Facebook

China's Tencent Breaks Through $500bn Stock Market Capitalisation (bbc.com) 13

An anonymous reader shares a report: The value of China's biggest social network company -- Tencent Holdings -- has overtaken that of Facebook. The company owns WeChat, an enormously popular messaging app in China, and hit gaming franchises such as League of Legends and Honour of Kings.It is the first Asian firm to surpass a market value of $500bn. Its chief executive, Ma Huateng, is now worth more than the founders of Google, Larry Page and Sergey Brin, according to Forbes. The magazine valued him at $48.3bn on Tuesday, making him the world's ninth richest man according to its ranking.
Social Networks

Facebook Still Lets Housing Advertisers Exclude Users By Race (arstechnica.com) 104

AmiMoJo writes: In February, Facebook said it would step up enforcement of its prohibition against discrimination in advertising for housing, employment, or credit. Last week, ProPublica bought dozens of rental housing ads on Facebook but asked that they not be shown to certain categories of users, such as African-Americans,mothers of high school kids, people interested in wheelchair ramps, Jews, expats from Argentina, and Spanish speakers. All of these groups are protected under the federal Fair Housing Act. Violators can face tens of thousands of dollars in fines. Every single ad was approved within minutes. The only ad that took longer than three minutes to be approved by Facebook sought to exclude potential renters 'interested in Islam, Sunni Islam, and Shia Islam.' It was approved after 22 minutes.
Privacy

Uber Concealed Cyberattack That Exposed 57 Million People's Data (bloomberg.com) 31

According to Bloomberg, hackers stole the personal data of 57 million customers and drivers from Uber. The massive breach was reportedly concealed by the company for more than a year. From the report: Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers were accessed as well, including some 600,000 U.S. driver's license numbers. No Social Security numbers, credit card details, trip location info or other data were taken, Uber said. At the time of the incident, Uber was negotiating with U.S. regulators investigating separate claims of privacy violations. Uber now says it had a legal obligation to report the hack to regulators and to drivers whose license numbers were taken. Instead, the company paid hackers $100,000 to delete the data and keep the breach quiet. Uber said it believes the information was never used but declined to disclose the identities of the attackers.

Here's how the hack went down: Two attackers accessed a private GitHub coding site used by Uber software engineers and then used login credentials they obtained there to access data stored on an Amazon Web Services account that handled computing tasks for the company. From there, the hackers discovered an archive of rider and driver information. Later, they emailed Uber asking for money, according to the company.

Security

Why Hackers Reuse Malware (helpnetsecurity.com) 26

Orome1 shares a report from Help Net Security: Software developers love to reuse code wherever possible, and hackers are no exception. While we often think of different malware strains as separate entities, the reality is that most new malware recycles large chunks of source code from existing malware with some changes and additions (possibly taken from other publicly released vulnerabilities and tools). This approach makes sense. Why reinvent the wheel when another author already created a working solution? While code reuse in malware can make signature-based detection methods more effective in certain cases, more often than not it frees up time for attackers to do additional work on detection avoidance and attack efficacy -- which can create a more dangerous final product.

There are multiple reasons why hackers reuse code when developing their own malware. First, it saves time. By copying code wherever possible, malware authors have more time to focus on other areas, like detection avoidance and attribution masking. In some cases, there may be only one way to successfully accomplish a task, such as exploiting a vulnerability. In these instances, code reuse is a no-brainer. Hacker also tend to reuse effective tactics such as social engineering, malicious macros and spear phishing whenever possible simply because they have a high rate of success.

Bitcoin

An Ethereum Startup Just Vanished After People Invested $374K (vice.com) 189

An anonymous reader quotes a report from Motherboard: A startup on the Ethereum platform vanished from the internet on Sunday after raising $374,000 USD from investors in an Initial Coin Offering (ICO) fundraiser. Confido is a startup that pitched itself as a blockchain-based app for making payments and tracking shipments. It sold digital tokens to investors over the Ethereum blockchain in an ICO that ran from November 6 to 8. During the token sale, Confido sold people bespoke digital tokens that represent their investment in exchange for ether, Ethereum's digital currency. But on Sunday, the company unceremoniously deleted its Twitter account and took down its website. A company representative posted a brief comment to the company's now-private subforum on Reddit, citing legal problems that prevent the Confido team from continuing their work. The same message was also posted to Medium but quickly deleted.

