Tag Archives: social networking

Twitter plans new products and tighter security

0
Posted by Tech Paranoia on January 13, 2010 – 2:00 pm
Filed under Security
Tagged as , ,

Twitter has announced plans to hire 27 professionals to create new products and improve the security of the site.

The increase in headcount is a significant move for the relatively small company, which currently has around 120 staff.

Advertisement

Twitter co-founder Biz Stone stated in November that 2010 will be the “revenue year” for the company, and the variety of job postings currently hosted on the micro-blogging site suggests that he is not digressing from this strategy.

The new employees will focus on creating Twitter front-end features, and should have experience in advertising applications in line with firm’s new advertising strategy scheduled to be rolled out this year.

Twitter is also issuing calls for a professional who will maintain a platform to help developers in media companies create new integrations with Twitter, as well as for another employee who will encourage media professionals to use the tools.

The other job descriptions display Twitter’s plans to increase the support tools available to users, further develop its application programming interface, develop Twitter’s international front-end and add new search capabilities.

A product marketing manager is also wanted to enhance business users’ understanding of the value of Twitter. According to the description, the work can range from creating “better packaging [of] existing features for businesses, managing all outbound marketing for new monetisation products, [and] analysing customer needs for improved product development”.

Finally, Twitter wants to increase its security team after a number of safety issues hit the headlines last year. The most recent incident involved hackers logging in to Twitter and redirecting users to a site hosted by a group calling itself the ‘Iranian Cyber Army’.

A network and infrastructure security manager will audit and secure systems and create procedures that respond to security issues. The job will involve designing a system that will prevent network intrusions. Meanwhile, an anti-spam software engineer will focus on Twitter’s spam detection system.

Source: v3.co.uk

Facebook employee reveals information on Facebook privacy issues

1
Posted by Tech Paranoia on January 12, 2010 – 1:00 pm
Filed under Privacy
Tagged as , ,

An anonymous Facebook employee has revealed that all user activity on the site is recorded and stored with as many as six copies of each photo retained.

In an interview on the therumpus.net, the employee answered a question about if everything is saved, whether or not it has been deleted or untagged. He said that was essentially correct, and it was only changing that for performance reasons.

The employee said: “How do you think we know who your best friends are? But that’s public knowledge; we’ve explicitly stated that we record that. If you look in your type-ahead search, and you press ‘A’, or just one letter, a list of your best friends shows up. It’s no longer organised alphabetically, but by the person you interact with most, your ‘best friends’, or at least those whom we have concluded you are best friends with.”

The employee admitted that the change was made ‘sometime in the last three months’, but it stores snapshots, which is basically a picture of all the data on all of the Facebook servers. The employee said that this is done every hour, of every day of every week of every month.

When asked if this is every viewable screen, the employee said: “It is way more than that: it’s every viewable screen, with all the data behind every screen. So when we store your photos, we have six versions of your photos. We don’t store the original: we make six different versions on the photo uploader and upload those six versions.”

These are stored in four data centres around the world – in Santa Clara, San Francisco, New York and London. The employee said that in each of those, there are approximately five to eight thousand servers.

Read more at: SC Magazine UK

Facebook users hacked with direct messages forwarding to suspicious site

0
Posted by Tech Paranoia on January 6, 2010 – 10:00 am
Filed under Privacy
Tagged as ,

Facebook users have reported receiving direct messages which includes a link to a suspicious website.

In what could be the first major Facebook security story of the year, users have reported receiving a message that encourages them to visit the ‘binsservicestore.info’ website after a friend’s recommendation.

According to DomainQuery, the website was created on 15th September 2009, last updated on 29th December 2009 and is due to expire on the 15th September this year. The sponsoring registrar is GoDaddy.com Inc and the administrator and registrant data provide contact details in India.

Rik Ferguson, senior security advisor at Trend Micro, said that binsservicesstore.info lands on a ‘work from home scam page’ that uses geo-ip to look like a local (to you) online newspaper.

Andy Thomas, commercial director of Garlik, warned at the end of December about a scam on Facebook where a user is offered a free £25 iTunes voucher. The scam, which came via an invitation and involves sending the group administrator a message with the user’s name and email address, had around 464,000 respond.

