Posts tagged ‘deception’


Facebook’s ad preferences’ page and user archive tell totally different stories about their tracking

28.03.2018

I decided there’d be no harm getting that Facebook archive since I was no longer using it. And while I didn’t see phone logs as Dylan McKay did (I only had the app for about a month or so in 2012), what I did find was entirely in line with the privacy breaches I had been accusing Facebook of for years.
   It relates to the Facebook ad preferences. In December 2016, I filed a complaint with the US Better Business Bureau over the fact that Facebook continued to compile data on your advertising preferences even after you opted out. During 2016, Facebook repopulated all my preferences not once, but multiple times, and I found a direct link between one of the advertisements it displayed in my feed and the recompiled preferences. This was the “smoking gun” the BBB asked me to find, though I never heard back from them.
   As of 2018, knowing that Facebook will not respect your opt-outs, just as Google failed to do in 2011 (and potentially for two years before that), I visited the ad preferences’ page (here’s the link to yours, if you use Facebook and are logged in) regularly to keep it empty. What the download showed was very damning: Facebook has preferences compiled on me that do not appear on its ad preferences’ page.
   Below are two screen shots, one of Facebook’s ad preferences’ page, and what is recorded in the archive. This is a direct violation of not only what the BBB says is one of its principles, it is a violation of the code advertisers subscribe to in industry bodies like the Network Advertising Initiative.



Above: Facebook’s own advertising preferences’ page, yet its user archive records something entirely different.

   The archive is also interesting in claiming what ads I have supposedly interacted with. The ad preferences’ page says I have only clicked on an ad from my Alma Mater, St Mark’s Church School. The download says otherwise, recording clicks but not describing which device. However, I can categorically state that the downloaded record is 100 per cent false. I have not only never clicked on those ads (in either Facebook or on Instagram), I have not heard of some of these organizations. It is tempting, therefore, to conclude that if this is Facebook’s record of my activity, then it is misrepresenting click activity to advertisers, which I regard as extremely dishonest. We already know Facebook lies about users that ads can reach. Even if you don’t take my word for it, then you must ask yourself why the Facebook page and the Facebook download tell two very different stories. Which is right?



It’s the same story when it comes to which advertisers I have interacted with. The second list, in the user archive, is 100 per cent false. Has Facebook lied to advertisers over click activity?

   This is not the end of it. As to which advertisers have my contact information, the ad preferences’ page say none. The download, however, says Spotify (which I have never used or downloaded), Shutterstock (whose site I have been on) and Emirates (and I am on their email list, but separately from Facebook). Again, why the two different records? And why has Facebook passed on this information to three advertisers without my consent?



Once again, when it comes to who has my contact information, Facebook tells me one story on an easily accessible page, and another one inside my user data archive. Which is true?

   While most people will be less shocked by these revelations—I realize most are quite happy for Google et al to track them around the place and feed them content to confirm their own biases—it is still a violation of trust and the principles that Facebook itself has signed up to.
   It’s another case of ‘I told you so’: something that I suspected, found some evidence for, and found even more evidence for today.
   Like the malware scanner, the subject of my blog post in 2016 and Louise Matsakis’s exposé in Wired last month, Facebook needs to come clean on why it compiles data on users who have used its own settings to opt out, why it lies to users over what those preferences are, and why it may lie to advertisers about user click activity.
   We know the answer is money. As I said in December 2016, I have no problem with Facebook making money. I just ask, as I do with any venture, that it does so honestly. Right now, even with all the data it has on us, it appears Facebook can’t even do that right.

Tags: , , , , , , , ,
Posted in business, internet, marketing, technology, USA | 2 Comments »


Is the death of expertise tied to the Anglosphere?

20.03.2018


Foreign and Commonwealth Office

Boris Johnson: usually a talented delivery, but with conflicting substance.

