Chrome, Safari, and Opera Browsers might be leaking your private information

Source: fossBytes

We often praise the autofill features of our web browsers for saving us from all the troubles of typing the details like email address, passwords, address, phone numbers, etc.

But, these features come along with some serious security risks too.

A web developer and hacker named Viljami Kuosmanen has found a flaw that’s affecting different browsers and plugins. According to his revelation, web browsers like Google Chrome, Apple Safari, and Opera, and plugins like LastPass can be exploited to leak sensitive personal information.

Browser autofill phishing in Chrome, Safari, and Opera

The phishing attack described by the hacker is very simple in application. When you fill your information in text boxes, autofill enters the profile-based information in form fields hidden from the user.

Mozilla’s Firefox is immune to this problem as it is yet to implement a multi-box autofill system, so, it can’t be tricked into filling text boxes.

Interestingly, this attack is triggered when users enter at least one information in some online form. To avert such attacks, the users are advised to disable the autofill function in their web browser.

Is Cybercrime Act, a form of censorship?

Source: Looppng

Many Loop PNG readers think the Cybercrime Act is a National Government plot to censor public comments on social media.

The National Parliament in 2016 passed the Act making it a crime to make unproven allegations about individuals using any information technology medium.

However, the National Information and Communication Technology Authority (NICTA) CEO Charles Punaha brush aside the censorship claims.

Punaha said the new Cybercrime Act is not a form of censorship in Papua New Guinea.

These are some of the comments on our news site.

“It is censorship your highness. You are telling us to watch our mouths when criticizing publicly elected officials – a norm in any democracy. Isn’t that the same as prohibiting people from watching certain movies, etc?” a reader stated.

“People or so called leaders are pushing around to have media under their control is to protect themselves from their corrupt practises so where does this freedom of speech comes in play, shame on you leaders for pushing this agenda around to pass that law,” Arnold Mara commented.

“We need freedom of speech in our country!! We all know that the media in PNG is being controlled by the Government, we need social media to expose corruption and the truth on our Parliamentarians and Senior Public servants’ immoral and unethical behaviours,” another reader commented.

Crash Course in Understanding Facebook Messenger Privacy Settings

Course Details

Facebook Messenger is a handy smartphone app that separates messaging from Facebook’s other features. But when you install Messenger, it asks for permission to edit and read your text messages, record audio, and access your location data, which creates privacy concerns for some users. In this short course, Nick Brazzi will show you what settings you can adjust on the iOS and Android versions of the app, and how they will impact how Messenger runs on your device. Watch and learn if Facebook Messenger is right for you.

Instructor

Nick Brazzi

Nick Brazzi

Staff Author, lynda.com at LinkedIn

Learn more

Reviewing privacy options and settings for Facebook Messenger

Messages are a popular feature on Facebook. Using messages you can write a message directly to another Facebook user, which they can view privately. Messages are sort of like emails or chat messages. They can only be seen by the people involved in the conversation. Now to be clear we’re not talking about regular status updates or wall posts on Facebook, just the private message system.

Recently Facebook has been making a big push to get users to use the separate Messenger app. And it looks like that change is going to be mandatory. If you wanna send Facebook messages on your smartphone you have to use the Messenger app.

This change stirred up some controversy, especially surrounding privacy concerns. Now if you need to learn how to use the Facebook Messenger app check out the Up and Running with Facebook course with Justin Seeley on lynda.com.

You can still send and receive Facebook messages on the Facebook website on a computer. Security and permissions are different between iPhone, Android, and the Amazon Fire Phone, so I wanna look at all three, starting with the iPhone. Here I am in the standard Facebook app. And when I tap on the messages button you see something interesting. If you have not already installed the Messenger app you’ll probably be prompted to do that here. In some cases you might see a button that says not now, or remind me later, but that doesn’t happen in most cases.

In most cases you’re gonna see this. The options will be install or learn more. So really your only option is to install the app. So let’s see how that works. I’m gonna go ahead and go through the installation process, so I’ll hit install. And because I’ve already installed this app on another phone you can see it’s just got the little cloud icon, which lets me download the app again here on this phone. So I’ll tap that and let it install. Once it’s installed you could go ahead and launch the app, or if you’re already inside the standard Facebook app when you look at the messages button now it’s changed to say Messenger.

