The Federal Trade Commission warns the public to be vary
of spam SMS text messages purporting to be contact tracers, and of fake
calls. Local health departments will
announce how their calls will be identified on smart phones. The same goes for email.
Soon we will need a discussion of security for voluntary
apps (mandatory in many Asian countries) advising you when you have been proximate
to a suspected infected person.
A hacking group from Russia calling itself “Evil Corp”
is targeting major companies with workforces at home, sometimes with ransomware
attacks, the New York Times reported (David Sanger and Nicole Perlworth).
There are also concerns the group will attack election
systems.
The problem is complicated by the fact that in some companies,
employees use their own computers at home, and home networks may be less secure
(although some innovative employees may actually have better security).
This would be particularly worrisome for tech
companies where support at home works with user-generated content, or with
hosting companies.
Working from home must continue for a long time, as
many states are having surges in their new coronavirus infections.
Protesters are learning that tech companies are
collecting data on their demographics (in detail), by picking up their smart
phone signals and scraping other databases, as Caroline Haskins reports for
BuzzfeedNews.
One of these companies, Mobilewalla, produced a
detailed report with all kinds of pie charts, link. A large proportion of protesters for Black Lives Matter are actually young adult white males.
Electronic Frontier Foundation has two recent papers on surveillance for protesters: "SurveillanceSelf-Defense" (June 2, 2020) and Cooper Quintin’s “Quick and Dirty Guide for CellPhone Surveillance at Protests”
I got a warning from Mozilla Firefox today that it had
protected me from tracking by a social media account when I logged on to a
hosting account, on a different browser without a saved password where I wanted
to prove to myself I had recorded it correctly in my own notes.
I’ve never seen this warning before. The social media site was apparently Facebook
(link).
I also got what looked like a spam SMS message today
claiming that a debit card transaction had been rejected. The bank website did not confirm that such an
event had happened. I’ve not seen this
much on my phone as in email.
Hackers may have stolen personal information from over
32 million users (along with passwords or banking information) though fake
Chrome extensions that linked to malicious websites supposedly registered in
Israel.
This time, home computers may have been at more risk
than corporate networks, who might have separate security.
Occasionally (maybe once a month or so), Trend Micro
reports blocking a suspicious website, often when visiting a main news outlet.
Joseph Menn provided the story to Reuters.
Awake Security has a more detailed report. Here is a report on the Chrome extensions. They probably didn’t include the most common
ones.
Picture above: some typical Chrome extensions (not the ones that were compromised).
I’ve notice that now Blogger offers automatic newtab in putting in links. I don’t see that Wordpress does; you have to code (after URL) [target=”_blank”> by yourself in text mode.
The Wordpress inserts [rel=”noopener”} right afterward. The purpose is to protect visitors from the
possibility of malicious javascript in the linked-to URL.
All rather interesting, as explained in WPBeginner.
Update: I see that if you use the wheel to the right of the link space WP will ask you if you want new tab. I had not noticed this.
Picture: Lafaytte Park, during protests, Washington DC (my picture).
.jpg)
David Murphy writes in “Lifehacker”, “The Phone Settings YouNeed to Know Before Protesting.”
Yet he gets scolded in the comments as having written a manual
for criminal insurgents.
Interesting is the discussion of airplane mode. It is not that easy to get out of very
determined surveillance, even if you turn the phone off.
