Facebook stored 7 years of passwords in plaintext, but it’s OK, they’re trustworthy!
Over half a billion Facebook users’ passwords sat unsecured on the company’s servers for years, the tech giant admitted, after an investigation uncovered the egregious bug – but it’s OK, only Facebook employees could access them.
Facebook acknowledged the glaring oversight after an anonymous employee blew the whistle to Krebs on Security, admitting “hundreds of millions of Facebook Lite users, tens of millions of other Facebook users, and tens of thousands of Instagram users” had been affected, then adding insult to injury with a casual admission that they’d discovered the security flaw “as part of a routine security review in January.”
The scandal-plagued social media giant hastened to assure users that “no passwords were exposed externally and we didn’t find any evidence of abuse to date,” but their post was cold comfort from the company whose CEO has explicitly called the users who trust him “dumb f***s.”
As many as 600 million users – anyone who created their password after 2012 – had their login credentials stored in a plaintext, unencrypted database where they could be searched by any one of 20,000 Facebook employees, according to the leaker.
Passwords – especially high-value passwords like Facebook’s – are normally “hashed,” or cryptographically scrambled to prevent hackers from using them even if they are able to break into a company’s servers. Storing this data in unsecured plaintext is the cyber-security equivalent of allowing guards to walk in and out of a bank vault without passing through a metal detector.
Facebook says it has fixed the bug and promised to notify all users whose passwords were stored unencrypted. The vulnerability is only the latest in a seemingly endless string of outrages. Earlier this month, it emerged that Facebook had made users’ ostensibly private phone numbers – given for security purposes only – into just another searchable attribute, with no option to opt out and the added indignity of those numbers being targeted with ads. In September, data from some 30 million accounts was stolen via compromised access tokens and, in December, seven million users learned that third-party app developers could access their private photos – even those they’d never uploaded to the platform.
While it had their attention, Facebook took the opportunity on Thursday to notify users about a cool new “physical security key” they could login with – a “small hardware device that goes in the USB drive of your computer” ideal for “high-risk users including journalists, activists, political campaigns and public figures.”
“There is nothing more important to us than protecting people’s information,” said Pedro Canahuati, vice president of engineering, security and privacy for Facebook – while presumably hiding a smirk.
Like this story? Share it with a friend!
Trump to ‘look into’ Facebook censorship after site gags his social media chief
President Donald Trump has promised to look into accusations of anti-conservative bias on Facebook, after the social media giant apparently blocked his social media chief Dan Scavino from commenting.
Scavino complained on Monday that Facebook had abruptly blocked him from replying to his followers, with the company claiming his comments had been reported as spam.
“AMAZING. WHY ARE YOU STOPPING ME from replying to comments,” he wrote. “People have the right to know. Why are you silencing me???”
“I will be looking into this!” Trump tweeted in response. The president has often accused Silicon Valley tech companies of discriminating against conservative users, and did so again on Tuesday. “Facebook, Google and Twitter, not to mention the Corrupt Media, are sooo on the side of the Radical Left Democrats,” he tweeted. “But fear not, we will win anyway, just like we did before!”
Facebook CEO Mark Zuckerberg has repeatedly dismissed accusations of liberal bias directed at the company. Grilled by Republican lawmakers on the topic last year, Zuckerberg claimed that their examples of censorship were once-off mistakes, but did admit that most of his employees probably lean left politically.
These accusations have come from within the company too. An anonymous whistleblower told conservative watchdog Project Veritas last month that Facebook actively developed and uses “deboosting” tools to suppress and delete right-wing content. Last year, a Facebook employee called the company a liberal “monoculture that’s intolerant of different views,”and savaged Facebook’s workforce for being “quick to attack – often in mobs – anyone who presents a view that appears to be in opposition to left-leaning ideology.”
The employee’s rant, posted on an internal message board, attracted the support of more than 100 other workers, who formed a group called ‘FB’ers for Political Diversity.’
