All things Tech!

[*Anya*]

'Contagious' wi-fi threat created
Last updated 2 hours ago

By Dave Lee

Technology reporter, BBC News

Networks most at threat are small businesses and home users, researchers said
A computer virus that can spread via wi-fi like a "common cold" has been created by researchers in Liverpool.

In densely populated areas with lots of wi-fi networks, the virus can go from network to network finding weaknesses.

Once in control of a wi-fi access point, it leaves computers on the network extremely vulnerable.

The team's lead researcher told the BBC it was working on software to prevent such attacks being possible.

"Rather than rely on people to use strong passwords, you want to integrate intrusion detection systems to the access points," said Alan Marshall, professor of communication networks at the University of Liverpool.

He would not go into detail about the methods in order to prevent the attack being used on real victims but said a proof-of-concept attack had been developed at the university.

'Under control'

The virus, dubbed Chameleon, seeks out wi-fi access points - devices that transmit the wi-fi signal, found in many homes - that have not had their admin password changed.

Many people do not change their wi-fi admin password
This password is different from the one used to log on to the wi-fi network itself, and is often left unchanged from the default setting.

Once an access point is under a hacker's control, new firmware can be installed.
"So it's now under our control," explained Prof Marshall". Once you do that you can then do other things with it. You can recover passwords, steal data - anything you want."

Spreading out

But it is the next step of the virus that is most unusual. Once installed on one access point, the virus can - without being controlled by a human - automatically seek out other vulnerable access points, taking them over as and when they are found.

Prof Marshall told the BBC that this was unlikely to be a threat to big business wi-fi networks, which should have enhanced security in place.

However, networks in homes, or at small premises like coffee shops, are typically found with less stringent protection measures in place.

Now that his team has demonstrated the threat, Prof Marshall said attention would turn to creating a product that could be installed in wi-fi access points to prevent this kind of hijacking - without requiring the user to take responsibility.

Follow Dave Lee on Twitter @DaveLeeBBC

BBC © 2014

[Wintermoon]

This is great info and it explains why professionals always set passwords to secure as possible numerical ones and set the ssd not to broadcast. If you do not know how to check your admin logs in the router, fine tune the security and set it up without changing settings PLEASE hire a Professional. This is the reason we are here paying for our business licenses and being certified. Some of us work via e-mail as well. DO not let anyone have remote access to your pc without verifying they are a legit certified business who is accountable.

Sincerely, ~~~ Winter

** available tech is at your fingertips

[*Anya*]

Simgo takes the sting out of roaming charges

By Rich Trenholm

Rich Trenholm is a Senior Editor at CNET, covering everything from phones to bionic implants. Based in London since 2007, he has travelled the world seeking out the latest and best consumer technology for your enjoyment.

Anywhere I roam, where I lay my head is home. If only that was the case for the humble smart phone, which as soon as you board a boat, plane or dirigible magically transforms into a pocket-sized money-vampire, international roaming charges sucking money straight out of your wallet with every call, text or data connection.

But to help you relax and enjoy your vacation, business trip or hot-footed flight to somewhere without an extradition treaty, Simgo turns your iPhone or Samsung Galaxy phone into a local native and dodges those shocking international costs.

Simgo is a special iPhone or Samsung Galaxy case that cuts out wallet-melting international roaming bills.

Off the beaten path I reign

At present, to use your phone when you head for foreign climes, you need to either hunt for an elusive Wi-Fi hotspot; or you have to buy a SIM card when you arrive and tell everyone your temporary number; or you have to go through the wallet-melting expense of roaming on your home SIM, complete with the delightful surprise of a massive bill waiting on the mat when you return home. Basically, it's a big ol' rigmarole.

Enter Simgo. Simgo is a case for your phone that takes over the job of your SIM card. You take out your SIM card and attach the special protective cover to your phone, which then acts as a virtual SIM card. So no matter where you go you're not stung with exorbitant international rates -- and best of all you're still on your own number.

Simgo cases fit the Samsung Galaxy S2, S3 and S4, and the iPhone 4, 4S, iPhone 5 and 5S. It works with an app available from the Google Play or Apple App Store.

I'm free to speak my mind anywhere

Each time you travel you tell the app that you're going overseas and it assigns you a local number for local charges. But it also switches on call forwarding so your calls are made with your usual number, and people can still call you on your regular number. The service works on 3G and 4G networks in over 30 countries across North and South America, Europe, Africa and Asia.

