U.S. Navy Bans TikTok from Government-Issued Mobile Devices

Security

Reuters reported that the United States Navy banned TikTok from government-issued mobile devices because the app represented a “cybersecurity threat”.

A bulletin issued by the Navy on Tuesday showed up on a Facebook page serving military members, saying users of government=issued mobile devices who had TikTok and did not remove the app would be blocked from the Navy Marine Corps Intranet.

Reuters reported that the Navy would not provide details on what dangers TikTok presents. Pentagon spokesman Lieutenant Colonel Uriah Orland said in a statement that the order was part of an effort to “address existing and emerging threats.”

This comes after two senior members of Congress, Senate Majority Leader Charles E. Schumer (D-N.Y.) and Senator Tom Cotton (R-Ark.) asked U.S. intelligence officials to determine whether TikTok posed “national security risks”. The two Senators sent a letter to Acting Director of National Intelligence, Joseph Maquire, questioning TikTok’s data collection practices and whether the app could be used by the Chinese-owned social-networking app to limit what U.S. users could see.

Reuters reported that last month U.S. Army cadets were instructed not to use TikTok, after Senators Schumer and Cotton raised security concerns about the Army using TikTok in their recruiting.

I find this interesting because, at a glance, TikTok appears to be an app designed to encourage creativity. People make short videos that are intended to be humorous. Many people find the videos to be amusing, and they pass them around on social media.

Now, it seems that TikTok could actually be a security threat, and a strong enough one where various branches of the U.S. military are banning it from government-issued mobile devices. There appears to be concern about TikTok’s data collection practices. It is troubling that an app that appears to be lighthearted could potentially be dangerous.

Facebook and Twitter Removed Accounts Engaging in Inauthentic Behavior

Security,

Both Facebook and Twitter have announced that they have removed networks of accounts that were engaging in inauthentic behavior. The New York Times reported that the accounts used fake profile photos that were generated with artificial intelligence. The use of AI generated fake photos appears to be a new tactic.

Facebook announced that they removed two unconnected networks of accounts, Pages and groups for engaging in foreign and government interference. The first operation originated in the country of Georgia and targeted domestic audiences. Facebook removed 39 Facebook accounts, 344 Pages, 13 Groups and 22 Instagram accounts that were part of this group.

The second operation originated in Vietnam and the US and focused mainly on the US and some on Vietnam and Spanish and Chinese-speaking audiences globally. Facebook removed 610 accounts, 89 Facebook Pages, 156 Groups and 72 Instagram accounts that originated in Vietnam and the US and focused primarily on the US and some on Vietnam, Spanish and Chinese-speaking audiences globally.

Some of these accounts used profile photos generated by artificial intelligence and masqueraded as Americans to join Groups and post the BL content. To evade our enforcement, they used a combination of fake and inauthentic accounts of local individuals in the US to manage Pages and Groups. The page admins and account owners typically posted memes and other content about US political news and issues including impeachment, conservative ideology, political candidates, elections, trade, family values, and freedom of religion.

Facebook said its investigation linked this coordinated group to Epoch Media Group. The New York Times reported that Epoch Media Group is the parent company of the Falun Gong-related publication and conservative news outlet The Epoch Times. The Epoch Media Group has denied that it is linked to the network.

Twitter announced it removed 5,929 accounts for violating Twitter’s platform manipulation policies. Their investigation attributed these accounts to “a significant state-backed information operation” originating in Saudi Arabia.

The accounts represent the core portion of a larger network of more than 88,000 accounts engaged in spammy behavior across a wide range of topics. Twitter’s investigations traced the source of the coordinated activity to Smaat, a social media marketing and management company based in Saudi Arabia.

It is very important to realize that you cannot believe everything you see on social media. An account that appears to have a realistic photo could actually be one that was generated by AI. Do some fact checking before sharing things posted by accounts that are run by people you don’t know.

Wawa had a Data Breach that Affected All 700 Stores

Security

Wawa revealed to its customers that a data security breach has impacted all of their store locations. The post was written by CEO Chris Gheysens, who apologized to customers and reassured them that the customers will not be responsible for any fraudulent charges on their payment cards.

Based on our investigation to date, we understand that at different points in time after March 4, 2019, malware began running on in-store payment processing systems at potentially all Wawa locations. Although the dates may vary and some Wawa locations may not have been affected at all, this malware was present in most store systems by approximately April 22, 2019. Our information security team identified this malware on December 10, 2019, and by December 12, 2019, they had blocked and contained this malware.

The data breach included credit cards and debit card numbers, expiration dates, and cardholder names on payment cards used at potentially all Wawa in-store payment terminals and fuel dispensers at different points in time after March 4, 2019, and ending on December 12, 2019.

CEO Chris Gheysens says that no other personal information was affected by this malware. Debit card PIN numbers, credit card CW2 numbers, other PIN numbers, and driver’s license information used to verify age-restricted purchases were not affected by this malware.

As is typical after a company realizes a data breach has occurred, Wawa has information in its website for those who have been affected by the breach. It includes the usual advice one would expect. Wawa is offering free credit monitoring and identify theft protection to customers affected by the breach.

The Verge notes that CEO Chris Gheysens “doesn’t begin to suggest how the malware got there or who might have been trying to get customers’ payment information.”

It is too bad that Wawa failed to notice the malware until very recently. The unfortunate result is that Wawa customers now have to worry about whether their credit card information is secure while trying to finish buying gifts for loved ones during the holiday season.