Independent Media Warns President Trump About Consequences Of Big Tech Censorship
Published on Mar 13, 2019
Mike Adams issues his own warning to President Trump about the consequences of idleness, ignorance, and apathy toward the MASSIVE issue of big tech’s coordinated censorship campaign against conservatives in the U.S., especially in relation to campaigning, voting, and political dialogues in general.
Soros/Media Matters Manifesto to Destroy the Right Is Alarmingly Successful
The memo/manifesto, “Democracy Matters: Strategic Plan for Action,” outlines Brock’s four-year agenda to attack Trump and Republicans using Media Matters, American Bridge, Citizens for Responsibility and Ethics in Washington (CREW), and Shareblue, each with their own strategy and attack plan.
Created by Brock, the document was given out at a private meeting with deep-pocketed liberals/leftists in January. The meeting was led by David Brock, founder of Media Matters and a close ally of George Soros who also provides much of his funding.
On the surface, it’s a plan to influence the media and the public over the next four years but, at its core, it is a plan to manipulate and control the populace.
The nuanced document claims the moral high-ground and insists they have the “moral responsibility” to fight the right-wing.
The talk of impeachment is Media Matters idea; controlling Google and Facebook is their idea; delegitimizing Trump’s presidency and Republicans – their idea; partnering with Facebook and Google to fight so-called “fake news” – theirs.
Everything they outlined is taking place.
Media Matters will expand to do the following
For the next four years, Media Matters will, according to the document, fight right-wing “misinformation” and “propaganda”; “Google and Facebook” will not “enrich fake news sites and propagandists” [they will punish the sites if they don’t cooperate]; “alt-right social media harassment campaigns…will be punished and halted.
They are in fact going after everything right-wing.
They have a goal of promoting good journalism but it is based on their view that the right-wing is extreme and the mainstream news is journalism.
Their issues include correcting “misinformation” on left-wing issues of LGBT, workers’ rights, treatment of immigrants (illegal), gun control, gender equality, reproductive health (abortion on demand), climate and energy and economic policy [tax, spend, regulate]. If you look at their Progressive agenda, which includes identity politics, and compare it to that of the Communist Party USA, you will find them comparable.
They have the raw data of social media
Gateway Pundit has been analyzing it and pulled out the following paragraph indicating they have the raw data from social media sites.
“Media Matters has already secured access to raw data from Facebook, Twitter, and other social media sites. We have also put in place the technology necessary to automatically mine white nationalist message boards and alt-right communities for our archive.
We will now develop technologies and processes to systematically monitor and analyze this unfiltered data.”
With the raw data, they can control every facet of social media and, as a result, the minds of readers.
For example, on p. 43, they wrote they were building an algorithm at the time of printing that is “specifically designed to amplify negative content for Trump and deliver positive content to bolster the resistance. Further, by pulling the most widely shared progressive content from the top 1,000 social media accounts, Shareblue’s algorithm will not only aggregate, but drive news and opinion.” [Shareblue is their left-wing answer to Breitbart].
Also, Media Matters has mapped the right-wing “fake news” sites, prioritized them, and has helped Google tailor their policies for advertising to shut these sites out.
They are behind the shutting down of the right on Facebook and Google by their own admission (p.12).
Having a wide reach isn’t enough, they want to recruit and train other bloggers to call out and shut down the right-wing. With the raw data and the cooperation of Google and Facebook, it won’t be hard for them to do and we already see it happening.
They also have the opposition research thanks to American Bridge. It’s American Bridge’s job to research, collect, store and disseminate their huge database of information to level the opposition.
The targets
The President of Media Matters, they admit, shut down Glenn Beck and got advertisers to pull ads from Limbaugh.
This document was printed before O’Reilly was forced off the air but The New York Times already published an article stating Media Matters spearheaded the silencing of O’Reilly by bullying his advertisers.
They say they derailed Rudy Giuliani’s cabinet nomination using their knowledge of his business connections.
