San Francisco, Oct 9 (AP/UNB) — Google is shutting down its long-shunned Plus social network for consumers, following its disclosure of a flaw discovered in March that could have exposed some personal information of up to 500,000 people.
The announcement came in a Monday blog post , which marked Google's first public description of the privacy bug.
Google deliberately avoided disclosing the problem at the time, in part to avoid drawing regulatory scrutiny and damaging its reputation, according to a Wall Street Journal story that cited anonymous individuals and documents.
The Mountain View, California, company declined to comment on the Journal's report, and didn't fully explain in its blog post why it held off on revealing the bug until Monday.
The Google Plus flaw could have allowed up to 438 external apps to scoop up user names, email addresses, occupations, genders and ages without authorization. The company didn't find any evidence that any of the personal information affected by the Plus breach was misused.
The timeline laid out by Google indicates the company discovered the privacy lapse around the same time that Facebook was under fire for a leak in its far more popular social network. Facebooks' breakdown exposed the personal information of as many as 87 million of its users to Cambridge Analytica, a data mining firm affiliated with President Donald Trump's 2016 campaign.
Congress summoned CEO Facebook CEO Mark Zuckerberg to be grilled about his company's privacy issues in April.
Google CEO Sundar Pichai recently declined to an invitation to travel to Washington to testify before the Senate about foreign governments' manipulation of online services to sway U.S. political elections. His absence incensed some lawmakers, who left an empty chair for Google alongside the Twitter and Facebook executives who appeared before the Senate committee in September.
"With this breach announcement, the empty seat bearing Google's name just became a lot hotter," said Mike Chapple, an associate professor of information technology, analytics and operations at the University of Notre Dame.
Pichai went to Washington to mend political fences with lawmakers in late September and agreed to participate in a White House roundtable on technology that President Trump intends to attend. He also will appear in House hearings after the midterm elections in November.
Google has a strong incentive to position itself as a trustworthy guardian of personal information because, like Facebook, its financial success hinges on its success to learn about the interests, habits and location of its users in order to sell targeted ads.
The desire to peer into people's lives is one of the reasons that Google launched Plus in 2011. It was supposed to be a challenger to Facebook's social network, which now has more than 2 billion users. But Plus flopped and quickly turned into a digital ghost town, prompting Google to start de-emphasizing it several years ago.
But the company kept it open long enough to cause an embarrassing privacy gaffe that could give Congress an excuse to enact tighter controls on data collection.
"Every data mishap strengthens the bipartisan case for Congress to take action on data protection," said Jonathan Mayer, an assistant professor at Princeton University who formerly worked in the Federal Communications Commission's enforcement bureau.
Europe began to impose tougher online privacy regulations in May. Those rules also include disclosure requirements for data breaches. Those rules don't apply to the Plus problem because Google discovered it before they took effect.
Houston, Oct 3 (AP/UNB) — A human trafficking survivor from Texas sued Facebook this week, alleging the social media platform provides human traffickers an unrestricted way to "stalk, exploit, recruit, groom ... and extort children into the sex trade."
The lawsuit was filed Monday in Houston against Facebook, the shuttered classifieds site Backpage.com and the owners of two Houston hotels.
The suit seeks at least $1 million in damages on behalf of a woman identified as "Jane Doe," who was 15 years old when she was sexually assaulted in 2012 after being allegedly targeted and recruited by a sex trafficker on Facebook.
Facebook did not immediately return an email seeking comment on Tuesday. An attorney for Dallas-based Backpage.com didn't immediately return a phone call.
According to the lawsuit, Facebook should be held liable for the conduct of sex traffickers because the social media site has become the "first point of contact between sex traffickers and these children. Facebook not only provides an unrestricted platform for these sex traffickers to target children, but it also cloaks the traffickers with credibility."
Annie McAdams, an attorney for the woman who filed the suit, said her client was befriended by another Facebook user who gained her trust and promised her a job as a model.
But, McAdams said, the other person forced her into sex trafficking within hours of meeting her. She was raped and beaten by people who had paid the trafficker, the attorney said.
McAdams alleged Facebook has not done enough to ensure that users aren't able to hide their identities from unsuspecting minors who may be targets of traffickers or to warn minors of the dangers posed by traffickers and how they can operate online.
"It was not just because a pimp did something that Jane Doe was trafficked. That pimp is not able to traffic Jane Doe unless Facebook allowed him access to her," McAdams said.
