Facebook Suspends Donald Trump's Data Operations Team For Misusing People's Personal Information (theverge.com) 146

An anonymous reader quotes a report from The Verge: Facebook said late Friday that it had suspended Strategic Communication Laboratories (SCL), along with its political data analytics firm, Cambridge Analytica, for violating its policies around data collection and retention. The companies, which ran data operations for Donald Trump's 2016 presidential election campaign, are widely credited with helping Trump more effectively target voters on Facebook than his rival, Hillary Clinton. While the exact nature of their role remains somewhat mysterious, Facebook's disclosure suggests that the company improperly obtained user data that could have given it an unfair advantage in reaching voters. Facebook said it cannot determine whether or how the data in question could have been used in conjunction with election ad campaigns.

In a blog post, Facebook deputy general counsel Paul Grewal laid out how SCL came into possession of the user data. In 2015, Aleksandr Kogan, a psychology professor at the University of Cambridge, created an app named "thisisyourdigitallife" that promised to predict aspects of users' personalities. About 270,000 people downloaded it and logged in through Facebook, giving Kogan access to information about their city of residence, Facebook content they had liked, and information about their friends. Kogan passed the data to SCL and a man named Christopher Wylie from a data harvesting firm known as Eunoia Technologies, in violation of Facebook rules that prevent app developers from giving away or selling users' personal information. Facebook learned of the violation that year and removed his app from Facebook. It also asked Kogan and his associates to certify that they had destroyed the improperly collected data. Everyone said that they did. The suspension is not permanent, a Facebook spokesman said. But the suspended users would need to take unspecified steps to certify that they would comply with Facebook's terms of service.

The Courts

Entire Broadband Industry Will Help FCC Defend Net Neutrality Repeal (arstechnica.com) 77

The biggest lobby groups representing broadband providers will help the FCC defend the repeal of net neutrality rules in court. Ars Technica reports: Yesterday, three trade groups that collectively represent every major home Internet and mobile broadband provider in the U.S. filed motions to intervene in the case on behalf of the FCC. The motions for leave to intervene were filed by NCTA--The Internet & Television Association, CTIA--The Wireless Association, and USTelecom--The Broadband Association. NCTA represents cable companies such as Comcast, Charter, Cox, and Altice. CTIA represents the biggest mobile carriers, such as AT&T, Verizon Wireless, T-Mobile, and Sprint. USTelecom represents wireline telcos with copper and fiber networks, such as AT&T and Verizon. All three groups also represent a range of smaller ISPs.

As intervenors in the case, the groups will file briefs in support of the net neutrality repeal order and may play a role in oral arguments. NCTA's motion noted that its members would once again be subject to "common-carriage regulation under Title II of the Communications Act" if the FCC were to lose the case. CTIA said that its members "would be adversely affected if the [net neutrality] Order were set aside and the prior Title II Order classification and rules were reinstated."


Facebook Says It is Sorry For Suggesting Child Sex Videos in Search (cnet.com) 47

Facebook issued an apology on Friday after offensive terms appeared in the social network's search predictions late Thursday. From a report: When users typed "videos of" into the search bar, Facebook prompted them to search phrases including "videos of sexuals," "videos of girl sucking dick under water" and, perhaps most disturbingly, "video of little girl giving oral." Shocked users reported the problem on Twitter, posting screenshots of the search terms, which also included multiple suggestions relating to the school shooting in Florida last month. The social network appeared to have fixed the problem by Friday morning.
The Internet

Tumblr Has a Massive Creepshots Problem (vice.com) 119

After Reddit famously banned the creepshots sub-reddit, which shared non-consensual, revealing photos of women, Tumblr now has a slew of users pushing out similar photos across at least dozens of dedicated blogs, a Motherboard investigation has found. From the report: Simply typing 'creepshot' or related terms into Tumblr's built-in search function returns a steady stream of tagged posts, and Google queries easily reveal links to relevant Tumblr blogs. Motherboard found just under 70 Tumblr blogs focused on sharing creepshots, most with a bevy of content. In some cases, the Tumblrs also host 'upskirt' photos or videos, where a camera is deliberately, and stealthily, positioned to look up an unsuspecting person's skirt. Some of the subjects of these images, as well as many of the clothed creepshots, appear to be young, possibly teenagers.

