.

If projections are to be believed, the growing trend in how people choose to live and work is fast outpacing the service and policy enhancements needed to keep up with a borderless workforce bound only by its need for a reliable Wi-Fi connection. But that’s not slowing down the nomads.

that there could be as many as one billion remote workers by 2035. Such a movement has implications for entities ranging from banks and insurance companies to national governments — but few organizations are in the habit of looking 15 years down the road and altering course appropriately. But even short-term, the numbers deserve our attention: about 59 million people are considering joining the digital nomad movement in the next two to three years.

Put another way: in the next 24 to 36 months, roughly the population of Italy plans to sever traditional workplace ties so they can go mobile. How are our global services and infrastructures going to accommodate these individuals?

Having spent more than six years as a digital nomad myself, I can tell you that there’s a steep learning curve to this lifestyle. While it’s one that I’ve found well worth the effort, tapping into the networks and services needed to sustain my professional and personal networks hasn’t always been easy. Looking back to when I first gave into my wanderlust, after starting my career in the late ‘90s dot-com era as a serial entrepreneur in the U.S. digital marketing and ad tech industries, I can’t help but muse that I wish I knew then what I know now.

So for all of those aspiring or early stage nomads out there, in hopes that your own transitions to the nomadic lifestyle might be easier than my own, I’m here to tell you what I know now. While we can expect to see a great deal of change over the next couple decades, as the world economy races to catch up to the digital nomad movement, these are the essential considerations — and your best options — when it comes to the core elements needed to sustain yourself in your nomadic ramblings today.

Accommodations

Let’s start with the basics: where to live.

It’s almost impossible for digital nomads to find suitable accommodations at fair prices within major U.S. metropolitan areas that foster the standard of living they’re seeking. That’s one of the main reasons why so many nomads are ending up in Asian countries and other economical international destinations. In addition to being lower-cost, these destinations offer desirable alternatives to city environments where the standard 9-5 is required to afford everything the city has to offer.

When it comes to finding a place to live, whether for a few days or many months, there are a lot of options. The one that makes the most sense has a lot to do with your individual situation and preferences. Most important is having a place to stay with strong Wi-Fi. Consider:

Airbnb: Given its popularity for vacation rentals, a lot of new nomads initially turn here. While it allows for a more “at home” feel in a rental (because it is someone’s home), it can quickly become cost-prohibitive. Airbnb is great for short-term rentals, but comparatively expensive for anything more than a couple weeks.

Booking and Agoda: Similar to Airbnb, but these sites are more professional in that they’re mostly used by professionally-run apartments, hotels and resorts. All are great for those who are looking for more services with their accommodations. But they don’t always have the home-like feel that many nomads crave, and like Airbnb, they can get expensive fast.

Facebook Groups: A number of Facebook Groups for digital nomads have emerged recently. These groups can be handy because they let guests and hosts connect directly and come to mutually agreeable arrangements. However, these groups aren’t a rental platform. Guests don’t have access to reviews or an easy way to issue payments confidently. So while accommodations can be a bit more affordable when organized through groups, it’s hard to know what you’re going to get.

Hostels: As any rambling college student can attest, hostels are an affordable, social way to see the world. But living at a hostel offers little privacy and near-constant disruption, often of the drunken partying variety. It’s not a terribly viable route for nomadic couples or anyone looking for living space that can also double as an office. 

Hotels: On the flip side, hotels are great for couples. But for nomads spending weeks or even months abroad, they’re expensive and can be isolating for people looking to truly immerse themselves in new local cultures. Hotels are best reserved for short-term expeditions.

VIP hostels (e.g., Selina): This new breed of the hostel experience offers a great combination of co-working and social connections that help nomads connect with like-minded people. They provide some level of privacy, but these accommodations — like others — become expensive in the long term if you want your own bedroom.

Co-living spaces: As with co-working spaces, there’s a growing movement in which digital nomads come together to share the cost of living accommodations, which range from multi-bedroom apartments to large-scale co-living buildings complete with kitchens, shared and private bathrooms, working and community spaces. These environments are great for making connections while having access to privacy when needed, but branded co-living spaces will still cost more than a local midterm apartment.

