I Almost Fell For It!

If you fell for this, here’s what happened. Your Google password is owned. You’ve installed software that probably also controls your computer and owns your other passwords.

I don’t want to hurt myself patting my own back, but I’m pretty good at sniffing out scams. Today I came perilously close to falling for one. Bravo to the scammers. You’re getting better.

It started with an email from a friend I haven’t spoken to in a long time. Actually, the email said I had a message from her via Whats App. I have Whats App installed, but don’t use it.

So far, plausible.

We-missed-you---geoff.fox-gmail

I clicked the green “Play” button and was asked to sign in to my Gmail account. Again, this is something that happens… but I don’t give up my password easily. I looked closely and noticed the password page didn’t have a green lock next to it.

Bad sign!

Gmail (and Facebook and Twitter) always have a green lock. The green lock assures you the connection is secure and from the company listed.

Gmail-w1920-h1400

I continued to log in but with a phony password. I wanted to see where this led.

YouTube-w1920-h1400

Next screen was an install page for Flash. If the flashing red lights weren’t already going off, this would do it!

If you fell for this, here’s what happened. Your Google password is owned. You’ve installed software that probably also controls your computer and owns your other passwords.

I opened up the web pages. They’re reasonably well written code. All the images are served from their rightful owners websites. In other words, Google, Twitter and Whats App (among others) are paying for the bandwidth to run this scam!

How the hell did this get past Gmail’s filters? At least it didn’t get past mine.

You’re Getting More Secure

IMAG1400In case you don’t read the geek press, everything you touch digitally will soon have new encryption schemes built in. That lessens the chance anyone but you will ever see your stuff.

It’s the new world where JLa’s pics stay private.

But everyone knows it’s really about keeping the government out.

Apple and Google’s next operating systems are toughened against spying. It’s my understanding Apple is removing a ‘feature’ iPhones now have which enabled much of this.

More and more websites are https not http. They’ve added layers of encryption. Your transactions are hidden from prying eyes.

Businesses have been hurt by government’s massive spying efforts. Cloud companies, meaning Google, Amazon and a bunch of others, need to reassure nervous clients in our global economy. This is a sector where US companies have had great success.

Businesses and people want to flesh out ideas without later answering for early notes. We should be allowed to think in private.

In the end, by spying too invasively, the NSA and others made their own jobs more difficult. Is this how checks and balances work in the 21st Century? Maybe. Probably.

Facebook Goes After Click-bating

Whoa! Facebook is taking a positive step, or so it seems. They’re trying to diminish the influence of “click-baiting.”

I’ll let Facebook explain.

“Click-baiting” is when a publisher posts a link with a headline that encourages people to click to see more, without telling them much information about what they will see. Posts like these tend to get a lot of clicks, which means that these posts get shown to more people, and get shown higher up in News Feed.

You know the ones. Any head which includes, “You won’t believe,” “Unbelievable,” “Caught on camera,” or “The most…” gets on the list.

The trailblazer here was probably the Facebook scam with a suggestive photo and “You won’t believe what her father did after…”

Buzzfeed does this a lot. “21 Questions All Insanely Hot People Are Tired Of Answering.” Like I need them to tell me!

The first problem with click-bait is it’s unsatisfying to the person who clicks. That’s you!

Second, bad hyped content drives good content out. Is TLC still The Learning Channel? Does MTV play music? Did Larry the Cable Guy host a show on the History Channel? Schlock sells.

Google’s search algorithm changes have helped limit the reach of spammy content farms. Maybe Facebook’s change will seal-the-deal?

Your Privacy And The Free Internet

facebook-logoThis started as a comment on Facebook. I was asked about the new Facebook messenger. It’s been installed twice on my phone, uninstalled once, probably coming out again. Too invasive. Tentacles… Too… Tight…

We live in amazing times. The power of the world is at our fingertips. You have access to more information from more sources than any human before you. And the price of admission is cheap.

Google has never sent you a bill. Facebook doesn’t charge. Neither do Twitter, Instagram or Reddit.

