Monthly Archives: October 2016

Efforts to Silence Trolls

Twitter on Tuesday announced yet another crackdown on abusers.

With the goal of making Twitter a safer place, it has come up with new ways to

  • Prevent the creation of new abusive accounts;
  • Make search safer; and
  • Collapse potentially abusive or low-quality tweets.

Twitter also pledged to persist in its anti-abuse endeavors, saying it would keep rolling out product changes, some more visible than others, and updating users on its progress every step of the way.

Twitter “is more vulnerable than other social media because people expect it to be their link to the world, and not just their friends,” noted Jim McGregor, a principal analyst at Tirias Research.

“People use it for news and for access to quick gossip,” he told TechNewsWorld, adding that its open-ended structure makes it an easier target for abuse.

 

Latest Offensive

Twitter will identify account owners it has suspended permanently and block them from creating new accounts.

That might be a reaction to the creation of multiple fake accounts last fall, after Twitter had suspended several accounts linked to the alt-right movement, which is known for advocating white supremacy and other extreme views.

Those suspensions came amid mounting criticism of the company’s failure to expunge harassing, racist, sexist and anti-Semitic tweets from its network.

Safe search involves filtering tweets that contain potentially sensitive content, as well as tweets from blocked and muted accounts, from search results. However, users would have other ways to search for and access those tweets.

Under the new system, potentially abusive and low-quality replies will be collapsed, although they will be available if users want to seek them out. This change will roll out in the coming weeks, Twitter said.

 

Protection or Cybergagging?

“Ultimately, determining what constitutes cyberharassent or any kind of inappropriate behavior on Twitter is a subjective undertaking,” said Michael Jude, a program manager at Stratecast/Frost & Sullivan.

“As soon as you introduce subjectivity into regulating Twitter, it loses its appeal,” he told TechNewsWorld. “One person’s freedom of speech is another person’s microaggression. Twitter’s best bet is to say, ‘Abandon all hope ye who enter here.'”

Getting around the problem of subjective judgment will be difficult, McGregor suggested. “How do you decide what’s appropriate or abusive, and what’s not? You need to have a context for the conversation and the relationship.”

Friends would couch statements in terms that might be considered inappropriate when relayed to a stranger, he pointed out. “For example, I could tweet the word ‘s**t’ to a friend in response to something he’d said or a news item we were discussing, and it would be all right.”

Using artificial intelligence to filter out potentially offending tweets isn’t going to resolve the issue, because “AI systems have to learn like humans do, and no AI solution will really work unless you have a finite number of inputs,” McGregor pointed out.

 

Twitter’s Battle Against the Trolls

Twitter in 2014 suspended several accounts for violating its rules after actor Robin Williams’ daughter Zelda publicly quit the site due to hateful tweets about her father’s tragic suicide. She later reactivated her account

Another victim, Imani Gandy, had been harassed since 2012 by someone with the handle “Assholster,” who created up to 10 different Twitter accounts a day to hurl racist invectives at her.

Container Security Platform

Windows protection tends to focus on “find the bad executable,” which makes sense in that environment because bad executables are ubiquitous in an attack, noted Capsule8’s Viega.

However, that approach doesn’t work well in a Linux environment, so Capsule8 focuses on detecting and protecting against system compromise, he told LinuxInsider.

The other typical approach in Linux is a network appliance, Viega said. However, there is not much context on the network, particularly as end-to-end encryption starts to become ubiquitous in the enterprise, so this approach doesn’t find much and leads to many spurious alerts.

“The result is that most Linux compromises either go undetected or are a surprise — companies find their data on a forum at a later date and they find they had no clue they were attacked,” he explained.

Among the most noteworthy incidents, the company cited the massive breach at Yahoo, which went undetected for years until the stolen data showed up on the Web.

While Linux-based systems present many of the same security problems as Windows-based systems, the biggest difference in attacks can be found around malware, according to Mark Nunnikhoven, vice president of cloud research at Trend Micro.

“While we do regularly see malware targeting Linux systems, it’s a more common occurrence that the malware implanted on Linux systems is there to be distributed to Windows clients connecting to that Linux system,” he told LinuxInsider.

On the defensive front, there’s a stark contrast in the amount of effort required to support the rapidly changing software on Linux platforms, Nunnikhoven pointed out.

“Given the nature of Linux and GNU, release cycles are a bit more erratic, and there’s a lot more variation that requires a mature and robust response by security providers,” he said.

 

Customer Base

Capsule8 already has signed up customers for its prerelease product, including SourceClear and Namely.