CNET Reviews Cell Phones Simgo Mobile ltd. cell phones Simgo
Simgo takes the sting out of roaming charges

CNET Editors' Take February 21, 2014 3:04 AM PST

http://reviews.cnet.com/cell-phone-a...-35835221.html

[*Anya*]

Password 'treasure trove' found
Last updated 6 hours ago 2/26/14

By Kevin Rawlinson

BBC News

The batch could be used to launch email scams and crack into online accounts, experts said

A "treasure trove" of stolen personal details has been found on sale on black market websites, a security firm says.

About 360 million account credentials including email addresses and passwords were reportedly uncovered.

Hide Security said it had also found 1.25 billion email addresses without passwords.

It is unknown where the credentials, which were found in the past three weeks, came from - but the company said they included major email providers.

Experts said that the batch was exceptionally large in size. "It is Godzilla-sized, it is a monster," said online security consultant Graham Cluley.

He added: "There may be some duplicates but, even so, it sounds like a complete treasure trove for cybercriminals."

Hide Security said that its findings were the result of "multiple breaches which we are independently investigating".

'Mind boggling'

In a post on its website, it said: "In the first three weeks of February, we identified nearly 360 million stolen and abused credentials and 1.25 billion records containing only email addresses.

According to Mr Cluley, the details could be used to access not only the accounts they are directly associated with, but potentially others.

"What normally comes out is not only spam and phishing attacks, but also that the combination of email and password can be used in multiple places because people use the same ones across different sites," he said.

Mr Cluley added: "If people have a big database of passwords, they use it to find out what the regular ones are. The next time they want to crack into an account, they can use the most common passwords."

And Reuters reported concerns that the discovery could represent more of a risk to consumers and companies than stolen credit card data because of the chance the sets of user names and passwords could open the door to online bank accounts, corporate networks, health records and virtually any other type of computer system.

Spamming and phishing

Alex Holden, chief information security officer of Hold Security, told the agency: "The sheer volume is overwhelming."

He said the credentials had been stolen in breaches yet to be publicly reported. The companies attacked could remain unaware until they were notified by third parties who found evidence of the hacking, he said.

"We have staff working around the clock to identify the victims," he said.

The batch also included email addresses not paired with passwords, which would be of use to people intending to launch spamming and phishing attacks.

BBC © 2014

[*Anya*]

28 March 2014 Last updated at 08:53 ET

Facebook has ambitious plans to connect the two-thirds of the world that has no net access, using drones, satellites and lasers.

By Jane Wakefield
Technology reporter

Solar-powered drones will deliver net access to remote places.

The move was announced on the social media platform by founder Mark Zuckerberg.

It will put it in direct competition with Google, which is planning to deliver net access via balloons.

Both of the net giants want to extend their audiences, especially in the developing world.

Details about Facebook's plan were scant but it will include a fleet of solar-powered drones as well as low-earth orbit and geosynchronous satellites. Invisible, infrared laser beams could also be used to boost the speed of the net connections.

Last year Facebook and other technology companies launched internet.org to help bring net access to the huge swathes of the globe that are still not connected.

Aerospace experts
The social network has already teamed up with telecoms operators in the Philippines and Paraguay to double the number of people using the internet in that region.

"We're going to continue building these partnerships, but connecting the whole world will require inventing new technology too," Mr Zuckerberg said in his post.

To bring the project to fruition, Facebook has set up a Connectivity Lab that will include experts in aerospace and communication technology, from Nasa's jet propulsion lab and its Ames research centre.

It has also hired a five-member team that worked at British firm Ascenta, which developed the Zephyr, which holds the record for the longest-flying solar-powered unmanned aircraft.

Earlier this month there were rumours that the social network was interested in buying drone-maker Titan but there was no mention of this in the announcement.

Altruistic?
The plans form part of Facebook's ambitions to extend its reach beyond its 1.2 billion audience, thinks Ovum analyst Mark Little.

"Zuckerberg is pushing this as an altruistic way of connecting more people in the world - the net as a basic human right - but by increasing the total of net connections it also increases Facebook's members and the amount of sharing done, which in turn creates more space for advertising and drives its revenues in a massive way."

Last year Google announced similar plans to develop solar-powered balloons to deliver net access to remote areas of the world.

Code-named Project Loon, 30 of the super-pressure balloons were launched in New Zealand in June.

"It is perhaps aptly named," said Mr Little.

"It is going to have a lot of political hoops to jump through. Some governments won't put up with having that fleet over their airspace."

