This Week in Tech 643: Ambien Tech

Cyber Monday was Amazon’s biggest day ever, but Jeff Bezos still lost his $100 Billion dollar crown. Apple fixes an ugly macOS security flaw, but then immediately breaks the fix. Google finally figures out how to make hamburgers and beer. Uber is still incredibly crooked. Bitcoin clears $10,000. Elon Musk is sending a Roadster to Mars and discovering a sunken city in Chicago. The US Supreme Court will decide if the Fourth Amendment applies to your phone.

Advertisements

This Week in Tech 627: Do You Inkwell?

Leo, Ashley Esqueda, Michael Nunez, and Dylan Tweney debunk the “Google Memo.” Mark Zuckerberg still refuses to admit he is running for president. If you use Instagram’s “Inkwell” filter, you are probably depressed. Google is taking over the open internet. An MIT Algorithm can tell if you are sarcastic on Twitter. HBO hack fallout. Phishing the White House. Podcast patent troll loses to EFF. Email Patent Troll vs Techdirt. Snap stock down after Facebook/Instagram copies all their best features. Forget everything you know about passwords. Hacking computers with DNA.

–Ashley Esqueda knows about the secret island where we are raising Leo Laporte clones.
–Dylan Tweney would prefer that you not use a Valley Girl accent when talking about his company.
–Michael Nunez is feeling kind of sweaty right now.

This Week in Tech 625: Walking to the Bodega

Apple pays $506 million and €1.7 billion for patent infringements. Trump says that Apple will build 3 big plants in the US; Apple declines to comment. Apple kills the iPod Nano and Shuffle. Coders aren’t happy about the new spaceship campus. Amazon, Alphabet, and Twitter stocks slide after earning reports, but Facebook is flying high. Your Roomba is NOT spying on you. Sweden leaks private info of all its citizens. Hackers crack safes, pwn voting machines, and inject code into mice at DEF CON. Flash is finally dying – in 2020. Everything you ever wanted to know about the upcoming Bitcoin split but were afraid to ask.

–Alex “Will” Wilhelm sleeps in Leo’s parents’ bedroom.
–Mike Murphy was NOT bought by Steve Job’s widow this week.
–Steve Kovach can see the Empire State Building right now.

This Week in Tech 619: Honey, I Shrunk the Panel

Amazon buys Whole Foods, and has its eyes on Slack. Apple’s HomePod – Sonos killer? Facebook’s Safety Check causes stress. Twitter’s redesign. Voter fraud conspiracies. E3 announcements.

–Jason’s Pick: Zero Fasting Tracker
–Brian’s Pick: React Native
–Peter’s Pick: Star Trek Bridge Crew
–Dave’s Pick: Boosted Board, EZ Robot

Myspace hack puts at least 360 million users at risk

By | TechSpot

Time Inc., which recently acquired pioneering social network Myspace, has confirmed reports that the site was hacked. Like the Tumblr breach that we reported on yesterday, the compromised Myspace data dates back several years.

Time said earlier today that it first became aware shortly before Memorial Day weekend that stolen Myspace credentials were being made available in an online hacker forum. The data, which consists of usernames, passwords and e-mail addresses, was apparently swiped from the old Myspace platform – or in other words, prior to June 11, 2013, when the site was relaunched with strengthened security.

As of writing, Time says it doesn’t appear as though any financial data was compromised. What’s more, the breach does not impact any of Time’s other systems or subscribers.

Myspace is in the process of notifying affected users and is working with law enforcement in hopes of figuring out who was behind the attack. The site has also wiped all of the passwords of impacted users so at the very least, the data can’t be used to log into Myspace.

This is the second major security breach to surface this week in which the theft of data took place years earlier. Dated breaches like this may seem like less of a concern given their age but in fact, they present some unique challenges.

With data this old, it’s entirely possible that it has already been picked through before being made available on the black market. Furthermore, people weren’t quite as concerned with security and privacy in early 2013 as they are today meaning passwords were probably a bit less complex on average. Using the same password across multiple sites was also more common back then and it’s entirely possible that some haven’t gone back and changed passwords for older accounts they might not use as often these days, like Myspace.

The only real silver lining here is that yes, the data is old and is less likely to be up-to-date.

In a post on Myspace’s blog, the site says it suspects Russian hacker “Peace” is responsible for the attack, the same person that recently posted LinkedIn and Tumblr data on the underground market.

Neither Time nor Myspace would say how many accounts were compromised although a report from LeakedSource says the data set contains a whopping 360,213,024 records. Each “record” may contain a username, e-mail address, password and in some cases, a second password. The site notes that more than 68 million records had a second password attached.

The publication further reports that passwords were hashed and stored using SHA1 encryption without salting. As you may know, salting is a technique that makes it much more difficult to crack passwords. Worse yet, LeakedSource reports that very few passwords were over 10 characters in length and nearly none of them contained an upper case letter, making them even easier to decrypt.

