The UpStream (Page 18)

Twitter's massive hack and the poor response from the company

posted Saturday Jul 18, 2020 by Scott Ertz

Twitter's massive hack and the poor response from the company

Twitter's public perception has been dropping rapidly over the past few months, with many users abandoning the platform for alternatives. But, their public perception took its biggest hit this week when a collection of high profile accounts tweeted nearly identical Bitcoin scam posts. The affected accounts included Barack Obama, Joe Biden, Elon Musk, Jeff Bezos, Bill Gates, and more. In total, 130 accounts were affected, of which 45 were fully hijacked. The hack generated at least $120k for the hackers.

While the hack itself was newsworthy, the real story was in the way it happened and how the company responded. While the incident was happening, the company and its CEO Jack Dorsey were surprisingly quiet. It was hours after the incident became news before Dorsey addressed it in any way. This has led people to wonder just how involved in the company the CEO actually is. The company itself was equally not existent in the early hours of the hack.

While no public interaction was happening, private interaction was also quiet. This was surprising, as the company was making some big changes to the way verified accounts worked. In fact, they were making them not work. For many high profile users, the ability to tweet and access private messages was completely disabled. This was obviously done in an attempt to stop the spread of the scam, but without explanation, it produced confusion and concern about their own account's safety. Some even created new accounts to let their fans know they were unable to tweet.

However, no information of value came from the company for days. In fact, the first real information came in a blog post 3 days after the hack. In the post, it was explained that the hackers used sophisticated social engineering tactics to get the credentials for employees. Social engineering involves creating scenarios wherein those being targeted believe you are part of their circle. For some great examples, check out the song Social Engineering by nerdcore rapper ytcracker.

Once the hackers got access to the employees' credentials, they used them to access tools intended specifically for employees. Through those tools, they were able to access the affected accounts and post the scam tweets. While the company was trying to fix the problem, when they would reclaim access to an account, it would be lost again within minutes. That is what led to the shutdown of verified accounts.

As of now, the assault seems to be over, but not all functionality has been restored for all users.

Microsoft clears out the old and announces the new for Xbox's future

posted Saturday Jul 18, 2020 by Scott Ertz

Microsoft clears out the old and announces the new for Xbox's future

While the rest of the world seems to be melting down, 2020 is going to be a big year for the major gaming brands. Both PlayStation and Xbox will be launching new hardware in the coming months, and Microsoft is already preparing for that transition to the new generation of console. They also announced some of how Project xCloud will work once it comes out of beta and releases to the public.

The first and most immediate move has been for several of the current generation of Xbox consoles to be discontinued. This includes all variants of the Xbox One X and Xbox One S All-Digital Edition. Despite the fact that the Xbox Series X is not slated to release until the 2020 Holiday season, the availability of the current consoles is already depleted. The Microsoft Store and Amazon already show limited or no availability on both devices, while Best Buy shows all consoles out of stock and Wal-Mart only has them from third-party sellers for a massive markup. Some of the availability issues could be related to increased demand during the lockdown, but it could also become permanent if production has ended.

On a more positive note, the company also gave us some further clarification on the future of Project xCloud, Microsoft's Xbox game streaming service. In November, the company announced that the service would be integrated into the Game Pass family, but gave no real details about what that meant. This week, we learned that the feature will be a free addition to Xbox Game Pass Ultimate, which has been called the best deal in gaming.

The Xbox Game Pass Ultimate service currently offers a combination of Xbox Game Pass Console ($9.99), Xbox Game Pass PC ($9.99), and Xbox Live Gold ($9.99) for one price of $14.99 per month. Adding the ability to use Project xCloud (or whatever it ends up being called) will make this deal even harder to pass up. However, for those not interested in subscribing to Ultimate, there is no word what the standalone price will be, assuming it will be offered as a standalone service.

Project xCloud will be generally available and be added to the service starting in September. It promises access to "over 100 Xbox Game Pass titles." While this is a smaller selection than the available games on the other platforms, streaming rights can be difficult to secure, so it's an expected situation. The title count still exceeds the current game selection in beta and the selection available from Google's Stadia.

FCC and mobile carriers are taking on scourge of scam phone calls

posted Saturday Jul 18, 2020 by Scott Ertz

FCC and mobile carriers are taking on scourge of scam phone calls

While everyone agrees on how annoying robocalls, especially scam calls, really are, it has long seemed that there was nothing that could be done about it. However, over the last couple of years, the FCC has figured out that this scourge is within their purview and decided to try to alleviate it. The problem has been that enforcing these new rules has been difficult. The biggest fine ever levied against a medical scam ring is likely to never be collected. So, the FCC is giving more control to the carriers.

The biggest move has been the implementation of a safe harbor within the Telephone

Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act enforcement. This will allow telecom companies to block all calls "from bad-actor upstream voice service providers that pass illegal or unwanted calls along to other providers, when those upstream providers have been notified but fail to take action to stop these calls."

The safe harbor aspect refers to protection for the companies from unintended consequences from the decision. In the past, a lack of such safe harbor protection has prevented many carriers from implementing a robust approach to protecting their subscribers from illegal calls. By extending these protections, the FCC hopes that telecoms will begin to implement more stringent policies against these "bad actors" which have been identified and contacted by the FCC.

But, not all illegal calls come from these "bad actor" services. In an attempt to deal with those calls that come through larger services, such as through automated calls on standard SIM cards or VoIP services, the combined T-Mobile and Sprint have begun to roll out protections for their subscribers. T-Mobile subscribers will not get free access to the Scam Shield service, which was previously a subscription service.

