Tim Berners-Lee tells FastCompany about his radical new plan to upend the World Wide Web

This week, Tim Berners-Lee, ”inventor of the World Wide Web”, will launch Inrupt. It’s mission is to turbocharge a broader movement afoot, among developers around the world, to decentralize the web and take back power from the forces that have profited from centralizing it.

On his screen, there is a simple-looking web page with tabs across the top: Tim’s to-do list, his calendar, chats, address book. He built this app–one of the first on Solid–for his personal use. It is simple, spare. In fact, it’s so plain that, at first glance, it’s hard to see its significance. But to Berners-Lee, this is where the revolution begins. The app, using Solid’s decentralized technology, allows Berners-Lee to access all of his data seamlessly–his calendar, his music library, videos, chat, research. It’s like a mashup of Google Drive, Microsoft Outlook, Slack, Spotify, and WhatsApp.

The difference here is that, on Solid, all the information is under his control. Every bit of data he creates or adds on Solid exists within a Solid pod–which is an acronym for personal online data store. These pods are what give Solid users control over their applications and information on the web. Anyone using the platform will get a Solid identity and Solid pod. This is how people, Berners-Lee says, will take back the power of the web from corporations.

“We are not talking to Facebook and Google about whether or not to introduce a complete change where all their business models are completely upended overnight. We are not asking their permission.”
Game on.

https://www.fastcompany.com/90243936/exclusive-tim-berners-lee-tells-us-his-radical-new-plan-to-upend-the-world-wide-web

You Gave Facebook Your Number For Security. They Used It For Ads.

Two-Factor Authentication Is Not The Problem

First, when a user gives Facebook their number for security purposes—to set up 2FA, or to receive alerts about new logins to their account—that phone number can become fair game for advertisers within weeks. (This is not the first time Facebook has misused 2FA phone numbers.)

But the important message for users is: this is not a reason to turn off or avoid 2FA. The problem is not with two-factor authentication. It’s not even a problem with the inherent weaknesses of SMS-based 2FA in particular. Instead, this is a problem with how Facebook has handled users’ information and violated their reasonable security and privacy expectations.

https://www.eff.org/deeplinks/2018/09/you-gave-facebook-your-number-security-they-used-it-ads

Google wants to get rid of URLs but doesn’t know what to use instead

Their complexity makes them a security hazard; their ubiquity makes replacement nigh impossible.

Sometimes URLs are explicitly typed by users; other times they’re opaque and hidden behind hyperlinks. Some URLs are good for sharing, others aren’t. Sometimes they’re shown on devices with abundant screen space, other times they’re so cramped that only a fragment of the URL can ever be seen.

https://arstechnica.com/gadgets/2018/09/google-wants-to-get-rid-of-urls-but-doesnt-know-what-to-use-instead/

IDN homograph attack

An example of an IDN homograph attack; the Latin letters ”e” and ”a” are replaced with the Cyrillic letters ”е” and ”а”.

The internationalized domain name (IDN) homograph attack is a way a malicious party may deceive computer users about what remote system they are communicating with, by exploiting the fact that many different characters look alike (i.e., they are homographs, hence the term for the attack, although technically homoglyph is the more accurate term for different characters that look alike). For example, a regular user of example.com may be lured to click a link where the Latin character ”a” is replaced with the Cyrillic character ”а”.

This kind of spoofing attack is also known as script spoofingUnicode incorporates numerous writing systems, and, for a number of reasons, similar-looking characters such as Greek Ο, Latin O, and Cyrillic О were not assigned the same code. Their incorrect or malicious usage is a possibility for security attacks.

https://en.wikipedia.org/wiki/IDN_homograph_attack

Google Secretly Tracks What You Buy Offline Using Mastercard Data

Over a week after Google admitted the company tracks users’ location even after they disable location history, it has now been revealed that the tech giant has signed a secret deal with Mastercard that allows it to track what users buy offline.

Google has paid Mastercard millions of dollars in exchange to access this information.

Neither Google nor Mastercard has publicly announced the business partnership over allowing Google to measure retail spending, though the deal has now been disclosed by Bloomberg.

https://thehackernews.com/2018/09/google-mastercard-advertising.html

What’s your trustworthiness according to Facebook? Find out!

Your reputation is 0 or 1

In an interview with the Washington Post, the product manager who is in charge of fighting misinformation at Facebook, said that one of the factors the company uses to determine if you’re spreading “fake news”, is a so-called “trustworthiness score”. (Users are assigned a score of 0 or 1.) In addition to this score, Facebook apparently also uses many other indicators to judge its users. For example, it takes into account if you abuse the option to flag messages.

What’s your trustworthiness according to Facebook? Find out!

Oksanen: Kraftig ökning av politiska botar i valrörelsen visar FOI-rapport

Nu finns det siffror på det som flera tidigare sagt sig märka av i valrörelsen. Antalet politiska botar som tycker till på Twitter har ”ökat markant de senaste veckorna” skriver FOI i rapporten ”Botar och det svenska valet”.

För de som inte vet vad Twitter är så kan det beskrivas som en mikroblogg där man kan skriva upp till 240 tecken. En bot är ett datorprogram som skickar vidare budskap automatiserat, de kan vara alltifrån väldigt enkla och uppenbara till mer sofistikerade som uppträder människolikt.

Botarna används för att påverka debatten. Det kan ske genom att förstärka budskap, men också för att förvirra, sprida falska nyheter och polarisera.
FOI-studien konstaterar att botarna länkar mer till högerextrema sajter än vad ”genuina” konton gör. Stödet för SD är också 40 procent högre från botarna.

https://www.helahalsingland.se/artikel/opinion/ledare/oksanen-kraftig-okning-av-politiska-botar-i-valrorelsen-visar-foi-rapport

Dark Patterns: When Companies Use Design to Manipulate You

“Dark patterns” are designs that deliberately trick you into doing what a company wants. This can take all kinds of forms, from MoviePass not canceling people’s accounts to installers putting crapware on your machine.

-/-

at one point even closing the window offering the update would prompt the installation. A lot of people ended up accidentally installing Windows 10 because of this one, which makes sense: it was almost impossible to tell how to opt out.

https://www.howtogeek.com/363484/dark-patterns-when-companies-use-design-to-manipulate-you/

FBI: BUSINESS E-MAIL COMPROMISE: THE 3.1 BILLION DOLLAR SCAM

BEC is defined as a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.

Most victims report using wire transfers as a common method of transferring funds for business purposes

https://www.ic3.gov/media/2016/160614.aspx

CheckShortURL

CheckShortURL is an expand link facility: it allows you to retrieve the original URL from a shortened link before clicking on it and visiting the destination. We provide furthermore information about unshortened URL such as title, description, keywords and author of the page. It also checks if the original URL is on search engines, Twitter, and lets you know if the hidden link is safe or not.CheckShortURL supports almost all URL shortening services:
t.co, goo.gl, bit.ly, amzn.to, tinyurl.com, ow.ly, youtu.be and many others!

https://www.checkshorturl.com/