Connect with us

Technology

Tech Researcher Slammed Twitter For Taking Over A User Account And Joking About Reading DMs

Published

on

Twitter

Twitter made a bold move, but it did not pay off. Twitter took over one of its user’s accounts for fun and then tweeted jokes about reading the private messages in the user’s private messages, amid the growing the call for social media platforms to improve security processes following a series of security breaches and leaks involving the tech giants.

For a little context: the owner initiated the take over of the account and willingly volunteered to do the prank. The account owner was Matt Navarra, a famous tech researcher known to be one of the first to spot new features rolled out by different social media platforms like Facebook, Twitter, and Instagram.

Navarra is a widely credited individual for different tech-related news as the person to have discovered a lot of things in the tech world. Many news agencies have been in contact with Matt which means his Direct Messages probably include a lot of conversations between himself and journalists.

He is also one of those who is tipped first for new features and revelations in the tech world. It can be assumed that his DMs are also full of conversations and confidential information from tipsters. Not to mention that it probably also includes a massive amount of private conversations with him and his family and friends.

One of Navarra’s friends in the tech world was not happy with what happened. Jane Manchun Wong, a tech researcher who, like Navarra, has become famous after publishing her findings as she research for undisclosed and unreleased features from different apps and websites, has expressed on her Twitter account her disappointment for what had happened and called it an “invasion of privacy.”

“I am not comfortable with Twitter accessing our conversation with Matt Navarra because I’ve talked about my personal matters and I expected Matt would only have access to. Not cool going through someone else’s DM inbox. This is an invasion of privacy,” Wong posted in her Twitter account.

Navarra had the idea on Monday and tweeted out a call for someone to run his account for a day. He said that he was experiencing a family emergency during the day that he posted the ‘call’ for account take over and he wanted to offer someone the chance to tweet as him for a day as he takes his day off. He said that he thought that would be fun.

When Twitter, through its official handle, “raised hand” to volunteer to take Navarra’s offer, many of his followers have initially supported it – which they touted as “epic,” “gold” and a “great idea!” – without realizing the security and privacy implications of the plan.

Wong, in her Twitter post, said that people should not be sharing their login credentials and two-step authentication codes, “especially not over the internet without end-to-end encryption. Wong also slammed what happened as a bad security practice. She said:

“Sure, the whole parody is interesting and all, but this is an example of bad security practice.”

She further questioned why Twitter needed to take over Matt’s account if their purpose was only to post on his behalf. This is something, said Wong, could have been done by the tech giant with Twitter API.

“If the only purpose of this “takeover” is to post something from Matt’s twitter account, it can already be achieved with Twitter API (with limited permission granted). Better yet, Twitter should implement scoped team account permission (e.g., only letting team members to post),” she added.

Apparently, a screenshot of the DMs between Matt and Twitter, the tech researcher even offered Twitter his DMs personally telling Twitter to “enjoy [his] DMs.”

Wong slammed the idea that her personal and private communications were compromised just for fun. She blamed herself for telling her personal hardships to someone because privacy and security will be disregarded just because it’s “fun.”

“Lesson learned, I should not trust anyone on telling them about my personal hardships because it will eventually be exposed to someone else in the name of the fun takeover,” she posted.

Nonetheless, she received some hate for expressing her feelings in the possible violation of her privacy related to the event. She said that people have been telling her that she “shouldn’t have sent that DM in the first place,” “you’re just bitter about it,” and to “stop being overly sensitive about it.” /apr

A consumer tech and cybersecurity journalist who does content marketing while daydreaming about having unlimited coffee for life and getting a pet llama. I also own a cybersecurity blog called Zero Day.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

This AI Can Transform Your Photos Into A Renaissance Masterpiece

They said it is different from other photo-manipulation software available in the market.

Published

on

Photo: AI Portraits

Have you ever wondered how you would look like if your portrait is painted by the greatest of the great artists in history like da Vinci, Vermeer, and Picasso? Now, you don’t need to time travel and become a part of the royal court for your photos to be rendered in the style of the greatest maestros of all time.

Researchers from MIT’s IBM Watson AI Lab have developed a new photo manipulation project called AI Portraits that can transform your photos into Rennaissance art with just a click of a button. Using artificial intelligence (AI) based on generative adversarial network (GAN), AI Portraits is virtually reconstructing a photo uploaded in its systems and rebuilding them pixel per pixel to render the submitted photo in the style of an auto-generated art master in the past.

It’s different from other photo-editing tools

But this is not the same as other photo-editing technology. Unlike Neural Style Transfer technology used by common photo manipulation app available in the market right now, with “strong alteration of colors, but the features of the photo remain unchanged,” AI Portraits “creates new forms, beyond altering the style of an existing photo.”

Photos edited using Neural Style Transfer.

