Sri Lanka’s Government Blocked Social Media After Attacks

Social Media,

A wave of bombings happened in Sri Lanka on Easter Sunday. Targets included churches, hotels, and an apartment complex. At least 290 people have been killed and 500 were injured. While this was happening, Sri Lanka’s government blocked access to social media sites.

Sri Lanka’s government moved to block Facebook, WhatsApp and Instagram – all owned by Facebook – on Sunday out of concern that “false news reports… spreading through social media” could lead to violence. The services will be suspended until investigations into the blasts that killed more than 200 people are concluded, the government said. Non-Facebook social media services, including YouTube and Viber have also been suspended, but Facebook and WhatsApp are dominant platforms in the country.

The Guardian reported that this was not the first time Sri Lanka’s government blocked social media in an effort to prevent misinformation from spreading and resulting in violence. In March of 2018, the government blocked several social media platforms amid hardline Buddhist violence against Muslims. Some of that violence was fulled by hate speech and false rumors that were spread on social media.

Social media websites need to vastly improve their ability to keep people safe. These companies need to wake up and realize that what what is said – and passed around – on the internet can have devastating real-world repercussions. They must do a better job of removing misinformation.

Personally, based on Sri Lanka’s history, I think their government did the right thing by blocking social media websites while police were investigating the cause of the bombings. I think this action likely prevented people, in a time of crisis, from being unfairly influenced to target other people with violence. The government may have saved some innocent people from being harmed or killed.

The big problem, of course, is that blocking social media was necessary. If Facebook (and other social media companies) were quicker to remove misinformation, Sri Lanka’s government would not have needed to block it. People could have used social media to let their families know that they were safe.

Another thing to consider is that many governments are not going to block social media platforms in their countries during a crisis. This could lead to misinformation spread online resulting in additional violence in “the real world”. Social media companies need to be more responsible about what they allow to spread on their platforms.

23 Million People Use 123456 as a Password

Security,

Despite all the warnings, 23 million people worldwide use the password “123456”. This is according the UK’s National Cyber Security Centre which analysed the Have I Been Pwned data set to produce a list of the top 100,000 passwords.

It’s frankly embarrassing – here’s the top 10. Anyone who uses any of these should have their computer, tablet and phone taken away from them immediately.

  1. 123456
  2. 123456789
  3. qwerty
  4. password
  5. 111111
  6. 12345678
  7. abc123
  8. 1234567
  9. password1
  10. 12345

Looking through the full list, there’s a reasonable selection of expletives, and for Brits, variations on “Liverpool” appear twenty eight times. For non-Brits, Liverpool is not only a city in the North of England but a premier league football (soccer) team. James Bond 007 is rich pickings too, with variations into the teens. No matter how smart or unique you think you are, there’s someone else who thinks the same.

The NCSC recommends using three random words for passwords such as “tablehouseblue” and  not to re-use passwords between accounts. It particularly suggests to always have a different password for your email account.

Dr Ian Levy, NCSC Technical Director, said: “Password re-use is a major risk that can be avoided – nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favourite band. Using hard-to-guess passwords is a strong first step and we recommend combining three random but memorable words. Be creative and use words memorable to you, so people can’t guess your password.

You can read the full UK Cyber Survey and there’s more analysis on the password list in this article.

OnePlus 7 On Its Way? Sounds Like It

Android, smartphone, ,

It’s late in the year for Easter but OnePlus are keeping to schedule for their biannual smartphone releases. Pete Lau, founder and CEO of OnePlus announced on Twitter today…

I’d say it’s a safe bet that the OnePlus 7 is going to be announced.

Rumours abound as to the details. Is it going to have a pop-up camera? Is there going to be a “Pro” model? Is there a 512GB version? Who knows, but OnePlus rarely disappoints. Watch this space for more news on Tuesday.

Facebook Stored Millions of Unencrypted Instagram Passwords

Facebook

In March of this year, as you may recall, Facebook announced that it stored hundreds of millions of user passwords in plain text. At the time, Facebook said it would notify “hundreds of millions of Facebook lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users” about this.

On April 18, 2019, Facebook made an update to their original Facebook Newsroom post titled “Keeping Passwords Secure” (which was originally posted on March 21, 2019).

Here is what was added:

Since this post was published, we discovered additional logs of Instagram passwords being stored in readable format. We now estimate that this issue impacted millions of Instagram users. We will be notifying these users as we did the others. Our investigation determined that these stored passwords were not internally abused or improperly accessed.

Personally, I’m wondering just what is going on at Facebook (and Instagram) that is causing it to collect and store user’s passwords in plain text. That’s an obvious safety concern. The number of unencrypted Instagram passwords has jumped from tens of thousands to millions. It is disturbing that Facebook misreported that number.