"This is only the tip of the iceberg, there are probably hundreds of these accounts filming in high schools, college campuses, in malls, and on the streets. And Tumblr seems to not care at all about the problem," an anonymous tipster, who first alerted Motherboard to the issue, wrote in an email. One of the most popular creepshot Tumblrs has some 11,000 followers, and one of its posts has over 53,000 interactions linked to it, including reblogs, where the video or picture then appears on the user's own Tumblr, spreading the content further.


Yet Again, Google Tricked Into Serving Scam Amazon Ads (zdnet.com) 49

Zack Whittaker, reporting for ZDNet: For hours on Thursday, the top Google search result for "Amazon" was pointed to a scam site. The bad ad appeared at the very top of the search result for anyone searching for the internet retail giant -- even above the legitimate search result for Amazon.com. Anyone who clicked on the ad was sent to a page that tried to trick the user into calling a number for fear that their computer was infected with malware -- and not sent to Amazon.com as they would have hoped.

The page presents itself as an official Apple or Windows support page, depending on the type of computer you're visiting the page from. An analysis of the webpage's code showed that anyone trying to dismiss the popup box on the page would likely trigger the browser expanding to full-screen, giving the appearance of ransomware. A one-off event would be forgivable. But this isn't the first time this has happened. It's at least the second time in two years that Google has served up a malicious ad under Amazon's name.

The Internet

Bali Plans To Switch Off Internet Services For 24 Hours For New Year 'Quiet Reflection' (theguardian.com) 149

Internet service providers in Bali will be switching off mobile services this weekend for 24 hours to mark the Indonesian island's annual day of silence. "Nyepi, or New Year according to the ancient Balinese calendar, is a sacred day of reflection on the Hindu-majority island," reports The Guardian. "Even the international airport shuts down." From the report: This year authorities have called on telecommunications companies to unplug -- a request Bali says firms have promised to honor. "It was agreed that internet on mobile phones will be cut. All operators have agreed," Nyoman Sujaya, from the Bali communications ministry, told tirto.id. The plan, based on an appeal put forward by Balinese civil and religious groups, was announced following a meeting at the ministry in Jakarta. This is the first time internet services will be shut down in Bali for Nyepi, after the same request was denied last year. However, wifi connection will still be available at hotels and for strategic services such as security, aviation, hospitals and disaster agencies. Phone and SMS services will be operational, but the Indonesian Internet Service Provider Association is reviewing whether wifi at private residences will be temporarily cut.

Verizon Will Fix Broadband Networks, Landlines To Resolve Investigation (vice.com) 71

Joel Hruska reports via ExtremeTech: Verizon has reached an agreement with the Communications Workers of America and the New York State Public Service Commission to begin repairing infrastructure and restoring service across New York State. The agreement requires Verizon to extend broadband service to tens of thousands of New York State households and to begin repairing facilities it has previously neglected. As in Pennsylvania, Verizon has been neglecting its fixed wired infrastructure in its bid to first sabotage copper service, then force customers to adopt alternative solutions. It's also been mired in an ongoing lawsuit with the state of New York over its breach of a 2008 contract requiring it to provide fiber service within New York City.

This new agreement appears to settle these issues, provided it's followed. Under its terms, Verizon will extend fiber to 10,000 to 12,000 households not currently served by it in Long Island and Verizon's "Upstate Reporting Region" (these are Verizon-specific regions, not geographical areas, so "Long Island" may mean more than just the island). It will begin immediately replacing copper lines in certain specific NYC buildings with high failure rates and transitioning them to fiber optic cable, repairing operations within 50 upstate wireless centers with high failure rates, allow plant technicians to report plant failures and maintenance needs more accurately, and begin inspecting and replacing the batteries that provide critical connectivity in the event of a power outage when said batteries are deployed for specific customers (hospitals, police stations, and other emergency facilities). It will also begin removing so-called "double poles." A double pole is when an old telephone pole is stapled (metaphorically speaking) to a newer one. Some examples of a double pole from PA are shown below; Verizon has been hauled into court to force it to do its job in more than one state.


