Social Networks

Instagram Now Has 800 Million Monthly, 500 Million Daily Active Users (cnbc.com) 24

An anonymous reader quotes a report from CNBC: Instagram said Monday that it's added another 100 million monthly users. That brings the photo-sharing app to 800 million monthly active users, up from 700 million in April, according to Carolyn Everson, vice president of global marketing solutions at Facebook, who spoke at an Advertising Week event in New York City. Five hundred million of those are daily active users, the company said. That means that Instagram is still ahead of rival Snap in terms of users, based on Snap's last report. Snap said in August that it had 173 million daily active users. Time spent watching video on Instagram is up more than 80 percent year over year, the company also said on Monday, and four times as many videos are being produced every day on Instagram compared with a year ago.
Security

Experian Criticized Over Credit-Freeze PIN Security and 'Dark Web' Scans (theverge.com) 65

Security researcher Brian Krebs complains that Experian's identity-protecting credit freezes are easily unfrozen online. An anonymous reader quotes the Verge: Experian makes it easy to undo a credit freeze, resetting a subject's PIN through an easily accessible account recovery page. That page only asks for a person's name, address, date of birth, and Social Security number...data [that] was compromised in the Equifax breach, as well as other breaches, so we can probably assume hackers possess this information. After entering that data, attackers then just have to enter an email address -- any email -- and answer a few security questions.

That might not jump out as insecure; security questions exist for a reason. But the questions themselves are easy to answer, particularly if you know how to use the internet and a search bar. Krebs says sample questions include asking users to identify cities where they've previously lived and the people that resided with them. Much of that information is available through a person's own social media accounts, search engines, or Yellow Pages-like databases, including Spokeo and Zillow... In response to Krebs' report, Experian claims that it goes beyond the measures identified to authenticate users. "While we do not disclose those additional processes," said the company in a statement, "they include a broad array of checks that are not visible to the consumer."

Meanwhile, the Los Angeles Times reports that Experian is also advertising a "free scan of the dark Web" which actually binds anyone who accepts it to their 17,600-word terms of service, as well as acceptance of "advertisements or offers" from financial products companies -- plus "an arbitration clause preventing you from suing the company" which a spokesperson acknowledges could remain in effect for several years.
Businesses

The Problem, Really, is This Thing Called 'Disruption' (wired.com) 106

New submitter mirandakatz writes: The word "disruption" is everywhere in tech -- and it's getting founders in trouble. Just look at what happened with Bodega last week: Had the startup not professed to be disrupting the mom-and-pop shops on every corner, it might not have landed itself in such hot water. At Backchannel, veteran Silicon Valley communications whiz Karen Wickre makes the case against "disruption," pointing out that many of today's biggest companies got their starts without claiming to completely upend an existing industry. She writes: "What if Sergey and Larry had touted Google, in 1998, as 'an unprecedented platform for disrupting global advertising?' Do you think Jeff Bezos claimed that Amazon.com was upending global retail? Netflix? Within a few months of its 1997 launch, it did not foresee the actual paradigm shift of media streaming."
Iphone

'Dear Apple, The iPhone X and Face ID Are Orwellian and Creepy' (hackernoon.com) 440

Trent Lapinski from Hacker Noon writes an informal letter to Apple, asking "who the hell actually asked for Face ID?" and calling the iPhone X and new face-scanning security measure "Orwellian" and "creepy": For the company that famously used 1984 in its advertising to usher in a new era of personal computing, it is pretty ironic that 30+ years later they would announce technology that has the potential to eliminate global privacy. I've been waiting 10-years since the first iPhone was announced for a full-screen device that is both smaller in my hand but has a larger display and higher capacity battery. However, I do not want these features at the cost of my privacy, and the privacy of those around me. While the ease of use and user experience of Face ID is apparent, I am not questioning that, the privacy concerns are paramount in today's world of consistent security breaches. Given what we know from Wikileaks Vault7 and the CIA / NSA capabilities to hijack any iPhone, including any sensor on the phone, the very thought of handing any government a facial ID system for them to hack into is a gift the world may never be able to return. Face ID will have lasting privacy implications from 2017 moving forward, and I'm pretty sure I am not alone in not wanting to participate.

