Porn shown on legal sites thanks to Internet Rot

0
52


This week, Venmo has taken a long overdue step towards privacy by eliminating its global social feed in its latest redesign. It’s good! Now you can no longer witness an endless series of complete strangers sending money to each other. But privacy advocates say so until Venmo makes each transaction privately private, is still a responsibility for users who may not realize they have to dig through the settings to hide their Venmo life from others.

Amnesty International and a consortium of researchers and media organizations announced this week a major investigation into an Israeli-based NSO group and spyware vendor. The report states that governments used the NSO Group malware to spy on activists, journalists, politicians and executives; The NSO group issued multiple rejections. Meanwhile, safety researchers see the findings as proof that they are greater visibility of iOS and Android is needed to better detect attacks like thisand prevent them from going any further.

In another global association this week, countries around the world detailed years of aggressive hacking behavior from China, including indictments by the U.S. Department of Justice. Although China has focused on espionage in the past, increasing reliance on perpetrators in recent years led to more reckless campaigns.

Speaking of recklessness, remember that absurdly widespread ransomware attack which hit earlier in the month? He is shy three weeks later, an IT management firm Kaseya finally got hold of the universal decryption tool, which means that all victims who have not yet recovered their data by backups or other means can finally breathe. At least, until the next scary ransomware. We too looked Space jam: a new legacy and bad lessons it is teaching young people about AI.

And there is more. Every week we round up all WIRED security news that is not covered in detail. Click on the headlines to read the full stories and be sure.

Very good catch from motherboard and Twitter users @dox_gay this week: news sites like Washington Post,, New York magazine, and inadvertently displayed pornography on older pages. (And yes, that includes a handful of old WIRE stories.) The culprit? A video platform called Vidme that operated from 2014 to 2017, whose domain has since been purchased by an adult website called 5 Star Porn HD. Websites that have installed the Vidme player since the service became available have started displaying thumbnails of graphic sexual content instead of what was originally there. As the Motherboard also notes, it is a fun example of a serious problem: the rotten infrastructure of the Internet as a whole.

Chromebook owners may not be able to sign in to their devices this week. A bug introduced in a recent update made cloud-based laptops not accept passwords on the login screen, leaving users locked indefinitely. Not great! But what’s worse is that the error obviously comes down to one, a small typo. Some Chrome OS developers left out the “&” somewhere in the conditional statement, none of their colleagues caught it and chaos ensued. Google quickly pulled out a bad update and a fix is ​​now popping up, but that’s a bit of a consolation for Chromebook owners affected.

Twitter revealed this week that very, very, very, very, very few of its users actually use it two-factor authentication. More precisely, only 2.3 percent. This is not great! Two factors cannot stop every attack, but provides a great security upgrade for a little more hassle on a platform that regularly suffers from account download epidemics. You can even use an authentication application instead your phone number, an even safer and simpler management method. If you are one of 97.7 percent of active Twitter users who do not use the two-factor, take 90 seconds of your day to set it up.

Remember how we just said that China has historically focused on espionage? That is still true. But a worrying warning from the FBI and the Department of Homeland Security this week indicates that hackers in the country have at least considered disruptive attacks. From about 2011 to 2013, they surveyed nearly two-tenths of U.S. oil pipeline companies, and not just because of intellectual property. “This activity was ultimately aimed at helping China develop the potential for a cyber attack on U.S. pipelines to physically damage pipelines or disrupt pipeline operations,” the warning said. It’s the kind of behavior you have to expect from Russia or ransomware hooligans, but less China. Fortunately, the incidents were a few years ago; the hope is not to repeat those plans.


More great WIRE stories





Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here