• +598 29008192
  • info@servinfo.com.uy

Archivo del Autor: Belen De Leon

Why you need to use a password manager

Getty Images

If you thought passwords will soon be dead, think again. They’re here to stay — for now. Passwords are cumbersome and hard to remember — and just when you did, you’re told to change it again. And sometimes passwords can be guessed and are easily hackable.

Nobody likes passwords but they’re a fact of life. And while some have tried to kill them off by replacing them with fingerprints and face-scanning technology, neither are perfect and many still resort back to the trusty (but frustrating) password.

How do you make them better? You need a password manager.

What is a password manager?

Think of a password manager like a book of your passwords, locked by a master key that only you know.

Some of you think that might sound bad. What if someone gets my master password? That’s a reasonable and rational fear. But assuming that you’ve chosen a strong and unique, but rememberable, master password that you’ve not used anywhere else is a near-perfect way to protect the rest of your passwords from improper access.

Password managers don’t just store your passwords — they help you generate and save strong, unique passwords when you sign up to new websites. That means whenever you go to a website or app, you can pull up your password manager, copy your password, paste it into the login box, and you’re in. Often, password managers come with browser extensions that automatically fill in your password for you.

And because many of the password managers out there have encrypted sync across devices, you can take your passwords anywhere with you — even on your phone.

Why do you need to use one?

Password managers take the hassle out of creating and remembering strong passwords. It’s that simple. But there are three good reasons why you should care.

Passwords are stolen all the time. Sites and services are at risk of breaches as much as you are to phishing attacks that try to trick you into turning over your password. Although companies are meant to scramble your password whenever you enter it — known as hashing — not all use strong or modern algorithms, making it easy for hackers to reverse that hashing and read your password in plain text. Some companies don’t bother to hash at all! That puts your accounts at risk of fraud or your data at risk of being used against you for identity theft.

But the longer and more complex your password is — a mix of uppercase and lowercase characters, numbers, symbols and punctuation — the longer it takes for hackers to unscramble your password.

The other problem is the sheer number of passwords we have to remember. Banks, social media accounts, our email and utilities — it’s easy to just use one password across the board. But that makes “credential stuffing” easier. That’s when hackers take your password from one breached site and try to log in to your account on other sites. Using a password manager makes it so much easier to generate and store stronger passwords that are unique to each site, preventing credential stuffing attacks.

And, for the times you’re in a crowded or busy place — like a coffee shop or an airplane — think of who is around you. Typing in passwords can be seen, copied and later used by nearby eavesdroppers. Using a password manager in many cases removes the need to type any passwords in at all.

Which password manager should you use?

The simple answer is that it’s up to you. All password managers perform largely the same duties — but different apps will have more or relevant features to you than others.

Anyone running iOS 11 or later — which is most iPhone and iPad users — will have a password manager by default — so there’s no excuse. You can sync your passwords across devices using iCloud Keychain.

For anyone else — most password managers are free, with the option to upgrade to get better features.

If you want your passwords to sync across devices for example, LastPass is a good option. 1Password is widely used and integrates with Troy Hunt’s Pwned Passwords database, so you can tell if (and avoid!) a password that has been previously leaked or exposed in a data breach.

Many password managers are cross-platform, like Dashlane, which also work on mobile devices, allowing you to take your passwords wherever you go.

And, some are open source, like KeePass, allowing anyone to read the source code. KeePass doesn’t use the cloud so it never leaves your computer unless you move it. That’s much better for the super paranoid, but also for those who might face a wider range of threats — such as those who work in government.

What you might find useful is this evaluation of five password managers, which offers a breakdown by features.

Like all software, vulnerabilities and weaknesses in any password manager can make put your data at risk. But so long as you keep your password manager up to date — most browser extensions are automatically updated — your risk is significantly reduced.

Simply put: using a password manager is far better for your overall security than not using one.

Check out our full Cybersecurity 101 guides here.

Source: TechCrunch

Two-factor authentication can save you from hackers

Getty Images

If you find passwords annoying, you might not like two-factor authentication much. But security experts say it’s one of the best ways to protect your online accounts.

Simply put, two-factor authentication adds a second step in your usual log-in process. Once you enter your username and password, you’ll be prompted to enter a code sent as a text message or an email, or sometimes as a push notification on your phone.

In all, it usually only adds a few extra seconds to your day.

Two-factor authentication (sometimes called “two-step verification”) combines something you know — your username and password, with something you have — such as your phone or a physical security key, or even something you are — like your fingerprint or another biometric, as a way of confirming that a person is authorized to log in. You might not have thought much about it, but you do this more than you think. Whenever you withdraw money from an ATM, you insert your card (something you have) and enter your PIN (something you know) — which tells the bank that it’s you. Even when you use your bank card on the internet, often you still need something that you know — such as your ZIP or postal code.

Having a second step of authentication makes it so much more difficult for a hacker or a thief to break into your online accounts.

Why is two-factor important?

Gone are the days where your trusty password can protect you. Even if you have a unique password for every website you use, there’s little in the way to stop malware on your computer (or even on the website!) from scraping your password and using it again. Or, if someone sees you type in your password, they can memorize it and log in as you.

Don’t think it’ll happen to you? So-called “credential stuffing” or brute-force attacks can make it easy for hackers to break in and hijack people’s online accounts in bulk. That happens all the time. Dunkin’ Donuts, Warby Parker, GitHub, AdGuard, the State Department — and even Apple iCloud accounts have all fallen victim to credential-stuffing attacks in recent years. Only two-factor accounts are protected from these automated log-in attacks.

Two-factor also protects you against phishing emails. If someone sends you a dodgy email that tries to trick you into logging in with your Google or Facebook username and password to a fake site, for example, two-factor can still protect you. Only the legitimate site will send you a working two-factor code.

Enabling two-factor is a good start, but it’s not a panacea. As much as it can prevent hackers from logging in as you, it doesn’t mean that your data stored on the server is protected from hackers breaching a server elsewhere, or a government demanding that the company turns over your data.

And some methods of two-factor are better than others. As you’ll see.

The best way to two-factor your accounts

Let’s get something out of the way real quick. Even if you want to go all-out and secure your accounts, you’ll quickly realize many sites and services just don’t support two-factor. You should tell them to! You can see if a website supports two-factor here.

But as credential-stuffing attacks rise and data breaches have become a regular occurrence, many sites and services are doing everything they can to protect their users.

