How consumers rank Facebook, Twitter, Snapchat, Instagram, LinkedIn, and YouTube on privacy, fake news, content relevance, safety, and sharing
- In fact, in a new Business Insider Intelligence survey of more than 1,300 global consumers, over half (54%) said that fake news and scams were "extremely impactful" or "very impactful" on their decision to engage with ads and sponsored content.
- The Digital Trust Report 2018, the latest Enterprise Edge Report from Business Insider Intelligence, compiles this exclusive survey data to analyze consumer perceptions of Facebook, Twitter, Snapchat, Instagram, LinkedIn, and YouTube.
- The survey breaks down consumers' perceptions of social media across six pillars of trust: security, legitimacy, community, user experience, shareability, and relevance.
- The Digital Trust Report 2018 illustrates how social platforms have been on a roller coaster ride of data, user privacy, and brand safety scandals since our first installment of the report in 2017.
Facebook stored hundreds of millions of passwords in plaintext
- Krebs said as many as 600 million users could be affected — about one-fifth of the company’s 2.7 billion users, but Facebook has yet to confirm the figure.
- Hmm, somebody was just telling me how OAuth with Facebook was secure somehow.
- It's not surprising.
- Facebook has zero interest in user privacy or user rights.
- All this stuff is totally on-brand for them but it’s still to wild to be true.
- To read some more elaborate opinions on the matter.
- More developers are using dev.to to keep up with industry trends and grow their careers.
- We’re a place where coders share, stay up-to-date and grow their careers.
- We strive for transparency and don't collect excess data.
Facebook developers wrote apps that stored users’ passwords in plaintext
- Brian Krebs reports that hundreds of millions of Facebook users had their credentials logged in plain text by various applications written by Facebook employees.
- Lite uses a proxy architecture, with an application server running most of the application code and minimizing the amount of data that needs to be sent to the user's phone.
- And apparently because it was acting as a proxy, the server was acting on behalf of users and logging their credentials for use in connecting to other Facebook services.
- While Facebook Lite users make up the vast majority of those affected, other applications were clearly also involved—as Instagram and non-Lite Facebook accounts were also logged.
- He also mentioned use of other features Facebook offers to prevent someone from using stolen user credentials to log in to its services—including two-factor authentication (2FA) through the mobile application or via text message, or the use of a USB security key.
These are the four transformations payments providers must undergo to survive digitization
- Rising smartphone penetration, regulations pushing users away from cash, and globalization demanding faster and new ways to transact are leading to a swell in noncash payments, which Business Insider Intelligence expects to grow to 841 billion transactions by 2023.
- Those that do this effectively, and use these shifts as a means of achieving scale without eroding the user experience, will be in the best position to use ongoing digitization in their payments space to their advantage.
- In The Future Of Payments 2018, Business Insider Intelligence takes a look at some of the biggest problems digitization and crowding are causing for payments firms, outlines the key transformations players can make going forward to resolve them, and explores areas where firms have already begun to use these transformations to their advantage.
Houseparty elevates its chief operating officer to CEO
- Houseparty, the video chat app that has recently begun exploring gaming and live entertainment, has a new CEO.
- In January, Houseparty added the popular mobile game Heads Up, offering in-app purchases for the first time.
- Sistani, who previously served in media partnership roles at Tumblr and at Yahoo, said the company plans to add other games soon.
- With her move to the top, Sistani becomes one of a vanishingly small number of women to run social networks backed by large venture capital firms.
- (The company has raised about $70 million from Silicon Valley stalwarts including Sequoia Capital and Greylock Partners.) Sarah Friar, who became CEO of neighborhood network Nextdoor last year, is perhaps the most high-profile example of a woman leading a social app that has millions of users.
Microsoft ships antivirus for macOS as Windows Defender becomes Microsoft Defender
- Apple has integrated some malware protection into macOS, but we've heard from developers on the platform that Mac users aren't always very good at keeping their systems on the latest point release.
- Defender ATP for Windows tracks various system behaviors and reports them to the ATP cloud service, which can be used to detect threats even without identifying any specific piece of malware.
- Microsoft's system-management software can already report on systems that are using insecure configurations or running out-of-date software, but Defender ATP's new Threat & Vulnerability Management will expand this.
- The various risk factors will be prioritized according to the current threat landscape—for example, updating systems running insecure software versions becomes more pressing if there's active exploitation in the wild—so that administrators can focus on the software updates and configuration changes that offer the most bang for their buck in terms of improving their exposure to risks.
Facebook stored hundreds of millions of passwords in plain text
- Facebook stored passwords for hundreds of millions of users in plain text, exposing them for years to anyone who had internal access to the files, according to Krebs on Security.
- User passwords are typically protected with encryption (a process known as hashing), but a string of errors led certain Facebook-branded apps to leave passwords accessible to as many as 20,000 company employees.
- Between 200 million and 600 million Facebook users are believed to have been affected, according to Krebs, which first reported the security flaw.
- According to Facebook, there’s no evidence that plain text passwords were exposed outside of the company or that they were abused internally.
- Although there’s no evidence of abuse, at least 2,000 Facebook employees searched through the files containing passwords, though it’s not clear what for.
Facebook employees had access to hundreds of millions of private passwords
- This time, it turns out Facebook was storing the personal passwords for hundreds of millions of Facebook users unencrypted on the company servers, according to a report from the security publication Krebs on Security.
- Facebook confirmed that, yes, this was indeed the case, and Facebook discovered it in January during a “routine security review.” The company usually encrypts passwords so they aren’t viewable to hackers or other people who might have access to the servers where they are stored.
- Krebs on Security reported that the number of visible passwords belonged to between 200 million and 600 million users.
- The misstep is just the latest for Facebook, which has played fast and loose with user privacy and data collection practices for years.
- Numerous software bugs led to Facebook privacy issues in 2018, and, last September, hackers stole the profile information for tens of millions of Facebook users.
Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years
- Hundreds of millions of Facebook users had their account passwords stored in plain text and searchable by thousands of Facebook employees — in some cases going back to 2012, KrebsOnSecurity has learned.
- Facebook is probing a series of security failures in which employees built applications that logged unencrypted password data for Facebook users and stored it in plain text on internal company servers.
- The Facebook source said the investigation so far indicates between 200 million and 600 million Facebook users may have had their account passwords stored in plain text and searchable by more than 20,000 Facebook employees.
- My Facebook insider said access logs showed some 2,000 engineers or developers made approximately nine million internal queries for data elements that contained plain text user passwords.
- Renfro said the issue first came to light in January 2019 when security engineers reviewing some new code noticed passwords were being inadvertently logged in plain text.
Facebook employees had access to millions of user passwords
- Facebook stored "hundreds of millions" of account passwords without encryption and viewable as plain text to tens of thousands of company employees, according to a report Thursday by cybersecurity journalist Brian Krebs.
- Facebook confirmed the report in a blog post.
- Facebook shares were down less than 1 percent Thursday.
- The incident could have affected as many as 600 million users, a significant portion of Facebook's user base of 2.7 billion people.
- Facebook, however, has been under intense scrutiny due to several years of privacy and security scandals that have earned the company criticism from customers and inquiries and fines from several regulatory agencies, particularly in the European Union.
- But Facebook's scandals haven't significantly dented the company's count of active daily users, which rose last quarter despite an extended social media campaign by Facebook critics encouraging privacy minded customers to delete their accounts.