Thomas said: “Some simple maths and logic says this is going to cost someone over £12 million. That is Hooveresque in promotional scale and we all remember what happened to them, the truth is this is a well timed scam that plays on people’s trust of the iTunes brand and love of a bargain (it’s called social engineering).

“The only gift members will get is a nasty surprise in an email (probably the one containing your iTunes ‘gift’) or a permanent place on a phishing attack list sold, much like direct marketeers buy email or physical addresses. If you or a friend joined this list make sure they know what to expect over the next few days, weeks, months.”

Source: SC Magazine UK

New Spam Tactics Threaten Social Networks

0
Posted by Tech Paranoia on December 11, 2009 – 11:00 am
Filed under Malware, Spam
Tagged as ,

If you think the spam problem is bad right now — and it is, with more than 90 percent of email consisting of spam — the good news is it’s not going to get worse. The bad news is it’s going to get much worse.

Spam is a huge business and spammers, like all business owners, are always looking for new ways to lower costs, increase profits and get their products in front of more people. The efficiency of today’s spam filters and the fact that most Internet users have been trained to ignore any of the junk that does get through their filters had made that job much harder for the spammers.

So instead of continuing to bang their heads against the wall to come up with new spam salad subject lines or creative ways to spell Viagra, the spammers instead are busily finding entirely new methods of polluting the Internet. For years they’ve been using the comment fields on blogs and news sites to push their junk, and not they’re taking that one step further.

Many spammers now have large staffs of people working on nothing but building out completely fake personas for non-existent users on social networking sites and blog networks. The spammers use these personas to create accounts on Twitter, Facebook, Blogspot and other sites that have high levels of user interaction.

But these are not the easily identifiable spambots and fake profiles that have been cluttering these sites from the beginning. Instead, the personas have all of the attributes that one would expect in a real user, such as clearly defined interests, specific geographic locations, favorite bands and movies. The spammers who control these profiles are not using them to loudly and obviously push diet pills or porn, but are aiming to make them look as average and unremarkable as possible.

“Their goal is to be right down the middle, not too high or too low on the radar,” said Robert Hansen, a security researcher who discussed the new tactics during a webinar Wednesday put on by Black Hat and Dark Reading. Hansen, who has spoken with some of the spammers using these techniques, said that they can create as many as 500,000 to a million new personas in a single day.

Source: ThreatPost

Facebook comes under heavy criticism after it changes policy on privacy controls

0
Posted by Tech Paranoia on December 10, 2009 – 12:00 pm
Filed under Privacy
Tagged as , ,

Facebook has come under heavy criticism over privacy settings after users were warned about changes to the controls on its homepage.

The message tells users of the social networking site ‘we’re making some changes to give you more control of your information and help you stay connected. We’ve simplified the Privacy page and added the ability to set privacy on everything you share, from status updates to photos.

“At the same time, we’re helping everyone find and connect with each other by keeping some information – like your name and profile picture – publicly available.” A guide is then offered to help the user control their privacy settings.

However criticism has been made on the language used in the guide, while users have hit out at the removal of the right to display profiles to certain friends. One user said: “I could previously customise my friends list visibility – not only as to make it not visible to non friends- but I could choose which one of my friends could not view it. With [these] new privacy settings I cannot, it’s either everyone can see it or no one. This way you have restricted my range of choice…everyone’s range of choice actually!”

Many other users hit out at the rights of everyone being able to see a user’s friends list, with many users commenting that they wanted the settings restored. One user said: “Seriously. You don’t just go and remove privacy from 350 million users. Seriously, Facebook. Who the hell do you think you are? If hackers made everyone’s profile pictures public there would be an uproar.”

Source: SC Magazine UK

Facebook users at risk of “rubber duck” identity attack

0
Posted by Tech Paranoia on December 8, 2009 – 3:00 pm
Filed under Privacy
Tagged as , ,

IT security and data protection firm Sophos has today released the results of its latest probe into how easy it is to steal identities via Facebook.

Sophos created two fictitious users with names based on anagrams of the words “false identity” and “stolen identity”. 21-year-old “Daisy Felettin” was represented by a picture of a toy rubber duck bought at a $2 shop; 56-year-old “Dinette Stonily” posted a profile picture of two cats lying on a rug. Each sent out 100 friend requests to randomly-chosen Facebook users in their age-group.