There are four main types of two-factor authentication, ranked in order of effectiveness:

A text message code: The most common form of two-factor is a code sent by SMS. It doesn’t require an app or even a smartphone, just a single bar of cell service. It’s very easy to get started. But two-factor by text message is the least secure method. These days, hackers can easily exploit weaknesses in the phone networks to steal SMS two-factor codes. Because SMS messages aren’t encrypted, they can also just leak. More recently, researchers found that this can be done on a massive scale. Also, if your phone is lost or stolen, you have a problem. A text message code is better than not using two-factor at all, but there are far more secure options.

An authenticator app code: This works similarly to the text message, except you’ll have to install an app on your smartphone. Any time you log in, you’ll get a code sent to your app. There are many authenticator apps to choose from, like Authy, Duo, and Google Authenticator. The difference here is that they are sent over an HTTPS connection, making it near-impossible for anyone to snoop in and steal the code before you use it. But if you lose your phone or have malware on your phone — especially Android devices — those codes can be stolen once they arrive on your device.

A biometric: Smile! You’re on camera. Often, in industrial or enterprise settings, you’ll be asked for your biometrics, such as facial recognition, an iris scan or, more likely, a fingerprint. These usually require specialized hardware (and software) and are less common. A downside is that these technologies can be spoofed — such as cloning a fingerprint or creating a 3D-printed head.

A physical key: Last but not least, a physical key is considered the strongest of all two-factor authentication methods. Google said that it hasn’t had a single confirmed account takeover since rolling out security keys to its staff. Security keys are USB sticks that you can keep on your keyring. When you log in to your account, you are prompted to insert the cryptographically unique key into your computer and that’s it. Even if someone steals your password, they can’t log in without that key. And phishing pages won’t work because only the legitimate sites support security keys. These keys are designed to thwart even the smartest and most resourceful attackers, like nation-state hackers.

There are several security keys to choose from: Google has its Advanced Protection Program for high-risk users, like politicians and journalists, and its Google Titan key for everyone else. But many security experts will say Yubikey is the gold standard of security keys. There are a few things to note. Firstly, not many sites support security keys yet, but most of the major companies do — like Microsoft, Facebook, Google and Twitter. Usually, when you set up a physical key, you can’t revert to a text message code or a biometric. It’s a security key, or nothing. A downside is that you will have to buy two — one as a backup — but security keys are inexpensive. Also, if one is stolen, there’s no way to determine your account from the key itself. But, if you lose them both, you might be done for. Even the company that stores your data might not be able to get you back into your account. So, be careful and keep one safe.

That’s what you need to know. You might want to create a checklist of your most valuable accounts, and begin switching on two-factor authentication starting with them. In most cases, it’s straightforward — but you can always head to this website to learn how to enable two-factor on each website. You might want to take an hour or so to go through all of your accounts — so put on a pot of coffee and get started.

You should see two-factor as an investment in security: a little of your time today, to save you from a whole world of trouble tomorrow.

Check out our full Cybersecurity 101 guides here.

Source: TechCrunch

How to protect your cell phone number and why you should care

Getty Images

Assuming you have your strong passwords in place and your two-factor authentication set up, you think your accounts are now safe? Think again. There’s much more to be done.

You might think your Social Security or bank account numbers are the most sensitive digits in your life. Nowadays, hackers can do far more damage with little effort using just your cell phone number. But unlike your Social Security number, you’re far less likely to keep your cell phone number a secret — otherwise nobody can contact you!

Whether you’re an AT&T, Verizon, Sprint or T-Mobile customer, every cell phone number can be a target for hackers. And it takes remarkably little effort to wreak havoc to your online life.

Why you need to protect your phone number

Your cell phone number is a single point of failure.

Think about it. You use your cell phone number all the time. You use it when you sign up to sites and services, and sometimes you’ll use it to log into an app or a game on your phone. Your phone number can be used to reset your account if you forget your password. And, you use it for two-factor authentication to securely login to your accounts.

If someone steals your phone number, they become you — for all intents and purposes. With your phone number, a hacker can start hijacking your accounts one by one by having a password reset sent to your phone. They can trick automated systems — like your bank — into thinking they’re you when you call customer service. And worse, they can use your hijacked number to break into your work email and documents — potentially exposing your employer up to data theft.

Just think of every site and service that has your phone number. That’s why you need to protect your phone number.

How do hackers steal cell phone numbers?

It’s easier than you might think. Phone numbers can be found anywhere – thanks in part to so many data breaches.

Often, hackers will find the cell phone number of their target floating around the internet (or from a phone bill in the garbage), and call up their carrier impersonating the customer. With a few simple questions answered — often little more than where a person lives or their date of birth, they ask the customer service representative to “port out” the phone number to a different carrier or a SIM card.

That’s it. As soon as the “port out” completes, the phone number activates on an attacker’s SIM card, and the hacker can send and receive messages and make calls as if they were the person they just hacked.

In most cases, the only sign that it happened is if the victim suddenly loses cell service for no apparent reason.

From there, it’s as simple as initiating password resets on accounts associated with that phone number. Facebook, Gmail, Twitter — and more. A hacker can use your hijacked phone number to steal all of your cryptocurrency, take over your vanity Instagram username or maliciously delete all of your data.

You can read what happened to TechCrunch’s own John Biggs when his phone number was hijacked.

In the worst cases, it can be difficult or impossible to get your phone number back — let alone the accounts that get broken into. Your best bet is to make sure it never happens in the first place.

What you can do to protect your phone number

Just like you can apply two-factor authentication to your online accounts, you can add a secondary security code to your cell phone account, too.

You can either call up customer services or do it online. (Many feel more reassured by calling up and talking to someone.) You can ask customer service, for example, to set a secondary password on your account to ensure that only you — the account holder — can make any changes to the account or port out your number.

Every carrier handles secondary security codes differently. You may be limited in your password, passcode or passphrase, but try to make it more than four to six digits. And make sure you keep a backup of the code!

For the major carriers:

If your carrier isn’t listed, you might want to check if they employ a similar secondary security code to your account to prevent any abuse. And if they don’t, maybe you should port out your cell phone number to a carrier that does.

Check out our full Cybersecurity 101 guides here.

Source: TechCrunch

How to browse the web securely and privately

Getty Images

So you want to browse the web securely and privately? Here’s a hard truth: it’s almost impossible.

It’s not just your internet provider that knows which sites you visit, it’s also the government — and other governments! And when it’s not them, it’s social media sites, ad networks or apps tracking you across the web to serve you specific and targeted ads. Your web browsing history can be highly personal. It can reveal your health concerns, your political beliefs and even your porn habits — you name it. Why should anyone other than you know those things?

Any time you visit a website, you leave a trail of data behind you. You can’t stop it all — that’s just how the internet works. But there are plenty of things that you can do to reduce your footprint.