The fact of the matter is the iPhone X does not need Face ID, Apple could have easily put a Touch ID sensor on the back of the phone for authentication (who doesn't place their finger on the back of their phone?). I mean imagine how cool it would be to put your finger on the Apple logo on the back of your iPhone for Touch ID? It would have been a highly marketable product feature that is equally as effective as Face ID without the escalating Orwellian privacy implications. [...] For Face ID to work, the iPhone X actively has to scan faces looking for its owner when locked. This means anyone within a several foot range of an iPhone X will get their face scanned by other people's phones and that's just creepy.

Advertising

Democrats Ask FEC To Create New Rules To Keep Foreign Influence Off Social Media Ads (thehill.com) 195

Cristina Marcos reports via The Hill: Democratic lawmakers on Wednesday asked the Federal Election Commission (FEC) to establish new guidelines for online advertising platforms that would prevent foreign spending to influence U.S. elections. The move comes after Facebook provided information to Congress and special counsel Robert Mueller, who is leading the FBI's investigation into Russia's election interference, about Russian ad purchases during the 2016 campaign.

"The recent revelations that foreign nationals with suspected ties to the Russian government sought to influence the 2016 election through social media advertisements are deeply concerning and demand a response," 20 House and Senate Democrats wrote in the letter. "We are fast approaching the 2018 election cycle. As such, it is imperative the Federal Election Commission begin this effort in earnest," they wrote. CNN, which first reported on the Democrats' letter, cited Facebook sources saying they expect Congress may try to require disclaimers on online political ads in the future, similar to political television ads. The Democratic lawmakers suggested that any FEC guidance address how foreign actors can use corporate or nonprofit designations to avoid disclosing political spending; what advertisement platforms can do to prevent foreign campaign activity; and possible changes to disclosure standards for political advertisements.

Space

Idaho Wants To Establish America's First 'Dark Sky Preserve' (idahostatesman.com) 136

schwit1 shares a story from the AP: Tourists heading to central Idaho will be in the dark if local officials get their way. The first International Dark Sky Reserve in the United States would fill a chunk of the state's sparsely populated region that contains night skies so pristine that interstellar dust clouds are visible in the Milky Way... Supporters say excess artificial light causes sleeping problems for people and disrupts nocturnal wildlife and that a dark sky can solve those problems, boost home values and draw tourists. Opposition to dark sky measures elsewhere in the U.S. have come from the outdoor advertising industry and those against additional government regulations.

Researchers say 80 percent of North Americans live in areas where light pollution blots out the night sky. Central Idaho contains one of the few places in the contiguous United States large enough and dark enough to attain reserve status, Barentine said. Only 11 such reserves exist in the world... The proposed Idaho reserve is mainly land managed by the U.S. Forest Service and contains the wilderness of the Sawtooth National Recreation Area... Leaders in the cities of Ketchum and Sun Valley, the tiny mountain town of Stanley, other local and federal officials, and a conservation group have been working for several years to apply this fall to designate 1,400 square miles (3,600 square kilometers) as a reserve. A final decision by the association would come about 10 weeks after the application is submitted.

Businesses

Is Online Advertising Worthless? (zerohedge.com) 289

turkeydance shares a story from ZeroHedge: Category 1 storm clouds are gathering over what has traditionally been one of the most lucrative, and perhaps only profitable, sectors to come out of Silicon Valley in decades: online advertising. Two months ago, it was P&G which fired the first shot across the "adtech" bow when not long after it announced it was slashing its digital ad spending because it thought it was not getting the kind of return on investment it desired, it made a striking discovery: "We didn't see a reduction in the growth rate." CFO Jon Moeller said "What that tells me is that that spending that we cut was largely ineffective"...

So fast forward to last week, when during Thursday's Global Retailing Conference organized by Goldman Sachs, Restoration Hardware delightfully colorful CEO, Gary Friedman, divulged the following striking anecdote about the company's online marketing strategy, and the state of online ad spending in general... What Friedman revealed - in brief - was the following: "we've found out that 98% of our business was coming from 22 words. So, wait, we're buying 3,200 words and 98% of the business is coming from 22 words. What are the 22 words? And they said, well, it's the word Restoration Hardware and the 21 ways to spell it wrong, okay?"

