Interested in Infosec & Biohacking. Security Architect by profession. Love reading and running.
Understanding the Value of Privacy Via the Facebook Data Leak
“They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.”
― Benjamin Franklin
If a researcher conducted a survey asking people how important personal privacy is to them, the vast majority of respondents would reply “very important,” even though those same respondents would probably engage with social media platforms such as Facebook, Instagram, or Twitter within minutes of answering the survey.
This is the problem with the word “privacy” — a very subjective concept among us as different people look into the same problem from a different angle. Digital privacy presents a new angle. These days, we are forced to weigh either privacy or convenience and usefulness.
Social media platforms exacerbated the problem by lowering our guards on giving up part of our identity globally. Some individuals have no concern about the general public knowing intimate aspects of their lives, posting every vacation, meal, and life event to an overabundance of social media followers.
These people value digital engagement and social interaction much more precious than they value the privacy of their personal information, and for this, they are at risk of irreversible damage.
I did not pay too much attention to the leak until I saw the Facebook spokesperson’s tweet. She told Business Insider that the data was scrapped due to a vulnerability that the company patched in 2019. That means the problem is fixed, in her perspective.
I do not know much about Liz, so I would not comment on her tweet, but if she thinks a data leak is a matter that can be fixed afterward, like filling the hole on the ground, then she is missing the largest piece of the puzzle.
The Origin of the Leak
A user of a low-level hacking forum posted the records of hundreds of millions of Facebook users for free online on 3rd April 2021. This is no surprise for many of us; still, it is concerning, and some of the insight may worth mentioning not just to my friend but everyone who cherishes privacy.
According to Business Insider, the data exposed involves over 533 million Facebook users from 106 countries, including over 32 million records on users in the US, 11 million on users in the UK, and 6 million users in India. More alarming is that the records hold the following information:
- phone numbers
- Facebook IDs
- full names
- email addresses
According to Alon Gal, CTO of cybercrime intelligence firm Hudson Rock, who first discovered the leaked data in January when a user in the same hacking forum advertised an automated Telegram bot that could give phone numbers to users in exchange for money.
The Telegram bot lets users enter either a phone number to obtain their Facebook ID or visa versa. The bot’s initial results are redacted, but users can buy credits to reveal the full phone number.
Facebook said the data contained Facebook IDs created before Facebook’s fix of the contact vulnerability. Facebook also tested the bot itself against newer data and that the bot did not return any results.
Three Instant Actions to Limit Your Loss
If you are having a hard time finding the database online and check if you are on the list, it is a waste of time. The first thing you want to do is to assume your data is exposed. What is exposed is not recoverable on your side, as you never know who gained access to your data.
1# Check if You Are Over-Exposed
I often use the term “digital social distancing” to illustrate the concept of Least Privilege. Like what you are doing physically when going to the public, try keeping a distance between you and other people is the best way to avoid infection.
After you know that what is leaked, you may want to limit the exposure of yourself online from now on, check on all your social media platforms and instant message applications for personal information published.
If you think it is what you want people to know, then leave it as it be. But if you are scared something like what Facebook did this time would happen again (and it would probably will), try giving up your information on a “Need-To-Know” basis.
2# A Strong Password
Personal data could be used as something to identify who you are. If it was in the wrong hands, they could disguise you and claim what you have on your behalf without knowing it.
Protecting your identity would require stronger authentication. I strongly recommend adding a layer of security by enabling Two-Factor Authentication for your accounts.
If you think that would be too difficult to start, start with changing your password. I wrote about this earlier this year and hoped you would find it useful in the wake of this kind of hacks.
Firefox offers free services to safeguard users’ privacy. FOr example, we can use Firefox Monitor to keep tracking if our email accounts are exposed to breaches. (If that is the case, you may consider using another email to avoid spam or targeted email attacks.)
But the most recent innovative solution to prevent email exposure in the first place is interesting. It is called “Firefox Relay.”
Firefox Relay makes it easy to create aliases, randomly generated email addresses that forward to your real inbox. Use it to protect your online accounts — and your identity — from hackers.
In short, it is an easy-to-use tool to give a random email address to sign-up online. Firefox Relay would act as a middle man to pass along the messages from the random email accounts to your true email address. By that, if the sign-up website is hacked or it was originally a phishing website, your email is safe, at least.