Here are a few tips to cover most of your bases.

A VPN can help hide your identity, but doesn’t make you anonymous

You might have heard that a VPN — or a virtual private network — might keep your internet traffic safe from snoopers. Well, not really.

A VPN lets you create a dedicated tunnel that all of your internet traffic flows through — usually a VPN server — allowing you to hide your internet traffic from your internet provider. That’s good if you’re in a country where censorship or surveillance is rife or trying to avoid location-based blocking. But otherwise, you’re just sending all of your internet traffic to a VPN provider instead. Essentially, you have to choose who you trust more: your VPN provider or your internet provider. The problem is, most free VPN providers make their money by selling your data or serving you ads — and some are just downright shady. Even if you use a premium VPN provider for privacy, they can connect your payment information to your internet traffic, and many VPN providers don’t even bother to encrypt your data.

Some VPN providers are better than others: tried, tested — and trusted — by security professionals.

Services like WireGuard are highly recommended, and are available on a variety of devices and systems — including iPhones and iPads. We recently profiled the Guardian Mobile Firewall, a smart firewall-type app for your iPhone that securely tunnels your data anonymously so that even its creators don’t know who you are. The app also prevents apps on your phone from tracking you and accessing your data, like your contacts or your geolocation.

As TechCrunch’s Romain Dillet explains, the best VPN providers are the ones that you control yourself. You can create your own Algo VPN server in just a few minutes. Algo is created by Trial of Bits, a highly trusted and respected security company in New York. The source code is available on GitHub, making it far more difficult to covertly insert backdoors into the code.

With your own Algo VPN setup, you control the connection, the server, and your data.

You’ll need a secure DNS

What does it mean that “your internet provider knows what sites you visit,” anyway?

Behind the scenes on the internet, DNS — or Domain Name System — converts web addresses into computer-readable IP addresses. Most devices automatically use the resolver that’s set by the network you’re connected to — usually your internet provider. That means your internet provider knows what websites you’re visiting. And recently, Congress passed a law allowing your internet provider to sell your browsing history to advertisers.

You need a secure and private DNS provider. Many use publicly available services — like OpenDNS or Google’s Public DNS. They’re easy to set up — usually on your computer or device, or on your home router.

One recommended offering is Cloudflare’s secure DNS, which it calls Cloudflare encrypts your traffic, won’t use your data to serve ads, and doesn’t store your IP address for any longer than 24 hours. You can get started here, and you can even download Cloudflare’s app from Apple’s App Store and Google Play.

HTTPS is your friend

One of the best things for personal internet security is HTTPS.

HTTPS secures your connection from your phone or your computer all the way to the site you’re visiting. Most major websites are HTTPS-enabled, and appear as such with a green padlock in the address bar. HTTPS makes it almost impossible for someone to spy on your internet traffic intercept and steal your data in transit.

Every time your browser lights up in green or flashes a padlock, HTTPS encrypts the connection between your computer and the website. Even when you’re on a public Wi-Fi network, an HTTPS-enabled website will protect you from snoopers on the same network.

Every day, the web becomes more secure, but there’s a way to go. Some websites are HTTPS ready but don’t have it enabled by default. That means you’re loading an unencrypted HTTP page when you could be accessing a fully HTTPS page.

That’s where one browser extension, HTTPS Everywhere, comes into play. This extension automatically forces websites to load HTTPS by default. It’s a lightweight, handy tool that you’ll forget is even there.

Reconsider your web plug-ins

Remember Flash? How about Java? You probably haven’t seen much of them recently, because the web has evolved to render them obsolete. Both Flash and Java, two once-popular web plug-ins, let you view interactive content in your web browser. But nowadays, most of that has been replaced by HTML5, a technology native to your web browser.

Flash and Java were long derided for their perpetual state of insecurity. They were full of bugs and vulnerabilities that plagued the internet for years — so much so that web browsers started to pull the plug on Java back in 2015, with Flash set to sunset in 2020. Good riddance!

If you don’t use them — and most people don’t anymore — you should remove them. Just having them installed can put you at risk of attack. It takes just a minute to uninstall Flash on Windows and Mac, and to uninstall Java on Windows and Mac.

Most browsers — like Firefox and Chrome — let you run other add-ons or extensions to improve your web experience. Like apps on your phone, they often require certain access to your browser, your data or even your computer. Although browser extensions are usually vetted and checked to prevent malicious use, sometimes bad extensions slip through the net. Sometimes, extensions that were once fine are automatically updated to contain malicious code or secretly mine cryptocurrency in the background.

There’s no simple rule to what’s a good extension and what isn’t. Use your judgment. Make sure each extension you install doesn’t ask for more access than you think it needs. And make sure you uninstall or remove any extension that you no longer use.

These plug-ins and extensions can protect you

There are some extensions that are worth their weight in gold. You should consider:

  • An ad-blocker: Ad-blockers are great for blocking ads — as the name suggests — but also the privacy invasive code that can track you across sites. uBlock is a popular, open source efficient blocker that doesn’t consume as much memory as AdBlock and others. Many ad-blockers now permit “acceptable ads” that allow publishers to still make money but aren’t memory hogs or intrusive — like the ones that take over your screen. Ad-blockers also make websites load much faster.
  • A cross-site tracker blocker: Privacy Badger is a great tool that blocks tiny “pixel”-sized trackers that are hidden on web pages but track you from site to site, learning more about you to serve you ads. To advertisers and trackers, it’s as if you vanish. Ghostery is another example of an advanced-level anti-tracker that aims to protect the user by default from hidden trackers.

And you could also consider switching to more privacy-minded search engines, like DuckDuckGo, a popular search engine that promises to never store your personal information and doesn’t track you to serve ads.

Use Tor if you want a better shot at anonymity

But if you’re on the quest for anonymity, you’ll want Tor.

Tor, known as the anonymity network is a protocol that bounces your internet traffic through a series of random relay servers dotted across the world that scrambles your data and covers your tracks. You can configure it on most devices and routers. Most people who use Tor will simply use the Tor Browser, a preconfigured and locked-down version of Firefox that’s good to go from the start — whether it’s a regular website, or an .onion site — a special top-level domain used exclusively for websites accessible only over Tor.

Tor makes it near-impossible for anyone to snoop on your web traffic, know which site you’re visiting, or that you are the person accessing the site. Activists and journalists often use Tor to circumvent censorship and surveillance.

But Tor isn’t a silver bullet. Although the browser is the most common way to access Tor, it also — somewhat ironically — exposes users to the greatest risk. Although the Tor protocol is largely secure, most of the bugs and issues will be in the browser. The FBI has been known to use hacking tools to exploit vulnerabilities in the browser in an effort to unmask criminals who use Tor. That puts the many ordinary, privacy-minded people who use Tor at risk, too.