I spotted The Death of Expertise at Unity Books, but I wonder if the subject is as simple as the review of the book suggests.
   There’s a lot out there about anti-intellectualism, and we know it’s not an exclusively American phenomenon. Tom Nichols, the book’s author, writes, as quoted in The New York Times, ‘Americans have reached a point where ignorance, especially of anything related to public policy, is an actual virtue. To reject the advice of experts is to assert autonomy, a way for Americans to insulate their increasingly fragile egos from ever being told they’re wrong about anything. It is a new Declaration of Independence: No longer do we hold these truths to be self-evident, we hold all truths to be self-evident, even the ones that aren’t true. All things are knowable and every opinion on any subject is as good as any other.’
   I venture to say that the “death of expertise” is an Anglophone phenomenon. Head into Wikipedia, for instance, and you’ll find proof that the masses are not a good way to ensure accuracy, at least not in the English version. Head into the German or Japanese editions and you find fewer errors, and begin to trust the pages more.
   Given that many of “the people” cannot discern what is “fake news” and what is not, or who is a bot and who is not, then it’s absolutely foolhardy to propose that they also be the ones who determine the trustworthiness of a news source, as Facebook is wont to do.
   I can’t comment as much on countries I have spent less time in, but certainly in the Anglosphere, I’ve seen people advance, with confidence and self-authority, completely wrong positions, ones not backed up by real knowledge. You only need to visit some software support forums to see online examples of this phenomenon.
   When I visit Sweden, for instance, there’s a real care from individuals not to advance wrongful positions, although I admit I am limited by my own circles and the brief time I have spent there.
   It’s not so much that we don’t value expertise, it’s that the bar for what constitutes an expert is set exceptionally low. We’re often too trusting of sources or authorities who don’t deserve our reverence. And I wonder if it comes with our language.
   I’ll go so far as to say that the standing of certain individuals I had in my own mind was shattered when we were all going for the mayoralty in my two campaigns in 2010 and 2013. There certainly was, among some of my opponents, no correlation between knowledge and the position they already held in society. It didn’t mean I disliked them. It just meant I wondered how they got as far as they did without getting found out.
   Fortunately, the victor, whether you agreed with her policies or not, possessed real intelligence. The fact she may have political views at odds with yours is nothing to do with intelligence, but her own observations and beliefs. I can respect that (which is why I follow people on social media whose political views I disagree with).
   In turn I’m sure many of them disliked what I stood for, even if they liked me personally. Certainly it is tempting to conclude that some quarters in the media, appealing to the same anti-intellectualism that some of my rivals represented, didn’t like a candidate asserting that we should increase our intellectual capital and pursue a knowledge economy. No hard feelings, mind. As an exercise, it served to confirm that, in my opinion, certain powers don’t have people’s best interests at heart, and there is a distinct lack of professionalism (and, for that matter, diversity) in some industries. In other words, a mismatch between what one says one does, and what one actually does. Language as doublespeak.
   So is it speaking English that makes us more careless? Maybe it is: as a lingua franca in some areas, merely speaking it might put a person up a few notches in others’ estimation. Sandeep Deva Misra, in his blog post in 2013, believes that’s the case, and that we shouldn’t prejudge Anglophones so favourably if the quality of their thought isn’t up to snuff.
   Maybe that’s what we need to do more of: look at the quality of thought, not the expression or make a judgement based on which language it’s come in. As English speakers, we enjoy a privilege. We can demand that others meet us on our terms and think poorly when someone speaks with an accent or confuses your and you’re. It gives us an immediate advantage because we have a command of the lingua franca of business and science. It gives us the impunity to write fictions in Wikipedia or make an argument sound appealing through sound bites, hoping to have made a quick getaway before we’re found out. Political debate has descended into style over substance for many, although this is nothing new. I was saying, although not blogging, things like this 20 years ago, and my students from 1999–2000 might remember my thoughts on Tony Blair’s 1997 campaign as being high on rhetoric and light on substance. Our willingness to accept things on face value without deeper analysis, lands us into trouble. We’re fooled by delivery and the authority that is attached with the English language.
   You’ll next see this in action in a high-profile way when Facebook comes forth with more comment about Cambridge Analytica. I can almost promise you now that it won’t hold water.

Tags: , , , , , , , , , , , , , , , , , , , ,
Posted in business, culture, globalization, India, leadership, media, New Zealand, politics, publishing, Sweden, UK, USA, Wellington | 3 Comments »


Facebook and Cambridge Analytica: the signs were there for years, if one only looked