Capsule8 is the first product that supplements SourceClear’s predeployment detection with runtime threat protection for Linux systems, CEO Mark Curphey said.

There are three core principles that should guide decision making when adopting new technology, suggested Daniel Leslie, director of cybersecurity and technology at Namely. They are scalability, maintainability and security.

Protecting infrastructure at scale without sacrificing stability or performance is essential, he said.

New Virtual Reality Frontier

Regular readers will know that I’ve played games my entire life. I hold deep reverence for the care and attention that go into creating these experiences, and I’ve rarely met a game I didn’t want to conquer.

Yet I am nervous about virtual reality. I’ve tried it and found those disorientating worlds difficult to handle, though I suspect that over time I could grow more accustomed to it. I doubt I could say the same for an arcade machine that both locks me into a VR world and pelts me with physical stimuli.

Koei Tecmo Wave’s VR Sense machine is a virtual reality arcade cabinet that houses you and subjects you to what I can only imagine is sheer torture. It has what Koei Tecmo Wave calls a “3D seat,” which attempts to draw players further into the games through touch, movement, aroma, wind, and temperature and precipitation changes. It’s not completely clear as yet whether you have to wear a headset for the full VR effect.

It’s launching with three games: a horse-riding simulator, a version of Koei Tecno Wave’s Dynasty Warrior franchise (with a stab at replicating in-game flames while you swelter in your moving chair), and a horror game.

I enjoy horror titles. However, I’d be less likely to welcome a VR horror game, as I’d probably come close to having a heart attack or three. There’s next to no chance I’d ever try Horror Sense.

That’s in large part due to the game apparently mimicking bugs falling from the ceiling and critters scuttling along the floor. I have a lot of questions about this, but ultimately, I’d tear off a VR headset in a second if I thought there were bugs falling on me while playing. No thank you, ma’am.

Apps Vulnerable to WiFi Snooping

Strafach categorized another 24 iOS apps as “medium risk.” Potentially intercepted information included service login credentials and session authentication tokens for users logged onto the network.

Strafach labeled the remaining apps “high risk” because potentially intercepted information included the snatching of financial or medical services login credentials.

He did not identify the medium and high risk apps by name, in order to give their makers time to patch the vulnerability in their apps.

How concerned should users be about their security when using these apps?

“I tried to leave out anything regarding concern level, as I do not want to freak people out too much,” Strafach told TechNewsWorld.

“While this is indeed a big concern in my opinion, it can be mostly mitigated by turning off WiFi and using a cellular connection to perform sensitive actions — such as checking bank balances — while in public,” he said.

 

Man in the Middle Attack

If anything, Strafach is understating the problem, maintained Dave Jevans, vice president for mobile security products at Proofpoint.

“We’ve analyzed millions of apps and found this is a widespread problem,” he told TechNewsWorld, “and it’s not just iOS. It’s Android, too.”

Still, it likely is not yet a cause for great alarm, according to Seth Hardy, director of security research at Appthority.

“It’s something to be concerned about, but we’ve never seen it actively exploited in the wild,” he told TechNewsWorld.

What the vulnerability does is enable a classic man-in-the-middle attack. Data from the target phone is intercepted before it reaches its destination. It is then decrypted, stored, re-encrypted and then sent to its destination — all without the user’s knowledge.

To do that, an app needs to be fooled into thinking it’s communicating with a destination and not an evesdropper.

“In order for a man-in-the-middle attack to be successful, the attacker needs a digital certificate that’s either trusted by the application, or the application is not properly vetting the trust relationship,” explained Slawek Ligier, vice president of engineering for security at Barracuda Networks.

“In this case, it appears that developers are developing applications in a way that allows any certificate to be accepted,” he told TechNewsWorld. “If the certificate is issued and not expired, they’re accepting it. They’re not checking if it’s been revoked or even if it’s properly signed.”

 

Developer’s Problem

Should Apple act to weed these vulnerable apps from behind its walled garden?

“Apple should most certainly remove any of the offending apps from the App Store,” said Sam McLane, head of security engineering at Arctic Wolf.

“This is something that is relatively easy to test for and should be enforced by Apple, since the trust model starts with the Apple ecosystem being safe for people to use,” he told TechNewsWorld.

Strafach disagreed. “The setup now is exactly as it should be with regards to developer control of networking code,” he said. “Developers can do something about this problem. For affected apps, the fix is only a few lines — less than an hour tops, if that, to fix the matter in affected code.”