EU Wants To Require Platforms To Filter Uploaded Content (Including Code) (github.com) 104

A new copyright proposal in the EU would require code-sharing platforms like GitHub and SourceForge to monitor all content that users upload for potential copyright infringement. "The proposal is aimed at music and videos on streaming platforms, based on a theory of a 'value gap' between the profits those platforms make from uploaded works and what copyright holders of some uploaded works receive," reports The GitHub Blog. "However, the way it's written captures many other types of content, including code."

Upload filters, also known as "censorship machines," are some of the most controversial elements of the copyright proposal, raising a number of concerns including: -Privacy: Upload filters are a form of surveillance, effectively a "general monitoring obligation" prohibited by EU law
-Free speech: Requiring platforms to monitor content contradicts intermediary liability protections in EU law and creates incentives to remove content
-Ineffectiveness: Content detection tools are flawed (generate false positives, don't fit all kinds of content) and overly burdensome, especially for small and medium-sized businesses that might not be able to afford them or the resulting litigation
Upload filters are especially concerning for software developers given that: -Software developers create copyrightable works -- their code -- and those who choose an open source license want to allow that code to be shared
-False positives (and negatives) are especially likely for software code because code often has many contributors and layers, often with different licensing for different components
-Requiring code-hosting platforms to scan and automatically remove content could drastically impact software developers when their dependencies are removed due to false positives
The EU Parliament continues to introduce new proposals for Article 13 but these issues remain. MEP Julia Reda explains further in a recent proposal from Parliament.

Encrypted Email Service ProtonMail is Being Blocked in Turkey (protonmail.com) 35

ProtonMail: We have confirmed that Internet service providers in Turkey have been blocking ProtonMail this week. Our support team first became aware of connectivity problems for Turkish ProtonMail users starting on Tuesday. After further investigation, we determined that protonmail.com was unreachable for both Vodafone Turkey mobile and fixed line users. Since then, we have also received some sporadic reports from users of other Turkish ISPs. At one point, the issue was prevalent in every single major city in Turkey. After investigating the issue along with members of the ProtonMail community in Turkey, we have confirmed this is a government-ordered block rather than a technical glitch. Internet censorship in Turkey tends to be fluid so the situation is constantly evolving. Sometimes ProtonMail is accessible, and sometimes it is unreachable. For the first time ever though, we have confirmed that ProtonMail was subject to a block, and could face further issues in the future. In the post, ProtonMail has also outlined ways to bypass the block.

Jewelry Site Leaks Personal Details, Plaintext Passwords of 1.3 Million Users (thenextweb.com) 37

Chicago-based MBM Company's jewelry brand Limoges Jewelry has accidentally leaked the personal information for over 1.3 million people. This includes addresses, zip-codes, e-mail addresses, and IP addresses. The Germany security firm Kromtech Security, which found the leak via an unsecured Amazon S3 storage bucket, also claims the database contained plaintext passwords. The Next Web reports: In a press release, Kromtech Security's head of communicationis, Bob Diachenko, said: "Passwords were stored in the plain text, which is great negligence [sic], taking into account the problem with many users re-using passwords for multiple accounts, including email accounts." The [MSSQL database] backup file was named "MBMWEB_backup_2018_01_13_003008_2864410.bak," which suggests the file was created on January 13, 2018. It's believed to contain current information about the company's customers. Records held in the database have dates reaching as far back as 2000. The latest records are from the start of this year. Other records held in the database include internal mailing lists, promo-codes, and item orders, which leads Kromtech to believe that this could be the primary customer database for the company. Diachenko says there's no evidence a malicious third-party has accessed the dump, but that "that does not mean that nobody [has] accessed the data."

Reddit Is Bringing Promoted Posts To Its Mobile Apps (marketingland.com) 43

Reddit is reportedly launching native promoted posts for its mobile apps. "The company said in an email to advertisers that its apps are the most popular way its 330 million monthly active users access Reddit content on mobile, and they now account for 41 percent of time spent on Reddit across all platforms," reports Marketing Land. "Logged-in app users also spend 30 percent more time per day than users who log in from desktop, and 80 percent of app users don't access Reddit on desktop, according to the company." From the report: In-app promoted posts will have all the elements of a standard Reddit post, including upvotes, downvotes and comment threads. The native mobile ads will also include comments, which was not possible before on the mobile ads. Native promoted posts will be available on iOS starting Monday, March 19, and will roll out to Android in the coming weeks.