"Right now, we are in a tight spot, as we are having legal trouble caused by a contract we signed," the message stated (a cached version of the Medium post is viewable). "It is likely that we will be able to find a solution to rectify the situation. However, we cannot assure you with 100% certainty that we will get through this." The message was apparently written by Confido's founder, one Joost van Doorn, who seems to have no internet presence besides a now-removed LinkedIn profile. Even the Confido representative on Reddit doesn't seem to know what's going on, though, posting hours after the initial message, "Look I have absolutely no idea what has happened here. The removal of all of our social media platforms and website has come as a complete surprise to me." Confido tokens had a market cap of $10 million last week, before the company disappeared, but now the tokens are worthless. And investors are crying foul.

Spam

Spam Is Back (theoutline.com) 149

Jon Christian, writing for The Outline: For a while, spam -- unsolicited bulk messages sent for commercial or fraudulent purposes -- seemed to be fading away. The 2003 CAN-SPAM Act mandated unsubscribe links in email marketing campaigns and criminalized attempts to hide the sender's identity, while sophisticated filters on what were then cutting-edge email providers like Gmail buried unwanted messages in out-of-sight spam folders. In 2004, Microsoft co-founder Bill Gates told a crowd at the World Economic Forum that "two years from now, spam will be solved." In 2011, cybersecurity reporter Brian Krebs noted that increasingly tech savvy law enforcement efforts were shutting down major spam operators -- including SpamIt.com, alleged to be a major hub in a Russian digital criminal organization that was responsible for an estimated fifth of the world's spam. These efforts meant that the proportion of all emails that are spam has slowly fallen to a low of about 50 percent in recent years, according to Symantec research.

But it's 2017, and spam has clawed itself back from the grave. It shows up on social media and dating sites as bots hoping to lure you into downloading malware or clicking an affiliate link. It creeps onto your phone as text messages and robocalls that ring you five times a day about luxury cruises and fictitious tax bills. Networks associated with the buzzy new cryptocurrency system Ethereum have been plagued with spam. Facebook recently fought a six-month battle against a spam operation that was administering fake accounts in Bangladesh, Indonesia, Saudi Arabia, and other countries. Last year, a Chicago resident sued the Trump campaign for allegedly sending unsolicited text message spam; this past November, ZDNet reported that voters were being inundated with political text messages they never signed up for. Apps can be horrid spam vectors, too. Repeated mass data breaches that include contact information, such as the Yahoo breach in which 3 billion user accounts were exposed, surely haven't helped. Meanwhile, you, me, and everyone we know is being plagued by robocalls.

Social Networks

We Can't Trust Facebook To Regulate Itself, Says Former Operations Manager (nytimes.com) 105

schwit1 shares an op-ed on the New York Times by Sandy Parakilas, a former operations manager on the platform team at Facebook: Sandy Parakilas led Facebook's efforts to fix privacy problems on its developer platform in advance of its 2012 initial public offering. What I saw from the inside was a company that prioritized data collection from its users over protecting them from abuse. As the world contemplates what to do about Facebook in the wake of its role in Russia's election meddling, it must consider this history. Lawmakers shouldn't allow Facebook to regulate itself. Because it won't (Editor's note: the link could be paywalled; alternative source). Facebook knows what you look like, your location, who your friends are, your interests, if you're in a relationship or not, and what other pages you look at on the web. This data allows advertisers to target the more than one billion Facebook visitors a day. It's no wonder the company has ballooned in size to a $500 billion behemoth in the five years since its I.P.O. The more data it has on offer, the more value it creates for advertisers. That means it has no incentive to police the collection or use of that data -- except when negative press or regulators are involved. Facebook is free to do almost whatever it wants with your personal information, and has no reason to put safeguards in place. The company just wanted negative stories to stop. It didn't really care how the data was used. Facebook took the same approach to this investigation as the one I observed during my tenure: react only when the press or regulators make something an issue, and avoid any changes that would hurt the business of collecting and selling data. This makes for a dangerous mix: a company that reaches most of the country every day and has the most detailed set of personal data ever assembled, but has no incentive to prevent abuse. Facebook needs to be regulated more tightly, or broken up so that no single entity controls all of its data. The company won't protect us by itself, and nothing less than our democracy is at stake.
Google

