Top infosec trends in the social media spotlight this week
Global media coverage over the past week has revealed how 50 million Facebook accounts were used to analyze and influence voters around the world.
With #DeleteFacebook trending on Twitter and Facebook’s share price taking a tumble, Zuckerberg penned a 1,000-word post that promised, among other things, more stringent rules for third-party app developers.
Suffice to say, it’s been a terrible week for the Menlo Park social media organization, and the Cambridge Analytica saga will no doubt encourage many people to reassess the information they choose to share online.
As analysts question the long-term effects of the episode on Facebook’s market valuation, one of the more interesting points to have been raised by the whole episode is the media’s interpretation of the events.
Although many outlets (The Guardian included) ran with the ‘data breach’ line, this is not strictly true, as no systems or servers were compromised.
Perhaps Zuckerberg himself put it best when he said the data scandal represented a “breach of trust”. Unfortunately, however, many consider this to be even worse than a straightforward hack:
In the UK, electronics retailer Currys PC World has issued an apology after customers complained they were pressured into paying up to £40 in set-up fees for a new laptop:
Since January 2005, more than 100 people have contacted consumer group Which? after being told they would have to shell out more than the advertised price.
“Customers have told us they were told that only pre-setup laptops were left in the shop so they had to pay more,” Which? said.
“Currys PC World do offer an optional £35 ‘Knowhow’ setup service, as advertised on its website, which includes a USB recovery stick. But customers have reported to Which? that it wasn’t communicated as optional.”
Although 100 incidents over more than a decade represents a relatively small number of consumers, this figure relates only to the number of reports received by Which? The total number of affected customers is unknown.
After the story spread to the BBC, a number of purported former Currys PC World employees came forward on Twitter to suggest the retailer had, in the past, put pressure on its staff to upsell to customers:
In response to the allegations, a spokesperson for Currys PC World said: “We’re urgently re-briefing our stores now to remind them that, in the small number of cases where only pre-set up models are available, customers should not be charged for the service when they buy their laptop.”
In hardware news, Malwarebytes has voiced its concerns over the proliferation of a new iPhone unlocker device called GrayKey:
It can take the device anything from two hours to three days or more to crack an iPhone password. Once successful, however, third parties such as law enforcement are granted access to the full contents of the filesystem.
“The GrayKey device itself comes in two flavors,” said Malwarebytes. “The first, a $15,000 option, requires internet connectivity to work. It is strictly geo-fenced, meaning that once it is set up, it cannot be used on any other network.
“However, there is also a $30,000 option. At this price, the device requires no internet connection whatsoever and has no limit to the number of unlocks.”
Finally, a team of academics from Braunschweig University of Technology in Germany have come up with an ingenious way of explaining computer algorithms to a universal audience:
Taking inspiration from a certain Swedish flat-pack furniture company, the Idea website is pegged as an “ongoing series of nonverbal algorithm assembly instructions”.
The researchers are hoping their pictorial guide to concepts including quicksort, public-key cryptography, and AVL trees will be used by teachers, students, and curious people alike – just make sure you don’t confuse your bogo sort instructions with the assembly guide to your newly-bought Billy bookcase.