And if I tap on that button now it’s gonna flip me over to the Messenger app. So you can launch the app itself, or you can get to it from within the standard Facebook app. Since this is the first time I’ve used the app on this phone I’m gonna need to log in. It already knows my Facebook account, so I can confirm that just by hitting continue. As you log in there’s an option to link the Messenger app to your phone number. This is the first privacy option that you need to consider. If you link your phone number your friends will be able to make voice calls to your phone directly through the Messenger app.

There’s also an option to send free SMS messages through the app, but of course this could be a privacy concern, you may not want people to have direct access to you through Facebook through your phone number. So if this is an issue for you you should simply decline to link your phone number to the app and everything else will work fine. To decline just hit not now down here at the bottom. It’s a very light grey, so it may be hard to see. I’m gonna confirm this by hitting skip. Now it’s worth noting that if you did set up the app and linked your phone number to the app as far as I can find there’s no way to remove your phone number after the fact.

So just be careful when you first set up the app, and if you do not want your phone number linked make sure you don’t link it. I’m also gonna skip this option about text messages just by hitting not now. And I’m gonna go ahead and allow notifications. I’ll hit OK. But let’s talk about notifications for just a moment. This is another minor question that you’ll need to address. Enabling this allows the phone to display popup notifications when you receive messages, even when the app isn’t running. This permission isn’t really a security risk, it’s just up to you to decide whether you want alerts when you receive new messages in the Facebook Messenger app.

I’m gonna go ahead and allow them. Now I’m all set up and I’ll hit OK. And from here I can see all of the conversations that I have going on inside of messages on Facebook. Now again, I’m not gonna get too much into how to use the app, that’s covered in the Up and Running with Facebook course with Justin Seeley here on lynda.com, but I do wanna talk about some privacy settings. So let’s finish talking about those notification settings. What if you decided to change your mind about notifications later? Well, if you wanna change that all you need to do is close the app and switch over to settings, and you wanna go to notification center, and you’ll see a list of all of the apps on your phone that have notifications options.

So I’m gonna scroll down and find the Messenger app and touch on that, and you can see you can adjust your notification options right here. And if you don’t want notifications at all then you can just go through and turn off all of these options. I’m gonna go back to the main settings screen and we’ll flip back over to the Messenger app. Back in the Messenger app I’m gonna compose a message. I can do that by hitting the new message button up here, or I can just tap on one of the people I’ve been having a conversation with and I can type a message to them here.

If I tap on this field right here I can type my message. But now that I’m here typing a message I wanna look at the location permissions, which is the biggest hot button topic here. You have the option to include your location when you send a message. This will include a GPS map location, so your friends can see where you were when you sent this message. Now clearly this might be a problem for some conversations, so it’s really important that you know how to turn this off. On my iPhone the location was off by default, but don’t take my word for that.

I suggest you double check that for yourself. Now looking at this field here when I’m typing a message I can see there’s a little notification here that tells me that I can enable location. What we’re really looking at is this small triangular arrow down here. If that arrow is a hollow grey that means that locations are turned off, if I tap on that button that will enable locations for this conversation. But here we see a very important option and this is part of iOS on the iPhone. It’s asking me for permission to use my current location and that’s just the way iOS works.

You have to give each app individual permission before they can access your location information. That’s why this is off by default on the iPhone. So just to see how it works I’m gonna go ahead and hit OK, which will give my phone permission to use my location for the Facebook Messenger app. And now you can see the location button is a bright blue. Now I can turn this off or on for any conversation. All I need to do is tap on that button to turn it off, tap on it again to turn it on.

And it’s really important that you take a look and you know whether that option is on or off, so you can set it the way you want it. So it’s nice that you can disable location information for each conversation, but what if you wanna disable location permissions completely for the app? What if you never want the app to have the ability to use your location? To do that, again, we’re gonna go to the home screen, we’ll go to settings, we’re gonna go to the section here in settings on privacy, and I’m looking for location services.