Mr Little thinks that for both Facebook and Google, the technology in their projects may prove to be "the easy bit" and that the real challenge will lie in persuading governments around the world that its alternative networks are viable.

"Mobile operators are always under threat from alternative ways of delivering net services. This becomes a concern for governments when a nation's communications rest on an outside provider," he said.

http://www.bbc.com/news/technology-26784438

[*Anya*]

Apple confirmed a longtime conspiracy theory — and gave regular customers a big reason to distrust it

Troy Wolverton December 20, 2017

Apple on Wednesday admitted it had been secretly throttling the performance of older iPhones.

The admission outraged even some of the company’s biggest fans.

Customers have good reason to be distrustful of the company and to suspect its motives.

Apple has long inspired an almost religious devotion among customers and tech aficionados – but it just seriously undermined its fans’ faith and loyalty.

The company on Wednesday acknowledged what some people have long suspected: that it has been secretly stifling the performance of older iPhones.

Critics have accused the company in the past, based on anecdotal evidence, of purposely slowing phones to compel users to upgrade to the latest model. While Apple admitted to the practice on Wednesday, it sought to underscore that it had done so for a purely altruistic reason: to prevent older phones from shutting down unexpectedly.

The justification hasn’t mollified Apple’s outraged fans. If anything, the company’s statement has stoked the conspiracy theories, and for good reason.

Apple was caught red-handed: By the company’s own admission, it’s been throttling the performance of iPhones since last year.

Apple hasn’t explained why it didn’t disclose the practice until now, after GeekBench released charts based on its data that showed how older iPhones were not performing as quickly as they had when they launched.

Apple’s secrecy – a badge of honor when it comes to unveiling new products – is certain to encourage distrust in this situation. Apple comes across as an organization that was intentionally hiding something, something it acknowledged only when it was caught red-handed.

If Apple didn’t acknowledge that it was throttling older phones until one year after it started doing so, what else is the company not telling customers? Why should iPhone users believe the company’s explanation for why it’s throttling phones? And why should they believe that it only started doing that a year ago?

Such questions might sound like the ravings of conspiracy theorists. But in this case, the conspiracy mongers were proved right: Apple was slowing down their phones. And there are rational reasons to think the company may not be offering a full explanation for why.

The iPhone maker has a big reason to push customers to upgrade

The fact is that Apple has an incentive to push users to upgrade; it makes money selling new devices, after all. And the company has a history of artificially making older devices look inferior to new ones. The iPhone 4, for example was perfectly capable of running Siri, but Apple reserved that feature for the model that replaced it, the iPhone 4s. Likewise, the camera in the iPhone 3G was capable of shooting video, but Apple didn’t turn that feature on and instead made video recording the signature capability of its next device, the iPhone 3GS.

Planned obsolescence is a long-standing practice in the tech and broader manufacturing industries.

Apple may well be honest in explaining its motives for throttling phones and about the time frame when it started doing so. But many folks just aren’t going to believe that.

“For years, we’ve reassured people that no, Apple doesn’t secretly slow down their older iPhones to make them buy new ones,” the blogger and iPhone developer Marco Arment said in a tweet on Wednesday. He added in a follow-up Twitter post: “The reputation damage from secretly slowing down old iPhones, regardless of the reason, will likely linger for a decade.”

Whatever the company’s motives for throttling iPhones, it should have made clear long ago what it was doing, if only for public-relations reasons. If it had told users what it was doing when it introduced the throttling feature – or heck, even better, when it first started seriously considering building the feature into the iPhone’s operating system – it would have been able to shape the discussion and maybe even improve how the feature works.

Instead, it’s now drawing customers’ criticism, distrust, and ire. And it has no one to blame but itself.

https://www.businessinsider.nl/apple...onal=true&r=US

[homoe]

Quote:

Originally Posted by *Anya*

Apple confirmed a longtime conspiracy theory — and gave regular customers a big reason to distrust it

Troy Wolverton December 20, 2017

Apple on Wednesday admitted it had been secretly throttling the performance of older iPhones.

The admission outraged even some of the company’s biggest fans.

Customers have good reason to be distrustful of the company and to suspect its motives.

Apple has long inspired an almost religious devotion among customers and tech aficionados – but it just seriously undermined its fans’ faith and loyalty.

The company on Wednesday acknowledged what some people have long suspected: that it has been secretly stifling the performance of older iPhones.

