Posts tagged "Sileo"
When you read the recent blog post from Facebook about how they’re going to “Make Ads Better” and “Give People More Control”, you really want to believe them. You want to believe that they’re really just trying to make your life easier by providing ads relevant to your “likes” and apps you choose to install. Sure, if I have the MLB app, why wouldn’t I want to know about a sale on caps for my favorite ball team? Or if I’m an exercise nut, getting the latest gear for my next triathlon might be really important to me and save me the time of searching for it.
But the bottom line is this: Facebook is going back on something they promised years ago. Not only are they using our likes and apps to market to us, they’re also using our browsing history to target ads. They can “only” use information from sites that have Facebook buttons (to like, recommend or share) or that you can login to with your Facebook account, but these days, that’s practically any site!
Facebook Privacy Settings… Some may say it’s too little, too late. I’m relieved that Facebook is finally responding to concerns about their confusing and weak privacy settings. The social media giant (who has been losing customers of late) has recently made several changes to their settings.
Facebook Privacy Settings Update
- Additional photo settings. Your current profile photo and cover photos have traditionally been public by default. Soon, Facebook will let you change the privacy setting of your old cover photos.
- More visible mobile sharing settings. When you use your mobile phone to post, it is somewhat difficult to find who your audience is because the audience selector has been hidden behind an icon and this could lead to unintended sharing. In this Facebook privacy settings update, they will move the audience selector to the top of the update status box in a new “To:” field similar to what you see when you compose an email so you’ll be able to see more easily with whom you are sharing.
It’s no surprise that identity theft once again tops the “Dirty Dozen” tax scams put forth by the IRS for 2014. They warn that if an identity thief has access to your personal information, such as your name, Social Security number or other identifying information, he or she may use it to fraudulently file a tax return and claim a refund in your name. Think of the implications for the 110 million victims of the recent Target data breach as well as victims of the hundreds of other breaches at other retailers, universities, healthcare providers, government agencies and so on.
KrebsOnSecurity reports that the information from the Target breach alone has reportedly flooded underground black markets and cards are being sold from around $20 to more than $100 each. This data is being sold in hundreds of online “stores” advertised in cybercrime forums. A fraud analyst at a major bank was able to buy a portion of the bank’s accounts from such a store.
Self-censorship on Facebook
Do you ever delete the words you type on Facebook before you hit post?
Have you ever started to type a status update that you thought was hilarious…until you realized your boss might not appreciate your 8th-grade humor? So what’d you do? You quickly hit the delete key and watched your comment disappear forever, right? Not exactly.
What if you are ready to make a snarky comment to Greg, the upperclass jerk who stole your high school girlfriend (and is about to get a divorce, ha ha), but decide to take the high road just before hitting the “post” button and instead, wish him well on his pending journey of love (despite the fact that it’s bound to fail)?
No harm done, right? You never hit the post button, so no one ever saw it! Well, it turns out that’s not quite how it works in Facebook Land.
The latest scheme to target unsuspecting consumers aims right at the core of what matters to the average person on an average night: our entertainment! In a scheme unveiled by Jerome Segura in a blog post on the site Malwarebytes.org, scammers are going after the personal information and financial resources of Netflix users.
Here’s how it works:
You are on what looks like the real Netflix home page. You enter your information, but instead of taking you to Netflix, you are redirected to a page telling you your account has been suspended for “unusual activity”. You are given an 800 number for “Netflix Member Services” and a very authentic looking error code.
If you call this number, a real live human being answers sounding much like a real typical tech support person. They will be happy to help you (even if you give them bogus account information!) if you’ll just give them that error code. This then allows them to remotely access your computer.
What happens when a spy agency spies on the Congressional body that was created to keep spying in check in the first place? What are the implications of the CIA spying on the Senate?
That is exactly what Sen. Dianne Feinstein, D-Calif., head of the Senate Intelligence Committee, asserts has happened. In a scathing address to the Senate, Feinstein, who has been a strong advocate of the intelligence community in the past, accused the Central Intelligence Agency (CIA) of violating “the separation of powers principles embodied in the United States Constitution including the Speech and Debate clause”.
This accusation stems from an agreement between the committee and the agency to allow committee aides to review millions of confidential documents related to the post 9/11 Bush administration detention program for handling terror suspects. In the process of reviewing these documents, staffers came across an internal review of the agency’s practices. When the CIA became aware of this, Feinstein claims they searched the network — including the committee’s internal network — and removed the documents.
I’ve had dozens of media requests for interviews and countless more email inquiries from people concerned about the Target data breach. At first, everyone just wanted to know details of how it happened, how big the breach was, and what they should do about it if their credit cards were at risk. Now that the initial shock of it is over, we are on to a bigger question:
How do we keep breach from negatively affecting so many Americans?
Breach will always happen. If it’s digital, it’s hackable. It’s coming to light that the Target breach may have been due to the computer access an HVAC WORKER (no, not an entire company, an individual WORKER) had to Target’s systems. While there is no guaranteed way of preventing fraud, there is a pretty reliable answer out there, and it’s been around for decades. That answer is for the US to finally catch up to more than 80 countries around the world and start using chip and PIN enabled credit cards, also known as EMV, smart cards, or microchip cards.
Biometrics are like passwords, but worse.
Biometrics are like passwords that you leave everywhere (fingerprints, facial recognition, voice patterns), except that unlike passwords, you can’t change them when they’re lost or stolen. It’s easy to change your password, a bit harder to get a new retina. Like passwords, risk goes up as they are stored globally (in the cloud) versus locally (on a physical device).
In addition to the biometrics mentioned above that most of us have come to accept as commonplace, there are many other methods in use or under exploration:
- hand geometry
- vascular pattern recognition (analyzing vein patterns)
- iris scans
- signature geometry (not just the look of the signature, but the pen pressure, signature speed, etc.)
- gait analysis
- heartbeat signatures
Watch Tech Geek Curtis Nasalbaum’s Response from the Leonard Nimoy Cruise
Every year, several of my keynote speeches are to ultra-high-wealth audiences. Because they have a lot of net worth to protect, their incentive to prevent identity theft and online fraud is on steroids. But for the average family with a normal amount of wealth, the incentive is just as important, because their wealth (albeit smaller), is just as vital to their lifestyle as it is to the wealthy.
And this isn’t just about wealth. All of us want to be able to keep hackers out of our private and often valuable online accounts, including: Gmail, Facebook, Dropbox, Twitter, Hotmail, Yahoo, banks, investment companies and all types of sensitive communications.
The answer, regardless of your wealth, is two-factor authentication (which is way too complicated a term for such a simple concept – I think the IT department named it that to ensure their job security). Two-factor authentication is also referred to as multi-factor authentication, two-step verification, 2FA and security tokens, none of which you need remember.