Midterm rental platforms: For nomads looking to stay in one place for a month or more and truly soak in the culture, midterm rental platforms represent a more-affordable alternative to platforms like Airbnb. These platforms (full disclosure: I now operate one of them, by the name of NomadX) offer affordable month-to-month options with fast Wi-Fi in everyday neighborhoods, which enables you to connect more deeply with the local community without an overly long commitment. That said, this category is still quite new, so midterm rental inventory might be limited or nonexistent in the market you’re considering.

Couchsurfing: Finally, I’d be remiss not to mention Couchsurfing, a social network for travelers and nomads that makes it possible to connect directly with locals and even crash on their sofas for free. That said, Couchsurfing is only designed for short-term stays, it’s not very professional and it’s quickly evolving into more of a dating/hook-up platform than anything else.

Also, a quick note on Wi-Fi: No matter where you stay, you’ll need to ensure you can always be connected in order to stay on top of work. While you can check with your current mobile provider on international roaming plans, the coverage might be limited and ultimately become expensive. You might instead want to consider buying a local SIM card in every country and using it with your smartphone. That way, you can use your phone as a hotspot and get internet on your laptop. In a pinch, though, it’s good to have a backup mobile hotspot option. (For example, I travel with a Skyroam Solis.)

Insurance

We digital nomads are risk takers by nature, but that doesn’t mean we don’t want or appreciate a safety net. After all, having an accident isn’t a choice. Unfortunately, if nomads can’t get coverage for a fair price, many opt to forego insurance altogether and end up resorting to crowdfunding if they end up in a bad situation. I’ve had several friends get into accidents in foreign countries, and they couldn’t get proper medical treatment until they’d crowdfunded the needed resources. This is a worst-case scenario, and it’s one that I hope becomes a thing of the past as more borderless options for insurance emerge.

 


0

A bug in Microsoft’s login system put users at risk of account hijacks

18:00 | 2 December

Microsoft has fixed a vulnerability in its login system, which security researchers say could have been used to trick unsuspecting victims into giving over complete access to their online accounts.

The bug allowed attackers to quietly steal account tokens, which websites and apps use to grant users access to their accounts without having them to constantly re-enter their passwords. These tokens are created by an app or a website in place of a username and password after a user logs in. That keeps the user persistently logged into the site, but also allows users to access third-party apps and websites without having to directly hand over their passwords.

Researchers at Israeli cybersecurity company CyberArk found that Microsoft left open an accidental loophole which, if exploited, could’ve been used to siphon off these account tokens used to access that victim’s account — potentially without ever alerting the user.

CyberArk’s latest research, shared exclusively with TechCrunch, found dozens of unregistered subdomains connected to a handful of apps built by Microsoft. These in-house apps are highly trusted and as such, associated subdomains can be used to generate access tokens automatically without requiring any explicit consent from the user.

With the subdomains in hand, all an attacker would need is trick an unsuspecting victim into clicking on a specially crafted link in an email or on a website, and the token can be stolen.

In some cases, the researchers said, this could be done in a “zero-click” way, which as the name suggests requires almost no user interaction at all. A malicious website hiding an embedded webpage could silently trigger the same request as a link in a malicious email to steal a user’s account token.

Luckily, the researchers registered as many of the subdomains they could find from the vulnerable Microsoft apps to prevent any malicious misuse, but warned there could be more.

The security flaw was reported to Microsoft in late October and was fixed three weeks later.

“We resolved the issue with the applications mentioned in this report in November and customers remain protected,” said a Microsoft spokesperson.

It’s not the first time Microsoft has acted to fix a bug in its login system. Almost exactly a year ago, the software and services giant fixed a similar vulnerability in which researchers were allowed to alter the records of an improperly configured Microsoft subdomain and steal Office account tokens.

Read more:

 


0

More than 1 million T-Mobile customers exposed by breach

03:25 | 23 November

T-Mobile has confirmed a data breach affecting more than a million of its customers, whose personal data (but no financial or password data) was exposed to a malicious actor. The company alerted the affected customers but did not provide many details in its official account of the hack.

The company said in its disclosure to affected users that its security team had shut down “malicious, unauthorized access” to prepaid data customers. The data exposed appears to have been:

  • Name
  • Billing address
  • Phone number
  • Account number
  • Rate, plan, and calling features (such as paying for international calls)

The latter data is considered “customer proprietary network information” and under telecoms regulations they are required to notify customers if it is leaked. The implication seems to be that they might not have done so otherwise. Of course some hacks, even hacks of historic magnitude, go undisclosed sometimes for years.

