Amazon uses Tips to Pay Drivers Wages #1390

Podcast

Amazon apparently was caught paying there deliver drivers with Tips they received versus paying them a fair wage and letting them keep their tips. This is the ultimate cheap charlie tactic I think I have ever seen. Big happening here this weekend with the install of the Audimute panels and finishing the studio design. Very exciting times ahead.

Subscribe to the Newsletter.
Pickup Ohana Gear.
Join the Chat @ GeekNews.Chat (Mastodon)
Email Todd or follow him on Facebook.
Like and Follow Geek News Central Facebook Page. Download the Audio Show File

Support my Show Sponsor:
30% off on New GoDaddy Orders cjcgeek30
$4.99 for a New or Transferred .com cjcgeek99 @ GoDaddy.com
$1.00 / mo Economy Hosting with a free domain. Promo Code: cjcgeek1h
$1.00 / mo Managed WordPress Hosting with free Domain. Promo Code: cjcgeek1w
Become a GNC Insider: Support this podcast

Continue reading Amazon uses Tips to Pay Drivers Wages #1390

Podcast: Play in new window | Download | Embed

Subscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | Spotify | RSS | More

Google, Mozilla, and Apple Block Kazakhstan’s Root Certificate

Privacy, ,

Three big browser makers are now blocking the use of a root certificate that Kazakhstan’s government had used to intercept internet traffic. According to Ars Technica, Khazakhstan reportedly said it halted the use of the certificate. Ars Technica reported that the actions taken by Google, Mozilla, and Apple could protect users who already installed it or prevent future use of the certificate by Kazakstan’s government.

Apple told Ars Technica that it is blocking the ability to use the certificate to intercept internet traffic.

Mozilla posted on The Mozilla Blog “Today, Mozilla and Google took action to protect the online security and privacy of individuals in Kazakhstan. Together, the companies deployed technical solutions within Firefox and Chrome to block the Kazakhstan government’s ability to intercept internet traffic within the country.”

The response comes after credible reports that internet service providers in Kazakhstan have required people in the country to download and install a government-issued certificate on all devices and in every browser in order to access the internet. This certificate is not trusted by either of the companies, and once installed, allowed the government to decrypt and read anything a user types or posts, including intercepting their account information and passwords. This targeted people visiting popular sites like Facebook, Twitter, and Google, among others.

Google posted information on its Google Security Blog. Part of that blog post says: “In response to recent actions by the Kazakhstan government, Chrome, along with other browsers, has taken steps to protect users from the interception or modification of TLS connections made to websites.”

It continues: “Chrome will be blocking the certificate the Kazakhstan government required users to install. The blog post has more specific details about that certificate.

It is good that these companies, all of whom make browsers, are taking a stand against government intrusion into people’s privacy. I hope that these companies will take the same action whenever another government chooses to spy on its own people in an effort to sneakily discover what those people do online.

Facebook Removed Coordinated Inauthentic Behavior from China

Facebook

Facebook has removed seven Pages, three Groups, and five Facebook accounts involved in coordinated inauthentic behavior as part of a small network that originated in China and focused on Hong Kong.

Facebook took these actions based on a tip shared by Twitter about activity they found on their platform. This led to Facebook doing its own investigation into suspected coordinated inauthentic behavior in the region and to identify activity.

The individuals behind this campaign engaged in a number of deceptive tactics, including the use of fake accounts – some of which had already been disabled by our automated systems – to manage Pages posing as news organizations, posts in Groups, disseminate their content, and also drive people to off-platform news sites. They frequently posted about local political news and issues including topics like the ongoing protests in Hong Kong. Although the people behind this activity attempted to conceal their identities, our investigation found links to individuals associated with the Chinese government.

Facebook released the following details:

  • Presence on Facebook: 5 Facebook accounts, 7 Pages and 3 Groups
  • Followers: About 15,500 accounts followed one or more of these Pages and about 2,220 accounts joined at least one of these Groups.

Facebook points out that they work to detect and stop this type of activity because they don’t want their services to be used to manipulate people. Facebook also makes it clear they took down these Pages, Groups, and accounts “based on their behavior, not the content they posted”. Personally, I’m not sure how one would separate the content from the behavior. Perhaps this is a disclaimer, of sorts, from Facebook.

Facebook also said the people behind this activity “coordinated with one another and used fake accounts to misrepresent themselves, and that was the basis of our action.”

It find it interesting that a tip from Twitter is what influenced Facebook to do their own investigation. I don’t think I’ve seen the big social media companies work together in this way before. It seems to me that the results were effective.

Google Sues Copyright Troll #1389

Podcast

Google is suing a Copyright troll that was issuing false DMCA takedowns. This unusual action is after the troll was trying to extort money from those he falsely accused. Grab your popcorn folks. I am back from my time in Florida. Lots happening this week. Studio design install happens on Sunday. Expect some pictures very exciting times. Details in the show tonight.