They take credit for driving up the Koch brothers’ negatives. Koch’s money is “dark money” but theirs isn’t.
They are opposed to right-wing radio hosts, Fox News and now information from government agencies because of Trump. They admit they kept Murdoch from expanding.
The document explains how they obliterated Senators Richard Luger and Todd Akin.
The research
Through American Bridge, they are doing opposition research on Republicans to enable “Progressives” [they don’t say Democrats] defeat them in 2017 and 2018.
They have mapped out Donald Trump’s network of businesses and they have the largest video archive. “The campaign to stop him must be nonstop”.
Indeed it is.
On p.22, they talk about finding candidates to compete for Senate seats and Republicans are worried. Five seats will have competitors who are far-left but were also veterans or had some other impressive feature we normally see on the resume of a right-wing candidate.
They are going after every gubernatorial and legislative race.
At one point in the document, they talk about the Trump War Room (p.17, p.20-21) to keep Donald Trump unpopular.
Their wicked watchdog
Using Trump’s business empire as a target, their watchdog group CREW will keep up unrelenting pressure. Targeting all powerful special interests they oppose is on the list.
CREW takes responsibility for 40% of the fines passed out by the FEC in 2016. CREW has an army of pro bono lawyers according to the document.
Their media arm
Shareblue (P.41) is their antidote to Breitbart.
Their editorial priorities are to get Trump, tying him to Russia, and to destroy Pence.
Goals include calling out so-called signs of authoritarianism and championing those who warn us (Antifa?); nonstop coverage of the influence of Vladimir Putin and Russia on Trump and his administration; exposing Trump as weak, a thin-skinned “loser” vulnerable to goading; relentless beating the drum that he has no mandate, didn’t win the popular vote, and is the least popular president in U.S. history.
They are behind the movement to call out Trump’s alleged “conflicts of interest” and the movement to characterize the right as “subversives of the nation’s interests”.
The remainder of the goals are to highlight Trump’s supposed ties to white supremacists, track odious GOP legislation, track and comment on SCOTUS decisions, give positive coverage of Trump critics [it will be profitable], expose media journalists who “normalize Trump”.
To conclude, this is the outline of the assault from the far-left in a war for our culture and our freedoms.
In a footnote to this, several of the Wikileaks documents from Soros’s Open Society Foundation exposed their plan to control all media. Soros is known to have significant financial influence over 30 newspapers and other media outlets. Another Wikileaks email from Open Society revealed their plan to take over every government entity, from the smallest village to the presidency. They thought they were poised to do it until Trump won the presidency.
Soros, who funds Brock and Media Matters also funds Facebook’s “fake news” initiative.
WATCH: Tucker SWATS Down Soros-Funded Character Assassination Attempt in Scathing Opening Segment
“We will never bow to the mob. Ever. No matter what.”
By
A Soros-linked media group sought to launch a character assassination smear against Fox News host Tucker Carlson over the weekend, seeking to get the ratings kingpin fired from the cable news channel and ostracized from “polite” society over recordings of a few backroom jokes with some radio show hosts around a decade ago.
The old audio from a decade ago surfaced from a Media Matters operative, a progressive group funded by George Soros.
Operatives from the organization had hoped that Carlson would profusely apologize, back down, and retire from public life, thus silencing a leading critic of the progressive left’s push for total political, social and cultural control over American life.
Media Matters had been hoping for a “apology,” potentially creating a window for the progressive hate mob to flood Fox with calls for Tucker’s firing.
Instead, the Tuck fired back with a scathing takedown of the progressive mob that will leave the Soros-funded operatives with a rhetorical smackdown they won’t soon forget.
Watch here:
Tucker’s takedown of classic and time-tested leftist character assassination tactics could represent the first chink in neutralizing them as one of the most effective political tools of the progressive left.
Liberals are compelled to try and oust individuals like Tucker because he represents a threat to their political power- not because they’re genuinely morally outraged over a few jokes Tucker told a radio host ten years ago.