The Three “What” During Data Sharing
When deciding on sharing personal information, there are three “What” you should consider:
1# What Personal Information Is the Company Asking For?
Some websites may only ask for basic information such as a zipcode or an email address. Still, others may ask for a phone number, home address, or personal ID number. As mentioned, if this information was stolen, you lose it forever.
2# What the Company Does With the Personal Data It Collects?
What kind of personal data is being recorded, stored, and especially shared with third parties. Many organizations frequently send customers’ data to third parties or use it to conduct targeted marketing and advertising campaigns. Take a look at the user agreement of Facebook as a reminder.
3# What is the Level of Comfort in Sharing Your Data?
There is always a risk that organizations could become victims of cyberattacks. To determine how risky associating with certain circumstances can be, please make sure to:
- Learn about your privacy rights as defined by GDPR, CCPA, and other data/ privacy regulations. Knowing your rights does not immediately make your data safer but could tell you when and how to find the organization accountable after an incident.
Final Words — The Value of Privacy
Different from our physical world, we may not be aware that data is being stolen. When digital data is “stolen,” in fact, the data is still there. All “0” and “1” can duplicate infinitely without an error. Putting this into our personal data, hackers could use the perfect copies for impersonations or phishing.
A phishing message possibly related to the Facebook leaks | Copyright by the author
One example is the message I got yesterday from a friend saying that he send me the SMS by error. But the truth is his phone number was exposed and hijacked to use as a pawn for further hacks. If I replied the SMS code to the spammer, then he/ she could gain access to my WhatsApp and send messages to my contacts.
Personal data, in a sense, is part of who you are. Although the exposed data is from 2019, it is definitely a great risk to most of us. Unlike a password, which could be changed if it was stolen, you would not change your full name if you find your data is exposed (right?).
If your biometric data, such as registered fingerprint, was stolen, then you cannot use it as your identity anymore. Why is that? Because you cannot use it to prove it is truly you if someone else also has the same attributes. That is also the reason why biometric data are mostly stored locally to prevent massive leaking.
As a result, once the personal information is exposed, you lose them forever. There is no way to take it back, and the best you can do is to use another finger for authentication and revoke the enrollment for the previous one. Keep this in mind, so you really understand the value of privacy is unique.
People think only criminals need to hide. Sadly, they do not know Privacy is our right. We do nothing wrong when we go to the bathroom or have sex. Still, we keep it private. We keep our private journals, sing in the shower, and keep secrets to ourselves as we know that privacy is a basic human need.
So hey Facebook, rather than saying you fixed the problem for us already, with the power and scale of Facebook, why don’t you take a more proactive step to help users to know what is lost and what needs to be changed?
Lastly, for those who want to check if you are exposed. Try it out at HIBP and Firefox Monitor:
Thank you for reading. May InfoSec be with you🖖.
Create your free account to unlock your custom reading experience.
George Soros Buys Millions’ Worth of Stocks Linked to Bill Hwang’s Archegos Collapse: Bloomberg
George Soros reportedly snapped up stocks that took a hit amid the collapse of Archegos Capital Management in March.
What Happened: Billionaire George Soros’ investment firm Soros Fund Management bought shares of CBS Corporation (NASDAQ:VIAC), DISCOVERY COMMUNICATIONS INC (NASDAQ:DISCA) and Baidu Inc (NASDAQ:BIDU) as these stocks were at a discount after Bill Hwang’s Archegos Capital Management collapsed, Bloomberg reports.
Soros bought $194 million in ViacomCBS shares and $77 million in Baidu shares, the report said. The firm also bought $46 million worth of Vipshop Holdings Ltd (NYSE:VIPS) shares and $34 million of Tencent Music Entertainment Group’s (NYSE:TME) shares.
A person familiar with the fund’s trading told Bloomberg that the company didn’t hold the shares before Archegos’ implosion.
Why It Matters: Hwang ran a family office that imploded in March and caused massive losses at a few big banks when Archegos couldn’t meet margin calls. Archegos had more than $20 billion of capital and total bets exceeding $100 billion.