Has Ring Been Hacked? #1412

Podcast

Has Ring been Hacked? They deny any hacking and say it’s likely users, usernames and passwords from other global hacks. But some researchers are saying that there are too many details in the hacked information to have come from other global hacks. My personal advice change all your ring passwords to something complicated and do not run around naked in front of your ring cameras. I personally think there is something more at foot here. As I already announced two shows next week. Also give the gift of giving and consider becoming an insider we need your support more than ever.

Podcast: Play in new window | Download | Embed

Subscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | Spotify | RSS | More

*** New Geek Central Discord Channel ***

Subscribe to the Newsletter.
Pickup Ohana Gear.
Join the Chat @ GeekNews.Chat (Mastodon)
Email Todd or follow him on Facebook.
Like and Follow Geek News Central Facebook Page. Download the Audio Show File

Support my Show Sponsor:
30% off on New GoDaddy Orders cjcgeek30
$4.99 for a New or Transferred .com cjcgeek99 @ GoDaddy.com
$1.00 / mo Economy Hosting with a free domain. Promo Code: cjcgeek1h
$1.00 / mo Managed WordPress Hosting with free Domain. Promo Code: cjcgeek1w
Become a GNC Insider: Support this podcast

Continue reading Has Ring Been Hacked? #1412

Instagram to Expand Checking Without Removing Misinformation

Instagram

Instagram is trying to step up its efforts to combat misinformation on the platform. Its newest plan is what I consider to be a good start, but still needs improvement. The plan builds upon an existing third-party fact-checker program that began in May of 2019. Instagram is now expanding their fact-checking program globally to allow fact-checking organizations around the world to assess and rate misinformation on Instagram.

When content has been rated as false or partly false by a third-party fact-checker, we reduce its distribution by removing it from Explore and hashtag pages. In addition, it will be labeled so people can better decide for themselves what to read, trust, and share. When these labels are applied, they will appear to everyone around the world viewing that content – in feed, profile, stories, and direct messages.

Instagram is also applying image matching technology to find additional instances of the same content so the label can be applied to it. One interesting thing about this new change is that content that has been rated false or partly false on Facebook, and that also appears on Instagram, will automatically be labeled.

This is a good start towards reducing the spread – and negative repercussions – of misinformation. But, I think Instagram (and Facebook) should go further.

It would be more effective if Instagram/Facebook removed the misinformation entirely. Allowing it to spread, to people who are inclined to think the warning labels are wrong, is a terrible idea. Doing so could persuade people to hold on even tighter to misinformation that happens to match their political or personal viewpoints.

Amazon Hates Fedex #1411

Podcast

Bit of a silent war going on at the moment. It is pretty obvious that Amazon is trying to hurt FedEx as they have told all their third-party sellers that they cannot use FedEx Ground or Home delivery as it is to slow. But they can use UPS and the internal Amazon shipping. Update on my schedule no breaks through the end of the year. The holidays fall in the middle of everything so we are good to go.

Podcast (video): Play in new window | Download | Embed

Subscribe: Apple Podcasts | Android | Email | Google Podcasts | RSS | More

Podcast: Play in new window | Download | Embed

Subscribe: Apple Podcasts | Android | Email | Google Podcasts | Stitcher | TuneIn | Spotify | RSS | More

Swag Offer / Sticker Swap
New Media Productions
365 N Willowbrook Rd Ste:C
Coldwater, Mi, 49036

*** New Geek Central Discord Channel ***

Subscribe to the Newsletter.
Pickup Ohana Gear.
Join the Chat @ GeekNews.Chat (Mastodon)
Email Todd or follow him on Facebook.
Like and Follow Geek News Central Facebook Page. Download the Audio Show File

Support my Show Sponsor:
30% off on New GoDaddy Orders cjcgeek30
$4.99 for a New or Transferred .com cjcgeek99 @ GoDaddy.com
$1.00 / mo Economy Hosting with a free domain. Promo Code: cjcgeek1h
$1.00 / mo Managed WordPress Hosting with free Domain. Promo Code: cjcgeek1w
Become a GNC Insider: Support this podcast

Continue reading Amazon Hates Fedex #1411

Palantir Wins Pentagon Contract with U.S. Army

Information

Bloomberg reported that the U.S. Army will spend $111 million next year in a new contract with Palantir Technologies Inc. The company was selected by the Defense Department over Microsoft, Ernst & Young, Accenture and Deloitte. Peter Thiel is the co-founder and chairman of Palantir Technologies Inc.

The Defense deal solidifies a relationship between the U.S. government and the Palo Alto, California-based company, which was co-founded and partly bankrolled by Thiel. The billionaire venture capitalist and adviser to President Donald Trump has chastised other technology companies, in particular Alphabet Inc.’s Google, for their reluctance to work with the Defense Department. After Google abandoned a Pentagon effort known as Project Maven, Palantir stepped in to help develop video recognition software as part of the project, a move reported earlier by Business Insider.

The Department of Defense website noted that Palantir was awarded an $100,814,893 “other transaction agreement contract” for numerous databases across the Army enterprise integrated on one platform. Work will be performed in Washington, D.C., and has an estimated completion date of December 15, 2023.

It is interesting that Microsoft was not selected for this project. In October of 2019, Microsoft beat out Amazon for a Department of Defense contract that could be worth as much as $10 billion over a decade. That project is called the JEDI Cloud. According to the Department of Defense website, one bid was solicited via the internet with one bid received. It appears that Palantir may have been that bid.

Bloomberg reported that Palantir will provide software to connect human resources, supply chains, and other Army operation systems into a single dashboard.