20.03.2018

Facebook’s woes over Cambridge Analytica have only prompted one reaction from me: I told you so. While I never seized upon this example, bravely revealed to us by whistleblower Christopher Wylie and reported by Carole Cadwalladr and Emma Graham-Harrison of The Guardian, Facebook has shown itself to be callous about private data, mining preferences even after users have opted out, as I have proved on more than one occasion on this blog. They don’t care what your preferences are, and for a long time changed them quietly when you weren’t looking.
   And it’s nothing new: in October 2010, Emily Steel wrote, in The Wall Street Journal, about a data firm called Rapleaf that harvested Facebook information to target political advertisements (hat tip here to Jack Martin Leith).
   Facebook knew of a data breach years ago and failed to report it as required under law. The firm never acts, as we have seen, when everyday people complain. It only acts when it faces potential bad press, such as finally ceasing, after nearly five years, its forced malware downloads after I tipped off Wired’s Louise Matsakis about them earlier this year. Soon after Louise’s article went live, the malware downloads ceased.
   Like all these problems, if the stick isn’t big enough, Facebook will just hope things go away, or complain, as it did today, that it’s the victim. Sorry, you’re not. You’ve been complicit more than once, and violating user privacy, as I have charged on this blog many times, is part of your business practice.
   In this environment, I am also not surprised that US$37,000 million has been wiped off Facebook’s value and CEO Mark Zuckerberg saw his net worth decline by US$5,000 million.
   Those who kept buying Facebook shares, I would argue, were unreasonably optimistic. The writing surely was on the wall in January at the very latest (though I would have said it was much earlier myself), when I wrote, ‘All these things should have been sending signals to the investor community a long time ago, and as we’ve discussed at Medinge Group for many years, companies would be more accurately valued if we examined their contribution to humanity, and measuring the ingredients of branding and relationships with people. Sooner or later, the truth will out, and finance will follow what brand already knew. Facebook’s record on this front, especially when you consider how we at Medinge value brands and a company’s promise-keeping, has been astonishingly poor. People do not trust Facebook, and in my book: no trust means poor brand equity.’
   This sounds like my going back to my very first Medinge meeting in 2002, when we concluded, at the end of the conference, three simple words: ‘Finance is broken.’ It’s not a useful measure of a company, certainly not the human relationships that exist within. But brand has been giving us this heads-up for a long time: if you can’t trust a company, then it follows that its brand equity is reduced. That means its overall value is reduced. And time after time, finance follows what brand already knew. Even those who tolerate dishonesty—and millions do—will find it easy to depart from a product or service along with the rest of the mob. There’s less and less for them to justify staying with it. The reasons get worn down one by one: I’m here because of my kids—till the kids depart; I’m here because of my friends—till the friends depart. If you don’t create transparency, you risk someone knocking back the wall.
   We always knew Facebook’s user numbers were bogus, considering how many bots there are on the system. It would be more when people wanted to buy advertising, and it would be less when US government panels charged with investigating Facebook were asking awkward questions. I would love to know how many people are really on there, and the truth probably lies between the two extremes. Facebook probably should revise its claimed numbers down by 50 per cent.
   It’s a very simplified analysis—of course brand equity is made up of far more than trust—and doubters will point to the fact Facebook’s stock had been rising through 2017.
   But, as I said, finance follows brand, and Facebook is fairly under assault from many quarters. It has ignored many problems for over a decade, its culture borne of arrogance, and you can only do this for so long before people wise up. In the Trump era, with the US ever more divided, there were political forces that even Facebook could not ignore. Zuckerberg won’t be poor, and Facebook, Inc. has plenty of assets, so they’re not going away. But Facebook, as we know it, isn’t the darling that it was a decade ago, and what we are seeing, and what I have been talking about for years, are just the tip of the iceberg.

Tags: , , , , , , , , , , , , , , , , , , , , , ,
Posted in branding, business, culture, internet, leadership, media, politics, technology, UK, USA | 6 Comments »


Wired’s Louise Matsakis did what no other journalist could: break the story on Facebook’s forced malware scans

24.02.2018

With how widespread Facebook’s false malware accusations were—Facebook itself claims millions were “helped” by them in a three-month period—it was surprising how no one in the tech press covered the story. I never understood why not, since it was one of many misdeeds that made Facebook such a basket case of a website. You’d think that after doing everything from experimenting on its users to intruding on users’ privacy with tracking preferences even after opting out, this would have been a story that followed suit. Peak Facebook has been and gone, so it amazed me that no journalist had ever covered this. Until now.
   Like Sarah Lacy at Pando, who took the principled stand to write about Über’s problems when no one else in the tech media was willing to, it appears to be a case of ‘You can trust a woman to get it right when no man has the guts,’ in this case social media and security writer for Wired, Louise Matsakis. I did provide Louise with a couple of quotes in her story, as did respondents in the US and Germany; she interviewed people on four continents. Facebook’s official responses read like the usual lies we’ve all heard before, going on the record with Louise with such straw-people arguments. Thank goodness for Louise’s and Wired’s reputations for getting past the usual wall of silence, and it demonstrates again how dishonest Facebook is.
   I highly recommend Louise’s article here—and please do check it out as she is the first journalist to write about something that has been deceiving Facebook users for four years.
   As some of you know, the latest development with Facebook’s fake malware warnings, and the accompanying forced downloads, is that Mac users were getting hit in a big way over the last fortnight. Except the downloads were Windows-only. Basically, Mac users were locked out of their Facebook accounts. We also know that these warnings have nothing to do with malware, as other people can sign on to the same “infected” machines without any issue (and I had asked a few of these Mac users to do just that—they confirmed I was right).
   Facebook has been blocking the means by which we can get around the forced downloads. Till April 2016, you could delete your cookies and get back in. You could also go and use a Linux or Mac PC. But steadily, Facebook has closed each avenue, leaving users with fewer and fewer options but to download their software. Louise notes, ‘Facebook tells users when they agree to conduct the scan that the data collected in the process will be used “to improve security on and off Facebook,” which is vague. The company did not immediately respond to a followup request for comment about how exactly it uses the data it collects from conducting malware checks.’ But we know data are being sent to Facebook without our consent.
   Facebook also told Louise that a Mac user might have been prompted to download a Windows program because of how malware spoofs different devices—now, since we all know these computers aren’t infected, we know that that’s a lie. Then a spokesman told Louise that Facebook didn’t collect enough information to know whether you really were infected. But, as she rightly asks, if they didn’t collect that info, why would they force you to download their software? And just what precedent is that setting, since scammers use the very same phishing techniques? Facebook seems to be normalizing this behaviour. I think they got themselves even deeper in the shit by their attempts at obfuscation.
   Facebook also doesn’t answer why many users can simply wait three days for their account to come right instead of downloading their software. Which brings me back to the database issues I discovered in 2014.
   Louise even interviewed ESET, which is one of the providers of the software, only to get a hackneyed response—which is better than what the rest of us managed, because the antivirus companies all are chatty on Twitter till you bring this topic up. Then they clam up. Again, thank goodness for the fourth estate and a journalist with an instinct for a great story.
   So please do give Louise some thanks for writing such an excellent piece by visiting her article, or send her a note via Twitter, to @lmatsakis. To think this all began one night in January 2016 …