The lawsuit comes after President Donald Trump in April signed a new law aimed at curbing sex trafficking. The law weakens a legal shield for online services that host abusive content, including sex trafficking.
The legislation was focused more on classified-ad sites like Backpage.com, which had claimed they aren't the publisher of questionable content but are merely transmitting posts by others.
Backpage.com was shut down by federal authorities earlier this year after the company's co-founders and other employees were arrested in what authorities say was a scheme to publish ads for sexual services, some of which involved children.
"Facebook has the technology to be able to potentially develop algorithms to look for the indicators and the red flags of potential (trafficking) exploitation and abuse," said Tony Talbott, director of Abolition Ohio, a University of Dayton group that works to combat human trafficking.
Maya Simek, co-director of the Human Trafficking Law Clinic and a lecturer at Case Western Reserve University's School of Law in Cleveland, points to a lack of ID verification and a lack of advertisements or other outreach efforts to offer help for victims as some of the problems social media sites face in combating human trafficking.
"I don't think they're doing as much as could be done," Simek said.
Talbott said he thinks the Houston lawsuit will have a difficult time proving that Facebook knowingly facilitated sex trafficking, as the company could show that traffickers are simply exploiting the site.
New York, Sep 29 (AP/UNB) — For users, Facebook's revelation of a data breach that gave attackers access to 50 million accounts raises an important question: What happens next?
For the owners of the affected accounts, and of another 40 million that Facebook considered at risk, the first order of business may be a simple one: sign back into the app. Facebook logged everyone out of all 90 million accounts in order to reset digital keys the hackers had stolen — keys normally used to keep users logged in, but which could also give outsiders full control of the compromised accounts.
Next up is the waiting game, as Facebook continues its investigation and users scan for notifications that their accounts were targeted by the hackers.
What Facebook knows so far is that hackers got access to the 50 million accounts by exploiting three distinct bugs in Facebook's code that allowed them to steal those digital keys, technically known as "access tokens." The company says it has fixed the bugs.
Users don't need to change their Facebook passwords, it said, although security experts say it couldn't hurt to do so.
Facebook, however, doesn't know who was behind the attacks or where they're based. In a call with reporters on Friday, CEO Mark Zuckerberg — whose own account was compromised — said that attackers would have had the ability to view private messages or post on someone's account, but there's no sign that they did.
"We do not yet know if any of the accounts were actually misused," Zuckerberg said.
The hack is the latest setback for Facebook during a tumultuous year of security problems and privacy issues . So far, though, none of these issues have significantly shaken the confidence of the company's 2 billion global users.
This latest hack involved bugs in Facebook's "View As" feature, which lets people see how their profiles appear to others. The attackers used that vulnerability to steal access tokens from the accounts of people whose profiles came up in searches using the "View As" feature. The attack then moved along from one user's Facebook friend to another. Possession of those tokens would allow attackers to control those accounts.
One of the bugs was more than a year old and affected how the "View As" feature interacted with Facebook's video uploading feature for posting "happy birthday" messages, said Guy Rosen, Facebook's vice president of product management. But it wasn't until mid-September that Facebook noticed an uptick in unusual activity, and not until this week that it learned of the attack, Rosen said.
"We haven't yet been able to determine if there was specific targeting" of particular accounts, Rosen said in a call with reporters. "It does seem broad. And we don't yet know who was behind these attacks and where they might be based."
Neither passwords nor credit card data was stolen, Rosen said. He said the company has alerted the FBI and regulators in the United States and Europe.
Jake Williams, a security expert at Rendition Infosec, said he is concerned that the hack could have affected third party applications.
Williams noted that the company's "Facebook Login" feature lets users log into other apps and websites with their Facebook credentials. "These access tokens that were stolen show when a user is logged into Facebook and that may be enough to access a user's account on a third party site," he said.
Facebook confirmed late Friday that third party apps, including its own Instagram app, could have been affected.
"The vulnerability was on Facebook, but these access tokens enabled someone to use the account as if they were the account-holder themselves," Rosen said.
News broke early this year that a data analytics firm once employed by the Trump campaign, Cambridge Analytica, had improperly gained access to personal data from millions of user profiles. Then a congressional investigation found that agents from Russia and other countries have been posting fake political ads since at least 2016. In April, Zuckerberg appeared at a congressional hearing focused on Facebook's privacy practices.
