Archive for April 3, 2020

Facebook Tried To Buy An NSO Group Tool To Spy On Their Users….. Perhaps A New Reason To #DeleteFacebook

Posted in Commentary with tags on April 3, 2020 by itnerd

You might recall that Facebook is currently suing the shadowy NSO Group who is known for selling top shelf spyware that often exploits zero day vectors to nation states with questionable human rights records. A real bombshell dropped today via a Vice story which says this:

According to a declaration from NSO CEO Shalev Hulio, two Facebook representatives approached NSO in October 2017 and asked to purchase the right to use certain capabilities of Pegasus. 

At the time, Facebook was in the early stages of deploying a VPN product called Onavo Protect, which, unbeknownst to some users, analyzed the web traffic of users who downloaded it to see what other apps they were using. According to the court documents, it seems the Facebook representatives were not interested in buying parts of Pegasus as a hacking tool to remotely break into phones, but more as a way to more effectively monitor phones of users who had already installed Onavo.

“The Facebook representatives stated that Facebook was concerned that its method for gathering user data through Onavo Protect was less effective on Apple devices than on Android devices,” the court filing reads. “The Facebook representatives also stated that Facebook wanted to use purported capabilities of Pegasus to monitor users on Apple devices and were willing to pay for the ability to monitor Onavo Protect users.”

Facebook proposed to pay NSO a monthly fee for each Onavo Protect user, the filing adds.

The Onavo Protect VPN was eventually dropped by Facebook, but not before they got slapped by Apple because of how shady it was.

Here’s where things get weird. Vice reached out to Facebook for comment. And this is what Facebook said:

In a statement, Facebook suggested NSO is misrepresenting these conversations between NSO and Facebook employees.

“NSO is trying to distract from the facts Facebook and WhatsApp filed in court over six months ago. Their attempt to avoid responsibility includes inaccurate representations about both their spyware and a discussion with people who work at Facebook. Our lawsuit describes how NSO is responsible for attacking over 100 human rights activists and journalists around the world. NSO CEO Shalev Hulio has admitted his company can attack devices without a user knowing and he can see who has been targeted with Pegasus. We look forward to proving our case against NSO in court and seeking accountability for their actions,” the statement from a Facebook spokesperson read.

You’ll note that Facebook is not denying that conversations took place. Which is interesting. I would love to find out in court what the subject of those conversations were. The cynical side of me says that Facebook was looking for new ways to spy on users. But I would like to see if Facebook admits this under oath, or if facts come out that support what NSO Group is saying. And to be clear, NSO Group are not boy scouts. Which is why this needs to come out in court. Hopefully sooner rather than later.

A Concise Guide To Securing Your Zoom Meetings

Posted in Commentary with tags on April 3, 2020 by itnerd

I’ve received a few emails over the last 48 hours asking for a concise guide on how to secure their Zoom sessions seeing as Zoom’s app security is dodgy at best. Though to be fair to Zoom, they are trying to address this. So here are my top tips to secure your Zoom meetings:

  1. Keep your Zoom apps up to date: With so many security researchers looking at Zoom right now, new issues are being discovered at an almost daily rate. And to Zoom’s credit, they are fixing these issues quickly. Thus you want to make sure that as those updates are applied as quickly as possible. I recommend checking for updates on a daily basis inside the Zoom app, or via the App Store or the Google Play Store.
  2. Password protect your meetings: “Zoom Bombings”, or uninvited people crashing your meeting, can only happen if your meeting isn’t password protected. Thus you should enable passwords on your meetings ASAP. The options “Require a password when scheduling new meetings”; and “Require a password for instant meetings” should be set. At the same time, disable the option “Embed password in meeting link for one-click join” and enable “Require password for participants joining by phone.”
  3. Do not share your meetings on social media: Another way that “Zoom Bombings” happen is that the meeting details are freely available online. Which means that miscreants simply have to get the details, dial in, and do their worst. So you can take this off the table by simply not posting your meetings in public.
  4. Enable waiting rooms: Zoom has a waiting room function that allows a host to see meeting attendees arrive, and it allows you to admit them one by one. That way miscreants can’t get into your meetings. This document that Zoom has on the topic can help you to enable this feature.

Now one thing that I should point out is that this is a very fluid situation. So I will say that if additional threats pop up, which they likely will based on what this has gone on this week, and mitigations exist, I will publish them. Related to that, if you have any tips that can help Zoom users, please pass them along.

Sonos Illustrates How Music Can Help Us During This Difficult Time

Posted in Commentary with tags on April 3, 2020 by itnerd

As many people are adjusting to their homes taking on new meaning – place of work, the classroom, the gym, the cinema, the concert venue, and more – here are a few ways Sonos can help by making it easy to stream great sound for anything. 

Home office help

Music can help increase productivity and boost your mood during the work day. In a study we compiled last year (more insights below), 67% of people said listening to music helps them get more done than drinking a cup of coffee. Try a pair of Sonos Ones or One SLs in your home office, or if you find yourself working everywhere from the patio to the kitchen, Move is the most versatile option to bring the music seamlessly from room to room.

Stream it all in brilliant sound 

Whether the latest Netflix binge, a workout on Hulu, a cooking class on YouTube, or a live concert on Instagram – you can listen to it all on Sonos. Meanwhile, your favorite albums, podcasts, and audiobooks are a great way to break up the screen-time. Beam is the best option for people who want great TV sound with Alexa, Google Assistant, and Airplay 2 built in. Sonos also has home theater sets for those looking for 5.1 surround sound. 

Escape with music

As a company, Sonos is obsessed with music and audio. It drives everything they do and is getting all of us through this time. In their research last year, we also learned 80% of parents said they hope their kids like their favorite music, and 65% of people listen to music their parents introduced them to.

With help from Sonos colleagues, they are adding new playlists including one for parents and kids. Here are three of the latest on Spotify (also available on other platforms).  

Finally, along with fast and free shipping, Sonos has extended our return policy to 100 days (money back guarantee) and there are some offers for the next few weeks on Sonos.com for OneOne SLBeam and speaker sets.

Brilliant Sound Survey Insights (global)
Music has a transformative power to increase productivity and reduce stress.

  • 67% of people say listening to music helps them get more done than drinking coffee.
  • 74% of people say listening to music helps reduce stress.
  • 76% of people say that listening to music helps them produce their best work. 
  • 42% of people say podcasts had a relaxing effect on their mood. 
  • 75% of people say music has made them laugh or cry unexpectedly.

Listening Motivates Us Toward Health Goals

  • 68% of people say that music helps motivate them to workout when they’re tempted to skip it. 
  • Majority of listeners say that music helps encourage them to workout longer (52%), push themselves further (55%) and exercise with greater intensity (51%)
  • 75% of people say that music has a bigger impact on their workout regimen than any supplement does.