Archives October 2018

Google exposed the private data of hundreds of thousands of users of the Google+ social network and then opted not to disclose the issue this past spring, in part because of fears that doing so would draw regulatory scrutiny and cause reputational damage. As part of its response to the incident, the Alphabet unit plans to announce a sweeping set of data privacy measures that include permanently shutting down all consumer functionality of Google+, the people said. The move effectively puts the final nail in the coffin of a product that was launched in 2011 to challenge Facebook and is widely seen as one of Google’s biggest failures.

A software glitch in the social site gave outside developers potential access to private Google+ profile data between 2015 and March 2018, when internal investigators discovered and fixed the issue, according to the documents and people briefed on the incident. A memo reviewed by the Journal prepared by Google’s legal and policy staff and shared with senior executives warned that disclosing the incident would likely trigger “immediate regulatory interest” and invite comparisons to Facebook’s leak of user information to data firm Cambridge Analytica.

Chinese spies reportedly infiltrated the supply chain and installed tiny chips the size of a pencil tip on the motherboards built by Supermicro, which are used in data center servers across the U.S. tech industry — from Apple to Amazon. That chip can compromise data on the server, allowing China to spy on some of the world’s most wealthy and powerful companies. Apple, Amazon and Supermicro — and the Chinese government — strenuously denied the allegations. Apple also released its own standalone statement later in the day, as did Supermicro.

Welcome to the murky world of national security reporting.

I’ve covered cybersecurity and national security for about five years, most recently at CBS, where I reported exclusively on several stories — including the U.S. government’s covert efforts to force tech companies to hand over their source code in an effort to find vulnerabilities and conduct surveillance. And last year I revealed that the National Security Agency had its fifth data breach in as many years, and classified documents showed that a government data collection program was far wider than first thought and was collecting data on U.S. citizens.

Even with this story, my gut is mixed.

In the aftermath of the disclosure of PRISM, the NSA’s data pulling program that implicated several tech companies — including Apple, but not Amazon — the companies came out fighting, vehemently denying any involvement or connection. Was it a failure of reporting? Partially, yes. But the companies also had plausible deniability by cherry picking what they rebuffed. Despite a claim by the government that PRISM had “direct access” to tech companies’ servers, the companies responded that this wasn’t true. They didn’t, however, refute indirect access — which the companies wouldn’t be allowed to say in any case.

In the summer of 2015, as Memphis exploded with protests over the police killing of a 19-year-old man, activists began hearing on Facebook from someone called Bob Smith. The name was generic, and so was his profile picture: a Guy Fawkes mask, the symbol of anti-government dissent. Smith acted as if he supported the protesters, and, slowly, they let him into their online community. Over the next three years, dozens of them accepted his friend requests, allowing him to observe private discussions over marches, rallies and demonstrations.

But Smith was not real. He was the creation of a white detective in the Memphis Police Department’s Office of Homeland Security whose job was to keep tabs on local activists across the spectrum, from Black Lives Matter to Confederate sympathizers.

The detective, Tim Reynolds, outed himself in August under questioning by the American Civil Liberties Union of Tennessee, which sued the police department for allegedly violating a 1978 agreement that prohibited police from conducting surveillance of lawful protests. The revelation validated many activists’ distrust of local authorities. It also provided a rare look into the ways American law enforcement operates online, taking advantage of a loosely regulated social media landscape — and citizens’ casual relinquishing of their privacy — to expand monitoring of the public.

The proliferation of fake Facebook accounts and other means of social media monitoring ─ including the use of software to crunch data about people’s online activity ─ illustrates a policing “revolution” that has allowed authorities to not only track people but also map out their networks, said Rachel Levinson-Waldman, senior counsel at New York University School of Law’s Brennan Center for Justice.

She is among many scholars who worry that expanded social media surveillance could make people less likely to engage in online activities protected by the First Amendment, from sharing their opinions to organizing protests of the government. But there are few laws governing this kind of monitoring. Few courts have taken up the issue. And most police departments don’t have policies on how officers can use social media for investigations, according to Levinson-Waldman’s research.

“It’s pretty open territory,” she said.

Revealed just weeks after Instagram’s co-founders left the company, Instagram is currently testing a feature that would allow it to share your location data with Facebook, even when you’re not using the app.

Instagram is not the only service that Facebook has sought to share data between. Back in 2016 the company announced that it would be sharing user data between WhatsApp and Facebook in order to offer better friend suggestions. The practice was later halted in the European Union thanks to its GDPR legislation, although WhatsApp’s CEO and co-founder later left over data privacy concerns.

Facebook is also reportedly testing a map view to see friend’s locations, similar to what’s already offered by Snapchat. Instagram’s data sharing could provide additional data points to power this functionality, while providing Facebook with more data to better target its ads.

Until just a few days ago, some Facebook users could not delete their accounts — the option to do so simply didn’t work. After VentureBeat reached out to Facebook regarding the issue, an engineer was able to squash the bug.

