Month: October 2016

There’s a rising controversy right now — I’ve received a couple of dozen queries about this in the last few days — regarding Facebook’s permitting advertisers to block particular ads from specific “ethnic affinity” groups, e.g. African American.

Facebook insists that these aren’t actually racial categories per se since they don’t directly ask users about their race. Rather, Facebook insists that they “merely” assign a kind of racial “score” to users based on user activities. 

That’s Facebook double-talk of course. Look at stuff that Facebook figures mainly interests whites, and Facebook sorts you into the white club. Look at materials that Facebook assumes mainly attract blacks, and Facebook relegates you to the black shack. Same idea for Hispanics, and so on.

These assumptions are naturally going to be wrong part of the time, but Facebook cares not, since they don’t make a point of explicitly telling you which racial categories — and that’s what these actually are, racial categories — that they’ve slotted you into.

But they do tell advertisers, at least to the extent that they permit advertisers to exclude different racial groups (or, excuse me, I mean “ethnic affinity” groups) from seeing particular ads or even knowing that those ads exist.

Facebook insists that their rules prohibit using these “racial control” facilities in illegal ways — such as to foster housing or job discrimination against particular racial groups.

But this issue hit the fan now when it was demonstrated how simple it is to get clearly racially discriminatory and illegal ads approved via Facebook’s advertising portal.

Facebook (which, despite having put these racial categories in their “demographics” section, seems to assert that they’re not really demographic!) tries to explain away these problems with the usual excuse — blame the users (or in this case, blame the advertisers). This despite the fact that it’s Facebook’s creation of these racial filters that practically begs racist advertisers to use them to exclude what those advertisers deem to be “undesirable” persons.

This kind of “hey, it’s not our fault!” excuse would never fly with newspaper ads or other traditional advertising, but has become common with Internet darlings, including firms like Uber and Airbnb, who are increasingly facing government actions pushing back on their cavalier attitudes in a range of contexts.

This is not to say that there’s anything wrong with targeted advertising as a whole. In fact, it helps avoid wasting users’ time with ads for products or services that they probably don’t care about.

But once you step into the fire of racial classification on the Net, you’re letting yourself in for a world of pain.

Just as a thought experiment, imagine if Google permitted YouTube uploaders to specify which racial groups would be permitted to find and view particular videos? Google would be rightly crucified in short order.

Obviously, Google would never do this. Yet what Facebook is actually doing is far worse than this imaginary example, and they’ve been doing it under the radar of most users. People writing to me are expressing outrage that Facebook didn’t clearly inform them that they were being secretly stuffed into racial boxes and being spoon-fed particular ads based on those racial classifications.

Ultimately, this sort of misbehavior by Facebook threatens to provide ammunition to politicians and their cronies who have long wished to impose draconian controls on users’ ability to post a wide range of completely legitimate materials on social media, video, and other sorts of sites. There’s nothing that these politicos would love more than to leverage racial discrimination into broad-based Internet censorship.

Facebook needs to clean up their act. Or the government is likely to clean it up for them, and in their overreaction do immense harm to everyone else in the process.

–Lauren–
I have consulted to Google, but I am not currently doing so — my opinions expressed here are mine alone.
– – –
The correct term is “Internet” NOT “internet” — please don’t fall into the trap of using the latter. It’s just plain wrong!

Word is out from multiple intelligence sources and security researchers that Hillary Clinton campaign chairman John Podesta’s Gmail account was hacked by (you guessed it!) Russian hackers under the direction of the Russian government (aka Vladimir Putin), for public distribution of Podesta’s email messages via Putin’s propaganda publishing arm: Julian Assange’s WikiLeaks. All of this in furtherance of Putin’s “Get Ignorant Puppet Trump Elected U.S. President!” project.

Apparently Podesta fell victim to a typical “spear phishing” attack, typing his Google Gmail credentials into a convincing (but fake) Google login page.

People fall for this kind of thing every day.