It’s important to keep the Tor browser up to date and to adhere to its warnings. The Tor Project, which maintains the technology, has a list of suggestions — including changing your browsing behavior — to ensure you’re as protected as you can be. That includes not using web plug-ins, not downloading documents and files through Tor, and keeping an eye out for in-app warnings that advise you on the best action.

Just don’t expect Tor to be fast. It’s not good for streaming video or accessing bandwidth-hungry sites. For that, a VPN would probably be better.

Check out our full Cybersecurity 101 guides here.

Source: TechCrunch

Google Doodle wishes you a Merry Christmas – CNET

Santa finally gets a break.
Source: CNET

How to choose and use an encrypted messaging app

Getty Images

Text messaging has been around since the dawn of cellular technology, and sparked its own unique language. But it’s time to put sending regular SMS messages out to pasture.

If you have an iPhone, you’re already on your way. iPhones (as well as iPads and Macs) use iMessage to send messages between Apple devices. It’s a data-based messaging system reliant on 3G, 4G, and Wi-Fi, rather than SMS messaging, which uses an old, outdated but universal 2G cellular network. iMessage has grown in popularity, but has left Android devices and other computers out in the dark.

That’s where other messaging services have filled a gap in the market.

Apps like Signal, WhatsApp, Wire and Wickr are also data-based and work across platforms. Best of all, they’re end-to-end encrypted, which means sent messages are scrambled on one end of the conversation — the device — and unscrambled at the other end on the recipient’s device. This makes it near-impossible for anyone — even the app maker — to see what’s being said.

Many popular apps, like Instagram, Skype, Slack and Snapchat don’t offer end-to-end encryption at all. Facebook Messenger has the option to use “secret” end-to-end encrypted messaging, but isn’t enabled by default.

Here’s what you need to know.

Why hate on SMS messaging?

SMS, or short messaging service, is more than three decades old. It’s generally reliable, but it’s outdated, archaic and expensive. There are also several reasons why SMS messaging is insecure.

SMS messages aren’t encrypted, meaning the contents of each text message are viewable to mobile carriers and governments, and can even be intercepted by organized and semi-skilled hackers. That means even if you’re using SMS to secure your online accounts using two-factor authentication, your codes can be stolen. Just as bad, SMS messages leak metadata, which is information about the message but not the contents of the message itself, such as the phone number of the sender and the recipient, which can identify the people involved in the conversation.

SMS messages can also be spoofed, meaning you can never be completely sure that a SMS message came from a particular person.

And a recent ruling by the Federal Communications Commission now gives cell carriers greater powers to block SMS messages. The FCC said it will cut down on SMS spam, but many worry that it could be used to stifle free speech.

In all of these cases, the answer is an encrypted messaging app.

What are the best encrypted messaging apps?

The simple answer is Signal, an open source, end-to-end encrypted messaging app seen as the gold standard of secure consumer messaging services.

Signal supports and encrypts all of your messages, calls and video chats with other Signal users. Some of the world’s smartest security professionals and cryptography experts have looked at and verified its code, and trust its security. The app uses your cell phone number as its point of contact — which some have criticized, but it’s easy to set the app up with a dedicated phone number without losing your own cell number. Other than your phone number, the app is built from the ground up to collect as little metadata as possible.

A recent government demand for Signal’s data showed that the app maker has almost nothing to turn over. Not only are your messages encrypted, each person in the conversation can set messages to expire — so that even if a device is compromised, the messages can be set to already disappear. You can also add a separate lock screen on the app for additional security. And the app keeps getting stronger and stronger. Recently, Signal rolled out a new feature that masks the phone number of a message sender, making it better for sender anonymity.

But actually, there is a far more nuanced answer than “just Signal.”

Everyone has different needs, wants and requirements. Depending on who you are, what your job is, and who you talk to will determine which encrypted messaging app is best for you.

Signal may be the favorite app for high-risk jobs — like journalism, activism, and government workers. Many will find that WhatsApp, for example, is good enough for the vast majority who just want to talk to their friends and family without worrying about someone reading their messages.

You may have heard some misinformed things about WhatsApp in recent years, sparked largely by incorrect and misleading reporting that claimed there was a “backdoor” to allow third parties to read messages. Those claims were unsubstantiated. WhatsApp does collect some data on its 1.5 billion users, like metadata about who is contacting whom, and when. That data can be turned over to police if they request it with a valid legal order. But messages cannot be read as they are end-to-end encrypted. WhatsApp can’t turn over those messages even if it wanted to.

Although many don’t realize that WhatsApp is owned by Facebook, which has faced a slew of security and privacy scandals in the past year, Facebook has said it’s committed to keeping WhatsApp messages end-to-end-encrypted by default. That said, it’s feasibly possible that Facebook could change its mind in the future, security researchers have said. It’s right to remain cautious, but WhatsApp is still better to use for sending encrypted messages than not at all.

The best advice is to never write and send something on even an end-to-end encrypted messaging app that you wouldn’t want to appear in a courtroom — just in case!

Wire is also enjoyed by many who trust the open-source cross-platform app for sharing group chats and calls. The app doesn’t require a phone number, instead opting for usernames, which many who want greater anonymity find more appealing than alternative apps. Wire also backed up its end-to-end encryption claims by asking researchers to conduct an external audit of its cryptography, but users should be aware that a trade-off for using the app on other devices means that the app keeps a record of everyone you’ve ever contacted in plain text.

iMessage is also end-to-end encrypted and are used by millions of people around the world who likely don’t even realize their messages are encrypted.

Other apps should be treated with care or avoided altogether.

Apps like Telegram have been criticized by experts for its error-prone cryptography, which has been described as “being like being stabbed in the eye with a fork.” And researchers have found that apps like Confide, once a favorite among White House staffers, don’t properly scramble messages, making it easy for the app’s makers to secretly eavesdrop on someone’s conversation.

How to verify someone’s identity

A core question in end-to-end encrypted messaging is: how do I know a person is who they say they are?

Every end-to-end encrypted messaging app handles a user’s identity differently. Signal calls it a “safety number” and WhatsApp calls it a “security code.” Across the board, it’s what we call “key verification.”

Every user has their own unique “fingerprint” that’s associated with their username, phone number or their device. It’s usually a string of letters and numbers. The easiest way to verify someone’s fingerprint is to do it in person. It’s simple: you both get your phones out, open up a conversation on your encrypted messaging app of choice, and you make sure that the fingerprints on the two sets of devices are exactly the same. You usually then hit a “verify” button — and that’s it.

