Web Finds for October 2, 2018

Web Finds are from my web surfing travels. You’ll find some unique and informative news, apps and websites that you may have never known existed. Enjoy!

Apple, Firefox tools aim to thwart Facebook, Google tracking
New protections in Apple’s Safari and Mozilla’s Firefox browsers aim to prevent companies from turning “cookie” data files used to store sign-in details and preferences into broader trackers that take note of what you read, watch and research on other sites.
Via AP News

National Cybersecurity Awareness Month: Cybersecurity at Home | US-CERT
October is National Cybersecurity Awareness Month (NCSAM), an annual campaign to raise awareness about cybersecurity. The National Cyber Security Alliance (NCSA) has published general tips to help you increase your cybersecurity awareness—including whom to contact if you are the victim of cyber crime—and protect your online activities.

NCCIC encourages users and administrators to review NCSA’s guidance for online safety basicsand the NCCIC Tip on Avoiding Social Engineering and Phishing Attacks for additional information.
Via US-Cert

How to Delete Your Facebook Account: A Checklist
Here’s a guide on how to delete your Facebook account.
Via lifehacker

Previous Web Finds are here.

Facebook gets hacked again. 50 Million users personal information put at risk.

I’m sure you’ve already read or heard about the latest Facebook hack involving the personal information of at least 50 million users. The hack was revealed in a Facebook blog post yesterday. If you haven’t here are the details.

Mike Isaac and Sheera Frenkel, writing for the New York Times

Facebook, already facing scrutiny over how it handles the private information of its users, said on Friday that an attack on its computer network had exposed the personal information of nearly 50 million users.

According to TechCrunch, Instagram and other third-party sites that use Facebook Login may not be out of the woods either.

In a follow-up call on Friday’s revelation that Facebook has suffered a security breach affecting at least 50 million accounts, the company clarified that Instagram users were not out of the woods — nor were any other third-party services that utilized Facebook Login. Facebook Login is the tool that allows users to sign in with a Facebook account instead of traditional login credentials and many users choose it as a convenient way to sign into a variety of apps and services.

As I’ve written before, now is a good time to delete your Facebook account. Between getting hacked and selling your personal data for advertising purposes Zuckerberg and his gang just can’t be trusted.

Facebook is using your 2FA phone number to target you with ads

Facebook has stooped to the lowest possible level. TechCrunch has exposed the fact that Facebook is using 2FA phone numbers to target users with ads. Zuckerberg and his gang are taking the number users are using to additionally secure their accounts and using it for ad targeting.

Some months ago Facebook did say that users who were getting spammed with Facebook notifications to the number they provided for 2FA was a bug. “The last thing we want is for people to avoid helpful security features because they fear they will receive unrelated notifications,” Facebook then-CSO Alex Stamos wrote in a blog post at the time.

I guess the bug wasn’t a bug after all. Just another Facebook lie.

Facebook has confirmed it does in fact use phone numbers that users provided it for security purposes to also target them with ads.

Specifically a phone number handed over for two factor authentication (2FA) — a security technique that adds a second layer of authentication to help keep accounts secure.

Here’s the statement, attributed to a Facebook spokesperson: “We use the information people provide to offer a better, more personalized experience on Facebook, including ads. We are clear about how we use the information we collect, including the contact information that people upload or add to their own accounts. You can manage and delete the contact information you’ve uploaded at any time.”

If you haven’t deleted your Facebook account yet now would be a good time to do so.

iOS Safari content blockers

Ben Brooks has published his test results for Safari content blockers. Since I’ve been thinking about a different blocker I found his testing to be helpful. Up until today, I’ve been using the original 1Blocker which is now called Legacy since 1Blocker X was introduced several months ago. By the way, 1Blocker X is Ben’s overall number one pick.

My concern has been whether the developer will continue to update the Legacy app?

So after reading Ben’s evaluation I’m switching over to BlockBear his second choice overall but his first choice for those who don’t want to tinker with the settings and that’s me. As a side note, I also use TunnelBear VPN by the same developer.

Safari Content Blocker Evaluations – 9/26/18 Edition

I ran another round of content blocker testing for Mobile Safari in order to take a look at which ones are the ‘best’ right now. To be fair: it’s really hard to find these content blockers on the App Store now, so I grabbed the ones which looked the most popular to me (top lists, and top search results) and then did the testing to see which was the best.