Within two weeks, a total of 95 strangers chose to become friends with Daisy or Dinette – an even higher response rate then when Sophos first performed the experiment two years ago with a plastic frog. Worse still, in the latest study, eight Facebookers befriended Dinette without even being asked.

“We assumed things would be better in 2009 but the situation is worse. This really is a wake-up call,” said Paul Ducklin, Head of Technology, Asia Pacific at Sophos in Sydney who conducted the study. “Our honeymoon period with social networking sites ought to be over by now – but many users still have a ‘couldn’t care less’ attitude to their personal data.”

89% of the 20-somethings and 57% of the 50-somethings who befriended Daisy and Dinette also gave away their full-date-of-birth. Nearly all the others suppressed their year of birth, but this is often easy to calculate or to guess from other information given out. Even worse, just under half of the 20-ish crowd, and just under a third of the 50-ish crowd, gave away personal information about their friends and family.

“People aren’t just handing over their own life story to criminals,” warned Ducklin. “They’re betraying people close to them, too, by helping those cybercrooks build up a detailed picture of their life and their milieu. This is an identity scammer’s dream.”

Full article and video at Sophos

Social media a playground for cybercriminals

0
Posted by Tech Paranoia on December 8, 2009 – 9:00 am
Filed under Security
Tagged as ,

Cisco issued its Annual Security Report for 2009, which highlights the impact of social media, particularly social networking, on network security and explores the critical role that people, not technology, play in creating opportunities for cybercriminals. It also discusses trends in cloud computing, spam and overall global cybercrime activities that information technology professionals continue to face.

Social media experienced explosive growth in 2009. Facebook alone tripled its active user base to 350 million over the course of the year. Social media adoption is expected to continue growing into 2010, especially as more organizations realize the value of social networks as an absolute business requirement.

Social networks have quickly become a playground for cybercriminals because members of these sites put an inordinate amount of trust in the other members of their communities and often fail to take precautions to prevent the spread of malware and computer viruses. The report also provides more information on the potentially devastating combination of minor vulnerabilities, poor user behavior, and outdated security software that can dramatically increase risks to network security.

Full article at: Help Net Security

EFF sues feds for info on social-network surveillance

0
Posted by Tech Paranoia on December 3, 2009 – 9:05 am
Filed under Privacy
Tagged as ,

The Electronic Frontier Foundation sued the CIA, the U.S. Department of Defense, Department of Justice, and three other government agencies on Tuesday for allegedly refusing to release information about how they are using social networks in surveillance and investigations.

The nonprofit Internet rights watchdog group formally asked more than a dozen agencies or departments in early October to provide records about federal guidelines on the use of sites like Facebook, Twitter, and Flickr for investigative or data gathering purposes, according to the lawsuit.

The requests were prompted by published news reports about how authorities are using social networks to monitor citizen activities and aid in investigations. For example, according to the lawsuit, government officials have: used Facebook to hunt for fugitives and search for evidence of underage drinking; researched the activities of an activist on Facebook and LinkedIn; watched YouTube to identify riot suspects; searched the home of a social worker because of Twitter messages regarding police actions he sent during the G-20 summit; and used fake identities to trick Facebook users into accepting friend requests.

Source: CNet

Koobface begins Christmas campaign on the 1st December with malicious Facebook messages and video

0
Posted by Tech Paranoia on December 1, 2009 – 1:00 pm
Filed under Viruses
Tagged as , , ,

The Koobface worm has begun to target Facebook users with fake messages relating to Christmas.

Symantec’s senior security response manager Hon Lau claimed that its security response has detected the latest campaign that involves posting messages on Facebook profiles that link to either a fake Facebook page or fake video pages. Lau said that the postings are variations in spelling to a message that reads ‘I can’t fall asleep after viewing this video. I haven’t seen anything like this’.

Each message contains a link that when clicked, will bring users to a Facebook page or open up a video page containing a Christmas-themed video. A file named setup.exe is then offered, which may come in the form of a Flash Player upgrade or a free anti-virus that proposes to protect users from Koobface.

Source: SC Magazine UK

Websense Security Labs claimed that the file is currently detected by 16 out of 41 anti-virus products, according to VirusTotal.