Two weeks ago, I got an email from a VentureBeat reader who couldn’t delete his Facebook account. He claimed there were others also having issues — no matter what they tried, they simply could not delete Facebook. I didn’t believe him at first. […] I did my due diligence. The least I could do was help him delete his account. Upon request, the reader was gracious enough to let me log into his Facebook account so I could see for myself. No matter what I tried, and regardless of which browser I used, the Facebook help page for deleting your account would not load when logged into his account.

The reporter contacted a Facebook spokesperson, who after looking into the matter concluded that a bug prevented some people with “a large number of posts” from deleting their accounts. Facebook says it has resolved the issue.

Facebook has increased the pending time to process a deletion request to 30 days, a 16-day increase over the previous 14.

Is there a reason to believe that Facebook’s also making this change because more people are deleting their accounts? The movement [sic] has certainly gotten a lot of attention in recent months, with WhatsApp cofounder Brian Acton encouraging his nearly 43,000 Twitter followers in March to delete Facebook.

But Facebook’s last earnings report doesn’t give much indication that it is — the number of daily active users in the U.S. and Canada stayed flat, and even increased in Asia. The number of DAUs in Europe dropped by 4 million, but Facebook executives indicated that they believed that was mostly due to GDPR. Facebook followers will have to wait until the company’s next earnings report on October 30 to see if the dip in Europe DAUs is part of a continuing trend.

For those who want to delete Facebook and are willing to wait out 30 days, here’s a step-by-step guide on how to do so.

Uber lures drivers with the idea of being your own boss and “making great money with your car.” The “great money” part is up for debate.

The median hourly pay with tip for Uber drivers in the U.S. is $14.73, according to a new study conducted by Ridester, a publication that focuses on the ride-hail industry. That figure includes tips but doesn’t account for expenses like insurance, gas and car depreciation incurred while working. Using Ridester’s low-end estimate of $5 per hour in vehicle costs, drivers would bring in $9.73 per hour and potentially much less.

That implies a driver working 40 hours per week would make an annual salary of almost $31,000 before vehicle expenses, and about $20,000 after expenses (but still before taxes). That’s below the poverty threshold for a family of three.

This is important because online “gig economy” jobs, including driving for Uber, are a growing part of the U.S. workforce: About 5 percent of the working population has worked in the gig economy in the past year, up from 2 percent in 2013. So their labor is increasingly tied to overall prosperity. Additionally, these workers are still typically considered contractors, meaning that they aren’t required to receive employer healthcare or other employee benefits.

Heated streets will melt ice and snow on contact. Sensors will monitor traffic and protect pedestrians. Driverless shuttles will carry people to their doors.

A unit of Google’s parent company Alphabet is proposing to turn a rundown part of Toronto’s waterfront into what may be the most wired community in history — to “fundamentally refine what urban life can be.”

Dan Doctoroff, the CEO of Sidewalk Labs, envisions features like pavement that lights up to warn pedestrians of approaching streetcars. Flexible heated enclosures — described as “raincoats” for buildings — will be deployed based on weather data during Toronto’s bitter winters. Robotic waste-sorting systems will detect when a garbage bin is full and remove it before raccoons descend.

“Those are great uses of data that can improve the quality of life of people,′ he said. “That’s what we want to do.”

But some Canadians are rethinking the privacy implications of giving one of the most data-hungry companies on the planet the means to wire up everything from street lights to pavement.

The concerns have intensified following a series of privacy scandals at Facebook and Google. A recent Associated Press investigation found that many Google services on iPhones and Android devices store location-tracking data even if you use privacy settings that are supposed to turn them off.

Adam Vaughan, the federal lawmaker whose district includes the development, said debate about big data and urban infrastructure is coming to cities across the world and he would rather have Toronto at the forefront of discussion.

“Google is ahead of governments globally and locally. That’s a cause for concern but it’s also an opportunity,” Vaughan said.

Every website and product connected to the internet would not be able to exist without a vast network of wireless routers, fiber optic cables running underground and underwater, and data centers that house the servers which bring the internet to life. Data centers in the U.S. alone eat up 70 billion kilowatts of energy per year, according to a 2016 estimate from the Department of Energy — that’s 1.8 percent of all energy use across the country.

The internet is not ethereal, and a new project from the blog Low-Tech Magazine aims to make that issue more tangible. Low-Tech Magazine — a blog operated by Kris De Decker that has run on WordPress since 2007 — launched a “Low-Tech,” solar version of the site that’s designed from the ground-up to use as little energy as possible. In a Skype call with Motherboard, De Decker said that he doesn’t think people don’t care about how much energy it takes they use the internet, they just don’t understand the extent of the problem. “There’s this idea that the internet is immaterial, it’s somewhere floating in clouds,” he said. “Of course, it’s a very material thing that uses resources, materials, energy — and quite a lot actually.”