Verifying a contact’s fingerprint remotely or over the internet is tricker. Often it requires sharing your fingerprint (or a screenshot) over another channel — such as a Twitter message, on Facebook, or email — and making sure they match. (The Intercept’s Micah Lee has a simple walk-through of how to verify an identity.)

Once you verify someone’s identity, they won’t need to be reverified.

If your app warns you that a recipient’s fingerprint has changed, it could be an innocuous reason — they may have a new phone number, or sent a message from a new device. But that could also mean that someone is trying to impersonate the other person in your conversation. You would be right to be cautious, and try to reverify their identity again.

Some apps don’t bother to verify a user’s identity at all. For example, there’s no way to know that someone isn’t secretly snooping on your iMessage conversations because Apple doesn’t notify you if someone is secretly monitoring your conversation or hasn’t somehow replaced a message recipient with another person.

You can read more about how Signal, WhatsApp, Telegram, and Wire allow you to verify your keys and warn you of key changes. (Spoiler alert: Signal is the safest choice.)

There are some other tips you should know:

Encrypted message backups are usually not encrypted in the cloud: A very important point here — often, your encrypted messages are not encrypted when they are backed up to the cloud. That means the government can demand that your cloud provider — like Apple or Google — to retrieve and turn over your encrypted messages from its servers. You should not back up your messages to the cloud if this is a concern.

Beware of desktop apps: One of the benefits to many encrypted messaging apps is that they’re available on a multitude of platforms, devices and operating systems. Many also offer desktop versions for responding faster. But over the past few years, most of the major vulnerabilities have been in the buggy desktop software. Make sure you’re on top of app updates. If an update requires you to restart the app or your computer, you should do it straight away.

Set your messages to expire: Encryption isn’t magic; it requires awareness and consideration. End-to-end encrypted messaging won’t save you if your phone is compromised or stolen and its contents can be accessed. You should strongly consider setting an expiry timer on your conversations to ensure that older messages will be deleted and disappear.

Keep your apps updated: One of the best ways to make sure you stay secure (and get new features!) is to make sure that your desktop and mobile apps are kept up-to-date. Security bugs are found often, but you may not always hear about them. Keep your apps updated is the best way to make sure you’re getting those security fixes as soon as possible, lowering your risk that your messages could be intercepted or stolen.

Check out our full Cybersecurity 101 guides here.

Source: TechCrunch

What to do with the gifts you hate – CNET

Receive a gift this holiday season you can’t stand? Not sure what to do with it? Here’s some ideas to get the most out of the gifts you hate.
Source: CNET

What history could tell Mark Zuckerberg

Perhaps Mark Zuckerberg obsessed over the wrong bit of history. Or else didn’t study his preferred slice of classical antiquity carefully enough, faced, as he now is, with an existential crisis of ‘fake news’ simultaneously undermining trust in his own empire and in democracy itself.

A recent New Yorker profile — questioning whether the Facebook founder can fix the creation he pressed upon the world before the collective counter-pressure emanating from his billions-strong social network does for democracy what Brutus did to Caesar — touched in passing on Zuckerberg’s admiration for Augustus, the first emperor of Rome.

“Basically, through a really harsh approach, he established two hundred years of world peace,” was the Facebook founder’s concise explainer of his man-crush, freely accepting there had been some crushing “trade-offs” involved in delivering that august outcome.

Zuckerberg’s own trade-offs, engaged in his quest to maximize the growth of his system, appear to have achieved a very different kind of outcome.

Empire of hurt

If you gloss over the killing of an awful lot of people, the Romans achieved and devised many ingenious things. But the population that lived under Augustus couldn’t have imagined an information-distribution network with the power, speed and sheer amplifying reach of the internet. Let alone the data-distributing monster that is Facebook — an unprecedented information empire unto itself that’s done its level best to heave the entire internet inside its corporate walls.

Literacy in Ancient Rome was dependent on class, thereby limiting who could read the texts that were produced, and requiring word of mouth for further spread.

The ‘internet of the day’ would best resemble physical gatherings — markets, public baths, the circus — where gossip passed as people mingled. Though of course information could only travel as fast as a person (or an animal assistant) could move a message.

In terms of regular news distribution, Ancient Rome had the Acta Diurna, A government-produced daily gazette that put out the official line on noteworthy public events.

These official texts, initially carved on stone or metal tablets, were distributed by being exposed in a frequented public place. The Acta is sometimes described as a proto-newspaper, given the mix of news it came to contain.

Minutes of senate meetings were included in the Acta by Julius Caesar. But, in a very early act of censorship, Zuckerberg’s hero ended the practice — preferring to keep more fulsome records of political debate out of the literate public sphere.

“What news was published thereafter in the acta diurna contained only such parts of the senatorial debates as the imperial government saw fit to publish,” writes Frederick Cramer, in an article on censorship in Ancient Rome.

Augustus, the grand-nephew and adopted son of Caesar, evidently did not want the risk of political opponents using the outlet to influence opinion, his great-uncle having been assassinated in a murderous plot hatched by conspiring senators.

The Death of Caesar

Under Augustus, the Acta Diurna was instead the mouthpiece of the “monarchic faction.”

“He rightly believed this method to be less dangerous than to muzzle the senators directly,” is Cramer’s assessment of Augustus’s decision to terminate publication of the senatorial protocols, limiting at a stroke how physical voices raised against him in the Senate could travel and lodge in the wider public consciousness by depriving them of space on the official platform.

Augustus also banned anonymous writing in a bid to control incendiary attacks distributed via pamphlets and used legal means to command the burning of incriminatory writings (with some condemned authors issued with ‘literary death-sentences’ for their entire life’s work).

The first emperor of Rome understood all too well the power of “publicare et propagare.”

It’s something of a grand irony, then, that Zuckerberg failed to grasp the lesson for the longest time, letting the eviscerating fire of fake news rage on unchecked until the inferno was licking at the seat of his own power.

So instead of Facebook’s brand and business invoking the sought-for sense of community, it’s come to appear like a layer cake of fakes, iced with hate speech horrors.

On the fake front, there are fake accounts, fake newsinauthentic adsfaux verifications and questionable metrics. Plus a truck tonne of spin and cynical blame shifting manufactured by the company itself.

There’s some murkier propaganda, too; a PR firm Facebook engaged in recent years to help with its string of reputation-decimating scandals reportedly worked to undermine critical voices by seeding a little inflammatory smears on its behalf.

Publicare et propagare, indeed.