And again, you’re gonna see a list of all of the apps that have location services available. And you can see that the switch is turned on for Facebook Messenger. If I turn this off then that will deny permission to Facebook Messenger to use any location data at all. And this is the safest way to go. This will make it so that the Facebook Messenger app is never able to use your location. Now of course if I switch back to the Facebook Messenger app I’ll now see that the location button is dimmed out again and if I try to turn it on it’s gonna tell me that I have to go to settings to re-enable it.

I’ll go ahead and tap OK. So that’s the location settings for the iPhone. There are a couple other privacy issues that we wanna take a look at, but they’re a little bit more minor. As you’re typing a message generally you’re set to text. There is an option here to flip to the camera if you wanna send photos straight from your camera through a message. There’s an option to access photos that are saved in your camera roll as well. And if I tap on that button it’s gonna ask me for permissions to access my camera roll. So this is another one of those permission things.

And if I decide to say OK then I could choose a photo from my camera roll, select it, and send it through the message, and that works fine. But of course, like we saw you have to give it permission. The same is true of the microphone option. This option lets you send voice messages. And if I tap on this record button you can see that it’s going to ask me for permission to use my microphone. So again, this is one of those services that you have to grant permission. In this case I’m gonna say don’t allow.

And it’s gonna give me a little bit of information telling me what I’m not gonna be able to do if I don’t have the microphone enabled. I’ll just hit OK. So I did give it permission to use my photos, but I did not give it permission to use the microphone. I’m gonna go to my settings again and I’m gonna take a step back, so we’re on the main privacy screen. And you can see here in privacy settings there is an option to go through and enable or disable permission to use photos, as well as the microphone.

So those are the other special permissions that you’re gonna have to take into account when deciding on your privacy settings here on the iPhone. Now let’s take a look at those settings on an Android phone. Here in the Google Play Store I’m looking at the Facebook Messenger app and I’m gonna hit install. When I install this app I’m gonna see a warning showing me all of the app permissions that this app requires. And this is one of the biggest sources of controversy and debate about this app online.

This app requires a lot of permissions. As a matter of fact, if I scroll down here there’s an option to see all and there are even more listed here. Now I’m not gonna comment on what each and every one of these app permissions mean. There’s a lot of articles online that talk about this extensively, but what I do wanna do is talk about which of these app permissions you can disable, just like we saw a moment ago on the iPhone. So for now I’m just gonna hit accept and I’m gonna let the app install.

Once you have the app all installed and set up it’ll look like this. Now just like when I set it up on the iPhone I decided to decline the option to link my phone number to the app. But here I can see all of the conversations that I have going on inside of Facebook Messenger. Now keep in mind, the menus and the settings are a little bit different from one Android phone to the next, but they should be similar enough that you should be able to find what you need based on what we see here. I’m using the Nexus 5 phone and we’ll also look at the Amazon Fire Phone in a moment, which runs on a modified version of Android.

So first let’s take a look at the notification settings. Some Android phones give you more or less control over how notifications behave, but fortunately you can enable and disable notifications right inside the Messenger app. To do that I’m gonna go to the settings button and you can see there are two interesting options here. I wanna take a look at notifications and chat heads. When I go into notifications you can see there are several options for how you want your notifications to appear. And of course if you just don’t want any notifications at all you can turn that off up here.

I’m gonna take a step back. Chat heads is interesting. Chat heads will give you previews of the Facebook Messenger conversations you’re having even when you’re not in the app. Let’s take a look at how that looks. I’m gonna go back to my messages and I’m going to reply to a message here. And I’ll just write a quick response to this conversation. I’ll send that. So now this particular conversation is active.

I’ll take a step back, and I’m gonna hit the home button to get to my main screen. Now when I get a response to the message that I just sent we should see notifications and chat heads pop up. So that’s what the notifications and the chat heads look like. And the chat heads are neat, I can tap on them here, and I can write a response to the message without actually opening up the app. I’m gonna tap outside of this and I’m gonna go ahead and open the app, so we can look at the rest of the settings. So of course those are notifications and you can turn those on or off right here.

Now let’s talk about the big one, location permissions. So I’m gonna go back to the conversation I was just having, I’ll tap on that, tap on the field to type a message, and just like on the iPhone there’s a button that indicates whether location is turned on or off. The button is a little bit different on Android, it looks like a circular target button. Now this is the most important thing you have to recognize, the locations option is turned on by default on Android. On iPhone it is not on by default, but on Android it is.