Critics have accused the company in the past, based on anecdotal evidence, of purposely slowing phones to compel users to upgrade to the latest model. While Apple admitted to the practice on Wednesday, it sought to underscore that it had done so for a purely altruistic reason: to prevent older phones from shutting down unexpectedly.

The justification hasn’t mollified Apple’s outraged fans. If anything, the company’s statement has stoked the conspiracy theories, and for good reason.

Apple was caught red-handed: By the company’s own admission, it’s been throttling the performance of iPhones since last year.

Apple hasn’t explained why it didn’t disclose the practice until now, after GeekBench released charts based on its data that showed how older iPhones were not performing as quickly as they had when they launched.

Apple’s secrecy – a badge of honor when it comes to unveiling new products – is certain to encourage distrust in this situation. Apple comes across as an organization that was intentionally hiding something, something it acknowledged only when it was caught red-handed.

If Apple didn’t acknowledge that it was throttling older phones until one year after it started doing so, what else is the company not telling customers? Why should iPhone users believe the company’s explanation for why it’s throttling phones? And why should they believe that it only started doing that a year ago?

Such questions might sound like the ravings of conspiracy theorists. But in this case, the conspiracy mongers were proved right: Apple was slowing down their phones. And there are rational reasons to think the company may not be offering a full explanation for why.

The iPhone maker has a big reason to push customers to upgrade

The fact is that Apple has an incentive to push users to upgrade; it makes money selling new devices, after all. And the company has a history of artificially making older devices look inferior to new ones. The iPhone 4, for example was perfectly capable of running Siri, but Apple reserved that feature for the model that replaced it, the iPhone 4s. Likewise, the camera in the iPhone 3G was capable of shooting video, but Apple didn’t turn that feature on and instead made video recording the signature capability of its next device, the iPhone 3GS.

Planned obsolescence is a long-standing practice in the tech and broader manufacturing industries.

Apple may well be honest in explaining its motives for throttling phones and about the time frame when it started doing so. But many folks just aren’t going to believe that.

“For years, we’ve reassured people that no, Apple doesn’t secretly slow down their older iPhones to make them buy new ones,” the blogger and iPhone developer Marco Arment said in a tweet on Wednesday. He added in a follow-up Twitter post: “The reputation damage from secretly slowing down old iPhones, regardless of the reason, will likely linger for a decade.”

Whatever the company’s motives for throttling iPhones, it should have made clear long ago what it was doing, if only for public-relations reasons. If it had told users what it was doing when it introduced the throttling feature – or heck, even better, when it first started seriously considering building the feature into the iPhone’s operating system – it would have been able to shape the discussion and maybe even improve how the feature works.

Instead, it’s now drawing customers’ criticism, distrust, and ire. And it has no one to blame but itself.

https://www.businessinsider.nl/apple...onal=true&r=US

I just heard about this this morning and it so pissed me off! I think the next time a new Iphone comes along (which it will) people should boycott! The only thing these corporations care about are profits, and the only leverage we as consumers have to show our displeasure is holding our $$$$$.

[PlatinumPearl]

I have known this for quite some time now. I was one of the first iPhone users and after 2 years was forced to upgrade. I could no longer use my phone because I couldn't update to the latest OS. I was missing phone calls and text messages were being significantly delayed and anything I did on my phone took a considerable amount of time until finally I couldn't do anything without receiving a constant pesky message that I had to upgrade to the latest OS. Frustrated and stressed to the max I went to the mall and the mobile guys told me all about how so many other iPhone users came in and gave them grief. I upgraded and went team android and never regretted my decision. I love that I have so much control over my phone. I am due for an upgrade which will be to another Android phone.

As for conspiracies I won't get into conspiracy theories in this post...... I think people need to start opening their eyes to how this world really works.....

Team Android.

[*Anya*]

TECHNOLOGY

Researchers Discover Two Major Flaws in the World’s Computers

By CADE METZ and NICOLE PERLROTH JAN. 3, 2018

SAN FRANCISCO — Computer security experts have discovered two major security flaws in the microprocessors inside nearly all of the world’s computers.

The two problems, called Meltdown and Spectre, could allow hackers to steal the entire memory contents of computers, including mobile devices, personal computers, servers running in so-called cloud computer networks.

There is no easy fix for Spectre, which could require redesigning the processors, according to researchers. As for Meltdown, the software patch needed to fix the issue could slow down computers by as much as 30 percent — an ugly situation for people used to fast downloads from their favorite online services.

“What actually happens with these flaws is different and what you do about them is different,” said Paul Kocher, a researcher who was an integral member of a team of researchers at big tech companies like Google and Rambus and in academia that discovered the flaws.