Not all passwords were stored unencrypted, but millions of passwords were. Why is that happening? To me, it sounds like passwords are not automatically being stored in plain text. If that were the case, then all user’s passwords would have been stored unencrypted. Something, or someone, appears to be selecting certain passwords to store improperly.

Ironically, the original blog post (before Facebook added an update) recommends that users affected by this security issue change their passwords, and to pick strong and complex passwords. That is good advice in general, but I don’t think doing so will protect users from having their unencrypted passwords stored on Facebook’s and Instagram’s servers.

Free Music Battle #1362

Podcast

Free music battle heats up with the race to the bottom with free music offerings from both YouTube Music and Amazon. Great for consumers but it appears that the ad model that radio uses may actually now work in the digital divide which is exciting in itself. Time will tell how effective these offerings are as we are getting nickel and dimed now for every little service. I have some news to share on the next show which will come from the Blubrry studio in Columbus, Ohio.

Your support of this show is critical, become a Geek News Central Insider Today!
See all my health supplement recommendations. Get an Amazon Business Account today.

Subscribe to the Newsletter.
Pickup Ohana Gear.
Join the Chat @ GeekNews.Chat (Mastodon)
Email Todd or follow him on Facebook.
Like and Follow Geek News Central Facebook Page. Download the Audio Show File

Support my Show Sponsor:
30% off on New GoDaddy Orders cjcgeek30
$.99 for a New or Transferred .com cjcgeek99 @ GoDaddy.com
$1.00 / mo Economy Hosting with a free domain. Promo Code: cjcgeek1h
$1.00 / mo Managed WordPress Hosting with free Domain. Promo Code: cjcgeek1w
Become a GNC Insider: Support this podcast

Continue reading Free Music Battle #1362

Podcast: Play in new window | Download | Embed

Subscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | Spotify | RSS | More

Podcast (video): Play in new window | Download | Embed

Subscribe: Apple Podcasts | Android | Email | Google Podcasts | RSS | More

Amazon and Google Announce Official YouTube App to Launch on Fire TV

amazon, ,

Amazon and Google announced that in the coming months, the two companies will launch the official YouTube app on Amazon Fire TV devices and Fire TV Edition smart TVs, as well as the Prime Video app for streaming to Chromecast and Chromecast built-in devices.

In addition, Prime Video will be broadly available across Android TV device partners, and the YouTube TV and YouTube Kids app will also come to Fire TV later this year.

The flagship YouTube app will be the easiest way for users to watch all of their favorite YouTube content on Fire TV. Users will be able to sign in to their existing YouTube account, access their full library of content, and play videos in 4K HDR at 60 fps on supported devices. In addition, standalone YouTube TV and YouTube Kids apps will also launch later this year on Fire TV devices and Fire TV Edition smart TVs where available.

Chromecast and Chromecast built-in users, along with Android TV users, will have easy access to the Prime Video catalog including the latest seasons of Amazon Originals like The Marvelous Mrs. Maisel, Hanna, Homecoming Beach, Catastrophe and The Grand Tour, along with Amazon Original movies like Donald Glover’s Guava Island, and Academy Award nominated films like The Big Sick and Cold War.

Engadget points out that this ends “a long contentious relationship between Amazon and Google.” According to Engadget, the addition of YouTube apps only applies to Fire TV devices.

Facebook Uploaded 1.5 Million People’s Email Contacts Without Consent

Facebook

It feels like we are hearing about Facebook doing nefarious things with people’s data at least once a week. The latest news comes from Business Insider which reported that Facebook harvested the email contacts of 1.5 million users without their knowledge or consent when they opened their accounts.

Business Insider has learned that since May 2016, the social networking company has collected the contact lists of 1.5 million users new to the social network. The Silicon Valley company says they were “unintentionally uploaded to Facebook,” and is now deleting them.

A security researcher noticed that Facebook was asking some users to enter their email passwords when they signed up for new accounts. This was supposedly to verify their identity. To be clear, Facebook wasn’t content with having a new user’s email address – it also wanted the password to that user’s email address.

Business Insider checked this out, and found that if you did enter an email password, a message popped up saying it was “importing” your contacts. Facebook did not ask user’s for permission to do that – it just went ahead and grabbed that information.

A Facebook spokesperson gave a statement to Business Insider. In it, Facebook claims that the contacts were not shared with anyone and that Facebook is now deleting them and notifying people whose contacts were imported. The statement does not say that Facebook is deleting the email passwords that it required new users to give them.

Personally, I find this disgusting. It seems like Facebook feels entitled to grab as much data as it can not only from its users – but also from people who are in the process of signing up for a Facebook account. When it gets caught doing this, it claims this was done “unintentionally.”

I find it hard to believe that someone unintentionally created something that would suck up people’s email contacts. I find it even harder to believe that the thing that sucks up contacts was unintentionally implemented as part of Facebook’s sign up process.