Subscribe to the Newsletter.
Pickup Ohana Gear.
Join the Chat @ GeekNews.Chat (Mastodon)
Email Todd or follow him on Facebook.
Like and Follow Geek News Central Facebook Page. Download the Audio Show File

Support my Show Sponsor:
30% off on New GoDaddy Orders cjcgeek30
$4.99 for a New or Transferred .com cjcgeek99 @ GoDaddy.com
$1.00 / mo Economy Hosting with a free domain. Promo Code: cjcgeek1h
$1.00 / mo Managed WordPress Hosting with free Domain. Promo Code: cjcgeek1w
Become a GNC Insider: Support this podcast

Continue reading Google Sues Copyright Troll #1389

Podcast: Play in new window | Download | Embed

Subscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | Spotify | RSS | More

Twitter Suspended 936 China-Linked Accounts

Twitter

Twitter disclosed that it has suspended accounts for violations of its platform management policies. Those accounts include a “state-backed information operation focused on the situation on Hong Kong”, as well as spam accounts.

This disclosure consists of 936 accounts originating from within the People’s Republic of China (PRC). Overall, these accounts were deliberately and specifically attempting to sow political discord in Hong Kong, including undermining the legitimacy and political positions of the protest movement on the ground. Based on our intensive investigations, we have reliable evidence to support that this is a coordinated state-backed operation. Specifically, we identified large clusters of accounts behaving in a coordinated manner to amplify messages related to the Hong Kong protest.

Twitter stated that Twitter is blocked in PRC, and many of the accounts that were suspended were using VPNs. Some accounts access Twitter from specific unlocked iP addresses that originated in mainland China. The accounts Twitter shared today “represent the most active portions of this campaign; a larger, spammy network of approximately 200,000 accounts – many created following initial suspensions – were proactively suspended before they were substantially active on the service.”

Some of the violations that resulted in a ban include:

  • Spam
  • Coordinated activity
  • Fake accounts
  • Attributed activity
  • Ban evasion

Twitter is adding archives containing complete Tweet and user information for the 936 accounts they have disclosed to their archive of information operations. The archive is the largest of its kind in the industry.

It bothers me that Twitter is so easy to use by those who wish to manipulate public opinion regarding significant politically-related matters. Doing so seems very mean-spirited and deceitful. There is something about Twitter that attracts nefarious people to use it in ways that were not intended (or allowed).

Spotify Upgraded its Premium Family Plan

Music

Spotify announced that it has upgraded its Spotify Premium Family Plan. New changes make it easier for families to filter out things that they don’t want their children to listen to.

With our updated plan, Spotify Premium Family subscribers have on-demand access to 450,000 podcast titles and 50 million tracks of ad-free music. What’s more, parents will now be able to control the Explicit Content Filter setting of all other accounts on their plan (these parental controls are a long-requested feature).

Spotify says the update is now available in Ireland, and will rollout in all markets with Premium Family this fall. Those who are already Premium Family Plan users will be notified as soon as the upgraded Family Plan is available in the coming months.

Here are some things families can look forward to:

  • Family Mix: Families will get exclusive access to a personalized playlist packed with songs the whole family enjoys. Family Mix is updated regularly and you can control who is in each session to optimize your family’s favorite shared listening moments.
  • Family Hub: Billing users can now manage their Family’s settings in one place, including adding or removing family members, keeping your home address up to date, and adjusting your parental controls.
  • Six Accounts: Spotify Premium Family still provides six individual Spotify Premium accounts for family members living under one roof, meaning you’ll keep your own saved music and playlists.

The Spotify Premium Family plan costs $14.99 per month. It might be a good investment for families that enjoy listening to music and podcasts together. The parental controls (after the rollout) will make it easier for parents to filter out things that they don’t want their kids to listen to.

Apple’s WebKit Announces Tracking Prevention Policy

Apple,

Apple has published their WebKit Tracking Prevention Policy. It describes the web tracking practices that WebKit believes, as a matter of policy, should be prevented by default by web browsers. WebKit’s policy was inspired by Mozilla’s anti-tracking policy.

These practices are harmful to users because they infringe on a user’s privacy without giving users the ability to identify, understand, consent to, or control them.

WebKit’s current anti-tracking mitigations are applied universally to all websites, or based on algorithmic, on-device classification.

WebKit will do its best to prevent all covert tracking, and all cross-site tracking (even when it’s not covert). These goals apply to a several types of tracking mentioned in the policy, including: cross-site tracking, stateful tracking, covert stateful tracking, navigational tracking, fingerprinting or stateless tracking, and covert tracking (which includes covert stateful tracking, fingerprinting, or other methods that are hidden from user visibility and control).

If a particular tracking technique cannot be completely prevented without undue user harm, WebKit will limit the capability of using the technique. If even limiting the capability of a technique is not possible without undue user harm, WebKit will ask for the user’s informed consent to potential tracking.

Interestingly, WebKit considers logging in to multiple first party websites or apps using the same account to be implied consent to identifying the users as having the same identity in these multiple places. WebKit believes that such logins should require a user action and be noticeable by the users, not be invisible or hidden.

WebKit is taking policy circumvention seriously. They will treat circumvention of shipping anti-tracking measures with the same exploitation of security vulnerabilities.

There may be some unintended impact of the policy, in which certain practices are inadvertently disrupted. Some of these include:

  • Funding websites using targeted or personalized advertising
  • Measuring the effectiveness of advertising
  • “Like” buttons, federated comments, or other social widgets
  • Analytics in the scope of a single website
  • Audience measurement

WebKit is the source engine that underpins internet browsers, including Apple’s Safari browser. If I’m understanding this correctly, that means that Safari (and potentially other browsers) will have WebKit’s Tracking Prevention Policy “baked in”. I wonder if the policy will be effective enough that it will replace the use of ad blockers.