Meltdown is a particular problem for the cloud computing services run by the likes of Amazon, Google and Microsoft. By Wednesday evening, Google and Microsoft said they had updated their systems to deal with the flaw.

Amazon told customers of its Amazon Web Services cloud service that the vulnerability “has existed for more than 20 years in modern processor architectures.” It said that it had already protected nearly all instances of A.W.S. and that customers must update their own software running atop the service as well.

To take advantage of Meltdown, hackers could rent space on a cloud service, just like any other business customer. Once they were on the service, the flaw would allow them to grab information like passwords from other customers.

That is a major threat to the way cloud-computing systems operate. Cloud services often share machines among many customers — and it is uncommon for, say, a single server to be dedicated to a single customer. Though security tools and protocols are intended to separate customers’ data, the recently discovered chip flaws would allow bad actors to circumvent these protections.

The personal computers used by consumers are also vulnerable, but hackers would have to first find a way to run software on a personal computer before they could gain access to information elsewhere on the machine. There are various ways that could happen: Attackers could fool consumers into downloading software in an email, from an app store or visiting an infected website.

According to the researchers, the Meltdown flaw affects virtually every microprocessor made by Intel, which makes chips used in more than 90 percent of the computer servers that underpin the internet and private business operations.

Customers of Microsoft, the maker of the Windows operating system, will need to install an update from the company to fix the problem. The worldwide community of coders that oversees the open-source Linux operating system, which runs about 30 percent of computer servers worldwide, has already posted a patch for that operating system. Apple had a partial fix for the problem and is expected to have an additional update.

The software patches could slow the performance of affected machines by 20 to 30 percent, said Andres Freund, an independent software developer who has tested the new Linux code. The researchers who discovered the flaws voiced similar concerns.

This could become a significant issue for any business running websites and other software through cloud systems.

There is no evidence that hackers have taken advantage of the vulnerability — at least not yet. But once a security problem becomes public, computer users take a big risk if they do not install a patch to fix the issue. A so-called ransomware attack that hit computers around the world last year took advantage of machines that had not received a patch for a flaw in Windows software.

The other flaw, Spectre, affects most processors now in use, though the researchers believe this flaw is more difficult to exploit. There is no known fix for it, and it is not clear what chip makers like Intel will do to address the problem.

It is not certain what the disclosure of the chip issues will do to Intel’s business, and on Wednesday, the Silicon Valley giant played down the problem.

“Intel and other technology companies have been made aware of new security research describing software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from computing devices that are operating as designed,” the company said in a statement. “Intel believes these exploits do not have the potential to corrupt, modify or delete data.”

The researchers who discovered the flaws notified various affected companies. And as is common practice when such problems are identified, they tried to keep the news from the public so hackers could not take advantage of the flaws before they were fixed.

But on Tuesday, news of the Meltdown flaw began to leak through various news websites, including The Register, a science and technology site based in Britain. So the researchers released papers describing the flaws on Wednesday, much earlier than they had planned.

For now, computer security experts are using a patch, called Kaiser, that was originally discovered by researchers at the Graz University of Technology in Austria to respond to a separate issue last year.

Spectre will be much more difficult to deal with than issuing a software patch.

The Meltdown flaw is specific to Intel, but Spectre is a flaw in design that has been used by many processor manufacturers for decades. It affects virtually all microprocessors on the market, including chips made by AMD that share Intel’s design and the many chips based on designs from ARM in Britain.

Spectre is a problem in the fundamental way processors are designed, and the threat from Spectre is “going to live with us for decades,” said Mr. Kocher, the president and chief scientist at Cryptography Research, a division of Rambus.

“Whereas Meltdown is an urgent crisis, Spectre affects virtually all fast microprocessors,” Mr. Kocher said. An emphasis on speed while designing new chips has left them vulnerable to security issues, he said.

“We’ve really screwed up,” Mr. Kocher said. “There’s been this desire from the industry to be as fast as possible and secure at the same time. Spectre shows that you cannot have both.”

The Meltdown flaw was discovered by Jann Horn, a security analyst at a Google-run security research group called Google Project Zero, last June. Mr. Horn was the first to alert Intel. The chip giant then heard from other researchers who had also discovered the flaw, including Werner Haas and Thomas Prescher, at Cyberus Technology; and Daniel Gruss, Moritz Lipp, Stefan Mangard and Michael Schwarz at the Graz University of Technology.

