‘about’ Tagged Posts

Fb was warned about app permissions in 2011

Who’s guilty for the leaking of 50 million Fb customers’ information? Fb founder and CEO Mark Zuckerberg broke a number of days of silence w...

 

Who’s guilty for the leaking of 50 million Fb customers’ information? Fb founder and CEO Mark Zuckerberg broke a number of days of silence within the face of a raging privateness storm to go on CNN this week to say he was sorry. He additionally admitted the corporate had made errors; stated it had breached the belief of customers; and stated he regretted not telling Facebookers on the time their data had been misappropriated.

In the meantime, shares within the firm have been taking a battering. And Fb is now going through a number of shareholder and consumer lawsuits.

Pressed on why he didn’t inform customers, in 2015, when Fb says it discovered about this coverage breach, Zuckerberg prevented a direct reply — as a substitute fixing on what the corporate did (requested Cambridge Analytica and the developer whose app was used to suck out information to delete the information) — relatively than explaining the pondering behind the factor it didn’t do (inform affected Fb customers their private data had been misappropriated).

Basically Fb’s line is that it believed the information had been deleted — and presumably, due to this fact, it calculated (wrongly) that it didn’t want to tell customers as a result of it had made the leak downside go away by way of its personal backchannels.

Besides after all it hadn’t. As a result of individuals who wish to do nefarious issues with information hardly ever play precisely by your guidelines simply since you ask them to.

There’s an attention-grabbing parallel right here with Uber’s response to a 2016 information breach of its techniques. In that case, as a substitute of informing the ~57M affected customers and drivers that their private information had been compromised, Uber’s senior administration additionally determined to attempt to make the issue go away — by asking (and of their case paying) hackers to delete the information.

Aka the set off response for each tech firms to huge information safety fuck-ups was: Cowl up; don’t disclose.

Fb denies the Cambridge Analytica occasion is a information breach — as a result of, properly, its techniques had been so laxly designed as to actively encourage huge quantities of information to be sucked out, by way of API, with out the test and steadiness of these third events having to realize particular person stage consent.

So in that sense Fb is totally proper; technically what Cambridge Analytica did wasn’t a breach in any respect. It was a function, not a bug.

Clearly that’s additionally the alternative of reassuring.

But Fb and Uber are firms whose companies rely totally on customers trusting them to safeguard private information. The disconnect right here is gapingly apparent.

What’s additionally crystal clear is that guidelines and techniques designed to shield and management private information, mixed with lively enforcement of these guidelines and strong safety to safeguard techniques, are completely important to forestall individuals’s data being misused at scale in as we speak’s hyperconnected period.

However earlier than you say hindsight is 20/20 imaginative and prescient, the historical past of this epic Fb privateness fail is even longer than the under-disclosed occasions of 2015 counsel — i.e. when Fb claims it discovered in regards to the breach because of investigations by journalists.

What the corporate very clearly turned a blind eye to is the chance posed by its personal system of free app permissions that in flip enabled builders to suck out huge quantities of information with out having to fret about pesky consumer consent. And, in the end, for Cambridge Analytica to get its palms on the profiles of ~50M US Facebookers for darkish advert political focusing on functions.

European privateness campaigner and lawyer Max Schrems — a very long time critic of Fb — was truly elevating issues in regards to the Fb’s lax perspective to information safety and app permissions as way back as 2011.

Certainly, in August 2011 Schrems filed a criticism with the Irish Information Safety Fee precisely flagging the app permissions information sinkhole (Eire being the focus for the criticism as a result of that’s the place Fb’s European HQ relies).

“[T]his signifies that not the information topic however “pals” of the information topic are consenting to using private information,” wrote Schrems within the 2011 criticism, fleshing out consent issues with Fb’s pals’ information API. “Since a median fb consumer has 130 pals, it is extremely possible that solely one of many consumer’s pals is putting in some sort of spam or phishing software and is consenting to using all information of the information topic. There are a lot of functions that don’t have to entry the customers’ pals private information (e.g. video games, quizzes, apps that solely submit issues on the consumer’s web page) however Fb Eire doesn’t supply a extra restricted stage of entry than “all the essential data of all pals”.

“The info topic will not be given an unambiguous consent to the processing of private information by functions (no opt-in). Even when a knowledge topic is conscious of this whole course of, the information topic can’t foresee which software of which developer shall be utilizing which private information sooner or later. Any type of consent can due to this fact by no means be particular,” he added.

On account of Schrems’ criticism, the Irish DPC audited and re-audited Fb’s techniques in 2011 and 2012. The results of these information audits included a advice that Fb tighten app permissions on its platform, in response to a spokesman for the Irish DPC, who we spoke to this week.