Hwang was very successful with his family office until he began to overutilize leverage, or borrowed money, to chase higher returns in the market. The problem with this strategy comes when investments start to lose money, and the banks lending the investor money begin to get nervous and initiate margin calls.
Subsequently, shares of Archegos investments ViacomCBS, Discovery and others temporarily crashed during the Archegos unwinding.
Image Credit: CC BY 2.5, Wikimedia Commons
How one founder’s startup journey began with dropping out of school to work with Drake
This week’s episode of Found features Courtne Smith, founder of NewNew, a social app where people pay to vote on your decisions. The platform takes the concept of social polling to the next level, essentially allowing everyone to monetize their choices by turning them into a kind of social stock market where others can purchase shares to accumulate more or less decision power based on what they’re willing to spend.
Courtne’s path to NewNew was immediately preceded by the creation of Surprize, a social trivia and prize-giving app that leveraged crowdsourcing to pick and award its prizes. But long before that, the Toronto native made a bold decision — encouraged by, of all people, her pastor father — to drop out of school and go work for Drake the very outset of his career as his personal assistant.
We talked to Courtne about making that risky deviation from a relatively traditional and safe path, and about how she eventually moved on from many years of working with Drake during his rise to global success: Another counterintuitive decision to go from something that was already working out well, to pursue something unknown. Courtne tells us about her overall entrepreneurial drive, which has always stemmed from a desire to create something game-changing, and about how when it came time to attract investors for her ventures, she opted not to leverage her deep-pocketed connections and instead sought capital on the merits of her ideas alone.
We had a great time chatting with Courtne, and we hope you have just as much fun listening. And of course, we’d love if you can subscribe to Found in Apple Podcasts, on Spotify, on Google Podcasts or in your podcast app of choice. Please leave us a review and let us know what you think, or send us direct feedback either on Twitter or via email. And please join us again next week for our next featured founder.
CBDCs Are Not That Stable And May Eventually Kill Bitcoin, Says Financial Expert
In early Sunday trading, BTC prices had fallen to their lowest levels for over 11 weeks, hitting $46,700 before a minor recovery.
The last time Bitcoin dropped to these levels was at the end of February during the second major correction of this ongoing rally. A rebound off that bottom sent prices above $60K for the first time in the two weeks that followed.
Later today, Bitcoin is going to close another weekly candle. In case the candle closes at those levels, this will become the worst weekly close since February 22nd, when BTC ended the week at $45,240, according to Bitstamp. Two weeks ago the weekly candle closed at $49,200, which the current lowest week close since February.
Second ‘Lower Low’ For Bitcoin
This time around, things feel slightly different and the bearish sentiment is returning to crypto-asset markets. Since its all-time high of $65K on April 14, Bitcoin has made a lower high and has now formed a second lower low on the daily chart, which is indicative of a larger downtrend developing.
Analyst ‘CryptoFibonacci’ has been eyeing the weekly chart which also suggests the bulls could be running out of steam.
$BTC Weekly Chart.
— CryptoFibonacci (@CryptoFib) May 15, 2021
The move appears to have been driven by Elon Musk again with a tweet about Bitcoin’s energy consumption on May 13. Bitcoin’s fear and greed index has dropped to 20 – ‘extreme fear’ – its lowest level since the March 2020 market crash. At the time of press, BTC was trading at just under $48,000, down 4% over the past 24 hours.
Market Cap Shrinks by $150B
As usual, the move has initiated a selloff for the majority of other cryptocurrencies resulting in around $150 billion exiting the markets over the past day or so.
The total market cap has declined to $2.3 trillion after an all-time high of $2.5 trillion on May 12. Things are still high on the long term view but losses could accelerate rapidly if the bearish sentiment increases.
Not all crypto assets are correcting this weekend, and some have been building on recent gains to push even higher – although they are few in number.
Those weekend warriors include Cardano which has added 4.8% on the day to trade at $2.27 according to Coingecko. ADA hit an all-time high on Saturday, May 15 reaching $2.36, a gain of 54% over the past 30 days.
Ripple’s XRP is also seeing a resurgence with a 13% pump on the day to flip Cardano for the fourth spot. XRP is currently trading at $1.58 with a market cap of $73 billion. The only other two cryptocurrencies in the green at the time of writing are Stellar and Solana, gaining 3.7% and 12% respectively.