But don’t blame Google, because Google already provides the means to make such attacks enormously more difficult — 2-Step (“2-Factor”) Verification.

The problem is that despite Google’s constantly entreating users to avail themselves of this, most people don’t want to bother until after they’ve been hacked!

To be clear, I don’t know for an absolute fact that Podesta wasn’t using Google 2-Step Verification. But the sequence of events being reported would appear to make it extremely unlikely, because while 2-factor systems don’t make such attacks absolutely impossible to succeed, they do indeed make successful phishing attacks less likely by orders of magnitude.

And it’s not as if Google doesn’t provide plenty of choices when setting up this kind of protection.

It can be done by text messages, by automatic calls to voice phone numbers, and by authenticator apps that don’t need network access. It can even by done via high security USB-based crypto keys and printed emergency backup codes!

It’s too late for Podesta. But it’s not too late for you to protect yourself from Putin, Assange, and the more prosaic crooks who wander the Net.

If you use Gmail or other Google services, go turn on 2-Step Verification. If you use some other email system that offers 2-factor protections, go and enable them — now!

I published a write-up earlier this year explaining how to do this with Google. It’s at: Do I really need to bother with Google’s 2-Step Verification system?

Now you know — the answer is YES. It’s not a bother, it’s Google helping you to protect yourself against evil.

And that’s the truth.

Be seeing you.

–Lauren–
I have consulted to Google, but I am not currently doing so — my opinions expressed here are mine alone.
– – –
The correct term is “Internet” NOT “internet” — please don’t fall into the trap of using the latter. It’s just plain wrong!

:

“Yahoo was ordered last year to search incoming emails for the digital “signature” of a communications method used by a state-sponsored, foreign terrorist organization, according to a government official familiar with the matter.

The Justice Department obtained the order from a judge of the Foreign Intelligence Surveillance Court.

To comply, Yahoo used a modified version of its existing systems that were scanning all incoming email traffic for spam, malware and images of child pornography. The system stored and made available to the Federal Bureau of Investigation a copy of any messages it found that contained the digital signature.

Yahoo was forbidden from disclosing the order and the collection is no longer taking place, the official said Wednesday.”

 = = =

If this additional information is correct, it represents an enormously dangerous slippery slope. The inclusion of arbitrary signatures” at the behest of the government into malware/spam/cporn (“PhotoDNA”) scanning systems is a dramatic departure from firms cooperating with each other, into the realm of secret government mandates.

– – –

–Lauren–
I have consulted to Google, but I am not currently doing so — my opinions expressed here are mine alone.
– – –
The correct term is “Internet” NOT “internet” — please don’t fall into the trap of using the latter. It’s just plain wrong!

There was a lot of fascinating stuff in the Google presentation this morning, but for me the section of most immediate interest — and that may perhaps be the most important going forward for many persons — related to Google Assistant and in particular the Google Home device for accessing Google Assistant.

True, Amazon has had a similar looking pedestal device around for awhile, but the access device is only the gateway — it’s the cloud/AI/connectivity resources behind it that really matter. And on those scores, Google’s far ahead of everyone else, and is likely to continue evolving much faster as well.

This class of “full room” connectivity isn’t just important for the slick “Star Trek Computer” factor, but for the critical accessibility aids that it could provide for a vast number of people — visually impaired, mobility impaired, on and on.

And this is only the very beginning of this path. Incredibly important.

One last thing for now. A number of people have asked me if the Home device is sending everything they say in a room up to Google. I don’t have specific information regarding this device, but I’d very strongly assume that the same operational model is being used as for other Google speech recognition products, where the attention phrase “OK Google” is recognized locally on the device, and only then is audio sent up to the cloud for full analysis (and you have control over what happens to that voice data once it reaches Google as well).

Great work!

–Lauren–
I have consulted to Google, but I am not currently doing so — my opinions expressed here are mine alone.
– – –
The correct term is “Internet” NOT “internet” — please don’t fall into the trap of using the latter. It’s just plain wrong!