Digital Trends: Your ‘Do Not Track’ tool might be helping websites track you, study says. “Millions of people are using ‘Do Not Track’ tools which do nothing, according to a recent study done by Forrester Research. The ‘Do Not Track’ features embedded in popular browsers are being ignored, opening up the possibility of consumers having their browsing information picked up by specific ads on the web.”
Security & Legal Issues
Security & Legal issues and news. May be about patches, hacks, or court decisions.
Ars Technica: Already facing an uphill misinformation fight, Facebook loses to scammers, too
Ars Technica: Already facing an uphill misinformation fight, Facebook loses to scammers, too. “Responding to critics in the US Congress and elsewhere who say Facebook isn’t doing enough to stop the flow of disinformation, the social network in recent days has purged hundreds of accounts it found were designed to sway elections, sow social division, and prop up ruthless governments. The focus has left an opening for scammers who routinely use Facebook to send unsuspecting users to fraudulent dating sites.”
Dating app for Trump loners commits YUGE blunder: It leaks more than the West Wing (The Register)
The Register: Dating app for Trump loners commits YUGE blunder: It leaks more than the West Wing. “A much-hyped dating site for Donald Trump supporters in the US is being blasted for shoddy security that may have exposed all of its users to eavesdropping and account theft.”
ZDNet: Pentagon discloses card breach
ZDNet: Pentagon discloses card breach. “Pentagon official said on Friday that the Department of Defense had suffered a security breach thanks to a third-party contractor. An investigation is still underway, so the exact details haven’t been made public, but according to an Associated Press report, a DOD official said that roughly 30,000 DOD military and civilian personnel are believed to be affected. This number is expected to grow as the Pentagon’s investigation continues.”
Mashable: Popular e-card site has a bug that lets anyone access user photos
Mashable: Popular e-card site has a bug that lets anyone access user photos. “Card Factory, a popular UK-based greeting card business, stores some of its customers’ data in an insecure way, letting anyone access their photos with an incredibly simple URL trick. The site was notified about the issue on October 8 and hasn’t fixed it or alerted its customers about it in a week, Mashable has learned.”
The National Interest: Why Cyberattacks on America’s Elections and Infrastructure Are Here to Stay
The National Interest: Why Cyberattacks on America’s Elections and Infrastructure Are Here to Stay. “Nations have been in the business of interfering in other nations’ elections since the beginning of recorded history. Since cyber-meddling in other countries’ electoral processes is also now well established, and there appear to be a variety of means and incentives to engage in cyber-meddling, what, if anything, can be done to discourage it? Imposing sanctions on Russia has not proven to be particularly effective, illustrating the relative powerlessness countries have to keep other countries from engaging in cyber-election meddling. Doing so could be rendered somewhat less effective by seeking to reduce or counter its influence on electoral debates by swiftly exposing and/or ignoring them. That is largely what occurred during the 2017 French election.”
ZDNet: Around 62% of all Internet sites will run an unsupported PHP version in 10 weeks
ZDNet: Around 62% of all Internet sites will run an unsupported PHP version in 10 weeks. “According to statistics from W3Techs, roughly 78.9 percent of all Internet sites today run on PHP. But on December 31, 2018, security support for PHP 5.6.x will officially cease, marking the end of all support for any version of the ancient PHP 5.x branch.”
