Security researchers are warning of the newest Facebook threat, something they’re calling “likejacking,” a Facebook-enabled clickjacking attack that tricks users into clicking links that mark the clicked site as one of your Facebook “likes.” These likes then show up on your profile and, of course, in your Facebook News Feed where your friends can see the link and click it, allowing the vicious, viral cycle to continue.
According to security firm Sophos, hundreds of thousands of users have already fallen for this new “likejacking” trick thanks to the clever and tantalizing linkbait the spammers use to entice people to click their links. For example:
What’s your children’s privacy worth? Should they be subjected to fingerprinting just to take out a library book? That’s the question parents at a school in the UK are grappling with.
From the Telegraph:
Under the scheme, pupils swipe a bar code inside the book they want borrow then press their thumb on to a scanner to authorise the loan. Books are returned in the same way.The scheme is being trialled on junior classes at Higher Lane Primary in Whitefield, Bury, Greater Manchester.
iPhone hacker, author, and data forensics expert Jonathan Zdziarski, aka. “NerveGas”, revealed a major privacy issue with the iPhone on a webcast yesterday. He disclosed that every time a user pushes the Home button on the iPhone it takes a screenshot of whatever you are doing at that moment. This is done so that Apple can create that cool, page disappearing animation they have. The problem is that these screenshots are saved and can be recovered using basic iPhone forensic techniques like the ones that Zdziarski writes about in his new book.
If Google is the Borg, Google Toolbar is the Terminator: just when you think you’ve killed it, it comes right back to murderize the Sarah Connor that is your privacy. What a creepy move.
Ben Edelman ran a few tests with the Google Toolbar, and found that, yes, Google keeps tracking your browsing even after you politely ask it not to. They also make it easy to enable certain tracking features and much more difficult to disable the same.
Edelman also found that Google’s disclosures have gotten worse over time, to the point of being downright duplicitous:
The Rapidshare Christmas logo. How utterly Christmassy of them.
The popular Germany-based file hosting service RapidShare has allegedly begun handing over user information to record labels looking to pursue illegal file-sharers. The labels appear to be making use of paragraph 101 of German copyright law, which allows content owners to seek a court order to force ISPs to identify users behind specific IP addresses. Though RapidShare does not make IP information public, the company appears to have given the information to at least one label, which took it to an ISP to have the user identified.