Stated simply, the vast, vast majority of online ad spending is wasted, chasing clicks that simply are not there....One wonders how long before all retailers - most of whom are notoriously strapped for revenues and profits courtesy of Amazon - and other "power users" of online advertising, do a similar back of the envelope analysis, and find that they, like RH, are getting a bang for only 2% of their buck?

Piracy

Can The Pirate Bay Replace Ads With A Bitcoin Miner? (betanews.com) 123

Mark Wilson writes: When it comes to the Pirate Bay, it's usually movie studios, music producers and software creators that get annoyed with the site — you know, copyright and all that. But in an interesting twist it is now users who find themselves irked by and disappointed in the most famous torrent site in the world.

So what's happened? Out of the blue, the Pirate Bay has added a Javascript-powered Bitcoin miner to the site. Nestling in the code of the site is an embedded cryptocurrency miner from Coinhive. Users who have noticed an increase in resource usage on their computers as a result of this are not happy.

TorrentFreak reports the miner is being tested for about 24 hours -- as a possible way to earn enough revenue to remove advertising from the site.
Google

Google Allowed Advertisers To Target 'Jewish Parasite,' 'Black People Ruin Everything' (buzzfeed.com) 139

Alex Kantrowitz, reporting for BuzzFeed News: Google, the world's biggest advertising platform, allows advertisers to specifically target ads to people typing racist and bigoted terms into its search bar, BuzzFeed News has discovered. Not only that, Google will suggest additional racist and bigoted terms once you type some into its ad buying tool. Type "White people ruin," as a potential advertising keyword into Google's ad platform, and Google will suggest you run ads next to searches including "black people ruin neighborhoods." Type "Why do Jews ruin everything," and Google will suggest you run ads next to searches including "the evil jew" and "jewish control of banks." BuzzFeed News ran an ad campaign targeted to all these keywords and others this week. The ads went live and were visible when we searched for the keywords we'd selected. Google's ad buying platform tracked the ad views. Following our inquiry, Google disabled every keyword in this ad campaign save one -- an exact match for "blacks destroy everything," is still eligible. Google told BuzzFeed News that just because a phrase is eligible does not guarantee an ad campaign will run against it. A total of 17 ad impressions were served before the keywords were disabled.
Advertising

First Ever Malvertising Campaign Uses JavaScript To Mine Cryptocurrencies In Your Browser (bleepingcomputer.com) 70

An anonymous reader writes from a report via Bleeping Computer: Malware authors are using JavaScript code delivered via malvertising campaigns to mine different cryptocurrencies inside people's browsers (mostly Monero), without their knowledge. The way crooks pulled this off was by using an online advertising company that allows them to deploy ads with custom JavaScript code. The JavaScript code is a modified version of MineCrunch (also known as Web Miner), a script released in 2014 that can mine cryptocurrencies using JavaScript code executed inside the browser. Cryptocurrency mining operations are notoriously resource-intensive and tend to slow down a user's computer. To avoid raising suspicion, crooks delivered malicious ads mainly on video streaming and browser-based gaming sites (currently mostly Ukrainian and Russian sites). Both types of sites use lots of resources, and users wouldn't get suspicious when their computer slowed down while accessing the site. Furthermore, users tend to linger more on browser games and video streaming services, allowing the mining script to do its job and generate profits for the crooks.
Advertising

Facebook Enabled Advertisers To Reach 'Jew Haters' (propublica.org) 253

ProPublica is reporting that Facebook "enabled advertisers to direct their pitches to the news feeds of almost 2,300 people who expressed interest in the topics of 'Jew hater,' 'How to burn jews,' or, 'History of why jews ruin the world.'" The organization even went so far as to test these ad categories by paying $30 to target those groups with three "promoted posts" -- in which a ProPublica article or post was displayed in their news feeds. Facebook reportedly approved all three ads within 15 minutes. From the report: After we contacted Facebook, it removed the anti-Semitic categories -- which were created by an algorithm rather than by people -- and said it would explore ways to fix the problem, such as limiting the number of categories available or scrutinizing them before they are displayed to buyers. In all likelihood, the ad categories that we spotted were automatically generated because people had listed those anti-Semitic themes on their Facebook profiles as an interest, an employer or a "field of study." Facebook's algorithm automatically transforms people's declared interests into advertising categories. [ProPublica provides a screenshot of their ad buying process on the company's advertising portal.]