Tags: , , , , , , , , , , , , , , , ,
Posted in internet, media, publishing, technology, USA | 2 Comments »


Why the love? Google tracks you when location services are off; Facebook allegedly listens in on conversations

23.11.2017


Above: We boarded the Norwegian Jewel yesterday—then my other half got a cruise-themed video on YouTube.

Hat tip to Punkscience for this one.
   My other half and I noted that her YouTube gave her a cruise-themed video from 2013 after we boarded the Norwegian Jewel yesterday for a visit. Punkscience found this article in The Guardian (originally reported by Quartz), where Google admitted that it had been tracking Android users even when their location services were turned off. The company said it would cease to do so this month.
   It’s just like Google getting busted (by me) on ignoring users’ opt-outs from customized ads, something it allegedly ceased to do when the NAI confronted them with my findings.
   It’s just like Google getting busted by the Murdoch Press on hacking Iphones that had the ‘Do not track’ preference switched on, something it coincidentally ceased to do when The Wall Street Journal published its story.
   There is no difference between these three incidents in 2011, 2012 and 2017. Google will breach your privacy settings: a leopard does not change its spots.
   Now you know why I bought my cellphone from a Chinese vendor.
   Speaking of big tech firms breaching your privacy, Ian56 found this link.
   It’s why I refuse to download the Facebook app—and here’s one experiment that suggests Facebook listens in on your conversations through it.
   A couple, with no cats, decided they would talk about cat food within earshot of their phone. They claim they had not searched for the term or posted about it on social media. Soon after, Facebook began serving them cat food ads.

   We already know that Facebook collects advertising preferences on users even when they have switched off their ad customization, just like at Google between 2009 and 2011.
   Now it appears they will gather that information by any means necessary.
   This may be only one experiment, so we can’t claim it’s absolute proof, and we can’t rule out coincidence, but everything else about Facebook’s desperation to get user preferences and inflate its user numbers makes me believe that the company is doing this.
   Facebook claims it can do that when you approve their app to be loaded on your phone, so the company has protected itself far better than Google on this.
   Personally, I access Facebook through Firefox and cannot understand why one would need the app. If there is a speed advantage, is it worth it?
   This sort of stuff has been going on for years—much of it documented on this blog—so it beggars belief that these firms are still so well regarded by the public in brand surveys. I’m not sure that in the real world we would approve of firms that plant a human spy inside your home to monitor your every word to report back to their superiors, so why do we love firms that do this to us digitally? I mean, I never heard that the KGB or Stasi were among the most-loved brands in their countries of origin.

Tags: , , , , , , , , , , , , , , , , ,
Posted in business, internet, technology, USA | No Comments »


After years, the tech press catches on about Facebook’s inflated user numbers

07.09.2017

In 2014, I began warning that Facebook’s user numbers were false, and I also began saying that at some point, the site would boast more people than there were online users on Earth. (In fact, I said this very thing again earlier this week, ironically on a friend’s Facebook, above.)
   I couldn’t see how the site could cite more than one thousand million users, given that by that point, the majority of the “users” I saw on the site joining my groups were bots. I made the warning again last year.
   Now that Facebook has done something about the bots, or at least put mechanisms in place where we can identify them more readily, I’ve been seeing falls in user numbers in groups.
   Finally, in 2017, the tech press catches on, even though if in 2014 you could find over 250 bots a night, you should have been suspicious of any user numbers Facebook was claiming.
   Marketwatch notes:

   Recently, Pivotal Research Group analyst Brian Wieser was intrigued by a trade publication study in Australia that said Facebook FB, +0.80% was claiming to reach 1.7 million more 16- to 39-year olds than actually existed in the country, according to Australian census data.
   In reproducing the study for the U.S., Wieser said Facebook’s Ads Manager claims it can potentially reach 41 million 18- to 24-year-olds, 60 million 25- to 34-year-olds, and 61 million 35- to 49-year-olds. The problem arises when Wieser pulls up U.S. Census data from a year ago, showing 31 million 18- to 24-year-olds, 45 million 25- to 34-year-olds, and 61 million 35- to 49-year-olds.