All these companies and many more make their living selling access to you. The ads you see online are usually targeted. The better they define you, the more they charge.

If you aren’t paying, you’re not the customer, you’re the product. That is more true today than ever.

All these companies store vast tidbits of your life, connecting things you might not see as important. Using Boolean algebra (and other techniques too dweeby for me) data mining companies find markers that link similar persons. No piece is too small. Everything is evaluated. The details of your life have been graded and sorted. You have been objectified.

Google and others know your real friends, your passwords, the pet names spouses call each other, what you buy and where, even your taste in porn. Their computers have no trouble identifying my face in photos.

We all spend the day dropping breadcrumbs.

The power of these systems is you’re never an individual to them–but is that good for you? Don’t you see yourself as individual? We are already pushed into cubbyholes without a say in the process.

What do you or don’t you get in life because their incorrect classification is within an anticipated margin of error! A job? Better loan rate? Who knows?

Data miners live with little regulation. Their power is too strong to not politely police. At the very least we should be able to check what they know about us, the inferences drawn and to whom our data’s been sold.

Right now we’re entitled to nothing.

Ballmer? Really?

The NBA gets another schmuck as an owner. I see Ballmer behind Microsoft’s failure to innovate over the past few years. Even worse, I see his mean spirited imprint on most everything Microsoft has done.

Steve BallmerIt looks like the Clippers will go quickly. Published reports says Steve Ballmer, who recently left as CEO of Microsoft after seeing the writing on the wall, will pay $2,000,000,000. That’s an impressive number. Now I understand why Windows costs so much.

Donald Sterling, disgraced current owner, gets to laugh all the way to the bank. The value of his team seems to have doubled over the past few weeks. He can buy new friends.

The NBA gets another schmuck as an owner. I see Ballmer behind Microsoft’s failure to innovate over the past few years. Even worse, his mean spirited imprint is on most everything Microsoft has done recently.

But let me allow Steve to speak for himself. On the iPhone:

“There’s no chance that the iPhone is going to get any significant market share. No chance.”

Of Google’s Eric Schmidt:

“F**king Eric Schmidt is a f**king pussy. I’m going to f**king bury that guy, I have done it before, and I will do it again. I’m going to f**king kill Google.”

On Apple’s Macbooks:

“Apple gained about one point, but now I think the tide has really turned back the other direction.”

And, on business in general:

“That doesn’t mean nobody else ever thought about it, but ‘How do you make money?’ was what I got hired to do. I’ve always thought that way.”

After a friend posted this sale on Twitter, I replied, “Until Sterling, he was my most despised CEO.”

Good luck to all of us.

We Are Doing Security Wrong

My friend’s email password was compromised. Is he the weakest link? Possibly, though recent personal experience shows he may have been sold out by the companies he deals with.

One of my former co-workers wrote me this morning under the subject: “VERY URGENT!!!!!Help & a favor.”

I really hope you get this fast. I could not inform anyone about our trip, because it was impromptu. we had to be in Turkey for Tour.

OK — it didn’t come from my friend. It was just made to look like he is writing.

i will be indeed very grateful if i can get a short term loan from you ($2,600). this will enable me sort our hotel bills and get my sorry self back home.

I didn’t follow up. Had I replied I would have been led to send the money via Western Union in a way that’s untraceable.

These emails go out because people fall for them!

passwordMy friend’s email password was compromised. Is he the weakest link? Possibly, though recent personal experience shows he may have been sold out by the companies he deals with.

Yesterday eBay asked me to reset my password because of their security problems. This follows Target’s faux pas which led to our credit cards being reissued (and the hassle that followed).

Companies screw up, but I’m obligated to help clean their mess.

In most cases, if a hacker gets hold of your email account he’s got everything! Passwords can be reissued and ownership of a specific email account is all the ID you need!

This is crazy.

Google and a few others have begun offering 2-step verification to cut back on fraud. I tried Google’s offer and switched back. It was an incredible hassle.

Passwords were good protection when the Internet was young and its users mostly trustworthy. That’s no longer the case. We live our lives online. We need a better way.