Critics Debate Autism's Role in James Damore's Google Memo (themarysue.com) 346

James Damore "wants you to know he isn't using autism as an excuse," reports a Silicon Valley newspaper, commenting on the fired Google engineer's new interview with the Guardian. But they also note that "he says being on the spectrum means he 'sees things differently'," and the weekend editor at the entertainment and "geek culture" site The Mary Sue sees a problem in the way that interview was framed. It's the author of this Guardian article, not James Damore himself, who makes the harmful suggestion that Damore's infamous Google memo and subsequent doubling-down are somehow caused by his autism... It frames autism as some sort of basic decency deficiency, rather than a neurological condition shared by millions of people.... This whole article is peppered with weird suggestions like this, suggestions which detract from an otherwise interesting piece.. All these weird suggestions that autism and misogyny/bigotry are somehow tied (as if autistic feminists didn't exist) do unfortunately detract from one of the article's great points.

Having worked at a number of companies large and small, I can at least anecdotally confirm that their diversity training rarely includes a discussion of neurodiversity, and when it does, it's not particularly empathetic or helpful... Many corporate cultures are plainly designed for neurotypical extroverts and no one else -- and that should change. I really do think Lewis meant well in pointing that out. But the other thing that should change? The way the media scapegoats autism as a source of anti-social behavior.

Google

'I See Things Differently': James Damore on his Autism and the Google Memo (theguardian.com) 673

"James Damore opens up about his regrets -- and how autism may have shaped his experience of the world," writes the west coast bureau chief for the Guardian. An anonymous reader quotes their report: The experience has prompted some introspection. In the course of several weeks of conversation using Google's instant messaging service, which Damore prefers to face-to-face communication, he opened up about an autism diagnosis that may in part explain the difficulties he experienced with his memo. He believes he has a problem understanding how his words will be interpreted by other people... It wasn't until his mid-20s, after completing research in computational biology at Princeton and MIT, and starting a PhD at Harvard, that Damore was diagnosed with autism, although he was told he had a milder version of the condition known as "high-functioning autism"...

Damore argues that Google's focus on avoiding "micro-aggressions" is "much harder for someone with autism to follow". But he stops short of saying autistic employees should be given more leniency if they unintentionally offend people at work. "I wouldn't necessarily treat someone differently," he explains. "But it definitely helps to understand where they're coming from." I ask Damore if, looking back over the last few months, he feels that his difficult experience with the memo and social media may be related to being on the spectrum. "Yeah, there's definitely been some self-reflection," he says. "Predicting controversies requires predicting what emotional reaction people will have to something. And that's not something that I excel at -- although I'm working on it."

Crime

Apple Is Served A Search Warrant To Unlock Texas Church Gunman's iPhone (nydailynews.com) 443

An anonymous reader quotes the New York Daily News: Authorities in Texas served Apple with a search warrant in order to gain access to the Sutherland Springs church shooter's cellphone files. Texas Ranger Kevin Wright obtained the warrant last week, according to San Antonio Express-News.

Investigators are hoping to gain access to gunman Devin Patrick Kelley's digital photos, messages, calls, videos, social media passwords, address book and data since January 2016. Authorities also want to know what files Kelley stored in his iCloud account.

Fast Company writes that "it's very likely that Apple will give the Rangers the same answer it gave the FBI in 2016 (in effect, hell no!)... That may be why, in the Texas case, the FBI and the Rangers didn't even bother calling Apple, but rather went straight to court."
Medicine

Study of 500,000 Teens Suggests Association Between Excessive Screen Time and Depression (vice.com) 127

An anonymous reader quotes a report from Motherboard: Depression and suicide rates in teenagers have jumped in the last decade -- doubling between 2007 and 2015 for girls -- and the trend suspiciously coincides with when smartphones became their constant companions. A recent study places their screen time around nine hours per day. Another study, published on Tuesday, suggests that suicide and depression could be connected to the rise of smartphones, and increased screen time. Around 58 percent more girls reported depression symptoms in 2015 than in 2009, and suicide rates rose 65 percent. Smack in the middle of that window of time, smartphones gained market saturation.

In Twenge's new study, published in the journal Clinical Psychological Science, the researchers looked at two samples: a nationally representative survey by ongoing study "Monitoring the Future" out of the University of Michigan, which is administered annually to 8th, 10th, and 12th graders, and the Centers for Disease Control's Youth Risk Behavior Surveillance System, a sample of high school students administered by the CDC every other year. (Both surveys began in 1991.) Altogether, over 500,000 young people were included. The study authors examined trends in how teens used social media, the internet, electronic devices (including gaming systems and tablets), and smartphones, as well as how much time they spent doing non-screen activities like homework, playing sports, or socializing. Comparing these to publicly available data on mental health and suicide for these ages between 2010 and 2017 showed "a clear pattern linking screen activities with higher levels of depressive symptoms/suicide-related outcomes and non-screen activities with lower levels," the researchers wrote in the study. All activities involving screens were associated with higher levels of depression or suicide and suicidal thinking, and activities done away from a screen were not.