   Facebook’s response:

In a statement, a Facebook spokeswoman said that its estimates “are based on a number of factors, including Facebook user behaviors, user demographics, location data from devices, and other factors.”
   “They are not designed to match population or census estimates,” Facebook said.

What?
   That’s right, Facebook’s numbers are not designed to match population estimates.
   Then what on earth are they designed to match?
   This is the tip of the iceberg, because the fact the site is so overrun with bots that Facebook does nothing about could be connected to why thousands are being falsely accused of malware, and why the site regularly loses basic functions for certain users (e.g. being able to like or comment). If bots are taking up all these resources, and there must be plenty given that the user numbers are so far from reality, then where does that leave legitimate users?
   I say these problems have been going on for years, but good on Mr Wieser for blowing the lid on the made-up figures, and to Wallace Witkowski of Marketwatch for covering it finally.

Tags: , , , , , , ,
Posted in business, internet, marketing, media, technology, USA | 9 Comments »


If Facebook says you have malware, do not download their program—here’s a way around it

03.01.2016

An interesting weekend on Facebook. Despite regaining access, I’m not allowed to post links (with the accusation that my computer is infected—see above), and after considerable research, I know this to be completely untrue. The Facebook malware accusations are targeted at certain users and, from the tiny sample of four that have responded to me, we are all heavy users. Just as I theorized back in June 2014 when Facebook shut down for me for 69 hours, some of us have reached a limit on their servers.
   Boffins, and Facebook, say that that’s impossible, but there have been countless signs of that over the years. Most were recorded on Get Satisfaction before Facebook shut down that community (how convenient). Among them were things such as Facebook being unable to show me every video I had uploaded—the list began at 2011 and earlier ones were omitted—and the many occasions where I could no longer post, comment, like or share. There’s a direct parallel to my experiences on the former Vox.com, which Six Apart confirmed in 2009 and which they had no official answer for.
   What’s the best course of action if Facebook accuses you of malware and forces you to download one of their programs from Trend Micro, F-Secure or Kaspersky? Delete your cookies. Once you do that, you can regain access, though, like me, you’ll have a limited account where link-sharing is impossible. Initially, I was able to share a few links after my accessing Facebook, but it eventually became a blanket block, with the odd one getting through (two a day in my case).
   If you want to be extra-safe, run the free version of Malware Bytes. The free one won’t conflict with your existing antivirus set-up (I’m not trying to do Malware Bytes out of money), but, like the rest of us, you’ll likely discover that your system is clean.
   One woman got around this by downloading a new browser, although she was also limited on the link-posting.
   Whatever you do, do not listen to these big firms. Facebook, Google et al are, as I’ve been documenting over the years, particularly deceptive. I’ve still had to deal with the remnants of Facebook’s scan switching off McAfee, nearly two days later.
   Facebook’s apparently had many complaints about this since 2014, so I’m hardly the first to encounter it. Blaming malware for their own databasing issues is cheap, but enough people will believe it—even with my mistrust of these big Silicon Valley firms I still did their malware scan, not thinking I had a choice if I wanted to access the site again. What it really did during the scan is anyone’s guess.
   I’d rather they come clean and tell people: you are allowed x posts a day, x links a day, and x photos and videos a day. I can work around that. But if they came clean about this and the number of click-farm workers and bots plaguing the site, what will that do to their share price?
   And isn’t it ironic I can presently share more, and have more freedom of speech, on Weibo, monitored by the Chinese Communist Party?

PS.: As of the last week of April, I have had two reports that deleting cookies does not work, but switching browsers does. Facebook appears to find a way to identify you, your regular browser and your IP address together, without cookies.

P.PS.: Mid-May, and from my other thread on this topic, in the post-postscripts: ‘Andrew McPherson was hit with this more recently, with Facebook blocking the cookie-deleting method in some cases, and advises, “If you get this, you will need to change your Facebook password to something very long (a phrase will do), delete and clear your browsers cache and history, then delete your browser, then renew your IP address to a different number and then reinstall your browsers.” If you cannot change your IP address but are using a router, then he suggests refreshing the address on that. Basically, Facebook is making it harder and harder for us to work around their bug. Once again, if you sign on using a different account using the same “infected” computer, there are no problems—which means the finger of blame should remain squarely pointed at Facebook.’