The spokesman stated the DPC’s advice fashioned the idea of the main platform change Fb introduced in 2014 — aka shutting down the Mates information API — albeit too late to forestall Cambridge Analytica from with the ability to harvest thousands and thousands of profiles’ value of private information by way of a survey app as a result of Fb solely made the change progressively, lastly closing the door in Could 2015.

“Following the re-audit… one of many suggestions we made was within the space of the flexibility to make use of pals information by social media,” the DPC spokesman instructed us. “And that advice that we made in 2012, that was applied by Fb in 2014 as a part of a wider platform change that they made. It’s that change that they made that signifies that the Cambridge Analytica factor can’t occur as we speak.

“They made the platform change in 2014, their change was for anyone new coming onto the platform from 1st Could 2014 they couldn’t do that. They gave a 12 month interval for present customers emigrate throughout to their new platform… and it was in that interval that… Cambridge Analytica’s use of the knowledge for his or her information emerged.

“However from 2015 — for completely everyone — this subject with CA can’t occur now. And that was following our advice that we made in 2012.”

Given his 2011 criticism about Fb’s expansive and abusive historic app permissions, Schrems has this week raised an eyebrow and expressed shock at Zuckerberg’s declare to be “outraged” by the Cambridge Analytica revelations — now snowballing into a large privateness scandal.

In an announcement reflecting on developments he writes: “Fb has thousands and thousands of occasions illegally distributed information of its customers to numerous dodgy apps — with out the consent of these affected. In 2011 we despatched a authorized criticism to the Irish Information Safety Commissioner on this. Fb argued that this information switch is completely authorized and no modifications had been made. Now after the outrage surrounding Cambridge Analytica the Web big all of a sudden feels betrayed seven years later. Our data present: Fb knew about this betrayal for years and beforehand argues that these practices are completely authorized.”

So why did it take Fb from September 2012 — when the DPC made its suggestions — till Could 2014 and Could 2015 to implement the modifications and tighten app permissions?

The regulator’s spokesman instructed us it was “partaking” with Fb over that time frame “to make sure that the change was made”. However he additionally stated Fb spent a while pushing again — questioning why modifications to app permissions had been crucial and dragging its toes on shuttering the chums’ information API.

“I believe the fact is Fb had questions as to whether or not they felt there was a necessity for them to make the modifications that we had been recommending,” stated the spokesman. “And that was, I suppose, the extent of engagement that we had with them. As a result of we had been comparatively robust that we felt sure we made the advice as a result of we felt the change wanted to be made. And that was the character of the dialogue. And as I say in the end, in the end the fact is that the change has been made. And it’s been made to an extent that such a difficulty couldn’t happen as we speak.”

“That could be a matter for Fb themselves to reply as to why they took that time frame,” he added.

In fact we requested Fb why it pushed again in opposition to the DPC’s advice in September 2012 — and whether or not it regrets not performing extra swiftly to implement the modifications to its APIs, given the disaster its enterprise is now confronted having breached consumer belief by failing to safeguard individuals’s information.

We additionally requested why Fb customers ought to belief Zuckerberg’s declare, additionally made within the CNN interview, that it’s now ‘open to being regulated’ — when its historic playbook is filled with examples of the polar reverse habits, together with ongoing makes an attempt to bypass present EU privateness guidelines.

A Fb spokeswoman acknowledged receipt of our questions this week — however the firm has not responded to any of them.

The Irish DPC chief, Helen Dixon, additionally went on CNN this week to offer her response to the Fb-Cambridge Analytica information misuse disaster — calling for assurances from Fb that it’ll correctly police its personal information safety insurance policies in future.

“Even the place Fb have phrases and insurance policies in place for app builders, it doesn’t essentially give us the reassurance that these app builders are abiding by the insurance policies Fb have set, and that Fb is lively by way of overseeing that there’s no leakage of private information. And that situations, such because the prohibition on promoting on information to additional third events is being adhered to by app builders,” stated Dixon.

“So I suppose what we wish to see change and what we wish to oversee with Fb now and what we’re demanding solutions from Fb in relation to, is to begin with what pre-clearance and what pre-authorization do they do earlier than allowing app builders onto their platform. And secondly, as soon as these app builders are operative and have apps accumulating private information what sort of observe up and lively oversight steps does Fb take to offer us all reassurance that the kind of subject that seems to have occurred in relation to Cambridge Analytica received’t occur once more.”

Firefighting the raging privateness disaster, Zuckerberg has dedicated to conducting a historic audit of each app that had entry to “a big quantity” of consumer information across the time that Cambridge Analytica was in a position to harvest a lot information.

So it stays to be seen what different information misuses Fb will unearth — and should confess to now, lengthy after the actual fact.

