Internet Security

The real risk of Facebook’s Libra coin is crooked developers

Everyone’s worried about Mark Zuckerberg controlling the next currency, but I’m more concerned about a crypto Cambridge Analytica. Today Facebook announced Libra, its forthcoming stablecoin designed to let you shop and send money overseas with almost zero transaction fees. Immediately, critics started harping about the dangers of centralizing control of tomorrow’s money in the hands…


Everyone’s worried aboutMark Zuckerberg controlling the next currency, but I’m more concerned about a crypto Cambridge Analytica.

Today Facebook announced Libra, its forthcoming stablecoindesigned to let you shop and send money overseas with almost zero transaction fees. Immediately, critics started harping about the dangers of centralizing control of tomorrow’s money in the hands of a company with a poor track record of privacy and security.

Facebook anticipated this, though, and created a subsidiary called Calibra to run its crypto dealings and keep all transaction data separate from your social data. Facebook shares control of Libra with 27 other Libra Association founding members, and as many as 100 total when the token launches in the first half of 2020. Each member gets just one vote on the Libra council, so Facebook can’t hijack the token’s governance even though it invented it.

With privacy fears and centralized control issues at least somewhat addressed, there’s always the issue of security. Facebook naturally has a huge target on its back for hackers. Not just because Libra could hold so much value to steal, but because plenty of trolls would get off on screwing up Facebook’s currency. That’s why Facebook open-sourced the Libra Blockchain and is offering a prototype in a pre-launch testnet. This developer beta plus a bug bounty program run in partnership with HackerOne is meant to surface all the flaws and vulnerabilities before Libra goes live with real money connected.

Yet that leaves one giant vector for abuse of Libra: the developer platform.

Facebook announces Libra cryptocurrency: All you need to know

“Essential to the spirit of Libra . . . the Libra Blockchain will be open to everyone: any consumer, developer, or business can use the Libra network, build products on top of it, and add value through their services. Open access ensures low barriers to entry and innovation and encourages healthy competition that benefits consumers,” Facebook explained in its white paper and Libra launch documents. It’s even building a whole coding language called Move for making Libra apps.

Apparently Facebook has already forgotten how allowing anyone to build on the Facebook app platform and its low barriers to “innovation” are e

Read More

Be the first to write a comment.

Leave a Reply

Internet Security

Twitter admits it used two-factor phone numbers and emails for serving targeted ads

Twitter has said it used phone numbers and email addresses, provided by users to set up two-factor authentication on their accounts, to serve targeted ads. In a disclosure Tuesday, the social media giant said it did not know how many users were impacted. The issue stemmed from the company’s tailored audiences program, which allows companies…


Twitterhas said it used phone numbers and email addresses, provided by users to set up two-factor authentication on their accounts, to serve targeted ads.

In a disclosure Tuesday, the social media giant said it did not know how many users were impacted.

The issue stemmed from the company’s tailored audiences program, which allows companies to target advertisements against their own marketing lists, such as phone numbers and email addresses. But Twitter found that when advertisers uploaded their marketing lists, it matched Twitter users to the phone numbers and email addresses users submitted to set up two-factor authentication on their account.

The issue was addressed as of September 17, the disclosure said.

Two-factor authentication is an important security feature that makes it far more difficult for hac

Read More

Continue Reading
Internet Security

Messaging app Kik shuts down as company focuses on Kin, its cryptocurrency

Updated with comment from Kik Kik Interactive CEO Ted Livingston announced today that the company is shutting down Kik Messenger to focus on its cryptocurrency Kin, the target of a lawsuit filed by the Securities and Exchange Commission. The company’s team will be reduced to 19 people, a reduction that will affect more than 100…


Updated with comment from Kik

KikInteractive CEO Ted Livingston announced today that the company is shutting down Kik Messenger to focus on its cryptocurrency Kin, the target of a lawsuit filed by the Securities and Exchange Commission. The company’s team will be reduced to 19 people, a reduction that will affect more than 100 employees, as it focuses on converting more Kin users into buyers.

“Instead of selling some of our Kin into the limited liquidity that exists today, we made the decision to focus our current resources on the few things that matter most,” Livingston wrote in a blog post, adding that the changes will reduce the company’s burn rate by 85%, enabling it to get through the SEC trial.

In an email to TechCrunch, a company spokesperson said “We can confirm that the Kik Messenge

Read More

Continue Reading
Internet Security

This game uses troll tactics to teach critical thinking

The best medicine against online disinformation is an informed society that’s thinking critically. The problem is there are no shortcuts to universal education. Enter Finnish Public Broadcasting Company, Yle, which is hoping to harness the engagement power of gamification to accelerate awareness and understanding of troll tactics and help more people spot malicious internet fakes.…


The best medicine against online disinformation is an informed society that’s thinking critically. The problem is there are no shortcuts to universal education.

Enter Finnish Public Broadcasting Company, Yle,which is hoping to harness the engagement power of gamification to accelerate awareness and understanding of troll tactics and help more people spot malicious internet fakes. It has put together an online game, called Troll Factory, that lets you play at being, well, a hateful troll. Literally.

The game begins with a trigger warning that it uses “authentic social media content” that viewers may find disturbing. If you continue to play you’ll see examples of Islamophobic slogans and memes that have actually been spread on social media. So the trigger warning is definitely merited.

The game itself takes the form of a messaging app style conversation on a virtual smartphone in which you are tasked by the troll factory boss to whip up anti-immigrant sentiment. You do this by making choices about which messages to post online and the methods used to amplify distribution.

Online disinformation tactics intended to polarize public discourse which are depicted i

Read More

Continue Reading
Internet Security

Police hijack a botnet and remotely kill 850,000 malware infections

In a rare feat, French police have hijacked and neutralized a massive cryptocurrency mining botnet controlling close to a million infected computers. The notorious Retadup malware infects computers and starts mining cryptocurrency by sapping power from a computer’s processor. Although the malware was used to generate money, the malware operators easily could have run other…


In a rare feat, French police have hijacked and neutralized a massive cryptocurrency mining botnet controlling close to a million infected computers.

The notorious Retadup malware infects computers and starts mining cryptocurrency by sapping power from a computer’s processor. Although the malware was used to generate money, the malware operators easily could have run other malicious code, like spyware or ransomware. The malware also has wormable properties, allowing it to spread from computer to computer.

Since its first appearance, the cryptocurrency mining malware has spread across the world, including the U.S., Russia, and Central and South America.

According to a blog post announcing the bust, security firm Avast confirmed the operation was successful.

The security firm got involved after it discovered a design flaw in the malware’s command and control server. That flaw, if properly exploited, would have “allowed us to remove the malware from its victims’ computers” without pushing any code to victims’ computers, the researchers said.

The exploi

Read More

Continue Reading