Stealthy new Android malware poses as ad blocker, serves up ads instead

Found on Malwarebytes on Sunday, 17 November 2019
Browse Internet

This nasty piece of mobile malware cleverly hides itself on Android devices while serving up a host of advertisements: full-page ads, ads delivered when opening the default browser, ads in the notifications, and even ads via home screen widget. All while, ironically, posing as an ad blocker vaguely named Ads Blocker.

Ads Blocker is inordinately hard to find on the mobile device once installed. To start, there is no icon for Ads Blocker. However, there are some hints of its existence, for example, a small key icon status bar.

All this mess only exists because the advertising business has gone out of control. They pay for all sorts of ads, no matter how annoying they are, no matter how illegally they are served. It would be great if users could so the company behind the advertised product if their ad was served via malware.

Instagram tests hiding Like counts globally

Found on Techcrunch on Friday, 15 November 2019
Browse Internet

Instagram tells TechCrunch the hidden Likes test is expanding to a subset of people globally. Users will have to decide for themselves if something is worth Liking rather than judging by the herd.

The expansion raises concerns that the test could hurt influencers and creators after a study by HypeAuditor found many of them of various levels of popularity lost 3% to 15% of their Likes in countries where Instagram hid the counts.

If you get hurt by disabling the sheep count which makes users only like you because others did too, then you are just being pulled from the land of make believe into reality.

Instagram Stories launches TikTok clone Reels in Brazil

Found on Techcrunch on Wednesday, 13 November 2019
Browse Internet

Instagram also has the U.S. government on its side for a change. While its parent company Facebook is being investigated for antitrust and privacy violations, TikTok is also under scrutiny.

Chinese tech giant ByteDance’s $1 billion 2017 acquisition of Musical.ly, another Chinese app similar to TikTok but with traction in the U.S., is under review by the Committee on Foreign Investment in the United States.

It's normal business for Facebook: if you cannot buy it, clone and crush it.

TikTok: Should we trust the Chinese social-media video app?

Found on BBC News on Friday, 08 November 2019
Browse Internet

Some politicians are worried the app's Chinese owner, Bytedance, poses a risk to national security.

Others worry about the fact China requires its social-media apps to provide the state access to users' information.

People should be worried about TikTok just like about any "social" media. China is just more open about the fact that they make heavy use of all data they collect. Just like eg. Facebook does.

ISPs lied to Congress to spread confusion about encrypted DNS, Mozilla says

Found on Ars Technica on Monday, 04 November 2019
Browse Internet

Mozilla is urging Congress to reject the broadband industry's lobbying campaign against encrypted DNS in Firefox and Chrome.

"Unsurprisingly, our work on DoH [DNS over HTTPS] has prompted a campaign to forestall these privacy and security protections, as demonstrated by the recent letter to Congress from major telecommunications associations. That letter contained a number of factual inaccuracies," Mozilla Senior Director of Trust and Security Marshall Erwin wrote.

Mozilla is not exactly very honest about secure DNS either. They keep pushing and pushing for DoH, instead of focusing on DoT that would fit easily and reliably into the current systems. For Mozilla, their enemies are the ISPs because they want to "log and sell all the data" about their users. So for Mozilla, it boils down to trust. However, by rolling out DoH with the resolver defaulting to Cloudflare, there is nothing gained because in the end you still have to trust Cloudflare. Just in the same way you have to trust your ISP. Of course all the companies behind DoH promise never to abuse this data, but since it all is about trust, why trust them? So, don't mess with one of core components of the Internet and just upgrade to DoT and bury that DoH idea.

Chrome devs tell world that DNS over HTTPS won't open the floodgates of hell

Found on The Register on Wednesday, 30 October 2019
Browse Internet

The blurb comes as part of Google's effort to convince hostile police agencies and legislators around the world that DNS-over-HTTPS (DoH) won't result in ordinary people's internet usage being completely shielded from the ability of state agencies and ISPs to monitor and police them – the snoops will just have to work harder to eavesdrop on folks. In contrast, Mozilla, maker of Firefox, has vowed to press on and redirect users' DNS queries to its preferred host, Cloudflare, if it is so enabled.

So under the premise to protect privacy from curious ISPs, they want to redirect all DNS requests to a single provider: Cloudflare. Yes, we're told that it is possible to change the DoH settings, but how many average users will do that? Right now, DNS traffic spreads across various ISPs; in the not so far away future, the vast majority of this traffic will end up at Cloudflare, ready to be used. For now, everybody involved does not hesitate to underline that this data will never be used, but don't forget that Google already dropped its "Don't be evil" motto. If they really would care, they would not open such a can of worms but simply push for DoT instead which is much simpler and already works.

Tor blimey, Auntie! BBC launches dedicated dark web mirror site

Found on The Register on Sunday, 27 October 2019
Browse Internet

The BBC has launched a .onion version of its news website on the Tor anonymising network aimed at readers based in countries that ban its services.

"Today, the network has thousands of relays run by volunteers and millions of users worldwide. And it is this diversity that keeps Tor users safe."

Noe let's wait for the media to explain how the BBC dared to move to a network which they always call a tool for terrorists and criminals.

EU's top court says tracking cookies require actual consent before scarfing down user data

Found on The Register on Thursday, 03 October 2019
Browse Internet

The decision follows from the German Federation of Consumer Organizations' challenge of German company Planet49's use of a pre-ticked checkbox to obtain permission to place cookies on the devices of players of its online lottery game.

The CJEU ruling underscores the need for online businesses to conform with Europe's cookie requirements, which direct websites to obtain consent before placing cookies. And it serves as a warning shot for website operators.

It's almost like webmasters cannot create websites without cookies anymore; on the other hand, most webmasters are only able to combine a few plugins and templates without actually understanding what is going on behind the scenes and so serve all sorts of unwanted things to visitors.

YouTube U-turn after protests over verified status

Found on BBC News on Friday, 27 September 2019
Browse Internet

The proposed change was supposed to make the ID check more rigorous and help weed out impersonators.

Instead, the change was seen as stripping established YouTubers of their standing and hobbling their chances to prosper on the video site.

The threatened removal prompted widespread protests by established YouTubers, many of whom said the verification mark helped them establish their authority and longevity on the site.

Youtubers and authority? Really now? Influenzas "Influencers" should quit with their whining and find real jobs.

Facebook suspends tens of thousands of apps

Found on BBC News on Monday, 23 September 2019
Browse Internet

The company came under huge pressure in 2018 after it was revealed that Cambridge Analytica had accessed many users' data without permission.

"Our review helps us to better understand patterns of abuse in order to root out bad actors among developers," the company's vice-president for product partnerships, Ime Archibong, said in a statement on Friday.

The abuse is done by Facebook itself who tries to gather all and every data about its users (and even non-users via shadow accounts) to sell it to advertisers and influence them. So instead of fighting the origin the cancer, Facebook just removed a few metastases.