So if you just jump in and start using the app you will be sending your GPS location to anybody you send messages to. So how do we turn that off? Well, it’s very similar to an iPhone. To turn it off for an individual conversation just tap on the button here and it turns grey. Turn it back on just by tapping on it and it turns blue. But that’s only for one conversation at a time. What if you wanna disable location services entirely for the app? I’m gonna take a step back, go to settings in the app, and you can see here that location is enabled.

All I need to do is turn off location here and when I go back to my conversation, when I tap to type in my message you’ll see that location is off. If I try to turn it on it’s gonna tell me that location is turned off for the app entirely and it’ll ask me whether I wanna turn it on. So I’m gonna go ahead and hit not now. I’m gonna leave location settings turned off. Now there is another way to handle location issues on an Android phone. To do that I’m gonna take a step back and I’m gonna go to the home screen, I wanna go into the settings for my phone.

Inside of settings I’m looking for the category of location. Here in location I can see a list of all of the apps that are using location and I’m not able to disable that individually for each app on the Nexus 5, but what I am able to do is turn off the master switch for location. This turns off location settings entirely for any app running on my phone, but it’s important to recognize that there are some apps that you might wanna use locations for, especially the Maps app for example.

And remember that you can still turn off locations directly in the Facebook Messenger app. Now if I go back to the Facebook Messenger app and I go back to my conversation and I tap to type a message you see just like on the iPhone we’ve got buttons to access the camera, as well as my photo roll, and I can access the microphone. But it’s very interesting to see here that you are not asked to give permission for the phone to use your camera roll or your microphone. This is just not an option that you have the ability to adjust on an Android phone.

So again, keep this in mind as you’re deciding whether you wanna use this app. The app is automatically given permission to use your photos and your microphone. Now some Android devices and the Amazon Fire Phone give you a little more control over notifications and location permissions. But there’s one issue here with location settings that I wanna be aware of. So I’m gonna switch over to the Amazon Fire Phone. On the Amazon Fire Phone the Messenger app in general works the same as it does on the Android phone we saw a moment ago.

One interesting thing that I’ve noticed is that it does not seem to force me to install the Messenger app when I access messages inside the Facebook app. Of course that may change in the future, but you can see here I am in the standard Facebook app and I’m able to access messages just fine. But I do have the Messenger app installed, so I’m gonna go ahead and open that up. And like I said, it looks pretty much the same as it does on any other Android device. We can go into the settings and we can make the same settings adjustments right here.

I’ve got my notifications and I’ve got my location settings, but there’s something very important that I wanna talk about with locations. This is something that I found is specific to the Amazon Fire Phone, but it may work the same on other Android devices, so it’s good to have an eye out for it. I’m gonna go into the settings here on the Fire Phone, and I’m gonna go to the section on location services. And there’s an option here to configure location based services for your individual applications.

I’m gonna tap that. And if I scroll down here I can see a list of all of the applications on my phone that use location services. And I can come in here and I can find Messenger and I can turn location services off. The idea here is that now Messenger will not be able to use any location services, but this is what I want to warn you about. In my experience with the Amazon Fire Phone this does not work the way I would have expected it to work. Let me show you what I mean.

Now that I have location services turned off for Messenger I’m gonna go back to the Messenger app and here in the settings for Messenger I can see that location services are still enabled and if I go to my conversations and I tap to continue this conversation, go here to write a message, I can see that location is enabled for this conversation. So the location settings inside of the Messenger app here on the Fire Phone override the location settings on the system settings for the phone.

This is important and you wanna make sure that you double check all of your location settings to make sure you know whether you’re sending your location when you send your messages. It’s worth noting that if I go back to settings and I go to notifications and into manage notifications I can change app notifications individually for each app here as well. So I’ll scroll to Messenger and you can see I can change all sorts of options for the notifications.

But again, I think it’s really important that you double check how the app actually behaves just in case the settings in the app override the system settings that you adjust here. Security and privacy are really important issues to be aware of with any smartphone app, but I think Facebook is a system where you should be particularly aware. It’s also worth noting that location services drain your battery faster, so location might be more than a privacy concern for you. But please get familiar with your phone’s settings and make informed decisions about how you use your apps and how you communicate with people over the internet.