Tucker brought up the Covington Catholic hate hoax earlier this year- highlighting it as an example of another incident when conservative leaders were all-but prepared to let a few innocent boys be defamed by progressives.
Yet, a few fearless truth-seekers stood up, standing up to the mob and exposing a dastardly hate hoax.
The sooner conservatives, patriots and right wingers learn to simply shrug off the “deceit and enforced silence” demanded of them by progressives, the sooner the left becomes utterly powerless and doomed in the American political arena.
BUZZFEED CEO PANICS: BIG TECH HAVING ‘HUGE PROBLEM CONTROLLING CONTENT’
Fake news peddler worried the Left losing ability to dominate cultural narrative
MARCH 11, 2019
Tech companies like Google, Facebook, and Twitter are having a “huge problem” controlling content on their platforms, and censoring conservatives isn’t enough, claimed BuzzFeed CEO Jonah Peretti.
“Tech platforms are having a huge problem with the content on their platforms,” Peretti said Friday at SXSW. “They don’t make the content and are having trouble controlling the content.”
Peretti also said that censoring conservatives alone isn’t enough; Big Tech also needs to promote “good content,” ie particular points of view.
“We can’t just police bad content, we have to produce good content,” Peretti said.
A video presentation included in Peretti’s speech showed an image of a garbage can equated with the words “Anti-Vaxxers,” “trolls,” “political extremists,” “flat-Earthers,” “racists,” “misogynists,” and “pedophiles,” as among the issues Big Tech faces.
“They’re trying to get rid of all the bad stuff, and it’s an endless fight to get rid of all the terrible content that’s uploaded to these platforms, and they can never win this fight,” Peretti said.
“There’s a vacuum which is created by a lack of good content and it’s made it difficult for the platforms, and it’s opened up this opportunity for all these other bad actors to upload content.”
The Austin Chronicle’s Austin Sanders agreed with Peretti’s premise, saying that “it’s not just about banning Alex Jones.”
“The point illustrates the challenge facing platforms like Facebook and Twitter: It’s not just about banning Alex Jones, it’s about promoting the media companies that produce quality journalism, so more people are seeing thoroughly verified information,” Sanders wrote Friday.
BuzzFeed recently laid off 15 percent of its workforce over budget issues, which Peretti reportedly badly mishandled.
CENSORSHIP – FACEBOOK BANS ZERO HEDGE FROM PLATFORM IN CONTINUED PURGE AGAINST REAL NEWS
Popular guerrilla news outlet marked as ‘spam’ that violates ‘community standards’
MARCH 11, 2019
Facebook suddenly blocked the sharing of Zero Hedge articles on its platform Monday, claiming the outlet violates its community standards.
When a Zero Hedge article is linked on Facebook, instead of showing the content, a message pops up saying: “the link you tried to visit goes against our community standards.”
It’s unclear why Facebook decided to mark Zero Hedge as spam, as the platform has yet to issue a statement on the matter.
It’s possible Facebook has simply determined that Zero Hedge must be silenced due to its relentless coverage of Facebook’s many problems, including privacy violations, mass abandonment by younger users, systematic censorship, and shady government cooperation.
The move is nonetheless significant: even Infowars content can still be shared on Facebook despite being banned by nearly all major social media platforms, including Facebook.
Android Apps Still Sending Data to FACEBOOK — Even if You Don’t Have an Account…
/cdn.vox-cdn.com/uploads/chorus_image/image/63188116/acastro_180720_1777_facebook_0001.0.jpg)
Even when you’re not logged in or don’t have a Facebook account
By Nick Statt
Major Android mobile apps from companies including Yelp and Duolingo send data that could be used to personally identify you for ad tracking straight to Facebook immediately upon logging in, according to a new report from the London-based UK charity and watchdog group Privacy International (PI). This data transfer happens even if a user isn’t logged into Facebook on that device and even in the event the user doesn’t have an active Facebook account at all.