Reports claim that Facebook will soon introduce ads inside Messenger

By | Tech Spot

Facebook’s incredibly popular Messenger service will introduce ads inside the platform sometime within next few months, according to a report from TechCrunch. A document obtained by the site says that businesses will be able to send advertisements as messages, but only to those users who have already initiated a conversation.

The document, which TechCrunch says it acquired from a “verified source” that it is keeping anonymous, also revealed that Facebook has introduced a personalized URL short link for companies to share that, when clicked, will open a chat thread with the business.

As TechCrunch points out, this short link is essentially the next generation version of a customer support number. It uses the format fb.com/msg/ followed by the Facebook username of the page, like fb.com/msg/TechSpot.

Brands will be able to share their personalized short links as a quick way for consumers to get in touch with a customer service agent. And once someone contacts a business on Messenger, they’ll start receiving ads from the company.

The exact nature of the ads is still unclear, although it’s been suggested that they could be used to inform people of upcoming sales and product launches, and possibly use videos or GIFs to promote items. Firms may even contact Messenger users to inform them that a product they previously showed an interest in has been reduced.

If the report proves to be accurate, it appears that you’ll be unable to opt out of receiving ads from companies you make contact with, which could stop people from messaging them at all. It is possible, however, that users may be able to ask firms to stop sending them ads, much like unsubscribing from an email marketing list.

Facebook has talked about increasing Messenger’s use as a B2C platform in the past, so it looks as if this feature really will be implemented, but there’s always the chance that Facebook may alter some elements if the public response is overwhelmingly negative. We’ll no doubt learn more at F8, the company’s annual global developer conference, in April.

Microsoft, global law enforcement agencies disrupt Dorkbot botnet

By | Techspot

Microsoft, in cooperation with a number of law enforcement agencies around the world, managed to disrupt a botnet that’s infected over a million PCs across more than 190 countries.

First discovered in April 2011, Dorkbot is an IRC-based botnet that has been commercialized by its creator and is readily available for purchase on underground online forums as NgrBot. The malware relies on USB drives, social networks, IM clients, spam and drive-by downloads for distribution.

It’s most often used to steal login credentials for many of today’s top sites and services including AOL, eBay, Facebook, Gmail, Godaddy, Netflix, PayPal, Steam, Twitter, Yahoo and YouTube.

Over the past six months, Microsoft said it detected Dorkbot on roughly 100,000 systems each month with the majority of infections spotted internationally.

Microsoft said it worked with CERT Polska, ESET, the Canadian Radio-television and Telecommunications Commission, the Department of Homeland Security’s United States Computer Emergency Readiness Team, Europol, the Federal Bureau of Investigation, Interpol and the Royal Canadian Mounted Police to disrupt the botnet.

Details on exactly what actions were taken to disrupt Dorkbot weren’t mentioned.

The US Computer Emergency Readiness Team (CERT) advises those that have been infected to use and maintain anti-virus software, change passwords, keep operating system and application software up-to-date, use anti-malware tools and disable Windows Autorun.

Facebook can recognize you without looking at your face

Think you can stop Facebook from automatically tagging photos of you by covering your face? Think again.

The New Scientist reports that Facebook is developing a new facial recognition algorithm so powerful that it can identify individuals even when their faces are hidden or blocked off. Instead the experimental algorithm gathers information based on other unique characteristics like hair style, body shape, and body language. It can even identify individuals based on what types of clothing they typically wear.

“There are a lot of cues we use. People have characteristic aspects, even if you look at them from the back,” Yann LeCun, head of artificial intelligence at Facebook, told the New Scientist. “For example, you can recognize Mark Zuckerberg very easily because he always wears a gray T-shirt.”

““You can recognize Mark Zuckerberg very easily because he always wears a gray T-shirt.””

Facebook’s A.I. research team tested its new facial recognition algorithm using 40,000 public photos from Flickr. Some of the photos had people’s faces clearly visible and some had people’s faces turned away from the camera. The algorithm was able to identify people with 83 percent accuracy.

Facebook is hoping to incorporate this algorithm into its recently launched Moments feature. Moments automatically creates collections of photos using certain data like where and when each photo was taken, tagging all recognizable Facebook friends along the way. If this algorithm ends up giving Moments another data set, pretty soon Facebook could also be able to surface all the photos of you taken with a certain friend, even photos where that friend was wearing a Halloween mask.

The impact on you: Social networks relying on facial recognition to create better products is nothing new. The new Google Photos app can even recognize your pets. But even though facial recognition is getting impressively accurate, it doesn’t mean that most people have gotten comfortable with the idea of being scanned, identified, and recognized by every tech company.

LeCun argues that the Facebook algorithm can be used to alert people whenever a photo of them surfaces on the web. But the flipside has raised serious privacy concerns. Even Tim Cook has expressed his concern. “You might like these so-called free services [from Facebook and Google], but we don’t think they’re worth having your email or your search history or now even your family photos data-mined and sold off for God knows what advertising purpose,” the Apple CEO said at a recent event.

via Facebook can recognize you without looking at your face | PCWorld.