"There are times where content is surfaced on our platform that violates our standards," said Rob Leathern, product management director at Facebook. "In this case, we've removed the associated targeting fields in question. We know we have more work to do, so we're also building new guardrails in our product and review processes to prevent other issues like this from happening in the future."

Facebook

Spain Fines Facebook Over Tracking Users Without Consent (tomshardware.com) 41

Spain's Data Protection Authority has issued a 1.2 million euro fine against Facebook after it found three instances when the company collected data without informing users, as required by European Union privacy laws. Tom's Hardware reports: The AEPD found multiple issues with how Facebook gathered data on Spanish users. One of the issues was that Facebook collects data on ideology, sex, and religious beliefs, as well as personal tastes and web surfing habits without informing the users about how that data will be used. A second issue was that Facebook wasn't obtaining specific and informed consent from the users because the data it was offering them about the collection was not sufficiently clear. The company has been tracking both users and non-users of the service through the Like button across the web without informing them about this sort of tracking, nor about what it plans to do with the data. The company has said that the collection is done for advertising purposes before, but some purposes remain secret, according to the Spanish Data Protection Authority. The AEPD said this sort of collection doesn't comply with the EU's data protection regulations.

Finally, the AEPD also noticed that Facebook has not been completely purging the data about users who had already deleted their accounts and that Facebook was making use of accounts' data that have been deleted for more than 17 months. Considering the data that has remained behind is no longer useful for the purpose for which it was collected, the agency considered this another serious infringement of EU privacy laws.

Security

ISPs Claim a Privacy Law Would Weaken Online Security, Increase Pop-Ups (arstechnica.com) 86

An anonymous reader quotes a report from Ars Technica: The country's biggest Internet service providers and advertising industry lobby groups are fighting to stop a proposed California law that would protect the privacy of broadband customers. AT&T, Comcast, Charter, Frontier, Sprint, Verizon, and some broadband lobby groups urged California state senators to vote against the proposed law in a letter Tuesday. The bill would require Internet service providers to obtain customers' permission before they use, share, or sell the customers' Web browsing and application usage histories. California lawmakers could vote on the bill Friday of this week, essentially replicating federal rules that were blocked by the Republican-controlled Congress and President Trump before they could be implemented. The text and status of the California bill, AB 375, are available here.

The letter claims that the bill would "lead to recurring pop-ops to consumers that would be desensitizing and give opportunities to hackers" and "prevent Internet providers from using information they have long relied upon to prevent cybersecurity attacks and improve their service." The Electronic Frontier Foundation picked apart these claims in a post yesterday. The proposed law won't prevent ISPs from taking security measures because the bill "explicitly says that Internet providers can use customer's personal information (including things like IP addresses and traffic records) 'to protect the rights or property of the BIAS [Broadband Internet Access Service] provider, or to protect users of the BIAS and other BIAS providers from fraudulent, abusive, or unlawful use of the service,'" EFF Senior Staff Technologist Jeremy Gillula wrote.

Safari

Every Major Advertising Group Is Blasting Apple for Blocking Cookies in the Safari Browser (adweek.com) 442

The biggest advertising organizations say Apple will "sabotage" the current economic model of the internet with plans to integrate cookie-blocking technology into the new version of Safari. Marty Swant, reporting for AdWeek: Six trade groups -- the Interactive Advertising Bureau, American Advertising Federation, the Association of National Advertisers, the 4A's and two others -- say they're "deeply concerned" with Apple's plans to release a version of the internet browser that overrides and replaces user cookie preferences with a set of Apple-controlled standards. The feature, which is called "Intelligent Tracking Prevention," limits how advertisers and websites can track users across the internet by putting in place a 24-hour limit on ad retargeting. In an open letter expected to be published this afternoon, the groups describe the new standards as "opaque and arbitrary," warning that the changes could affect the "infrastructure of the modern internet," which largely relies on consistent standards across websites. The groups say the feature also hurts user experience by making advertising more "generic and less timely and useful."
Music