P.P.PS.: June 17: as detailed at my other post, for those who might find Andrew’s method too technical, the current wisdom is to wait it out. It does appear to take days, however. Reminds me of the time Facebook stopped working for me for 69 hours in 2014. Do not download Facebook’s crap.

P.P.P.PS.: November 30: it appears waiting it out is the best option for those who don’t want to mess around under the bonnet. Shawn Picker, in the comments, says to expect a five-day wait.

P.P.P.P.PS.: May 9, 2017: On the other post on this subject on my blog, a user called David suggested modifying your headers and to fool Facebook into thinking you are using another type of device. In comment no. 66 below, Stephan confirms that it works and gives more details about it. Check it out!

P.P.P.P.P.PS.: October 24: Again in the other thread on this topic, Don Dalton found that he was able to replace his Chrome profile with an older one to bypass Facebook’s block. Have a read of his comment here.

P.P.P.P.P.P.PS.: February 18, 2018: over the last few weeks, Mac users have been getting hit hard with this fake warning, and are being offered Windows software to download (which, of course will not work). Some have reported that changing browsers gets them around this. Downloading the equivalent anti-malware program from the same provider (e.g. Eset) does nothing, since the one user I know of who has done this came up with a clean Mac—because, as we already know, the warnings are fake.

P.P.P.P.P.P.P.PS.: February 23, 2018: finally, a journalist has taken this seriously! Louise Matsakis, a writer for Wired covering the security and social media beats, has looked into the latest round of Facebook malware warnings being forced on Mac users. Facebook is still lying, in my opinion, claiming there could really have been malware (lie number one), but the company’s probably so used to saying one thing and doing another by now. Louise is right to seize upon the fact that no one knows what data are sent to Facebook during the scan. It’s a fine article, and I highly recommend it.

Tags: , , , , , , , , , ,
Posted in China, internet, technology, USA | 265 Comments »


Facebook forced me to download their anti-malware, and my own antivirus gets knocked out

02.01.2016

When Facebook says it cares about security, I laugh. Every day I see bots, spammers and click-farm workers plague the site, and despite reporting them, Facebook lets them stay. It will make a statement saying it would no longer kick off drag queens and kings, then proceed to kick off drag queens and kings. So when I was blocked last night from using Facebook on my Windows 10 computer, after using a website with a Facebook messaging plug-in, with the claim that there was malware on the system, I knew something was fishy.
   Like Google’s false malware accusationsso serious that people have lost websites over them—I knew to take this one with a massive grain of salt. However, I didn’t have a choice: in order to get in to the site, I had to download a Kaspersky malware program, and let it run. The program never appeared in my installed list in Windows. I let it run overnight, for seven hours, whereupon it was frozen at 62 per cent. Restarting the computer, I was back to square one.




Above: Doing things the Facebook way. Listening to them was bound to end in tears.


Above: There’s no sign of Kaspersky in Windows’ installed programs’ list.

   Here’s where things started getting very strange. Windows 10 began saying I had no antivirus, anti-malware, or firewall up. Normally I would use McAfee. However, no matter how many times I tried to choose it, the warnings kept coming, thick and fast. In one case, it chose Windows Defender for me—only because I decided to let it run—and would not permit me to change it back through the settings. The timing of these events was all too suspicious.
   There was a rumour, denied by Kaspersky, that it was creating malware to throw off its competitors. The jury’s still out, but it’s just odd that while Kaspersky is running its Facebook scan, of what I knew to be non-existent malware, that McAfee would be inaccessible. I went to the McAfee website to file this.



Above: While the Kaspersky scan proceeded, McAfee was knocked out and could not be switched on. Coincidence?

   Unlike most people, I have options open to me, so I began to go on to Facebook using several different methods. A VirtualBox containing XP on the same computer was fine, if incredibly slow while Kaspersky was doing its thing. (Think about Windows XP on a 386.) Lubuntu was fine as well, as was Mac OS X. I Tweeted the McAfee community link, and thought it odd that it did not appear in Facebook (I have my Twitter set up to post there). I then tried to paste the link into Facebook manually, whereupon, in Lubuntu and Mac OS, I was told that my computer was now infected with either a virus or malware. Unlike Windows, I had the option of telling them they were in error, and I was able to continue using the machines.
   This really sounds like Facebook and Kaspersky have it in for McAfee and, possibly, rival products, if the scan knocks out your choice of antivirus and anti-malware program, and if the mere mention of mcafee.com inside Facebook results in a warning box saying your computer is infected.


Above: On a Mac, I couldn’t even tell people about the post on mcafee.com. The second I did, Facebook said my computer was infected. The same thing happened on Lubuntu. Facebook accuses you of infection on the mere mention of mcafee.com.