The Military

Massive US Military Social Media Spying Archive Left Wide Open In AWS S3 Buckets (theregister.co.uk) 84

An anonymous reader quotes a report from The Register: Three misconfigured AWS S3 buckets have been discovered wide open on the public internet containing "dozens of terabytes" of social media posts and similar pages -- all scraped from around the world by the U.S. military to identify and profile persons of interest. The archives were found by veteran security breach hunter UpGuard's Chris Vickery during a routine scan of open Amazon-hosted data silos, and these ones weren't exactly hidden. The buckets were named centcom-backup, centcom-archive, and pacom-archive. CENTCOM is the common abbreviation for the U.S. Central Command, which controls army operations in the Middle East, North Africa and Central Asia. PACOM is the name for U.S. Pacific Command, covering the rest of southern Asia, China and Australasia.

"For the research I downloaded 400GB of samples but there were many terabytes of data up there," he said. "It's mainly compressed text files that can expand out by a factor of ten so there's dozens and dozens of terabytes out there and that's a conservative estimate." Just one of the buckets contained 1.8 billion social media posts automatically fetched over the past eight years up to today. It mainly contains postings made in central Asia, however Vickery noted that some of the material is taken from comments made by American citizens. The databases also reveal some interesting clues as to what this information is being used for. Documents make reference to the fact that the archive was collected as part of the U.S. government's Outpost program, which is a social media monitoring and influencing campaign designed to target overseas youths and steer them away from terrorism.

Social Networks

Report Claims That 18 Nation's Elections Were Impacted By Social Engineering Last Year (bbc.com) 235

sqorbit writes: Independent watchdog group Freedom House released a report that claims that 18 nation's elections were "hacked." Of the 65 countries that Freedom House monitors, 30 appear to be using social media in order to affect elections by attempting to control online discussions. The report covers fake news posts, paid online opinion writers and trolling tactics. Other items in the report speak to online censorship and VPN blocking that blocks information within countries to interfere with elections. The report says net freedom could be aided by: large-scale programs that showed people how to spot fake news; putting tight controls on political adverts; and making social media giants do more to remove bots and tune algorithms to be more objective.
Twitter

Jack Dorsey Responds To Serial Killer Who Found His Victims Through Suicidal Twitter Posts (nhk.or.jp) 73

AmiMoJo shares a report from NHK WORLD: Twitter's CEO is reacting to a grisly case in Japan where a suspected serial killer allegedly found his victims through their suicidal posts on the social media platform. In an interview with NHK, Jack Dorsey said it is unrealistic and impossible to remove suicidal tweets. But he said he hoped Twitter could become a tool for prevention. Last month, the dismembered bodies of 9 people were found in 27-year-old Takahiro Shiraishi's apartment near Tokyo. Police say he admitted to the killings. They believe he preyed on people who posted about wanting to kill themselves on Twitter. Recently, Twitter updated its rules regarding posts about self-harm: "You may not promote or encourage suicide or self-harm. When we receive reports that a person is threatening suicide or self-harm, we may take a number of steps to assist them, such as reaching out to that person and providing resources such as contact information for our mental health partners."
Privacy

Federal Extreme Vetting Plan Castigated By Tech Experts (apnews.com) 160

An anonymous reader shares an Associated Press report: Leading researchers castigated a federal plan that would use artificial intelligence methods to scrutinize immigrants and visa applicants, saying it is unworkable as written and likely to be "inaccurate and biased" if deployed. The experts, a group of more than 50 computer and data scientists, mathematicians and other specialists in automated decision-making, urged the Department of Homeland Security to abandon the project, dubbed the "Extreme Vetting Initiative." That plan has its roots in President Donald Trump's repeated pledge during the 2016 campaign to subject immigrants seeking admission to the United States to more intense ideological scrutiny -- or, as he put it, "extreme vetting." Over the summer, DHS published a "statement of objectives" for a system that would use computer algorithms to scan social media and other material in order to automatically flag undesirable entrants -- and to continuously scan the activities of those allowed into the U.S.
Japan