“AI Portraits Ars can paint portraits in real-time at 4k resolution. You will find yourself in front of a mirror and feel thousands Rembrandt, Caravaggio, Titian portraying you moment after moment,” reads AI Portraits website.

How does it work?

AI Portraits Ars uses Artificial Intelligence to reproduce artistic human portraits, with different styles and levels of abstraction. The platform uses the generative adversarial network (GAN) that are “trained to learn a mapping of a latent vector z ∈ Z to a generated image y = G(z) with G being the generator.” The latent space Z describes all possible portraits. “AI Portraits Ars pushes us towards an intuitive and playful way of interacting with state-of-the-art GAN models.”

“By showing our face to the neural network, we walk through the Z space and identify the vector that best describes our face in the multidimensional space of the GAN. We trained AI Portraits Ars using our GAN on 45,000 portrait images. To allow insertion of own images into the latent space of a model, we trained an inverter that can approximate the latent vector z = I(x) from an image x,” explained the developers of the platform.

Focus on European art

In training the network, the developers have used thousands of images across different art movements from the Early Renaissance to Contemporary Art. The developers said that they have a massive dataset of artworks that crosses cultural boundaries and epochs, but they focused on 15th century Europe, which is considered by art historians as “a stylistic inflection point in the history of portraiture marked by the emergence of realistic depictions of individuals.”

Interestingly, the developers have said that they are still testing certain biases in the AI. For one, they have trained their machine to recognize certain preferences from a work of art and render them to the images they produce. One, in particular, is smiles. Many of the masters in classical art do not paint smiling portraits as smiling is viewed as informal during their times. As a consequence, they have trained their AI to decide whether to render a smiling photo into an image with a smile.

“Training our models on a data set with such strong bias leads us to reflect on the importance of AI fairness […] AI Portraits Ars introduces a very different type of bias with unique themes to explore,” the developers explained.

“We encourage you to experiment with the tool as a way of exploring the bias of the model. For example, try smiling or laughing in your input image. What do you see? Does the model produce an image without a smile or laugh? Portrait masters rarely paint smiling people because smiles and laughter were commonly associated with a more comic aspect of genre painting and because the display of such an overt expression as smiling can seem to distort the face of the sitter. This inability of artificial intelligence to reproduce our smiles is teaching us something about the history of art,” they wrote.

If in case you are worried about your photos being uploaded on the internet after the spectacle made by FaceApp in the past few days, AI Portraits said that “your photos are sent to our servers to generate portraits. We won’t use data from your photos for any other purpose, and we’ll immediately delete them.”

Continue Reading

Technology

Equifax To Pay $700M Or More For 2017 Data Breach

The credit reporting company has finally settled a deal with the Federal Trade Commission.

Published

on

Photo: GotCredit | Flickr.com | CC By 2.0

Equifax has reached a deal with the Federal Trade Commission (FTC) to pay up to $700 million due to the data breach last July 2017. The data breach resulted in the leakage of personal information of 143 million Americans.

The credit reporting agency will set up a $300 to $425 million in compensation for the affected consumers. It may still increase depending on the number of users that continues to file claims. Another $175 million will be paid to the 48 states, including the district of Columbia and Puerto Rico, and $100 million will go to Consumer Financial Protection Bureau (CFPB).

Aside from the fines, Equifax will implement changes on how it handles its users’ data. Information security protocols will be revised in compliance with the FTC’s standards. There will also be an annual assessment of the company’s security risks that requires passing a board certification.

FTC Chairman Joe Simons emphasized the need for “extra responsibility” of securing personal data from companies that build businesses involving personal information. He said in a statement, “Equifax failed to take basic steps that may have prevented the breach.”

In July 2017, personal data such as names, addresses, credit card numbers, and social security numbers were hacked from Equifax’s systems.

Equifax is considered as one of the three largest credit-reporting companies that track the financial history of consumers. The company collects data on financial transactions such as loans, credit card payments, child support payments, rent and utility payment, and credit limits. Aside from financial records, additional personal data such as employment history and valid ID numbers are also collected. Using this data, the company computes each’s credit scores.

When the company shared about the incident on September 2017, they identified that 209,000 U.S. consumers had their credit card numbers stolen. About 182,000 people have already reported credit card disputes.

After a thorough investigation, it was found out that 143 million users were affected. Most of which were residents of the United States, the United Kingdom, and Canada.

Unfortunately, not all 143 million consumers know that their information was given to Equifax. The credit reporting company collects data from credit card companies, banks, stores, and lending agencies.

Since the incident, the company has mailed notices to identified affected consumers.

Aside from the notices, users can check if they were affected by the hack through a website set up by Equifax. In the website, a user can check their status by clicking the “Check Potential Impact” link and submit their name and the last six digits of their Social Security number.

The user will then receive an email notifying whether their information was included in the hack. Aside from the notification, Equifax is also offering a security option called Trusted ID Premier.