Wikipedia Had No Idea YouTube Was Going To Use It To Fact-Check Conspiracy Theories (gizmodo.com) 136

Yesterday, YouTube CEO Susan Wojcicki announced that the company would drop a Wikipedia link beneath videos on highly contested topics. We have now learned that Wikipedia did not know about this move prior to the announcement. Gizmodo reports: In a Twitter thread asking the public to support Wikipedia as much as it relies on it, Wikimedia executive director Katherine Maher first suggested that the organization was unaware of YouTube's plans. When asked whether this new module would only apply to English Wikipedia pages, Maher responded, "I couldn't say; this was something they did independent of us." In a statement to Gizmodo, the Wikimedia Foundation confirmed that the organization first learned of the new YouTube feature on Tuesday. "We are always happy to see people, companies, and organizations recognize Wikipedia's value as a repository of free knowledge," a Wikimedia Foundation spokesperson said in a statement. "In this case, neither Wikipedia nor the Wikimedia Foundation are part of a formal partnership with YouTube. We were not given advance notice of this announcement."

Sri Lanka Accuses Facebook of Failing To Control Hate Speech That Contributed To Deadly Riots (theguardian.com) 73

The Sri Lankan government is accusing Facebook of failing to control rampant hate speech that it says contributed to anti-Muslim riots last week that left three people dead and the country under a state of emergency. The accusations come after the country blocked Facebook and several other platforms last week in an effort to prevent the spread of hate speech. The Guardian reports: On Thursday Fernando, along with the Sri Lankan prime minister, Ranil Wickremesinghe, and communications officials, will meet a Facebook team that has flown to Colombo. The Sri Lankans will demand a new, faster system for taking down posts flagged as a national security risk by agencies in the country. "Facebook is not reacting as fast as we have wanted it to react," Fernando said. "In the past it has taken various number of days to review [flagged posts] or even to take down the pages." On Tuesday he highlighted a tweet from a user who claimed to have reported a Facebook post in the Sinhala language that read "Kill all Muslims, don't even let an infant of the dogs escape." The user claimed he received a reply six days later saying the post did not contravene a specific Facebook community standard. The extremist leader Amith Weerasinghe, who was arrested last week in Kandy after being accused of helping to instigate the violence, had amassed nearly 150,000 followers on his Facebook page before it was taken down last week.

YouTube Will Add Information From Wikipedia To Videos About Conspiracies (theverge.com) 217

An anonymous reader quotes a report from The Verge: YouTube will add information from Wikipedia to videos about popular conspiracy theories to provide alternative viewpoints on controversial subjects, its CEO said today. YouTube CEO Susan Wojcicki said that these text boxes, which the company is calling "information cues," would begin appearing on conspiracy-related videos within the next couple of weeks. Wojcicki, who spoke Tuesday evening at a panel at the South by Southwest Interactive festival in Austin, showed examples of information cues for videos about the moon landing and chemtrails. "When there are videos that are focused around something that's a conspiracy -- and we're using a list of well-known internet conspiracies from Wikipedia -- then we will show a companion unit of information from Wikipedia showing that here is information about the event," Wojcicki said. The information cues that Wojcicki demonstrated appeared directly below the video as a short block of text, with a link to Wikipedia for more information. Wikipedia -- a crowdsourced encyclopedia written by volunteers -- is an imperfect source of information, one which most college students are still forbidden from citing in their papers. But it generally provides a more neutral, empirical approach to understanding conspiracies than the more sensationalist videos that appear on YouTube.