The researchers had been working through the Christmas holiday on a patch, and coordinating with companies like Microsoft and Amazon to roll out the fix.

The second flaw, Spectre, was also discovered by Mr. Horn at Google and separately by Mr. Kocher, in coordination with Mike Hamburg at Rambus, Mr. Lipp at Graz University and Yuval Yarom at the University of Adelaide in Australia.

A fix may not be available for Spectre until a new generation of chips hit the market.

“This will be a festering problem over hardware life cycles. It’s not going to change tomorrow or the day after,” Mr. Kocher said. “It’s going to take a while.”


A version of this article appears in print on January 4, 2018, on Page B1 of the New York edition with the headline: 2 Big Flaws Discovered In Nearly All Computers.

https://www.nytimes.com/2018/01/03/b...pgtype=article

[Esme nha Maire]

There's also this article (aimed at IT bods) at The Register on this, too: http://www.theregister.co.uk/2018/01...u_design_flaw/ Main extra thing to take away is that it is NOT just Windows machines that are affected - Apple and Linux kit may be affected too.

The nasty-tasty icing on the already unpleasant cake, for me, is that despite moden comuters having CPUs running hundreds of times faster than the ones I first used, the durned OS's never seem to boot any faster. And now they;re going to have to be slowed further due to a cock-up on basic security design features in hardware? Grrrr....

[*Anya*]

Yes, the article below mentioned: "The worldwide community of coders that oversees the open-source Linux operating system, which runs about 30 percent of computer servers worldwide, has already posted a patch for that operating system. Apple had a partial fix for the problem and is expected to have an additional update".

What help is a partial fix?

Quote:

Originally Posted by Esme nha Maire

There's also this article (aimed at IT bods) at The Register on this, too: http://www.theregister.co.uk/2018/01...u_design_flaw/ Main extra thing to take away is that it is NOT just Windows machines that are affected - Apple and Linux kit may be affected too.

The nasty-tasty icing on the already unpleasant cake, for me, is that despite moden comuters having CPUs running hundreds of times faster than the ones I first used, the durned OS's never seem to boot any faster. And now they;re going to have to be slowed further due to a cock-up on basic security design features in hardware? Grrrr....

[*Anya*]

Link to long article from ars technica with responses from Intel, Microsoft, Apple re: meltdown and spectre.

By Peter Bright January 5, 2018


https://arstechnica.com/gadgets/2018...oing-about-it/

[*Anya*]

I Downloaded the Information That Facebook Has on Me. Yikes

By BRIAN X. CHEN APRIL 11, 2018

When I downloaded a copy of my Facebook data last week, I didn’t expect to see much. My profile is sparse, I rarely post anything on the site, and I seldom click on ads. (I’m what some call a Facebook “lurker.”)

But when I opened my file, it was like opening Pandora’s box.

With a few clicks, I learned that about 500 advertisers — many that I had never heard of, like Bad Dad, a motorcycle parts store, and Space Jesus, an electronica band — had my contact information, which could include my email address, phone number and full name.

Facebook also had my entire phone book, including the number to ring my apartment buzzer. The social network had even kept a permanent record of the roughly 100 people I had deleted from my friends list over the last 14 years, including my exes.

There was so much that Facebook knew about me — more than I wanted to know. But after looking at the totality of what the Silicon Valley company had obtained about yours truly, I decided to try to better understand how and why my data was collected and stored. I also sought to find out how much of my data could be removed.

How Facebook collects and treats personal information was central this week when Mark Zuckerberg, the company’s chief executive, answered questions in Congress about data privacy and his responsibilities to users. During his testimony, Mr. Zuckerberg repeatedly said Facebook has a tool for downloading your data that “allows people to see and take out all the information they’ve put into Facebook.”

But that’s an overstatement. Most basic information, like my birthday, could not be deleted. More important, the pieces of data that I found objectionable, like the record of people I had unfriended, could not be removed from Facebook, either.

“They don’t delete anything, and that’s a general policy,” said Gabriel Weinberg, the founder of DuckDuckGo, which offers internet privacy tools. He added that data was kept around to eventually help brands serve targeted ads.

Beth Gautier, a Facebook spokeswoman, put it this way: “When you delete something, we remove it so it’s not visible or accessible on Facebook.” She added: “You can also delete your account whenever you want. It may take up to 90 days to delete all backups of data on our servers.”

Digging through your Facebook files is an exercise I highly recommend if you care about how your personal information is stored and used. Here’s what I learned.