The user can enroll in the TrustedID Premier, which provides free credit file monitoring and identity theft protection for a whole year. Users had until January 31, 2018, to enroll themselves on the program.

Initially, anyone who enrolls may be limiting themselves to participate in class-action suits or any lawsuit against the company. However, due to the backlash, the company had to remove it from their terms and conditions.

Equifax learned about the hack on July 2017, but only disclosed to the public after three months. Their info-sharing with the affected people were also criticized. Instead of calming the consumers, the threat of possible identity theft grew as consumers are left clueless about what has happened.

Hackers were able to gain access to personal data through a security flaw in a tool for building web applications called Apache Struts. Equifax used this tool as a support for its online dispute portal.

Equifax has admitted that its security department was aware of the security flaw months before hackers targeted their apps. The company was working on patches for the security flaw but was not able to deploy it on time.

Aside from the lapse of judgment, when a data breach was discovered on July 29, the company waited a day before taking the web application offline. Based on the company’s statement, the delay was purposely done to “observe additional suspicious activity.”

The company outsourced the help of Mandiant, a cybersecurity firm, to assess the damage done by the hacking incident. It was then revealed that a series of data breaches have already occurred since May 13 until June 30.

Many criticized Equifax’s delayed responses to the vulnerability discovered months before the hacking incident happened. Jon Hendren, director of security firm UpGuard, said, “There’s really no excuse whether it’s a difficult patch or not, for an organization of that size with that kind of magnitude of data.”

Due to the breach and the disappointing crisis and public relations management, the company’s CEO Richard Smith retired last September 2017, effective immediately. The company also announced retirements of its top security and information executives during that time.

Continue Reading

Technology

Slack’s New Update Promises Faster Loading And Lesser Memory Consumption

Published

on

Photo: Slack Website

Popular online collaboration platform, Slack, is launching a new and improved version, but it’s not necessarily something that a naked eye can see.

Slack is introducing a new update to its web and desktop today which promises users to experience with unprecedented speed, with lesser memory consumed. Slack will completely rebuild the underlying technology where the platform runs.

For the last few years, Slack has been working on moving the web and desktop clients to a modern stack and away from jQuery and other (and slower) technology that is used when it first introduced these tools in 2012.

“We want people to be able to run Slack alongside anything else they’re using to get their job done and have that be easy, uncumbersome, delightful even. So we took a look at the environment we’re in,” Jaime DeLanghe, Director of Product Management at Slack, told TechCrunch. “I think the other thing to note is that the ecosystem for client-side development has just changed a lot in the past five years. There have been some major updates to JavaScript and new technologies like React and Redux to make it easier to build dynamic web applications. We also wanted to update our stack to fit in with the modern paradigm.”

Slack has been quietly rolling out several updates over the last few months to serve as a foundation for the new and improved platform. However, users will only be able to feel the difference once they update their slack client to the latest version. It is because the new Electron app by Slack will hold all the new pieces together.

The new updates have promising new capabilities. According to the company, the updated version of their desktop and web client will use least than 50% memory than previous versions of Slack. This means that the new web and desktop client will be able to run smoother in memory-scarce devices. With that, Slack promises that the updated client will run at least 33% faster than previous versions.

Moreover, joining an incoming call will also be ten times faster now, they added. And of course, these new updates will be best felt by users who are members of multiple workspaces, as the team has designed these improvements under the assumptions that most of their users belong to multiple workspaces.

In the previous versions, the struggle for users with multiple workspaces is real, especially if they move from one workspace to another. It is because they use to take up a lot of memory space and CPU cycles to switch between them. That’s the downside, according to Slack, of them using its own Electron process in its old versions.

But now, Slack worked with React to build the UI components of the UI. With that, instead of users waiting to load all the data before the UI is displayed, the new app promises to load data as it becomes available, saving users’ time in the process. This new technology used by slack would allow users to read previously opened channels and conversations even when they are offline.

“I’m not going to over-promise,” DeLanghe said. “This removes one of the barriers that any company that’s scaling and building features at the same time has to think about. […] This makes that tradeoff a little bit easier.”

All of these improvement implies good news to Slack users. Now that the platform has already moved to a more modern blueprint for its web and desktop client, new developments are more likely to happen, which will help users maximize the potential of this collaboration app.

The announcement of Slack’s improvements comes a month after the company has started with its successful IPO. More than 600,000 companies and organizations are using Slack as their central collaboration and messaging platform. Others are even considering the platform as an “indispensable” alternative to older forms of communication like emails.

Meanwhile, the roll-out of the new and updated version of slack desktop and web client will happen through the course of the next few days. However, it is vital to note that the rolling out of new Slack comes in two phases as users need to the new desktop application, and they also need to become eligible for the latest version.

Continue Reading

Trending