You Might Also Like:
Coinsmart. Beste Bitcoin-Börse in Europa
VIVO Clinic Unveils New Travel Information Portal
Leading PCR test provider VIVO Clinic has launched a travel information portal to assist with international trips to and from the UK.
BIRMINGHAM, England, May 16, 2021 /PRNewswire/ — During the pandemic, travel has been severely restricted. Now that the Government has launched a traffic light system designation for every country, UK residents are once again beginning to book holidays for the future.
The travel information portal is a comprehensive resource that provides relevant travel information in one place.
Travellers can browse countries based on the current traffic light designation and live popularity.
When viewing specific countries, travellers can see:
- Which tests are required before, during, and after their trip
- Current restrictions in that country
- Weather, currency conversion, and time difference
- Up to date Covid-19 statistics for that location
- Flight and hotel availability
Commenting on the new system, Will Andrews, CTO at VIVO Clinic says: “International travel is set to bounce back in a big way, but understanding current restrictions and requirements can be confusing, and planning a trip can involve a time-consuming slog through many resources.”
The system automatically aggregates hundreds of data sources to provide information for 330 countries.
“We are incredibly proud of our travel information portal and hope that it will simplify international travel so customers can book trips confidently and safely.”
0333 305 8486
Covid-19 Travel Portal
Travel information portal on iPad
Build a cognitive search and a health knowledge graph using AWS AI services
‘Destroy Sandcastles’ in Fortnite Locations Explained
Shiba Inu: Know How to Buy the New Dogecoin Rival
Meme Coins Craze Attracting Money Behind Fall of Bitcoin
Valve launches Supporters Clubs, allows fans to directly support Dota Pro Circuit teams
Sentiment Flippening: Why This Bitcoin Expert Doesn’t Own Ethereum
Texas House Passes Bill that Recognizes Crypto Under Commercial Law
American Airlines Continues To Build Up Its Core Hub Strategy
Reuters: American Airlines adds stops to two flights after pipeline outage
Duet Protocol closes first-round funding at US$3 million
Pending Data Protection and Security Laws At-A-Glance: APAC
Onestream: Data analysis, AI tools usage increased in 2021
QAN Raises $2.1 Million in Venture Capital to Build DeFi Ecosystem
Rally Expected To Stall For China Stock Market
NSAV ANNOUNCES LAUNCH OF VIRTUABROKER’S PROPRIETARY CRYPTOCURRENCY PRICE SEARCH FEATURE
Facebook’s Diem Enters Crypto Space With Diem USD Stablecoin
Video: s1mple – MVP of DreamHack Masters Spring 2021
HDI Announces Voting Results for Annual General and Special Meeting
Next Dimension Podcast – Pico Neo 3, PSVR 2, HTC Vive Pro 2 & Vive Focus 3!
TiMi Studios partners with Xbox Game Studios to bring a “new game sensory experience” to players
PR Newswire1 week ago
Polystyrene Foam Market worth $32.2 billion by 2026 – Exclusive Report by MarketsandMarkets™
Aviation1 week ago
What Happened To Lufthansa’s Boeing 707 Aircraft?
Aviation1 week ago
JetBlue Hits Back At Eastern Airlines On Ecuador Flights
Blockchain1 week ago
Launch of Crypto Trading Team by Goldman Sachs
Cyber Security1 week ago
How to Become a Cryptographer: A Complete Career Guide
Blockchain1 week ago
Yieldly announces IDO
AR/VR1 week ago
Apple is giving a laser company that builds some of its AR tech $410 million
Aviation1 week ago
United Airlines Uses The Crisis To Diversify Latin American Network
Blockchain1 week ago
SecuX Cryptocurrency Hardware Wallet – Surfing the Convenience on a military-level Security Chip
Blockchain1 week ago
Crypto.com Now Enabling Cosmos’ Inter-Blockchain Communication Functionality for Cross-Chain Transfers
Blockchain1 week ago
SEC Chairman Says Crypto Markets Need Regulations to Prevent Fraud
Blockchain1 week ago
Charted: Ripple (XRP) Turns Green, Here’s Why The Bulls Could Aim $2