Facebook Retains More Data Than We Think
When you download a copy of your Facebook data, you will see a folder containing multiple subfolders and files. The most important one is the “index” file, which is essentially a raw data set of your Facebook account, where you can click through your profile, friends list, timeline and messages, among other features.

One surprising part of my index file was a section called Contact Info. This contained the 764 names and phone numbers of everyone in my iPhone’s address book. Upon closer inspection, it turned out that Facebook had stored my entire phone book because I had uploaded it when setting up Facebook’s messaging app, Messenger.

This was unsettling. I had hoped Messenger would use my contacts list to find others who were also using the app so that I could connect with them easily — and hold on to the relevant contact information only for the people who were on Messenger. Yet Facebook kept the entire list, including the phone numbers for my car mechanic, my apartment door buzzer and a pizzeria.

This felt unnecessary, though Facebook holds on to your phone book partly to keep it synchronized with your contacts list on Messenger and to help find people who newly sign up for the messaging service. I opted to turn off synchronizing and deleted all my phone book entries.

My Facebook data also revealed how little the social network forgets. For instance, in addition to recording the exact date I signed up for Facebook in 2004, there was a record of when I deactivated Facebook in October 2010, only to reactivate it four days later — something I barely remember doing.

Facebook also kept a history of each time I opened Facebook over the last two years, including which device and web browser I used. On some days, it even logged my locations, like when I was at a hospital two years ago or when I visited Tokyo last year.

Facebook keeps a log of this data as a security measure to flag suspicious logins from unknown devices or locations, similar to how banks send a fraud alert when your credit card number is used in a suspicious location. This practice seemed reasonable, so I didn’t try to purge this information.

But what bothered me was the data that I had explicitly deleted but that lingered in plain sight. On my friends list, Facebook had a record of “Removed Friends,” a dossier of the 112 people I had removed along with the date I clicked the “Unfriend” button. Why should Facebook remember the people I’ve cut off from my life?

Facebook’s explanation was dissatisfying. The company said it might use my list of deleted friends so that those people did not appear in my feed with the feature “On This Day,” which resurfaces memories from years past to help people reminisce. I’d rather have the option to delete the list of deleted friends for good.

Your Facebook account keeps a record not only of ads you have clicked on, but also of advertisers that have your contact information, which can also be viewed in your archive.

The Ad Industry Has Eyes Everywhere
What Facebook retained about me isn’t remotely as creepy as the sheer number of advertisers that have my information in their databases. I found this out when I clicked on the Ads section in my Facebook file, which loaded a history of the dozen ads I had clicked on while browsing the social network.

Lower down, there was a section titled “Advertisers with your contact info,” followed by a list of roughly 500 brands, the overwhelming majority of which I had never interacted with. Some brands sounded obscure and sketchy — one was called “Microphone Check,” which turned out to be a radio show. Other brands were more familiar, like Victoria’s Secret Pink, Good Eggs or AARP.

Facebook said unfamiliar advertisers might appear on the list because they might have obtained my contact information from elsewhere, compiled it into a list of people they wanted to target and uploaded that list into Facebook. Brands can upload their customer lists into a tool called Custom Audiences, which helps them find those same people’s Facebook profiles to serve them ads.

Brands can obtain your information in many different ways. Those include:

■ Buying information from a data provider like Acxiom, which has amassed one of the world’s largest commercial databases on consumers. Brands can buy different types of customer data sets from a provider, like contact information for people who belong to a certain demographic, and take that information to Facebook to serve targeted ads, said Michael Priem, chief executive of Modern Impact, an advertising firm in Minneapolis.

■ Using tracking technologies like web cookies and invisible pixels that load in your web browser to collect information about your browsing activities. There are many different trackers on the web, and Facebook offers 10 different trackers to help brands harvest your information, according to Ghostery, which offers privacy tools that block ads and trackers. The advertisers can take some pieces of data that they have collected with trackers and upload them into the Custom Audiences tool to serve ads to you on Facebook.

■ Getting your information in simpler ways, too. Someone you shared information with could share it with another entity. Your credit card loyalty program, for example, could share your information with a hotel chain, and that hotel chain could serve you ads on Facebook.

The upshot? Even a Facebook lurker, like myself, who has barely clicked on any digital ads can have personal information exposed to an enormous number of advertisers. This was not entirely surprising, but seeing the list of unfamiliar brands with my contact information in my Facebook file was a dose of reality.

I tried to contact some of these advertisers, like Very Important Puppets, a toymaker, to ask them about what they did with my data. They did not respond.