In addition to Yelp and Duolingo, PI found that two Muslim prayer apps, as well as a bible app and a job search app called Indeed, also sent similar data to Facebook that could be used to help identify users for ad targeting purposes when they browse the social network. It’s not clear exactly what type of data is being sent in this case, other than that a user opened the app at a given time, but PI’s report says this transmission may also reveal custom identifiers that help Facebook track that user across its network of services and when that person opens Facebook on a mobile device.
The report builds on a similar investigation from PI last December that first revealed that big-name Android apps were sending data to Facebook without a user’s consent and without proper disclosure. It also highlights that this problem is universal across both iOS and Android; last month, The Wall Street Journal revealed that these same set of developer tools that scrape data when you use a mobile app and send it to Facebook are employed on iPhone apps, despite Apple’s much more stringent privacy rules and protections.
“This is hugely problematic, not just for privacy, but also for competition. The data that apps send to Facebook typically includes information such as the fact that a specific app, such as a Muslim prayer app, was opened or closed,” reads PI’s report, published earlier today. “This sounds fairly basic, but it really isn’t. Since the data is sent with a unique identifier, a user’s Google advertising ID, it would be easy to link this data into a profile and paint a fine-grained picture of someone’s interests, identities and daily routines.”
As Facebook’s privacy practices come under even greater scrutiny in the aftermath of last year’s Cambridge Analytica data privacy scandal, a spotlight is being shone on the lesser-known arrangements between large advertising companies and the smaller app makers that use those platforms to reach new users and target existing ones with ads. As revealed by the WSJ last month, a number of prominent iOS app makers use a Facebook analytics tool known as “custom app events” that, in this case, was sharing sensitive health, fitness, and financial data with the social network for ad targeting purposes.
On Android, Facebook has long collected sensitive user data such as contact logs, call histories, SMS data, and real-time location data, for the purpose of informing its ad targeting and improving features like friend suggestions. Yet the practices have caused vocal outcry from privacy advocates and users concerned Facebook is amassing far too much data about their personal lives and online and offline behaviors. Following reports about Facebook using its location-tracking capabilities to catch company interns skipping work, it said it would allow Android users the ability to explicitly disable the feature.
In this case, PI is underscoring one of Facebook’s longstanding indirect data collection policies, one that relies on third-party apps to autonomously collect and send information about app usage to the social network without telling users about the arrangement.
“Facebook routinely tracks users, non-users, and logged-out users outside its platform through Facebook Business Tools. App developers share data with Facebook through the Facebook Software Development Kit (SDK), a set of software development tools that help developers build apps for a specific operating system,” PI explained in the initial December 2018 report. The report found that nearly two thirds of the 34 Android apps PI tested — including big names like Spotify and Kayak and all of which had between 10 and 500 million installs — sent information to Facebook without informing users or gaining express consent.
PI says that a number of apps stopped the practice following its December report. Similarly, most of the operators of the iOS apps highlighted in the WSJ report also ceased using Facebook’s analytics and developer tools to collect sensitive user data. However, it appears some apps, like Yelp’s and Duolingo’s, continue to do so. PI says it’s in contact with Duolingo, and the company has agreed to suspend the practice, but it’s not clear how many other apps in the Android or iOS ecosystem may be skirting Apple and Google’s data-collection and user privacy policies to improve Facebook’s ad targeting tools.
In these situations, Facebook puts the onus on app makers not to break platform rules or misuse its developer tools by collecting sensitive information. The company has also claimed not to use a majority of this sensitive data and, in some extreme cases like credit card numbers and Social Security numbers, automatically deletes it. But it’s not clear why the data is being collected in the first place and what ways it’s been put to use in the past, either by the apps collecting it or by Facebook.
“Apps relay on the Facebook SDK to integrate their product with Facebook services, like Facebook’s login and ad tracking tools. However, Facebook places all responsibility on apps to ensure that the data they send to Facebook has been collected lawfully,” reads PI’s report. Facebook not immediately available for comment.
Tom's Blog 