Apple's 'Shoddy' Beats Headphones Get Slammed In Lawsuit (theregister.co.uk) 188

A lawsuit (PDF) filed Tuesday in U.S. District Court in Oakland, California, recounts the frustrations of five plaintiffs who found that Apple's Powerbeats 2 and Powerbeats 3 headphones did not perform as advertised. They are also claiming the company is refusing to honor warranty commitments to repair or replace the failed units. The Register reports: The complaint seeks $5,000,000 in damages and class action certification, in order to represent thousands of similarly afflicted Beats customers who are alleged to exist. "In widespread advertising and marketing campaigns, Apple touts that its costly Powerbeats (which retail for $199.95) are 'BUILT TO ENDURE' and are the 'BEST HEADPHONES FOR WORKING OUT,'" the complaint says. "But these costly headphones are neither 'built to endure' nor 'sweat & water resistant,' and certainly do not have a battery that lasts for six or twelve hours. Instead, these shoddy headphones contain a design defect that causes the battery life to diminish and eventually stop retaining a charge."

The complaint attributes the shoddiness of Apple's Powerbeats headphones to cheap components. Citing an estimate in a recent Motley Fool article, the complaint contends that Apple's Beats Solo headphones cost $16.89 to make and retail for $199.95: a markup of more than 1,000 per cent. That figure actually comes from a Medium post by Avery Louie, from hardware prototyping biz Bolt.

Facebook

The Fake News Machine: Inside a Town Gearing Up for 2020 (cnn.com) 225

CNN has a story on Veles, riverside town in Macedonia, which back in the day was known to make porcelain for the whole of Yugoslavia. But now, as an investigation by the news outlet has found, it makes fake news. Veles has become home to dozens of website operators who churn out bogus stories designed to attract the attention of Americans. Each click adds cash to their bank accounts. From the report: The scale is industrial: Over 100 websites were tracked here during the final weeks of the 2016 U.S. election campaign, producing fake news that mostly favored Republican candidate for President Donald Trump. One of the shadowy industry's pioneers is a soft-spoken law school dropout. Worried that his online accounts could be shut down, the 24-year-old asked to be known only as Mikhail. He takes on a different persona at night, prowling the internet as "Jesica," an American who frequently posts pro-Trump memes on Facebook. The website and Facebook page that "Jesica" runs caters to conservative readers in the U.S. The stories are political -- and often wrong on the facts. But that doesn't concern Mikhail. "I don't care, because the people are reading," he said. "At 22, I was earning more than someone [in Macedonia] will ever learn in his entire life." He claims to have earned up to $2,500 a day from advertising on his website, while the average monthly income in Macedonia is just $426. The profits come primarily from ad services such as Google's AdSense, which place targeted advertisements around the web. Each click sends a little bit of cash back to the content creator. Mikhail says he has used his profits to buy a house and put his younger sister through school. [...] That site was blocked a few months ago after Facebook and Google started cracking down on fake news sites. Mikhail is now retooling his operation, with his sights set firmly on the 2020 presidential election.
The Courts

The Teen Malware Career Of Marcus Hutchins (itwire.com) 48

Slashdot reader troublemaker_23 writes, "A number of security researchers have dismissed an article by reporter Brian Krebs about Marcus Hutchins, the Briton who is awaiting trial in the US on charges of writing and distributing the Kronos banking malware, by pointing out that it has nothing to do with the case." An anonymous reader writes: Krebs investigated dozens of hacker forum pseudonyms, concluding "The clues suggest that Hutchins began developing and selling malware in his mid-teens -- only to later develop a change of heart and earnestly endeavor to leave that part of his life squarely in the rearview mirror." Krebs believes 15-year-old Hutchins registered a domain he'd later advertise as "mainly for blackhats wanting to phish," and in 2010 may have filmed YouTube videos about password-stealing malware. Krebs says the early activities are "fairly small-time -- and hardly rise to the level of coding from scratch a complex banking trojan and selling it to cybercriminals," though he believes Hutchins moved on to advertising exploit kits, password-stealers, and bot rentals.