In this case however it seems that T-Mobile has disclosed the hack in a fairly prompt manner, though it provided very few details. When I asked, a T-Mobile representative indicated that “less than 1.5 percent” of customers were affected, which of the company’s approximately 75 million users adds up to somewhat over a million.

The company reports that “we take the security of your information very seriously,” a canard we’ve asked companies to stop saying in these situations.

The T-Mobile representative stated that the attack was discovered in early November and shut down “immediately.” They did not answer other questions I asked, such as whether it was on a public-facing or internal website or database, how long the data was exposed, and what specifically the company had done to rectify the problem.

The data listed above is not necessarily highly damaging on its own, but it’s the kind of data with which someone might attempt to steal your identity or take over your account. Account hijacking is a fairly common tactic among cyber-ne’er-do-wells these days and it helps to have details like the target’s plan, home address, and so on at one’s fingertips.

If you’re a T-Mobile customer, it may be a good idea to change your password there and check up on your account details.

 


0

Chinese spy defects to Australia, alleging election interference and cybercrimes

02:24 | 23 November

A purported agent of the Chinese intelligence service is seeking asylum in Australia, bringing with him explosive allegations of widespread interference in political affairs in that country, Taiwan, and elsewhere. He claims also to have run a cyberterrorism campaign against supporters of Hong Kong independence.

Wang “William” Liqiang, indicated to Australian news outlet The Age that during a deep cover assignment intended to manipulate the 2020 presidential election in Taiwan, he decided to defect and expose the Chinese networks from abroad.

In addition to The Age, Wang spoke with the Sydney Morning Herald and 60 Minutes; the various outlets appear to be planning a broader release of the contents of his interviews on Monday.

Wang has reportedly explained in detail the inner workings of a Hong Kong-listed company called China Innovation Investment Limited, which the government has allegedly been using as a front to infiltrate various universities, political groups, and media companies.

He claims to have personally been involved in the infamous kidnapping of Lee Bo and other booksellers in Hong Kong whose disappearance prompted widespread protests.

He also says that he helped direct a “cyber army” to dox, attack, and otherwise harass Hong Kong’s independence protestors, and that he was working on establishing one to affect the 2020 election in Taiwan.

Operations in Australia and other countries were implied but not detailed in initial reports of Wang’s defection. He is reportedly currently at an undisclosed location in Sydney pending formal protections from the Australian government.

More information is expected to be revealed on Monday by the outlets Wang spoke to, so stay tuned.

 


0
<< Back Forward >>
Topics from 1 to 10 | in all: 678

Site search


Last comments

Walmart retreats from its UK Asda business to hone its focus on competing with Amazon
Peter Short
Good luck
Peter Short

Evolve Foundation launches a $100 million fund to find startups working to relieve human suffering
Peter Short
Money will give hope
Peter Short

Boeing will build DARPA’s XS-1 experimental spaceplane
Peter Short
Great
Peter Short

Is a “robot tax” really an “innovation penalty”?
Peter Short
It need to be taxed also any organic substance ie food than is used as a calorie transfer needs tax…
Peter Short

Twitter Is Testing A Dedicated GIF Button On Mobile
Peter Short
Sounds great Facebook got a button a few years ago
Then it disappeared Twitter needs a bottom maybe…
Peter Short

Apple’s Next iPhone Rumored To Debut On September 9th
Peter Short
Looks like a nice cycle of a round year;)
Peter Short

AncestryDNA And Google’s Calico Team Up To Study Genetic Longevity
Peter Short
I'm still fascinated by DNA though I favour pure chemistry what could be
Offered is for future gen…
Peter Short

U.K. Push For Better Broadband For Startups
Verg Matthews
There has to an email option icon to send to the clowns in MTNL ... the govt of India's service pro…
Verg Matthews

CrunchWeek: Apple Makes Music, Oculus Aims For Mainstream, Twitter CEO Shakeup
Peter Short
Noted Google maybe grooming Twitter as a partner in Social Media but with whistle blowing coming to…
Peter Short

CrunchWeek: Apple Makes Music, Oculus Aims For Mainstream, Twitter CEO Shakeup
Peter Short
Noted Google maybe grooming Twitter as a partner in Social Media but with whistle blowing coming to…
Peter Short