5 Unbelievably Creepy Surveillance Tactics

Source: AlterNet

By Tana Ganeva

Survoptiv9.png

Since the erosion of Americans’ civil liberties depends on high levels of public apathy, some of the most dangerous privacy breaches take place incrementally and under the radar; if it invites comparisons to Blade Runner or Orwell, then someone in the PR department didn’t do their job. Meanwhile, some of the biggest threats to privacy, like insecure online data or iPhone GPS tracking, are physically unobtrusive and therefore easily ignored. And it’ll beat least a year or two until the sky is overrun by spy drones.

So when a method of surveillance literally resembles a prop or plot point in a sci-fi movie, it helps to reveal just how widespread and sophisticated commercial and government monitoring has become.  Here are five recent developments that seem almost unreal in their dystopian creepiness.

  1. Buses and street cars that can hear what you say.

You can’t really go anywhere in America without being tracked by surveillance cameras. But seeing what people do is not enough; according to a report by the Daily, cities all over the country are literally bugging public transportation.

In San Francisco, city officials have plans to install surveillance cameras that record sound on 357 buses and trolley cars, the Daily reported. Eugene, Oregon and Columbus, Hartford and Athens, Georgia, also have audio recording plans in the works. The systems have the capacity to filter background noise and hone in on passengers’ conversations.

Officials have said that the system is merely intended to help resolve disputes between bus riders. San Francisco officials did not comment, but the Daily found a similar justification in procurement documents for the technology. “The purpose of this project is to replace the existing video surveillance systems in SFMTA’s fleet of revenue vehicles with a reliable and technologically advanced system to increase passenger safety and improve reliability and maintainability of the system.”

It’s nice that the Department of Homeland Security, which covered the entire cost of San Francisco’s system, is so committed to ensuring pleasant bus rides for passengers.

  1. Mannequins that can see you.

A handful of retailers in the US and Europe are installing mannequins in their stores that can determine customers’ age, gender and race, Bloomberg reported last month. Don’t worry, the face recognition-equipped camera is hidden, so there is no way to tell whether the giant plastic dolls in the store are watching you as you shop. The company that developed the mannequins (named EyeSee) sells their attributes thusly:

This special camera installed inside the mannequin’s head analyzes the facial features of people passing through the front and provides statistical and contextual information useful to the development of targeted marketing strategies. The embedded software can also provide other data such as the number of people passing in front of a window at certain times of the day.

They are also developing audio technology that can pick up key words from customer conversations to help them tailor their marketing plans. A screen that displays advertising geared specifically to each customers’ demographic is also in EyeSee’s future.

Really, wouldn’t the ideal marketing scenario be if human customers were replaced by mannequins programmed to buy everything the other mannequins were selling?

  1. Biometric time clocks.

For too long, employers lacked the ability to extract every second of labor from their workers with scientific precision. Thanks to the wonders of face recognition technology, many employees in low-wage workplaces are now required to log in to work on face recognition readers instead of using key cards or codes. Biometric time clocks like FaceIn, most commonly used at construction sites, create an avatar of the workers’ face that the machine keeps forever and that ages alongside the employee. Allegedly, it can tell twins apart.

Meanwhile, many fast food restaurants and retailers have started using biometric time clocks that record digital fingerprints, like the creepily named U.are.U digital fingerprint reader, to prevent employees from coming in late or giving out discounts.

  1. Tagging children.

It’s probably best to train people in robotic discipline early, and many US schools, aided by surveillance technology vendors, are on it. Last month, a Texas sophomore sued her school district for making students carry RFID chips that tracked their movements, but that’s just the start. School administrators all over the country use CCTV cameras, RFID chips, and GPS tracking to moniter where students go and what they do, as David Rosen reported for AlterNet. One pilot program for middle schoolers used GPS to make sure kids aren’t late: 

Each school day, the delinquent students get an automated “wake-up” phone call reminding them that they need to get to school on time. In addition, five times a day they are required to enter a code that tracks their locations: as they leave for school, when they arrive at school, at lunchtime, when they leave school and at 8pm. These students are also assigned an adult “coach” who calls them at least three times a week to see how they are doing and help them find effective ways to make sure they get to school.