   Eventually, the entire system froze, and while I could still move the mouse about, I couldn’t access the task bar or go to other programs.
   I was forced to do a hard reboot.
   But you’re asking now: was I ever infected? No. It’s Google all over again.
   Peter, the very knowledgeable McAfee support tech who came to my aid many years ago, was present again and put me on to two other programs after this restart. Getsusp analysed my system for malware, and, you guessed it, found nothing. Malware Bytes did the same, and found some PUPs (potentially unwanted programs), all of which I knew about, and I had intentionally installed. They’ve been present for years. In other words, two other malware scanners told me my system was clean. Malware Bytes did, however, restore McAfee as the correct antivirus program, exactly as Peter had predicted.
   He also suggested a system restore, which sadly failed, with Windows giving the reason that an antivirus program was running. Having restored this system once before (after some bad advice from Microsoft), I knew it couldn’t be McAfee. The only difference on this computer: I had had Kaspersky doing its Facebook scan. It appears that Facebook and Kaspersky don’t want you restoring your system.
   I had fixed the newer issues, but the original one remained: I couldn’t get on to Facebook. The Kaspersky scan never finishes, incidentally—you’re stuck on 62, 73 or 98 per cent—and while not having a personal Facebook is no great loss, I have businesses that have presences there.
   I stumbled across a Reddit thread where others had been forced to download antivirus programs by Facebook, and, fortunately, a woman there had found where hers resided. In my case, it was at C:\Users\USERNAME\AppData\Local\Temp\FBScanner_331840299. Deleting this, and all cookies mentioning Facebook and Kaspersky, restored my access.
   What to do if you ever come across this? My advice is to, first, run Malware Bytes, but ensure you run the free version, and do not opt for the trials. Once you’re satisfied your computer is clean, head into your cookies and delete all the Facebook ones, and any from the antivirus provider it recommends. This second Reddit thread may be helpful, too. I don’t know if this will work completely, but anything is preferable to following Facebook’s instructions and wasting your time. I really need to stop following instructions from these big firms—you’d think after all these years, I’d know better.

PS.: I found this video from last July which suggests the malware accusations have nothing to do with your computer set-up:

In addition, I cannot paste any links in Facebook. The situation began deteriorating after I regained access. Initially, I could paste and like a few things, but that facility eventually disappeared. Regardless of platform, I get the same error I did on the Mac yesterday (see screen shot above). Liking things results in the below error, and the wisdom there is to wait it out till Facebook staff get back to work on Monday.

P.PS.: Holly Jahangiri confronted the same issue as I did a few days later. She was smarter than me: she didn’t download the anti-malware malware. Have a read of her post here: other than that one difference, it’s almost play for play what happened to me for four days. She’s also rightly frustrated, as I am, by Facebook’s inaction when it’s legitimately needed.

P.P.PS.: Not only does Kaspersky delete your comment when you ask on its blog how to remove the malware scanner, they also clam up when you ask them on Twitter.

P.P.P.PS.: I’m beginning to hear that deleting cookies will not work (April 26). Facebook seems intent on having you download their suspicious junk. In those cases, people have switched to another browser.

P.P.P.P.PS.: Andrew McPherson was hit with this more recently, with Facebook blocking the cookie-deleting method in some cases, and advises, ‘If you get this, you will need to change your Facebook password to something very long (a phrase will do), delete and clear your browsers cache and history, then delete your browser, then renew your IP address to a different number and then reinstall your browsers.’ If you cannot change your IP address but are using a router, then he suggests refreshing the address on that. Basically, Facebook is making it harder and harder for us to work around their bug. Once again, if you sign on using a different account using the same “infected” computer, there are no problems—which means the finger of blame should remain squarely pointed at Facebook.

P.P.P.P.P.PS.: June 17: for those who might find Andrew’s method too technical, the current wisdom is to wait it out. It does appear to take days, however. Reminds me of the time Facebook stopped working for me for 69 hours in 2014.

P.P.P.P.P.P.PS.: January 28, 2017: David has come up with a great solution in the comments (no. 103). You can fool Facebook into thinking you are using a Mac by changing the user-agent. He suggests a Chrome Extension. I have Modify Headers for Firefox, which might work, too.

P.P.P.P.P.P.P.PS.: May 9: Stephan, on my other thread on this topic (comment no. 66), confirms that David’s solution worked and has posted a few more details, including extensions for Firefox, Safari and Chrome.

P.P.P.P.P.P.P.P.PS.: October 24: Don Dalton found that he was able to replace his Chrome profile with an older one to bypass Facebook’s block. Have a read of his comment here.

P.P.P.P.P.P.P.P.P.PS.: February 18, 2018: over the last few weeks, Mac users have been getting hit hard with this fake warning, and are being offered Windows software to download (which, of course will not work). Some have reported that changing browsers gets them around this. Downloading the equivalent anti-malware program from the same provider (e.g. Eset) does nothing, since the one user I know of who has done this came up with a clean Mac—because, as we already know, the warnings are fake.