Apology After Japanese Train Departs 20 Seconds Early (bbc.com) 215

Several readers share a BBC report: A rail company in Japan has apologised after one of its trains departed 20 seconds early. Management on the Tsukuba Express line between Tokyo and the city of Tsukuba say they "sincerely apologise for the inconvenience" caused. In a statement, the company said the train had been scheduled to leave at 9:44:40 local time but left at 9:44:20. Many social media users reacted to the company's apology with surprise. "Tokyo train company's apology for 20-second-early departure is one of the best things about Japan," a user wrote. The mistake happened because staff had not checked the timetable, the company statement said.
Businesses

37% of Netflix Subscribers Say They Binge-Watch While at Work (netflix.com) 154

On-demand video streaming service Netflix has found that more people than ever are watching video outside their homes. About 67% of people now watch movies and TV shows in public, according to an online survey it commissioned of 37,000 adults around the world. The survey also found that about 37% of Netflix's US subscribers binge-watch shows and movies while at work.
Businesses

The Brutal Fight To Mine Your Data and Sell It To Your Boss (bloomberg.com) 75

An anonymous reader shares a report from Bloomberg, explaining how Silicon Valley makes billions of dollars peddling personal information, supported by an ecosystem of bit players. Editor Drake Bennett highlights the battle between an upstart called HiQ and LinkedIn, who are fighting for your lucrative professional identity. Here's an excerpt from the report: A small number of the world's most valuable companies collect, control, parse, and sell billions of dollars' worth of personal information voluntarily surrendered by their users. Google, Facebook, Amazon, and Microsoft -- which bought LinkedIn for $26.2 billion in 2016 -- have in turn spawned dependent economies consisting of advertising and marketing companies, designers, consultants, and app developers. Some operate on the tech giants' platforms; some customize special digital tools; some help people attract more friends and likes and followers. Some, including HiQ, feed off the torrents of information that social networks produce, using software bots to scrape data from profiles. The services of the smaller companies can augment the offerings of the bigger ones, but the power dynamic is deeply asymmetrical, reminiscent of pilot fish picking food from between the teeth of sharks. The terms of that relationship are set by technology, economics, and the vagaries of consumer choice, but also by the law. LinkedIn's May 23 letter to HiQ wasn't the first time the company had taken legal action to prevent the perceived hijacking of its data, and Facebook and Craigslist, among others, have brought similar actions. But even more than its predecessors, this case, because of who's involved and how it's unfolded, has spoken to the thorniest issues surrounding speech and competition on the internet.
Twitter

Twitter Bans, Removes Verified Status of White Supremacists (thedailybeast.com) 707

After updating the rules of its verification program on Wednesday, Twitter has begun banning and removing verified check marks from white supremacist accounts. For example, white supremacists Richard Spencer and Charlottesville "Unite The Right" protest creator Jason Kessler had their verified statuses revoked today. The Daily Beast reports: The verified check mark was meant to denote "that an account of public interest is authentic," the company said in a series of tweets on Wednesday, but that "verification has long been perceived as an endorsement." "This perception became worse when we opened up verification for public submissions and verified people who we in no way endorse," a company spokesperson tweeted. Users can now lose their blue checkmarks for "inciting or engaging in harassment of others," "promoting hate and/or violence against, or directly attacking or threatening other people on the basis of race, ethnicity, national origin, sexual orientation, gender, gender identity, religious affiliation, age, disability, or disease," supporting people who promote those ideas, and a slew of other reasons.
Medicine

What Did 17th Century Food Taste Like? (blogspot.com) 196

Benjamin Breen, an assistant professor of history at UC Santa Cruz, looks at art history to figure out what people cooked in the 1600s, and wonders whether it is possible to ascertain the taste of food. From a blog post: What can we learn about how people ate in the seventeenth century? And even if we can piece together historical recipes, can we ever really know what their food tasted like? This might seem like a relatively unimportant question. For one thing, the senses of other people are always going to be, at some level, unknowable, because they are so deeply subjective. Not only can I not know what Velazquez's fried eggs tasted like three hundred years ago, I arguably can't know what my neighbor's taste like. And why does the question matter, anyway? A very clear case can be made for the importance of the history of medicine and disease, or the histories of slavery, global commerce, warfare, and social change. By comparison, the taste of food doesn't seem to have the same stature. Fried eggs don't change the course of history. But taste does change history. Fascinating read.

Slashdot Top Deals