The Facebook bug is reminiscent of a much larger attack on Yahoo in which attackers compromised 3 billion accounts — enough for half of the world's entire population. In the case of Yahoo, information stolen included names, email addresses, phone numbers, birthdates and security questions and answers. It was among a series of Yahoo hacks over several years.
U.S. prosecutors later blamed Russian agents for using the information they stole from Yahoo to spy on Russian journalists, U.S. and Russian government officials and employees of financial services and other private businesses.
In Facebook's case, it may be too early to know how sophisticated the attackers were and if they were connected to a nation state, said Thomas Rid, a professor at the Johns Hopkins University. Rid said it could also be spammers or criminals.
"Nothing we've seen here is so sophisticated that it requires a state actor," Rid said. "Fifty million random Facebook accounts are not interesting for any intelligence agency."
New York, Sept 28 (AP/UNB) - Facebook on Friday said it recently discovered a security breach affecting nearly 50 million user accounts.
The hack is the latest setback for Facebook during a year of tumult for the global social media service.
In a blog post , the company says hackers exploited its "View As" feature, which lets people see what their profiles look like to someone else. Facebook says it has taken steps to fix the security problem and alerted law enforcement.
To deal with the issue, Facebook reset some logins, so 90 million people have been logged out and will have to log in again. That includes anyone who has been subject to a "View As" lookup in the past year.
Facebook says it doesn't know who is behind the attacks or where they're based.
News broke early this year that data analytics firm that once worked for the Trump campaign, Cambridge Analytica, had gained access to personal data from millions of user profiles. Then a congressional investigation found that agents from Russia and other countries have been posting fake political ads since at least 2016. Facebook CEO Mark Zuckerberg appeared at a Congressional hearing over Facebook's privacy policies in April.
In a call with reporters on Friday, Zuckerberg said that the company doesn't know yet if any of the accounts that were hacked were misused.
Facebook has more than 2 billion users worldwide. The company said people do not need to change their Facebook passwords, but anyone having trouble logging on should visit the site's help center . Those who want to log out can visit the "Security and Login" section of their settings, which lists the places that people are logged into Facebook. It has a one-click option of logging out of all locations.
Ed Mierzwinski, the senior director of consumer advocacy group U.S. PIRG, said the breach was "very troubling."
"It's yet another warning that Congress must not enact any national data security or data breach legislation that weakens current state privacy laws, preempts the rights of states to pass new laws that protect their consumers better, or denies their attorneys general rights to investigate violations of or enforce those laws," he said in a statement.
Dhaka, Sept 25 (UNB) – Facebook authorities have selected Bangladeshi entrepreneur Razib Ahmed as fellow of its ‘Community Leadership Program’ for his group ‘Search English’ where members help each other to become more fluent in English.
Razib Ahmed, former president of the e-Commerce Association of Bangladesh (e-CAB), will receive a grant of US$ 50,000 for further development of the project.
The tech giant on Monday said it has selected five people into its ‘Community Leadership Program’ as leaders in residence, and more than 100 people as fellows and youth participants from 6,000 applicants from around the world.
The social media giant is giving upto $1 million to each leader in residence to fund their community projects, and up to $50,000 to every fellow and youth participant.
The group was founded in June 2016 with the slogan “Learn English to Change Life” by Razib Ahmed along with Abul Khayer, Neyamot Ullah and SM Mehdi Hasan. At present the group has more than 1.6 million users.
“This recognition will not only motivates us but also will help us to reach more people to help learning English,” ‘Search English’ co-founder Abul Khayer told UNB while expressing their joy.
“We want to spread our programme to every village of the country will participation of more than 10 million users,” he added.
Using this platform hundreds of people not only secure jobs but also improve their English skills in both educational and personal grounds, he further said.
The programme has three main components: an educational curriculum designed around leadership development, strategic community engagement and technical skills, financial support for offline community building activities and help and guidance from community building experts, Facebook leaders and other participants.
Earlier in last year, Facebook Business, an official page of the social media giant, has released a video featuring the achievements of a Bangladeshi public group ‘Search English’.
In August 2017, a four-member team from Facebook’s Singapore headquarters had come to Dhaka to meet the founders of the group and its members. The video was made with the interviews of Razib and several other members.
The page published the nearly two-minute video on October 25, with a caption that said the founder of the “Search English” group is helping over 360,000 people in Bangladesh improve their English skills and confidence on Facebook.