Mozilla Working On In-Page Popup Blocker For Firefox (androidpolice.com) 53

Firefox is working on a blocker for annoying in-page alerts that often ask you to input your email address to receive a newsletter from the site. "The feature is still in the planning stages, but Mozilla is asking users for any examples of sites with annoying pop-ups," reports Android Police. "Mozilla wants to make Firefox automatically detect and dismiss the popups." From the report: If you know of sites that use in-page popups (whether it be newsletter signups, surveys, or something else), you can fill out the survey here. There are also Firefox and Chrome extensions that make the process easier. I'll be interested to see how Mozilla pulls this off, it will no doubt be difficult to detect the difference between helpful and not-helpful popups.
The Internet

Reddit and the Struggle To Detoxify the Internet (newyorker.com) 398

In an article published on The New Yorker this week, Andrew Marantz discusses the state of free speech on the Web and takes a look at Reddit, the internet's fourth-most-popular site, after Google, YouTube, and Facebook. Some excerpts from the story: On November 23, 2016, shortly after President Trump's election, Reddit CEO Steve Huffman was at his desk, in San Francisco, perusing the site. It was the day before Thanksgiving. Reddit's administrators had just deleted a subreddit called r/Pizzagate, a forum for people who believed that high-ranking staffers of Hillary Clinton's Presidential campaign, and possibly Clinton herself, were trafficking child sex slaves. The reason for the ban, according to Reddit's administrators, was not the beliefs of people on the subreddit, but the way they'd behaved -- specifically, their insistence on publishing their enemies' private phone numbers and addresses, a clear violation of Reddit's rules. [...] Some of the conspiracy theorists left Reddit and reunited on Voat, a site made by and for the users that Reddit sloughs off. Other Pizzagaters stayed and regrouped on r/The_Donald, a popular pro-Trump subreddit. Throughout the Presidential campaign, The_Donald was a hive of Trump boosterism. By this time, it had become a hermetic subculture, full of inside jokes and ugly rhetoric. The community's most frequent commenters, like the man they'd helped propel to the Presidency, were experts at testing boundaries. Within minutes, they started to express their outrage that Pizzagate had been deleted.

Redditors are pseudonymous, and their pseudonyms are sometimes prefaced by "u," for "username." Huffman's is Spez. As he scanned The_Donald, he noticed that hundreds of the most popular comments were about him: "fuck u/spez", "u/spez is complicit in the coverup". One commenter simply wrote "u/SPEZ IS A CUCK," in bold type, a hundred and ten times in a row. Huffman, alone at his computer, wondered whether to respond. "I consider myself a troll at heart," he said later. "Making people bristle, being a little outrageous in order to add some spice to life -- I get that. I've done that." Privately, Huffman imagined The_Donald as a misguided teen-ager who wouldn't stop misbehaving. "If your little brother flicks your ear, maybe you ignore it," he said. "If he flicks your ear a hundred times, or punches you, then maybe you give him a little smack to show you're paying attention."

Although redditors didn't yet know it, Huffman could edit any part of the site. He wrote a script that would automatically replace his username with those of The_Donald's most prominent members, directing the insults back at the insulters in real time: in one comment, "Fuck u/Spez" became "Fuck u/Trumpshaker"; in another, "Fuck u/Spez" became "Fuck u/MAGAdocious." The_Donald's users saw what was happening, and they reacted by spinning a conspiracy theory that, in this case, turned out to be true. "Manipulating the words of your users is fucked," a commenter wrote.


Firefox 59, 'By Far the Biggest Update Since Firefox 1.0', Arrives With Faster Page Loads and Improved Private Browsing (venturebeat.com) 103

An anonymous reader shares a VentureBeat report: Mozilla today launched Firefox 59 for Windows, Mac, Linux, and Android. The release builds on Firefox Quantum, which the company calls "by far the biggest update since Firefox 1.0 in 2004." Version 59 brings faster page load times, private browsing mode that strips path information, and Android Assist. In related news, Mozilla is giving Amazon Fire TV owners a new design later this week that lets them save their preferred websites by pinning them to the Firefox home screen. Enterprise users also have something to look forward to: On Wednesday, Firefox Quantum for Enterprise is entering the beta phase. Firefox 59 for the desktop is available for download now on Firefox.com, and all existing users should be able to upgrade to it automatically. As always, the Android version is trickling out slowly on Google Play.