P.P.P.P.P.P.P.P.P.P.PS.: February 18, 2018: let’s see if Wesley Shields, security engineer at Facebook, will tell us what’s going on. He’s been asking for more staff to join his malware detection team.

P.P.P.P.P.P.P.P.P.P.PS.: February 23, 2018: finally, a journalist has taken this seriously! Louise Matsakis, a writer for Wired covering the security and social media beats, has looked into the latest round of Facebook malware warnings being forced on Mac users. Facebook is still lying, in my opinion, claiming there could really have been malware (lie number one), but the company’s probably so used to saying one thing and doing another by now. Louise is right to seize upon the fact that no one knows what data are sent to Facebook during the scan. It’s a fine article, and I highly recommend it.

Tags: , , , , , , , , , , , , , , , , , ,
Posted in internet, technology, USA | 191 Comments »


Google tracks your searches, and uses them, even when your web history is turned off

22.01.2014

My dislike of Google is no secret, and, as a precaution, I have every known Google tracking setting turned off. I even block the Doubleclick and YouTube cookies. However, I have to manage a page at Google Plus—and Google cleverly tracks you through its Plus service.
   It doesn’t lie about it:

When you use our services or view content provided by Google, we may automatically collect and store certain information in server logs. This may include:

details of how you used our service, such as your search queries.

But you wonder why they bother having a web history page. My web history is turned off, but it needn’t matter: Google is still tracking me and giving me useless information.

Web history turned off

   How do I know? Its friendly Google Plus suggestion, asking me if I know a Senger Ralf:

Senger Ralf

I don’t. I run a few Facebook groups, and as most Facebook users know, the site is plagued by fake accounts. It’s not uncommon for me to need to block a dozen a day. Senger Ralf was one of the borderline cases, so after searching on DuckDuckGo, I tried Google.
   It also claims that I have downloaded 39 apps. This is BS. I logged into Google Play recently and without any move on my part, 30-plus apps started coming down. Thank goodness none of them got installed, but Google now inaccurately thinks I am into a whole bunch of useless games. A blessing in disguise, then: the less accurate the data on me, the better.
   The documentary, Terms and Conditions May Apply, is great to watch if you ever come across it. Google’s spying is revealed there, along with that of others. The documentary maker even reveals that Google covered up its original privacy policy on its site, deceptively passing off that its earliest dated from 2000, when there were ones before that. The 1999 policies, which are now on the site (Google has a habit of stopping dodgy behaviour when it is busted), included terms such as:

Google’s policy on our wholly controlled and operated Internet sites is to respect and protect the privacy of our users.

and:

From time to time, there may be situations where Google asks you for personal information. When we intend to use your personal information, we tell you up front. This way you can decide whether you want to give us the information or not. In case you change your mind or some personal information changes, we will endeavor to provide a way to correct, update or remove the personal data you give us.

Upon your first visit to Google, Google sends a “cookie” to your computer. A cookie is a file that identifies you as a unique user. It can also store personal preferences and user data. A cookie can tell us, “This is the same individual who visited Google two days ago” but it cannot tell us, “This person is Joe Smith” or even, “This person lives in the United States.”

How times have changed. (In 1999, I was a Google fan. Understandable if that was their privacy policy.) Now it tracks you when you have turned off your web history, which gives you the false impression that Google no longer looks at your searches, and it uses your name and avatar for advertising purposes, even when you have turned off Google Plus endorsements.
   It pays to be extremely wary of this firm, because it never says what it means.
   Finally, if you are a Wordpress user, and you have Google concerns, then be aware that the big G is tracking you there, too. The Wordpress dashboard uses Google fonts. The way to fix this is to download a very small plug-in called Disable Google Fonts (hat tip to Fontfeed). If you like the look of the fonts, just install them on to your own hard drive—they are open source.

Tags: , , , , , , , , ,
Posted in business, culture, internet, technology, USA | 8 Comments »


Does frictionless sharing go further than we think?

30.12.2011

Frictionless sharing on Facebook, as I understand it, works largely as described in the diagrams at Shortstack. If you want more depth, ReadWriteWeb explains it.
   But what if you have never authorized the application? In my case, I have never authorized anything from Disney or ABC. I double-checked today to see what apps I had in Facebook, and there’s no mention of anything from this corporation. I’ve nothing to hide, and the list of my authorized apps is shown below.
   If that list is accurate, how could I possibly have shared the article as the ABC News social plug-in states at left?
   My journal does not mention it, but I’ve learned to have a healthy scepticism when it comes to Facebook (or Google) and privacy.
   Is Facebook tracking us even on sites that we have never authorized, just by virtue of their having a social plug-in? If that’s the case, then this is something that I never anticipated—and it means that our understanding of frictionless sharing, and Facebook’s own assurances about it, were not accurate.

Tags: , , , , , , ,
Posted in business, internet, technology, USA | No Comments »