However another embarrassing information leaks will sit inside the identical unlucky context — which is to say that Fb might have prevented these issues if it had listened to the very legitimate issues information safety consultants had been elevating greater than six years in the past.

As an alternative, it selected to tug its toes. And the record of awkward questions for the Fb CEO retains getting longer.

Johnson & Johnson approaches Actelion about takeover deal

 

Johnson & Johnson approaches Actelion about takeover deal

Clinton says FBI has not contacted her about emails

 

WASHINGTON (AP) â ?? “Democratic presidential candidate Hillary Clinton, said the FBI has not contacted her about his research or she has classified information on its private e-mail server.

Asked on CNN’s” States of the Union “or is she an interview by the FBI still, the former foreign minister replied: “No. “

She has not spread.

Federal investigators are looking into the safety of setup email Clinton amid concern the intelligence of the Inspector General that classified information transmitted by the system. Clinton provided the server to the FBI in August.

Clinton said they did not send or receive information classified at the time via her personal email account.

Yahoo telecommute ban is much ado about nothing: Silicon Valley

 

Yahoo telecommute ban is much ado about nothing: Silicon Valley
decision

Yahoo CEO Marissa Mayer prohibit telecommuting caused outrage across the country, but there were many in Silicon Valley wonder what it was.

Working at home is fairly common in the valley, but it is more – not instead of – more than 40 hours working in the office. Despite the image of the region as an area of ​​free wheel makes much of the technology that allows people to work remotely, workers in the Bay Area tend to run in the office, especially in the enterprise.

“Every idea we have is the result of more than two people sitting in a room, try riffs or a clever solution to a particular problem, think”, said Sahil Lavingia founder payments begin Gumroad. “That sort of thing you can not do on an Internet protocol.”

This is not to say that Lavingia staff should never work from home. This is exactly the opposite.

“Everyone needs a home situation makes them equally productive, or near, as if in the office,” he said. “Many people take hours before and after work and on weekends.”

new policy of Yahoo, announced in a memo on February 22 calls for “all employees work-from-home arrangements for work in the offices of Yahoo!”. The change takes effect in June.

Many are starting stages of life – free food, games rooms, flip-flops – are designed to keep people in the office. This applies to engineers, often young and male, as for other employees in groups such as marketing and sales.

and private Wi-Fi equipped buses to the airport employees from San Francisco to Google and Facebook and other companies based in Silicon Valley aim to make the trip more productive, fear that the lawyer or eliminate them completely.

The absence of rules is also a feature of the starter culture, and few companies declare a firm policy on issues such as telework. But the message is clear enough.

Apple Inc. co-founder Steve Jobs like long hours put employees in Cupertino, Calif., headquarters talk. “I saw cars in the parking lot late at night, camp beds in some companies,” he said at a press conference in 2010.

Many companies hold regular meetings where all employees are encouraged to participate. On Twitter, they are called “Tea Time” meetings, but generally companies in Silicon Valley, the term “all hands.”

Cloud

content start-up Box has a hands-every Friday during lunch at his headquarters in Los Altos, California, and flows to a satellite office in San Francisco. Box also has offices in London, that a repetition serves the following week.

companies sometimes insist office workers, as evidenced during the start cracking in half Chegg manual online business, said CEO Dan Rosensweig.

“Everyone knows that one of the two, or available,” Rosensweig said. “When you’re in the race, you can not really afford not to know where someone is.”

He believes

premium Silicon Valley person collaboration between different teams the responsibility of overlapping products.

“Most businesses here are products, technology and business,” he said. “It’s not necessarily a person who has all the components of the P & L”, or profit and loss account, which means that close communication is crucial.

David Rusenko, founder Web service building Weebly, says it is simply more efficient for everyone to sit together.

“We have tried to work with designers of distance contracts, and the feedback cycle is so long,” he said. “When you sit with someone two seats away, you say,” Hey, I’m done this, you can take a look. “

teams as many as 10 back-and-forths on a day when they are physically together, contrary perhaps to work remotely, he said.

Some workers hate the premium that companies place on a physical presence, including Jeff Spirer, a veteran of mobile marketing. He recalls a job where everyone’s CEO is needed in the office, even if many employees have long commutes and would have been more productive to stay home for a few days in the week.

“It was much easier for me to work from home, I could not really do when he traveled,” Spirer said, referring to the CEO.

Old Guard of Silicon Valley, such as Hewlett -Packard Co. and Cisco Systems Inc. tend to be much more open to telecommuting.

This contrast, the new policy Yahoo to explain. It is a large adult company, but an evil, and the people inside and outside of the fact agree that they desperately shock of the all-hands needed on deck, the start-up spirit.

“It is not for the general industry working from home, it is about what is good for Yahoo! , at this time, “said a door-word Yahoo.