Facebook Cares Nothing For Your Privacy

They make money off selling access to data about you. Why would they want to cut into that? Facebook fears more secret documents have been leaked.

Among them were emails showing that Facebook tried to strangle its competitors by cutting off their access to its data, as well as emails in which Facebook employees discussed how to read users’ mobile phone logs without prompting a dialogue box asking for their consent.

So they wield monopoly power, and the want to trample over privacy. What a surprise.

I don’t use Facebook. (I have an account which I log into a few times a year to change the password and deactivate.) I use Google as little as possible. (I am still using Gmail, but I am working to get it out of anything important, like banking.)

I have pretty much stopped using Twitter. (I was sort of disappointed that I wasn’t banned, but then I wasn’t really trying.)

I don’t want information about my life to someone’s product for sale.


Self-driving Cars? Not Quite

they seem to have trouble with a lot of situations. Even self-driving leader Waymo is struggling to reach full autonomy.

Lane changes. Merging onto a highway. Left turns. And anything out of the ordinary – like a traffic accident. These all confuse the Waymo cars.

“Lane changes appear to be a problem for the cars,” Randazzo says in the video. When trying to move into a crowded lane, a Waymo car seemed to lack a human driver’s ability to anticipate other drivers’ actions and squeeze into an open spot. Instead, the vehicle would turn on its turn signal and wait for a few seconds for an opening to appear. If one didn’t appear, it would turn the turn signal off and wait for a while before trying again.

I guess our “self-driving overlords” have yet to arrive. (With apologies to Small Dead Animals.)

Developers Know Better What You Need Than You Do

That’s what they believe anyway. I haven’t found anyone who likes this update. I’m sure there is someone somewhere. Truly awful WordPress update has broke many things….

Until we can figure out how to fix WordPress’ “helpful” update that over-rides CSS, Samizdata will be looking a bit weird… sorry folks.

And hey WordPress… fuck you. Maybe time to start looking for an alternative to WordPress.

The update was sold as “this will help.” And “If you like HTML and CSS you won’t be impacted.” Guess that was too good to be true.

There was a survey of people who were testing the new version, and it scored less than 4 out of 10.

It’s Almost Like Putin Didn’t Expect To Be Held Accountable By the Obama Administration

Since Russia has been violating the Intermediate-range Nuclear Forces Treaty since at least 2014, and maybe as early as 2008. Russia’s controversial 9M729 missile system: A not-so-secret secret.

First, while the US Media is having a fit about what Trump is doing, NATO has determined that the Trump administration is correct.

Tuesday, the military alliance came out on Washington’s side and also accused Russia of breaching the INF treaty. The US has given Russia a 60-day ultimatum to comply with the treaty. Otherwise, the US will abandon the INF agreement for good.

The violation? The Novator 9M729 missile system (NATO designation = SSC-8).

In late July 2014, The New York Times first broke the news that Washington had a suspicion Russia might be violating the INF treaty. It said that the then president, Barack Obama, had sent a letter to his Russian counterpart, Vladimir Putin, on the matter. The paper claims Russia began testing the new missile system as early as 2008. The New York Times also reported the Obama administration had hoped to reach a compromise with the Russians by not publicly accusing them of violating the INF agreement. On Tuesday, the US State Department said five confidential talks between arms experts had been held since 2014 over the missile system. Yet it claims Russia had denied, concealed and spread lies about the new missile.

So by not confronting Russia in 2014, or earlier when the missile started testing, did the Obama administration advance the cause of peace, or just keep an inconvenient story out of the news as much as possible.

Russia has kept pretty tight security in place. An analyst with the Brookings Institution estimated the range at 2000 kilometers.

“Folks at NASA need to get out more”

This reminds me of a quote from the movie Species, but there are enough movie references at this link: NASA wants an all female crew to Mars to prevent sex happening during the trip?.

What makes NASA think an all female space crew might not end up being a mini version of the LPGA, women’s softball, or women’s soccer? Will NASA screen against that (how do you think that will fly with certain SJWs)?

NASA lost most people’s imagination when they concentrated on the Space Truck Shuttle.

Click thru for various stuff along the lines of Lesbian Vampires from Outer Space, Lesbians in Space and other bits of classic cinema.

Recent Breaches Show Companies Don’t Give a Damn About Your Security

First up is a breach that was four years long and resulted in 500,000,000 people impacted. What the Marriott Breach Says About Security.

Krebbs talks at length about “clueful” companies and companies with “mature security posture.” I think it’s clear that Marriott doesn’t fall into either category.

For companies, this principle means accepting the notion that it is no longer possible to keep the bad guys out of your networks entirely. This doesn’t mean abandoning all tenets of traditional defense, such as quickly applying software patches and using technologies to block or at least detect malware infections.

It means accepting that despite how many resources you expend trying to keep malware and miscreants out, all of this can be undone in a flash when users click on malicious links or fall for phishing attacks. Or a previously unknown security flaw gets exploited before it can be patched. Or any one of a myriad other ways attackers can win just by being right once, when defenders need to be right 100 percent of the time.

“How many resources you expend…” translation: it is going to cost more than you want to spend on security. But as for the downside costs…. talk to Maersk Lines, or Federal Express.

How about exposing customer information to the public internet? No password required! SKY Brasil Exposes 32 Million Customer Records

SKY Brazil is a subsidiary of DirecTV Latin America.

“The data the server stored was Full name, e-mail, password, pay-TV package data (Sky Brazil), client ip addresses, personal addresses, payment methods,” Castro told BleepingComputer. “Among other information the model of the device, serial numbers of the device that is in the customer’s home, and also the log files of the whole platform.”

They were able to fix this IN A FEW MINUTES by adding a password. These servers had been indexed by Shodan search. But hey, THEIR information hasn’t been made public. (I take it that “Payment Methods” means the credit card numbers of customers were available.)

The fact that “only” 32 million records were exposed makes this seem less important. Probably doesn’t seem that way to anyone who is impacted.

You would think an internet company would do better. And they have. Somewhat. Quora Hacked – 100 Million User’s Data Exposed.

“We recently became aware that some user data was compromised due to unauthorized access to our systems by a malicious third party,” stated Quora’s security update. “We have engaged leading digital forensic and security experts and launched an investigation, which is ongoing. We have notified law enforcement officials. We are notifying affected Quora users.

These guys seem to be reacting appropriately. And indications are that they discovered the breach fairly quickly. (Not 4 years anyway.)

Yet Another Data Breach

This is not surprising, not even a little. Records of 114 Million US Citizen and Companies Exposed Online.

Researchers from HackenProof, a penetration testing company based in Estonia, found the massive cache of data via the Shodan search engine, in two Elasticsearch indices.

They couldn’t determine who owned that data, only that Shodan had indexed it on November 14th. It was likely sitting there, available to all, for a considerable period of time. (And Shodan probably isn’t the only web-crawler that found it.)

One of the instances contained personal information of 56,934,021 US citizens, including sensitive details like full name, employer, job title, email and street address, ZIP code, phone number, and an IP address.

Because actually securing all of that data that companies are so eager to Hoover up is time consuming and expensive.