Comcast 'Blocks' an Encrypted Email Service: Yet Another Reminder Why Net Neutrality Matters (zdnet.com) 105

Zack Whittaker, writing for ZDNet: For about twelve hours earlier this month, encrypted email service Tutanota seemed to fall off the face of the internet for Comcast customers. Starting in the afternoon on March 1, people weren't sure if the site was offline or if it had been attacked. Reddit threads speculated about the outage. Some said that Comcast was actively blocking the site, while others dismissed the claims altogether. Several tweets alerted the Hanover, Germany-based encrypted messaging provider to the alleged blockade, which showed a "connection timed out" message to Comcast users. It was as if to hundreds of Comcast customers, Tutanota didn't exist. But as soon as users switched to another non-Comcast internet connection, the site appeared as normal. "To us, this came as a total surprise," said Matthias Pfau, co-founder of Tutanota, in an email. "It was quite a shock as such an outage shows the immense power [internet providers] are having over our Internet when they can block sites...without having to justify their action in any way," he said.

By March 2, the site was back, but the encrypted email provider was none the wiser to the apparent blockade. The company contacted Comcast for answers, but did not receive a reply. When contacted, a Comcast spokesperson couldn't say why the site was blocked -- or even if the internet and cable giant was behind it. According to a spokesperson, engineers investigated the apparent outage but found there was no evidence of a connection breakage between Comcast and Tutanota. The company keeps records of issues that trigger incidents -- but found nothing to suggest an issue. It's not the first time Comcast customers have been blocked from accessing popular sites. Last year, the company purposefully blocked access to internet behemoth Archive.org for more than 13 hours.


Data Breach Victims Can Sue Yahoo in the United States, Federal Judge Rules (reuters.com) 13

Yahoo has been ordered by a federal judge to face much of a lawsuit in the United States claiming that the personal information of all 3 billion users was compromised in a series of data breaches. From a report: In a decision on Friday night, U.S. District Judge Lucy Koh in San Jose, California rejected a bid by Verizon Communications, which bought Yahoo's Internet business last June, to dismiss many claims, including for negligence and breach of contract. Koh dismissed some other claims. She had previously denied Yahoo's bid to dismiss some unfair competition claims.

[...] The plaintiffs amended their complaint after Yahoo last October revealed that the 2013 breach affected all 3 billion users, tripling its earlier estimate. Koh said the amended complaint highlighted the importance of security in the plaintiffs' decision to use Yahoo. 'Plaintiffs' allegations are sufficient to show that they would have behaved differently had defendants disclosed the security weaknesses of the Yahoo Mail System," Koh wrote. She also said the plaintiffs could try to show that liability limits in Yahoo's terms of service were "unconscionable," given the allegations that Yahoo knew its security was deficient but did little.


Are The Alternatives Even Worse Than Daylight Saving Time? (chron.com) 322

The New York Times notes an important caveat to Florida's recently-approved law observing daylight savings time year-round: it specifies that their change will only go into effect if "the United States Congress amends 15 U.S.C. s. 260a to authorize states to observe daylight saving time year-round."

"In other words: Even if the governor signs the bill, nothing will happen now... States can choose to exempt themselves from daylight saving time -- Arizona and Hawaii do -- but nothing in federal law allows them to exempt themselves from standard time." Meanwhile one California legislator exploring the idea of year-round standard time discovered that "youth sports leagues and families worried that a year-round early sunset would shut down their kids' after-school games." But the Times also acknowledges problems in the current system. "In parts of Maine, for example, between Thanksgiving and Christmas, the sun sets before 4 p.m. -- more than an hour earlier than it does in Detroit, at the other end of the Eastern time zone." So is there a better alternative?

An anonymous reader quotes Business Insider: Standardtime.com has a unique suggestion. Their proposal has only two time zones in the continental U.S. that are two hours apart, which The Atlantic calls "a simple plan to fix [DST]"... Johns Hopkins University professors Richard Henry and Steven Hanke have come up with yet another possible fix: worldwide adoption of a single time zone. They argue that the internet has eliminated the need for discrete time zones across the globe, so we might as well just do away with them...

No plan will satisfy everyone. But that doesn't mean daylight-saving time is good. The absence of major energy-saving benefits from DST -- along with its death toll, health impacts, and economic ramifications -- are reason enough to get rid of the ritual altogether.

The article associates Daylight Saving Time with "a spike in heart attacks, increased numbers of work injuries, automobile accidents, suicides, and more." And in addition, it also blames DST for an increased use of gasoline and air conditioners -- adding that it will also "rob humanity of billions of hours of sleep like an evil spacetime vampire."

Slashdot Top Deals