BLOCKBEAR

My overall rating on this was: quick, not perfect. If I needed to tell a non-technical friend or family member which content blocker to use, this would be the content blocker I would tell them to use. The setup is “cute” and dead simple. The entire app is dead simple actually, and it worked pretty well overall. No customization, but it does have whitelisting if that family member keeps having trouble with a site.

And it is fast, as it is tied for the fastest of the group. It’s not what I recommend for most people who regularly read this site, as I suspect you’ll want the features of 1Blocker X. That said, I can understand why you would use this. It’s simple and easy. And that you can whitelist from the share sheet in Safari, only makes it an even better pick for those who want ease of use.

Web Finds for June 11, 2018

Web Finds are from my web surfing travels. You’ll find some unique and informative news, apps and websites that you may have never known existed. Enjoy!

17 Basic macOS Terms Every Mac User Needs to Know and Master
Whether a newbie or veteran, you have a whole lot of Apple-specific glossary to pick up and master. But don’t worry, it’s not all that difficult.
Via Makeuseof

10 Strikes and You’re Out — the iOS Feature You’re Probably Not Using But Should
For many years now, iOS has offered an option in the Passcode section of the Settings all: “Erase all data on this iPhone after 10 failed passcode attempts.
Via Daring Fireball

How to Request a Copy of Your Apple ID Account Data
Apple now allows its customers to download a copy of their personally identifiable data from Apple apps and services. This can include purchase or app usage history, Apple Music and Game Center statistics, marketing history, AppleCare support history, and any data stored on Apple servers, including the likes of calendars, photos, and documents.
Via MacRumors

4 Ways to Generate a List of Apps Installed on Your Mac
I ran across this the other day. It’s not something that I would use often but in the right situation it could be very helpful.
Via Makeuseof

Previous Web Finds are here.

#deletefacebook

Since the Cambridge Analytica news broke “deletefacebook” is trending. It appears users are leaving the social network in big numbers. They have figured out that Facebook is nothing more than a mass surveillance machine. Their service is not to make life better, as they would have you believe, but instead to gather as much information about you as they can and then sell it for targeted ads and services. That’s their core business model of collect, store, analyze, and exploit.

I found John Biggs TechCrunch article #deletefacebook worth sharing. It’s about his realization that Facebook’s having so much of his personal information is a liability.

Facebook is using us. It is actively giving away our information. It is creating an echo chamber in the name of connection. It surfaces the divisive and destroys the real reason we began using social media in the first place – human connection.

It is a cancer.

I’ve begun the slow process of weaning myself off of the platform by methodically running a script that will delete my old content.

I encourage you my reader to #deletefacebook. I would but I’ve never had an account so I have nothing to delete.

iCloud data is stored on Google servers

I always thought my iCloud data was stored in an Apple-owned data center. I’m not sure why I thought that. I guess I just assumed. Turns out it’s not. It’s being stored on Google and Amazon S3 servers.

I’m not sure how I feel about that. I started avoiding Google services several years ago. I left Gmail for Fastmail. I moved my calendars and contacts from Google to Apple Calendar and Contacts. Now I find out that Apple is storing my data on Google servers.

I guess we have to trust that Apple is properly securing our data on Google and Amazon’s servers. They say they are.

iCloud stores a user’s contacts, calendars, photos, documents, and more and keeps the information up to date across all of their devices, automatically. iCloud can also be used by third-party apps to store and sync documents as well as key values for app data as defined by the developer. Users set up iCloud by signing in with an Apple ID and choosing which services they would like to use. iCloud features, including My Photo Stream, iCloud Drive, and iCloud Backup, can be disabled by IT administrators via MDM configuration profiles. The service is agnostic about what is being stored and handles all file content the same way, as a collection of bytes.

Each file is broken into chunks and encrypted by iCloud using AES-128 and a key derived from each chunk’s contents that utilizes SHA-256. The keys and the file’s metadata are stored by Apple in the user’s iCloud account. The encrypted chunks of the file are stored, without any user-identifying information, using third-party storage services, such as S3 and Google Cloud Platform.

​CNBC first reported on this.