  1. Biometric databases.

Federal agencies ranging from the DoD to the FBI to the DHS are revamping their databases to include iris scans, voice patterning, measures of gait, face recognition, and records of scars and tattoos. They also have a mandate to indiscriminately share this information between agencies and with unnamed foreign entities.

Snowden Live Q&A On Trump: “Don’t Fear Trump. Fear The Risk Of Spying”

Source:  fossBytes

After Donald Trump becoming the president many people have been talking about how he would affect different things.

Privacy is one of those things because the security agencies based in the US are known for their surveillance hobbies. The new elected president would definitely have some sort of impact on privacy and how the spying activities would continue in the future.

Edward Snowden, the man who made the world serious about their personal information available on the internet, will host a live stream event on StartPage–a Dutch search engine–on November 10 (4:30pm Eastern Time). Obviously, Snowden is the right person to talk about privacy considered his past experience.

In this event, he will talk about Donald Trump and privacy issues. Notably, Edward Snowden is expecting a presidential pardon.

[Update]

In the interview, Snowden talked about various topics ranging from the new president-elect to his condition and what needs to be done in future. He said that technology, instead of running after legislation, should be used to achieve privacy. When we think the law is not efficient enough to protect our rights, we should start supporting the corporations, groups, and individuals–the ones who are trying to enforce your rights through science, math, and technology so that the governments start respecting your rights. “No amount of violence, no amount of military force will ever solve a math problem,” he said.

When asked about Trump

Snowden did not follow the event to talk specifically about the new president. He kept a safe distance from the name Donald Trump. But, he was prepared for such questions. When the PGP protocol creator Phil Zimmermann asked him about Trump, Snowden said he would be getting a powerful surveillance infrastructure. But, we should not set our focus on a single leader or government.

“We should be cautious about putting too much faith or fear in elected officials,” said Snowden.

“We’re never farther than an election away from a change in leader, from a change in policy, a change in the way the powers we have constructed into a system are used. So what we need to think about now is not how do we defend against a president Donald Trump, but how do we protect the rights of everyone, everywhere, without regard to jurisdictions, without regard to borders?”

Snowden did not directly talk about the impact of Trump’s presidency but he expressed his belief in one of the answers:

“Despite the challenges we have in the United States, despite the changes in government, despite some of the very concerning statements made by our new President-elect, this is a nation that will strive to get better.”

“This is a dark moment in our nation’s history – but it is not the end of history. and if we work together, we can build something better.”

That Girly Touch: Why Many Attempts To Attract Women To Cybersecurity Might Actually Achieve The Opposite — Security Solutions Magazine

The problem is familiar. Cybersecurity is still a male-dominated field. Women make up only 10 percent of the global cybersecurity workforce. The field is missing out on a lot of capable people and women are missing out on an interesting, well-paid career path. There have been numerous initiatives trying to change the situation, but fighting…

via That Girly Touch: Why Many Attempts To Attract Women To Cybersecurity Might Actually Achieve The Opposite — Security Solutions Magazine

How to know if your windows pc got hacked — Use “Hacked?”

Source: Fossbytes

With the number of data breaches and hacking attacks on the rise, the internet has become a scary place.

Today, we can’t call any device completely secure as every other day there’s a new malware appearing in the wild.

As an alternative to the long list of antivirus solutions and anti-malware, there’s a new way to safeguard your data and add an extra security layer to your personal computers.

Called “Hacked?”, this Universal Windows 10 app scans the latest hacks and data breaches and looks for your accounts.

Developed by Windows developer Lance McCarthy, this app just wants your email address and does the rest process on its own. Being a Universal Windows 10 app, this works on Windows 10 PCs, smartphones, and HoloLens too.

The Hacked? app keeps on running in the background and at every 12 hours, it checks if your accounts have been involved in some hack or data breach.

Some of you might compare it with the website Haveibeenpwned where you need to go to the website and enter your email to find out the result. Hacked? makes this job easier by sending automatic notifications if it notices some problem.

The developing team of the app makes sure to tell that your account information is not shared with anybody.