The service offers some common features available through other services, such as identifying and blocking spam and scam calls and getting full caller ID information. In addition, the service gives you a proxy number. This works similarly to Google Voice, in that you get an additional phone number that you can give out that will also ring to your device. You can then dump that number if it becomes a problem. These features will go live starting on July 24, 2020. Unfortunately, Sprint customers will not get access to all of the T-Mobile capabilities just yet, but can still access the Sprint equivalent.

Twitter bans DDoSecrets for doing what WikiLeaks is known for

posted Sunday Jun 28, 2020 by Scott Ertz

Twitter bans DDoSecrets for doing what WikiLeaks is known for

Social media companies have been making strange moves in the past few weeks. Decisions seem arbitrary and inconsistent at the vest of times. Some posts from government officials advocating violence have been marked as dangerous, while others are promoted as honorable. One of the newest instances of this has been with Twitter. The company recently suspended the account of DDoSecrets, a government transparency hacker group that was making private documents available.

This group has been called the new WikiLeaks. That is likely because, during Julian Assange's absence while in a British prison, WikiLeaks has been far less active than in its past. DDoSecrets took up the mantle and has been releasing data in the absence. But, while WikiLeaks Twitter account has been unchanged, DDoSecrets account has been permanently suspended. Twitter has claimed that the suspension comes because the account violates the service's rules, saying,

We don't permit the use of our services to directly distribute content obtained through hacking that contains private information, may put people in physical harm or danger, or contains trade secrets.

Note that if you attempt to evade a permanent suspension by creating new accounts, we will suspend your new accounts. If you wish to appeal this suspension, please contact our support team.

This message was sent after the "BlueLeaks" post, releasing a massive 269 GB collection of data from law enforcement agencies across the country. In the current climate, law enforcement data is in high demand, as the vocal minority rage against the police. Why, then, would a post like this trigger Twitter to suspend the account, when equally damning and culturally relevant posts from WikiLeaks had no such response? Twitter claims that part of the move is because the site can infect users with malware, which is untrue. There is no such malware on the site. We may never know exactly what it is about DDoSecrets that has attracted the ire of Twitter.

TikTok and other apps are accessing your mobile clipboard. Why?

posted Sunday Jun 28, 2020 by Scott Ertz

TikTok and other apps are accessing your mobile clipboard. Why?

One of the new features of iOS 14 is a more honed control over the live permissions that apps receive. Among the new notifications is an alert when an app accesses your clipboard data. This has created an uproar in the Apple user community as more and more apps are discovered to be accessing the clipboard, seemingly without need. Some apps have a legitimate use for accessing the clipboard, some do it for convenience purposes, and others do it for no real reason at all. So far, 54 high profile apps are in question.

For some apps, clipboard data makes sense. An app like TrueCaller accessing the clipboard to see if you have a phone number stored can make it easier for you to check the history of that phone number. But, it could be just as easy to paste the phone number into a textbox and TrueCaller can continue to just be what it is. Other apps, like New York Times and Wall Street Journal have no reason to access the clipboard except to snoop on that content.

The original concern, and possibly the most glaring, is the controversial app TikTok. There are a number of reasons why there is great concern over the app's behavior. It is a Chinese app with strong ties to the Chinese government. It has been actively used to censor content and regularly discriminates against people the Chinese government disagrees with, such as the LGBT community. Giving the Chinese government access to additional content on your device could create a privacy issue unlike any other.

The company has said that they have already removed the clipboard access, but users are reporting that the app is still throwing notifications about clipboard access. For a platform that is so well-known for privacy violations, this is not surprising.

Nintendo to shift focus from mobile games after Animal Crossing win

posted Monday Jun 22, 2020 by Scott Ertz

Nintendo to shift focus from mobile games after Animal Crossing win

A few years ago, Nintendo made an announcement that shocked the industry: they were bringing their intellectual property to mobile devices. Nintendo has allowed games based on its characters and world on other platforms in the past but has been resistant to the idea in recent years because of the negative experiences they've had. Despite their concerns, games featuring Mario, Animal Crossing, and Pokemon have all found their way to iOS and Android devices. That era might be coming to an end if a report from Bloomberg is accurate.

The move to mobile was a surprise to many, not just because of the past licensing issues. The Switch, which is designed to be both a home and portable console, was the new face of the company. Releasing games for mobile devices could potentially undermine the uniqueness of the Switch. However, the reality of the situation turned out to be the opposite. Sales of first-party Switch games cannibalized usage and sales of the mobile titles. Most notably, the release of the most recent Animal Crossing: New Horizons destroyed usage of Animal Crossing: Pocket Camp, its mobile companion. In fact, sales of the new title have driven Nintendo's shares to a 12-year high.

With that information at hand, it makes less sense for Nintendo to split its resources developing new titles for mobile and Switch when the best-case scenario for the company is to focus on its own platform, especially if it is generating more revenue. But, it appears that the decision could have been made last year. Since Mario Kart Tour released last year, there have been no mobile games in development. Instead, it seems the company will focus on maintaining the current mobile games and developing new titles for the Switch.

Are you going to miss new mobile titles from Nintendo, or is the experience on the Switch where they should focus?

We're live now - Join us!
PLuGHiTZ Keyz

Email

Password

Forgot password? Recover here.
Not a member? Register now.
Blog Meets Brand Stats