Pete Recommends – Weekly highlights on cyber security issues January 26 2019

Subject: Mastercard Makes It Easier to Quit Free Trials
Source: Consumer Reports

Did you ever sign up for a free trial and then forget to cancel before the automatic billing kicked in?

Then here’s some good news: Mastercard has announced a new policy that requires merchants to get your permission before you start getting charged.

The policy, which starts April 12, applies only to physical products such as fruit-of-the-month clubs or shaving products, not online subscription services like streaming video. Mastercard says that’s because historically most issues with cardholders have been with physical product subscriptions.

Now if you use a Mastercard to sign up for a free trial, businesses will be required to send you an email or text with the cost of the subscription, payment date, merchant name, and explicit instructions on how to cancel the trial.

If you opt not to cancel, merchants will also have to send a receipt every time you are charged, with clear instructions on how to end the subscription.

And all charges that appear on the cardholder’s statement must now include the merchant website address or the phone number of the store where the cardholder signed up for the trial.

If merchants don’t follow the new policy, Mastercard says it will work with the bank the merchant uses to compel compliance.

More on credit cards

5 Credit Card Benefits You May Not Know About
Best Credit Cards to Use When Traveling
How a Balance Transfer Credit Card Can Help You Pay Down Debt
Are Store Credit Cards Really Worth It?

Subject: Popular Android Navigation Apps Just Google Maps With Ads
Source: Digital Trends

More than a dozen free navigation apps on the Google Play Store with collective downloads of over 50 million turned out to be nothing more than Google Maps with ads.

The discovery was made by Lukas Stefanko, a malware researcher at ESET, who tweeted the details of what he found.

I tested over 15 fake GPS Navigation apps with over 50,000,000 installs from #GooglePlay that violate Google rules.

These apps just open Google Maps or use their API without any additional value for user, except for displaying ads.

More articles relating to Android:

However, with more than 2 million apps available on the Google Play Store, it is inevitable that some fake and/or malicious apps will slip through the safety nets. Stefanko also recently found four fake cryptocurrency apps on the service that attempted to phish the user’s login details or impersonate cryptocurrency wallets.

The lesson here is that users should be very skeptical of anything they download onto their smartphone. One of the best practices is to only trust apps made by well-known companies. Only Google, Apple, and a handful of other companies are capable of gathering the data for capable navigation apps, so those with unknown developers should already raise a red flag.

Subject: The EU Copyright Directive is about to make the internet worse for almost everyone
Source: Android Central

The European Union’s new Copyright Directive stands to dramatically change the way we consume news and other online content. Although originally intended to ensure creators and news organizations are fairly compensated for their work, the directive will more likely make quality news harder to find, throw financial and technical roadblocks in the way of smaller online publishers and creators, stifle free speech and negatively impact internet culture.

The directive is currently in the late stages of closed-door negotiations between the European Commission, European Parliament and European Council before being put to a vote of EU member nations. If passed as-is, it’ll be a major change to the balance of power around online copyright. The ripples from the EU CD are likely to be felt even outside the EU’s borders — in areas as serious as major news coverage, and as silly as the memes we see on Twitter and Facebook.

The main controversy centers on Articles 11 and 13 of the directive, also known as the “link tax” and “upload filter” requirements.

Subject: Face recognition presents a surveillance issue. Amazon should step up
Source: USA Today – Opinion

There’s a clear rift among the tech giants over how to protect Americans from unchecked face surveillance.Face recognition, powered by artificial intelligence, could allow the government to supercharge surveillance by automating identification and tracking. Authorities could use it to track protesters, target vulnerable communities (such as immigrants), and create digital policing in communities of color that are already subject to pervasive police monitoring.

So how are the world’s biggest technology companies responding to this serious threat to privacy, safety and civil rights?

► Google at least appears to be taking the risks seriously with its recent announcement.

► Microsoft, unfortunately, is just talking the talk.

► And Amazon is completely running amok.

Subject: The Smart TV Crapware Era Has Already Begun
Source: How-To Geek

Geeks often ask for dumb TVs. But, as the CTO of Vizio recently explained, smart TVs are cheaper than dumb TVs. TVs are so cheap that manufacturers make their profit by tracking your viewing habits and selling ads.

Why Smart TVs Are Cheaper Than Dumb TVs

You’d think a dumb TV would be cheaper than a smart TV. After all, a dumb TV wouldn’t need the processing power and specialized software found on a smart TV. It could just act as a panel (like a computer monitor) and let you hook up devices via HDMI.

So why is every TV becoming a smart TV?

TVs Are a Conduit For Tracking, Advertising, and Media Sales

That’s why it’s so difficult to buy a dumb TV. Manufacturers get enough money up front to cover the cost of the TV, but they aren’t making much profit from selling that hardware. They make money from tracking your TV viewing habits, selling advertisements, and earning a commission off digital media purchases and rentals you make on the TV.

If you opt out of tracking and never use any of the media apps on the TV itself, that’s fine. They make enough money from other people that they can afford not to make any additional money from people like you. It’s all built into their revenue model.

It’s hard to complain, too. People love cheap TVs, and it’s clear most people don’t want to pay extra for TVs without built-in tracking features. After all, you can always disable the tracking anyway—if you know what you’re doing.

Subject: Study: On Facebook and Twitter your privacy is at risk — even if you don’t have an account
Source: EurekAlert! Science News via U of Vt

Identity and actions can be predicted from friends — undermining idea of ‘individual choice’ on social media

A new study shows that privacy on social media is like second-hand smoke. It’s controlled by the people around you.

Individual choice has long been considered a bedrock principle of online privacy. If you don’t want to be on Facebook, you can leave or not sign up in the first place. Then your behavior will be your own private business, right?

The new study presents powerful evidence that the answer to that question is no.

Looked at from the other direction, when you sign up for Facebook or another social media platform” you think you’re giving up your information, but you’re giving up your friends’ information too!” says University of Vermont mathematician James Bagrow who led the new research.

Subject: News outlet’s email security gap
Source: Axios via beSpacific

Axios: “An Axios study shows that very few news organizations — around 6% of a broad sample — successfully use a critical technology that guarantees emails they send are authentic. The big picture: We’ve written before about the Department of Homeland Security’s struggle to get federal agencies and the White House to implement DMARC, a security protocol that prevents someone from successfully sending an email using someone else’s email address. It’s only fair to turn that lens on our own industry.

Why it matters: As the news industry increases its reliance on email alerts and newsletters (represent!), our credibility makes us a target for spammers, scammers and purveyors of disinformation or fraud.

beSpacific topics: Cybercrime, Cybersecurity, E-Mail

Axios tag:

Posted in: Cybersecurity, Email Security, Financial System, Privacy, Social Media