Krebs also talked to 27-year-old Brendan Johnston, a friend of Hutchins who did time in prison in 2014 for selling Trojans, who "said his old friend sincerely tried to turn things around in late 2012... 'I feel like I know Marcus better than most people do online, and when I heard about the accusations I was completely shocked,. He tried for such a long time to steer me down a straight and narrow path that seeing this tied to him didn't make sense to me at all." Krebs stresses that Hutchins didn't try to hide the fact that he'd written malware, "which in the United States at least is a form of protected speech." And his essay concludes, "Let me be clear: I have no information to support the claim that Hutchins authored or sold the Kronos banking trojan."

Symantec's former cybersecurity czar Tarah Wheeler has now set up a new legal fund after it was discovered that most of the online donations to Hutchins' previous defense fund came from stolen or fake credit card numbers. Hutchins returns to court in October, and the new fund has already received more than $16,000 in donations from more than 200 contributors.
Facebook

Facebook Offers Hundreds of Millions of Dollars for Music Rights (bloomberg.com) 84

Facebook is offering major record labels and music publishers hundreds of millions of dollars so the users of its social network can legally include songs in videos they upload, Bloomberg reported on Tuesday. From the report: The posting and viewing of video on Facebook has exploded in recent years, and many of the videos feature music to which Facebook doesn't have the rights. Under current law, rights holders must ask Facebook to take down videos with infringing material. Music owners have been negotiating with Facebook for months in search of a solution, and Facebook has promised to build a system to identify and tag music that infringes copyrights. Yet such a setup will take as long as two years to complete, which is too long for both sides to wait, said the people, who asked not to be named discussing details that aren't public. Facebook is eager to make a deal now so that it no longer frustrates users, by taking down their videos; partners, by hosting infringing material; or advertisers, with the prospect of legal headaches. The latest discussions will ensure Facebook members can upload video with songs just as it's rolling out Watch, a new hub for video, and funding the production of original series. Facebook is attempting to attract billions of dollars in additional advertising revenue and challenge YouTube as the largest site for advertising-supported video on the web.
Verizon

Verizon Up Offers Rewards in Exchange For Customers' Personal Information (wsj.com) 74

An anonymous reader shares a report: A new Verizon rewards program, Verizon Up, provides credits that wireless subscribers can use for concert tickets, movie premieres and phone upgrades. But it comes with a catch: Customers must give the carrier access to their web-browsing history, app usage and location data, which Verizon says it uses to personalize the rewards and deliver targeted advertising as its customers browse the web. The trade-off is part of Verizon's effort to build a digital advertising business to compete with web giants Facebook and Google, which often already possess much of the same customer information. Even though Congress earlier this year dismantled tough privacy regulations on telecommunications providers, Verizon still wants customers to opt-in to its most comprehensive advertising program, called Verizon Selects. Data collected under the program is shared with Oath, the digital-media unit Verizon created when it bought AOL and Yahoo. Since access to data from customers could make it easier to tailor ads to their liking, Verizon hopes the information will help it gain advertising revenue to offset sluggish growth in its cellular business.See a current list of Verizon plans here.
Businesses

Billionaire Brothers Want to Build a Cheaper Rival to Slack (bloomberg.com) 93

Saritha Rai, writing for Bloomberg: A teenage entrepreneur who became a millionaire by 20 before sharing a billion-dollar fortune at 36, Bhavin Turakhia isn't afraid to think big. Now he's putting $45 million of his own money into building a rival to Slack and other office messaging platforms. Flock, a cloud-based team collaboration service, has attracted 25,000 enterprise users and customers including Tim Hortons, Whirlpool and Princeton University. It's a market that has already drawn interest from global technology giants Facebook, Amazon.com and Microsoft. This time last year, few had heard of Bhavin and his younger brother Divyank. That changed when they sold their advertising technology company Media.net, with customers including Yahoo, CNN and the New York Times, to a Chinese consortium for $900 million. The all-cash deal catapulted the duo from mere millionaires into the ranks of the super-rich. "I want to make Flock bigger and better than anything I've built before," Bhavin Turakhia, wearing his signature dark Levi's T-shirt and Puma sweatpants, said at his Bangalore offices.

Slashdot Top Deals