Perhaps Zuckerberg thought Ancient Rome’s bloody struggles were so far-flung in history that any leaderly learnings he might extract would necessarily be abstract, and could be cherry-picked and selectively filtered with the classical context so comfortably remote from the modern world. A world that, until 2017, Zuckerberg had intended to render, via pro-speech defaults and systematic hostility to privacy, “more open and connected.” Before it got too difficult for him to totally disregard the human and societal costs.

Revising the mission statement a year-and-a-half ago, Zuckerberg had the chance to admit he’d messed up by mistaking his own grandstanding world-changing ambition for a worthy cause.

Of course he sidestepped, writing instead that he would commit his empire (he calls it a “community”) to strive for a specific positive outcome.

It’s something of a grand irony, then, that Zuckerberg failed to grasp the lesson for the longest time, letting the eviscerating fire of fake news rage on unchecked until the inferno was licking at the seat of his own power.

He didn’t go full Augustus with the new goal (no ‘world peace’) — but recast Facebook’s mission to: “Give people the power to build community and bring the world closer together.”

There are, it’s painful to say, “communities” of neo-Nazis and white supremacists thriving on Facebook. But they certainly don’t believe in bringing the world closer together. So Facebook’s reworked mission statement is a tacit admission that its tools can help spread hate by saying it hopes for the opposite outcome. Even as Zuckerberg continues to house voices on his platform that seek to deny historical outrages like the Holocaust, which is the very definition of antisemitic hate speech.

“I used to think that if we just gave people a voice and helped them connect, that would make the world better by itself. In many ways it has. But our society is still divided,” he wrote in June 2017, eliding his role as emperor of the Facebook platform, in fomenting the societal division of which he typed. “Now I believe we have a responsibility to do even more. It’s not enough to simply connect the world, we must also work to bring the world closer together.”

This year his personal challenge was also set at “fixing Facebook.”

Also this year: Zuckerberg made a point of defending allowing Holocaust deniers on his platform, then scrambled to add the caveat that he finds such views “deeply offensive.” (That particular Facebook content policy has stood unflinching for almost a decade.)

It goes without saying that the Nazis of Hitler’s Germany understood the terrible power of propaganda, too.

More recently, faced with the consequences of a moral and ethical failure to grapple with hateful propaganda and junk news, Facebook has said it will set up an external policy committee to handle some content policy decisions next year.

But only at a higher and selective appeal tier, after layers of standard internal reviews. It’s also not clear how this committee can be truly independent from Facebook.

Quite possibly it’ll just be another friction-laced distraction tactic, akin to Facebook’s self-serving ‘Hard Questions’ series.

WASHINGTON, DC – APRIL 11: Facebook co-founder, Chairman and CEO Mark Zuckerberg prepares to testify before the House Energy and Commerce Committee on April 11, 2018 in Washington, DC. (Photo by Chip Somodevilla/Getty Images)

Revised mission statements, personal objectives and lashings of self-serving blog posts (playing up the latest self-forged “accountability” fudge), have done nothing to dim the now widely held view that Facebook specifically, and social media in general, profits off of accelerated outrage.

Cries to that effect have only grown louder this year, two years on from revelations that Kremlin election propaganda maliciously targeting the U.S. presidential election had reached hundreds of millions of Facebook users, fueled by a steady stream of fresh outrages found spreading and catching fire on these “social” platforms.

Like so many self-hyping technologies, social media seems terribly deceptively named.

“Antisocial media” is, all too often, rather closer to the mark. And Zuckerberg, the category’s still youthful warlord, looks less “harshly pacifying Augustus” than modern day Ozymandias, forever banging on about his unifying mission while being drowned out by the sound and fury coming from the platform he built to programmatically profit from conflict.

And still the young leader longs for the mighty works he might yet do.

Look on my works, ye mighty…

For all the positive connections flowing from widespread access to social media tools (which of course Zuckerberg prefers to fix on), evidence of the tech’s divisive effects are now impossible for everyone else to ignore: Whether you look at the wildly successful megaphoning of Kremlin propaganda targeting elections and (genuine) communities by pot stirring across all sorts of identity divides; or algorithmic recommendation engines that systematically point young and impressionable minds toward extremist ideologies (and/or brain-meltingly ridiculous conspiracy theories) as an eyeball-engagement strategy for scaling ad revenue in the attention economy. Or, well, Brexit.

Whatever your view on whether or not Facebook content is actually influencing opinion, attention is undoubtedly being robbed. And the company has a long history of utilizing addictive design strategies to keep users hooked.

To the point where it’s publicly admitted it has an over-engagement problem and claims to be tweaking its algorithmic recipes to dial down the attention incursion. (Even as its engagement-based business model demands the dial be yanked back the other way.)

Facebook’s problems with fakery (“inauthentic content” in the corporate parlance) and hate speech — which, without the hammer blow of media-level regulation, is forever doomed to slip through Facebook’s one-size-fits-all “community standards” — are, it argues, merely a reflection of humanity’s flaws.

So it’s essentially asking to be viewed as a global mirror, and so be let off the moral hook. A literal vox populi — warts, fakes, hate and all.

Zuckerberg created the most effective tool for spreading propaganda the world has ever known without — so he claims — bothering to consider how people might use it.

It was never selling a fair-face, this self-serving, revisionist hot-take suggests; rather Facebook wants to be accepted as, at best, a sort of utilitarian plug that’s on a philanthropic, world-spanning infrastructure quest to stick a socket in everyone. Y’know, for their own good.

“It’s fashionable to treat the dysfunctions of social media as the result of the naivete of early technologists who failed to foresee these outcomes. The truth is that the ability to build Facebook-like services is relatively common,” wrote Cory Doctorow earlier this year in a damning assessment of the Facebook founder’s moral vacuum. “What was rare was the moral recklessness necessary to go through with it.”

Even now Zuckerberg is refusing the moral and ethical burden of editorial responsibility for the content his tools auto-publish and algorithmically amplify, every instant of every day, using proprietary information-shaping distribution hierarchies that accelerate machine-selected clickbait through the blood-brain barrier of 2.2 billion-plus users.

These algorithmically prioritized comms are positioned to influence opinion and drive intention at an unprecedented, global scale.

Asked by the New Yorker about the inflammatory misinformation peddled by InfoWars conspiracy theorist and hate speech “preacher,” Alex Jones, earlier this year, Zuckerberg’s gut instinct was to argue again to be let off the hook. “I don’t believe that it is the right thing to ban a person for saying something that is factually incorrect,” was his disingenuous response.

It was left to the journalist to point out InfoWars’ malicious disinformation is rather more than just factually incorrect.