What About Google?
Let’s be clear: Facebook is just the tip of the iceberg when it comes to what information tech companies have collected on me.

Knowing this, I also downloaded copies of my Google data with a tool called Google Takeout. The data sets were exponentially larger than my Facebook data. For my personal email account alone, Google’s archive of my data measured eight gigabytes, enough to hold about 2,000 hours of music. By comparison, my Facebook data was about 650 megabytes, the equivalent of about 160 hours of music.

Here was the biggest surprise in what Google collected on me: In a folder labeled Ads, Google kept a history of many news articles I had read, like a Newsweek story about Apple employees walking into glass walls and a New York Times story about the editor of our Modern Love column. I didn’t click on ads for either of these stories, but the search giant logged them because the sites had loaded ads served by Google.

In another folder, labeled Android, Google had a record of apps I had opened on an Android phone since 2015, along with the date and time. This felt like an extraordinary level of detail

Google did not immediately respond to a request for comment.

On a brighter note, I downloaded an archive of my LinkedIn data. The data set was less than half a megabyte and contained exactly what I had expected: spreadsheets of my LinkedIn contacts and information I had added to my profile.

Yet that offered little solace. Be warned:

Once you see the vast amount of data that has been collected about you, you won’t be able to unsee it.


https://www.nytimes.com/2018/04/11/t...-me-yikes.html

[Esme nha Maire]

I hope this isn't entirely outside the remit of this thread. With regard to the above, about the huge amounts of data gathered about each and every one of us by companies, whether or not we have actually used their services or not, what bothers me is that it seems to me to be a very unsubtle assault on the individual in a subtle sort of way.

To clarify that last - who am I? Well, I am me, sat at this keyboard tying this - but to you, reading this, I am the impression that you form of me from reading these words that I type. If we engage in interpersonal communication, what will regulate that interaction is the impression you have formed of me - which may not be accurate, or fair, or you may pick up on some minor point or trait and imagine from that that I am either lovable/hatable, employable/unemployable etc.

We all, to greater or lesser degree, show different aspects of ourselves in different situations, contexts. But these huge data-gathering mechanisms don't care about context. They care about fact - you visited these sites, made those purchases, watched that film, bought that toy, liked this celebrity, commented in that thread, and so on. And from all this, a model of you is created. But at no point is anyone checking to see if it is a real model of you, an accurate one. It is one made on a set of assumptions, and those assumptions are driven purely by corporate entities desire to make more money from you, to get you to buy their products, by targeted advertising.

They do not care about context, about mistakes - every really liked someone only to find years later that they went to jail for doing something abhhorent? Ever bought something as a joke for a friend? Ever made a social mistake you later regretted, or said something in ignorance because you simply didn't know enough at the time? Pre-internet, that information either wasn't known, or was known to very few aside from yourself. Now - once it;s out there, it;s simply not forgotten. Your rationale for whatever it was isnt known, it's assumed, and you may be judged based on those potentially. incorrect assumptions.

And companies do abuse this data, as do outright criminals. The extent to which businesses are data-driven should not be underestimated. What if your
ability to land a job is affected by a trawl of available data on you done by a company, a job you may be a perfect fit for, except that, oh, I dunno, maybe you looked something up on the net out of sheer curiosity, or to try to help a friend, regarding drugs, so clearly you have an interest in drugs, and that's an immediate no-hire for the company offering the job?

The utility you may find in social media sites does not come free of charge. It comes at the expense of your privacy and the extent to which you are happy to let others make decisions about your life based on assumptions made on the gigabytes of minutiae gleaned from your use of the internet, whether you're sitting at a computer typing, as I am now, or buying something in a shop with a card, or whether you just happen to be visible in a picture someone puts of an event onto a social media site, and somebody recognising you add the information about who you are.

It boils down to who are we - the warm body making their way through life trying to do the best they can, or the assumptions made by others who've never met us based on gigabytes of minutiae about our lives. The one is not the other - and yet increasingly, it seems to be the horde of data that is treated as being the real person. And there is seldom, if ever, any effective appeal against mistakes made on that basis.

The "I don't mind because I've got nothing to hide" line some come out with is so naieve it's painful. It isn't a question of skeletons in teh closets - it's whether trivia about you is more real than you are - and to companies - and criminals - and, unfortunately, all too many folk who don't see the human behind our postings online, it IS more real than you. It is all they know about you, after all, and as you're not a warm body to them, why should they care any hurt they cause you as a result?