New research from the UK shows just how easy it is to identify the authors of tweets using metadata.
In polarising news last week, EU MEPs voted to re-examine controversial changes to copyright law, with some internet advocates warning that the digital fabric of society itself could be altered forever. Here’s how every member state voted.
Over at Facebook, the company confirmed that blocked users were able to see some content posted by people who had blocked them. 800,000 users were affected by the bug, which was active between 29 May and 5 June.
Following a report at the beginning of July into the practice of third-party developers accessing Gmail messages, Google issued a statement dispelling some rumours and explaining how users can become more aware of what they are signing up for. Some detractors say it is a company’s job to ensure customers are conscious of what they are actually agreeing to when they sign up for services.
Your private Twitter account could still give you away
The ubiquity of metadata in today’s world is something not everyone is aware of, but a new paper by researchers at the Alan Turing Institute and University College London (UCL) shows just how many digital breadcrumbs we drop behind us, particularly on Twitter.
The researchers used tweets and the associated metadata to identify any single user in a group of 10,000 at an astonishing 96.7pc accuracy rate.
Beatrice Perez of UCL told Wired that people assume metadata does not pose an immediate privacy risk. “People think it’s not a big deal. But, couple it with another piece of information and I know when you’re home or not.”
Metadata types gleaned from tweets and analysed through machine-learning algorithms included number of favourites, Twitter followers and time published. Obfuscating the datasets didn’t make it much harder for researchers to identify even completely anonymous accounts.
Polar Flow revealed locations of spies and military workers
Polar Flow is an app that tracks the activity data of millions of users, who use the public activity tracking records to post their workouts on the Explore map feature. Even when set to private, a user’s fitness activity can easily track where they live.
ZDNet reported that Polar Flow’s developer API could be improperly queried to surface workout route activity, which is exactly what Dutch investigators found. Nuclear storage staff, intelligence agents and missile silo guards were all spotted via the bug during the in-depth examination. The app’s parent company, Polar, has since taken the map offline.
This incident is similar to the Strava app problem from earlier this year. Many are saying that increased digital trails mean espionage is becoming more fraught than ever before.
Uganda clamps down on VPNs
The internet has become a lot more restricted in Uganda, as the country’s communications authority has ordered telecoms firms to tax or block virtual private networks (VPNs). People are increasingly relying on the VPNs to avoid paying new taxes on social media that were enforced in an effort to curb “gossip”.
The tax has been slammed by human rights groups as a draconian effort to remove the right to freedom of expression in the country.
Cryptocurrency fans using Macs are a target for new malware
People who enjoy chatting about all things cryptocurrency on Slack or Discord channels are being targeted by a malware strain dubbed ‘OSX.Dummy’, according to Dark Reading.
The social engineering attack sends a false request from someone pretending to be a group admin, asking the naive victim to run a long command in a terminal window and ignore a file being downloaded to their machine. Once this is done, a hacker in the Netherlands has successfully hijacked their Mac.
Security researcher Ryan Benson explained that many people have jumped on the digital currency bandwagon who may not have the technology savvy necessary to sense a pretty simple attack such as this.