Facebook has taken down some individual InfoWars videos this year, in its usual case by case style, where it deemed there was a direct incitement to violence. And in August it also pulled some InfoWars pages (“for glorifying violence, which violates our graphic violence policy, and using dehumanizing language to describe people who are transgender, Muslims and immigrants, which violates our hate speech policies”).

But it has certainly not de-platformed the professional purveyor of hateful conspiracy theories who sells supplements alongside his attention-grabbing lies.

One academic study, published two months ago, found much of the removed InfoWars content had managed to move “swiftly back” onto the Facebook platform. Like radio and silence, Facebook hates a content vacuum.

The problem is its own platform also sells stuff alongside attention-grabbing lies. So Jones is just the Facebook business model if it could pull on a blue suit and shout.

Alex Jones

“Senator, we run ads”

It’s clear that Facebook’s adherence to a rules-based, reactive formula for assessing speech sets few if any meaningful moral standards. The company has also preferred to try offloading tricky decisions to third-party fact checkers and soon a quasi-external committee — a strategy that looks intended to sustain the suggestive lie that, at base, Facebook is just a “neutral platform.”

Yet Zuckerberg’s business is the business of influence itself. He admits as much. “Senator, we run ads,” he told Congress this April when asked how the platform turns a profit.

If the ads don’t work that’s an awful lot of money being pointlessly poured into Facebook’s coffers.

At the same time, the risk of malicious manipulation of Facebook’s machinery of mass manipulation is something the company claims it simply hadn’t thought of until very, very recently. 

That’s the official explanation for why senior executives failed to pay any mind to the tsunami of politically charged propaganda blooming across its U.S. platform, yet originating in Saint Petersburg and environs.

An astute political operator like Augustus was entirely alive to the risks of political propaganda. Hence making sure to keep a lid on domestic political opponents, while allowing them to let off steam in the Senate where a wider audience wouldn’t hear them.

Zuckerberg, by contrast, created the most effective tool for spreading propaganda the world has ever known without — so he claims — bothering to consider how people might use it.

That’s either radical stupidity or willful recklessness.

Zuckerberg implies the former. “I always believed people are basically good,” he wrote in his grandiose explainer on rethinking Facebook’s mission statement last year.

Though you’d think someone with a fascination for classical antiquity, and a special admiration for an emperor whose harsh trade-offs apparently included arranging the execution of his own grandson, might have found plenty to test that theory to a natural breaking point.

Safe to say, such a naive political mind wouldn’t have lasted long in Ancient Rome.

But Zuckerberg is no politician. He’s a new-age ad salesman with a crush on one of history’s canniest political operators — who happened to know the power and value of propaganda. And who also knew that propaganda could be deadly.

If you imagine Facebook’s platform as a modern day Acta Diurna — albeit, one updated continuously, delivered direct to citizens’ pockets, and with no single distributed copy ever being exactly the same — the organ is clearly not working toward any kind of societal order, crushing or otherwise.

Under Zuckerberg’s programmatic instruction, Facebook’s daily notices are selected for their capacity to emotionally tug at the individual. By design the medium agitates because the platform exists to trade attention.

It’s really the opposite of “civilization building.” Outrage and tribalism are grist to the algorithmic mill. It’s much closer to the tabloid news mantra — of “if it bleeds it leads.”

But Facebook goes further, using “free speech” as a cloaking mechanism to cross the ethical  line and conceal the ugly violence of a business that profits by ripping up the social compact.

The speech-before-truth philosophy underpinning Zuckerberg’s creation intrinsically works against the civic, community values he claims to champion. So at bottom, there’s yet another fake: no “global community” inside the walled garden, just a globally scaled marketing empire that’s had raging success in growing programmatic ad sales by tearing genuine communities apart.

Here confusion and anger reign.

The empire of Zuckerberg is a drear domain indeed.

One hundred cardboard cutouts of Facebook founder and CEO Mark Zuckerberg stand outside the US Capitol in Washington, DC, April 10, 2018.
Advocacy group Avaaz is calling attention to what the groups says are hundreds of millions of fake accounts still spreading disinformation on Facebook. (Photo: SAUL LOEB/AFP/Getty Images)

Fake news of the 1640s

Might things have turned out differently for Facebook — and, well, for the world — if its founder had obsessed over a different period in history?

The English Civil War of the 1640s has much to recommend it as a study topic to those trying to understand and unpick the social impacts of the hyper modern phenomenon of social media, given the historical parallels of society turned upside during a moment of information revolution.

It might seen counterintuitive to look so far back in time to try to understand the societal impacts of cutting-edge communications technologies. But human nature can be surprisingly constant.

Internet platforms are also socio-technical tools, which means ignoring human behavior is a really dumb thing to do.

As the inventor of the World Wide Web, Tim Berners-Lee, said recently of modern day anthropogenic platforms: “As we’re designing the system, we’re designing society.”

The design challenge is all about understanding human behaviour — so you know how and where to place your ethical guardrails.

Rather than, per the Zuckerberg fashion, embarking on some kind of a quixotic, decade-plus quest to chase a grand unifying formula of IFTTT reaction statements to respond consistently to every possible human (and inhuman) act across the globe.

Mozilla’s Mitchell Baker made a related warning earlier this year, when she called for humanities and ethics to be baked into STEM learning, saying: “One thing that’s happened in 2018 is that we’ve looked at the platforms, and the thinking behind the platforms, and the lack of focus on impact or result. It crystallised for me that if we have Stem education without the humanities, or without ethics, or without understanding human behaviour, then we are intentionally building the next generation of technologists who have not even the framework or the education or vocabulary to think about the relationship of Stem to society or humans or life.”

What’s fascinating about the English Civil War to anyone interested in current day Internet speech versus censorship ethics trade-offs, is that in a similar fashion to how social media has radically lowered the distribution barrier for online speech, by giving anyone posting stuff online the chance of reaching a large audience, England’s long-standing regime of monarchical censorship collapsed in 1641, leading to a great efflorescence of speech and ideas as pamphlets suddenly and freely poured off printing presses.

This included an outpouring of radical political views from groups agitating for religious reforms, popular sovereignty, extended suffrage, common ownership and even proto women’s rights — laying out democratic concepts and liberal ideas centuries ahead of the nation itself becoming a liberal democracy.

But, at the same time, pamphlets were also used during the English Civil War period as a cynical political propaganda tool to whip up racial and sectarian hatred, most markedly in the parliament’s fight against the king.

Especially vicious hate speech was directed at the Irish. And historians suggest anti-Irish propaganda helped fuel the rampage that Cromwell’s soldiers went on in Ireland to crush the rebellion, having been fed a diet of violent claims in uncensored pamphlet print — such as that the Irish were killing and eating babies.

