Monday, April 29, 2019

How should journalists report info gathered by hacking and sent to them?

Margaret Sullivan has a nuanced piece in the Washington Post style section Monday, “How should journalists report on data hacks?” “Journalists can’t ignore hacked data meant to disrupt elections.  But here’s what they can do.”

The article is rather non-specific, but one standard is on the relevance of the information, as about the stolen emails om 2016.

I always thought it was about context. Since I had a mainframe IT background, I was aware of the controversies surrounding bringing work home or using your own hardware (which comes up with home customer service agent jobs).l 

Saturday, April 20, 2019

Trend Micro website safety ratings can revert back to Gray for no reason; Sitelock scans

I noticed Friday that suddenly the green check from Trend Micro on my two WP style 26 blogs (billsnewscommentary and billsmediacommentary) had gone back to gray, which Trend says means the site has not been reviewed.

But it had been.  I noticed the problem Friday morning when the site expanded in Twitter.

My HP Envy computer (Windows 10) has these notifications turned on. I haven’t done this on the ASUS.

The issue becomes more important in that some day, telecom providers might check safety ratings to even allow sites to be connected (esp, after loss of net neutrality). 

Also, on a coordinated story today on my main “BillBoushka” blog I discussed a tech company organization called GIFCT.  Browsers are likely eventually to refuse to load sites with harmful content (as they do today with “unsafe” sites having malware).

But there are no standards today as to how website safety is evaluated or how content markers would be set.
Sitelock’s scans give some clue as to sites can be evaluated for safety.  There are separate Malware, Smart, and Application scans.  The latter will detect problems  (like the "1=1" problem) that creep into Wordpress themes and facilities and typically can only be fixed by regular Wordpress security updates.

Tuesday, April 09, 2019

Local DC station WJLA advises consumers on avoiding cell phone spoofing

The new newscast today on WJLA talked about the problem of cell number spoofing, and how it was used by scammers calling and demanding people pay them money to avoid arrest, even going to ATM terminals.

A good writeup on the problem by Elliot Volkman appears on phishlabs from 2018.  A user should always call back and use a number published by the company (although make sure you are looking at the real website.)

Ajit Pai of the FCC has warned that carriers need to do more about this problem, Verge story by Chris Welch. 

The FCC has its own page on the problem, dated Feb. 2019.

Tuesday, April 02, 2019

Security recommendations for protesters

Electronic Frontier Foundation has a comprehensive list of security precautions to take when attending a protest, particularly in developing countries.  But the piece also mentions the way US laws work.

The piece goes quite far with its recommended measures, such as purchasing a prepaid, disposable phone, and keeping your data encrypted, and using Signal.

It also recommends not driving to an event, although in many big cities public transportation is obviously the best choice.
I also wonder about the issue of attending a protest to report and blog about it but not participate. Unless you are a journalist known to the protestors, this may sometimes elicit anger or indignation from participants focused on solidarity and the idea of “no spectators” (like Burning Man).