For a modern day parallel of information technology charging up ethnic hate you only have to look to Facebook’s impact in Myanmar where its platform was appropriated by military elements to incite genocide against the minority Rohingya population — leading to terrible human rights abuses in the modern era. There’s no shortage of other awful examples either.

“There are genuine atrocities in Ireland but suddenly the pamphleteers realise that this sells and suddenly you get a pornography of violence when everyone is rushing to put out these incredibly violent and unpleasant stories, and people are rushing to buy them,” says University of Southampton early modern history professor, Mark Stoyle, discussing the parliamentary pamphleteers’ evolving tactics in the English Civil War.

“It makes the Irish rebellion look even worse than it was. And it sort of raises even greater levels of bitterness and hostility towards the Irish. I would say those sorts of things had a very serious effect.”

The overarching lesson of history is that propaganda is baked indelibly into the human condition. Speech and lies come wrapped around the same tongue.

Stoyle says pamphlets printed during the English Civil War period also revived superstitious beliefs in witchcraft, leading to an upsurge in prosecutions and killings on charges of witchcraft which had dipped in earlier years under tighter state controls on popular printed accounts of witch trials.

“Once the royal regime collapses, the king’s not there to stop people prosecuting witches, he’s not there to stop these pamphlets appearing. There’s a massive upsurge in pamphlets about witches and in no time at all there’s a massive upsurge in prosecutions of witches. That’s when Matthew Hopkins, the witchfinder general, kills several hundred men and women in East Anglia on charges of being witches. And again I think the civil war propaganda has helped to fuel that.”

If you think modern day internet platforms don’t have to worry about crazy superstitions like witchcraft and devil worship just Google “Frazzledrip” (a conspiracy theory that’s been racking up the views on YouTube this year which claims Hillary Clinton and longtime aide Huma Abedin sexually assaulted a girl and drank her blood). The Clinton-targeted viral “Pizzagate” conspiracy theory also combines bizarre claims of Satanic rituals with child abuse. None of which stopped it catching fire on social media.

Indeed, a whole host of ridiculous fictions are being algorithmically accelerated into wider view, here in the 21st (not the 17th) century.

And it’s internet platforms that rank speech above truth that are in the distribution saddle.

Stoyle, who has written a book on witchcraft and propaganda during the English Civil War, believes the worst massacre of the period was also fueled by political disinformation targeting the king’s female camp followers. Parliamentary pamphleteers wrote that the women were prostitutes. Or claimed they were Irish women who had killed English men and women in Ireland. There were also claims some were witches.

“One of these pamphlets describes the women in the king’s camp — just literally a week before the massacre — and it presents them all as prostitutes and it says something like ‘these women they revel in their hot blood and they deserve a hotter punishment’,” he tells us. “Just a week later they’re all cut down. And I don’t think that’s coincidence.”

In the massacre Stoyle says parliamentary soldiers set about the women, killing 100 and mutilating scores more. “This is just unheard of,” he adds.

The early modern period even had the equivalent of viral clickbait in pamphlet form when a ridiculous story about a dog owned by the king’s finest cavalry commander, prince Rupert, takes off. The poodle was claimed to be a witch in disguise which had invested Rupert with magical military powers — hence, the pamphlets proclaimed, his huge successes on the battlefield.

“In a time when we’ve got no pictures at all of some of the most important men and women in the country we’ve got six different pictures of prince Rupert’s dog circulating. So this is absolutely fake news with a vengeance,” says Stoyle.

And while parliamentarian pamphlet writers are generally assumed to be behind this particular sequence of Civil War fakes, Stoyle believes one particularly blatant pamphlet in the series — which claimed the dog was not only a witch but that the prince was having sex with it — is a doubly bogus hoax fake.

“I’m pretty certain now it was actually written by a royalist to poke fun at the parliamentarians for being so gullible and believing this stuff,” he says. “But like so many hoaxes it was a hoax that went wrong — it was done so well that most people who read it actually believed it. And it was just a few highly educated royalists who got the joke and laughed at it. And so in a way it was like a hoax that backfired horribly.

“A classic case of fake news biting the person who put it out in the bum.”

Of course this was also the prince’s dog pamphlet that got the most attention and “viral engagement” of the time, as other pamphlet writers picked up on it and started referencing it.

So again the lesson about clickbait economics is a very old one, if you only know where to look.

Fake news most certainly wasn’t suddenly born in 2016. Modern hoaxers like Jones (who has also been at it for far longer than two years) are just appropriating cutting-edge tech tools to plough a very old furrow.

Equally, it really shouldn’t be any kind of news flash that free speech can have a horribly dark side.

The overarching lesson of history is that propaganda is baked indelibly into the human condition. Speech and lies come wrapped around the same tongue.

The stark consequences that can flow from maliciously minded lies being crafted to move a particular audience are also writ large across countless history books.

So when Facebook says — caught fencing Kremlin lies — “we just didn’t think of that” it’s a truly illiterate response to an age-old problem.

And as the philosophical saying goes: Those who cannot remember the past are condemned to repeat it.

That’s really the most important history lesson of all.

“As humans we have this terrible ability to be angels and devils — to use things for wonderful purposes and to use things for terrible purposes that were never really intended or thought of,” says Stoyle, when asked whether, at a Facebook-level scale, we’re now seeing some of the limits of the benefits of free speech. “I’m not saying that the people who wrote some of these pamphlets in the Civil War expected it would lead to terrible massacres and killings but it did and they sort of played their part in that.

“It’s just an amazingly interesting period because there’s all this stuff going on and some of it is very dark and some of it’s more positive. And I suppose we’re quite well aware of the dark side of social media now and how it has got a tendency to let almost the worst human instincts come out in it. But some of these things were, I think, forces for good.”

‘Balancing angels and devils’ would certainly be quite the job description to ink on Zuckerberg’s business card.

“History teaches you to take all the evidence, weigh it up and then say who’s saying this, where does it come from, why are they saying it, what’s the purpose,” adds Stoyle, giving some final thoughts on why studying the past can provide a way through modern day information chaos. “Those are the tools that you need to make your way through this minefield.”

Source: TechCrunch

The Most-Read WIRED Ideas Stories of 2018

Readers dived into a feminist reading of Elizabeth Holmes’ downfall, a story about Silicon Valley’s hidden caste system, and the perplexing case of a deadly yeast.
Source: Wired

Jordan Peele's Us trailer has arrived – CNET

The writer and director of Get Out gives a glimpse of his new nightmare.
Source: CNET