Gangs run mass-scale romance cons with phished dating-site logins


Netcraft reports on a rising tide of automated phishing deployed against online dating sites; crooks steal accounts, strike up romantic relationships with their victims, then run 419-style cons on them. Using dating sites as part of a con isn't new, but using stolen accounts to do it is, especially at scale. The phishing kits are easy to deploy and are used to capture credentials for dating sites including match.com, Christian Mingle, POF (PlentyOfFish), eHarmony, Chemistry.com, SeniorPeopleMeet, Zoosk and Lavalife. Interestingly, the phishing kits found in the wild now disproportionately seek logins for dating sites, as compared to banking sites and other traditional fraud targets.

Criminals launch mass phishing attacks against online dating sites [Paul Mutton/Netcraft]

(via /.)

(Image: ...And Then Sometimes Valentine's Day Sucks!, Jackie, CC-BY)

Greenhouse: browser plugin that automatically annotates politicians' names with their funders

Greenhouse is a browser plugin created by Nicholas Rubin, a 16-year-old programmer. It seeks out the names of elected US officials on any web-page you load in your browser and adds a pop-up link to their names listing the major donors to their campaigns. It uses 2012 election-cycle data drawn from Opensecrets's repository.

I've long suggested something like this as a way of improving political coverage. Indeed, you could imagine it going both ways -- any time the name of a company or individual who had made some big campaign contributions shows up in a webpage, you get a list of their political beneficiaries. Ideally, this would be an open framework to which data from any political race could be added.

Read the rest

Newspapers' nostalgia has deluded them into thinking print can be "saved"


As Register Newspapers' high-profile paywall experiment implodes, Clay Shirky offers an acerbic obituary and a dire warning in Nostalgia and Newspapers, which discusses the futility of trying to "save" print, and the news industry's enormous, wishful-thinking blindspot about its own business.

Read the rest

Every congresscritter now has an email address, thanks to Sunlight and EFF


Many congresscritters don't have public email addresses -- instead, they have hard-to-locate webforms that slow down activist email campaigns and make it harder for constituents to get in touch. EFF and the Sunlight Foundation has fixed this, giving every member of Congress her or his own email address -- an address that you can send to that will be automatically forwarded through the appropriate webform.

Sunlight has some spam-checking to stop this from being abused, and gathers some of the other information the forms collect so that they can be fully populated by the scripts. Once you're setup in the system, you can email "myreps@opencongress.org" and your message will automatically be forwarded on to you senators and house reps.

88% of Congressional staffers say that their bosses' decisions are affected by constituent email. The data and scripts are up on Github for you to build on.

Read the rest

Not selling out: Teens live in commercial online spaces because that's their only option


danah boyd points out that when kids conduct their social lives in commercial spaces, it's not because they don't care about selling out; it's because they have no other option: "In a world where they have limited physical mobility and few places to go, they’re deeply appreciative of any space that will accept them."

Read the rest

Apple adds privacy-protecting MAC spoofing (when Aaron Swartz did it, it was evidence of criminality)

Apple has announced that it will spoof the MAC addresses emitted by its wireless devices as an anti-tracking measure, a change that, while welcome, is "an umbrella in a hurricane" according to a good technical explainer by the Electronic Frontier Foundation's Jeremy Gillula and Seth Schoen.

Read the rest

Factbot: a bot that spouts viralish, truth-sounding lies


Shardcore, who gave us the programatically generated Hipsterbait tees, had advanced the art of autonomous, self-perpetuating Internet memes, with @factbot1, a bot that creates true-sounding, viral-ish lies ("Indonesians always turn left when exiting a cave", "In just one drop of Sesame seeds, 50 million bacteria can be present", "Morels were used as a Sesame seeds substitute during the Norwegian Civil War"). Here's an essay that explains the project:

Read the rest

Join the Fastlane: hypothetical ISP from the cable company fuckery dystopia


As the FCC sleazes its way towards a world of cable company fuckery, Bittorrent's Join the Fastlane provides a preview of a world where your ability to get reliable access to parts of the Internet you love is a function of those sites' willingness to bribe your ISP for "premium" carriage.

Read the rest

Rarity versus the Internet


Before the modern Internet, lots of media was "rare" -- bootleg recordings, strange videos, obscure bands -- but today, nothing is rare. As a consequence, Rex Sorgatz argues, the social capital that comes from having an encyclopedic knowledge of some band's b-sides has been greatly diminished, and the Comic Book Guy school of know-it-all-ism has transformed itself into the nitpicking commentariat.

Read the rest

Clickbait Dissertation: scholarship distilled to upworthyspeak


Clickbait Dissertations builds on the excellent work of Lolomythesis, but this time, rather than distilling their doctoral work to a single line of snark, grad students are asked to compress their scholarship to a ridiculous linkbaity headline ("What happens when you put farmers on the internet? Justice."). Bonus: each one links to the actual thesis, and most include abstracts.

Read the rest

In case of fire: please leave the building before posting to social media


Excellent advice!

A PSA

How can you trust your browser?


Tim Bray's Trusting Browser Code explores the political and technical problems with trusting your browser, especially when you're using it to do sensitive things like encrypt and decrypt your email. In an ideal world, you wouldn't have to trust Google or any other "intermediary" service to resist warrants forcing it to turn over your sensitive communications, because it would be technically impossible for anyone to peek into the mail without your permission. But as Bray points out, the complexity and relative opacity of Javascript makes this kind of surety difficult to attain.

Bray misses a crucial political problem, though: the DMCA. Under US law (and similar laws all over the world), telling people about vulnerabilities in DRM is illegal, meaning that a bug in your browser that makes your email vulnerable to spying might be illegal to report, and will thus potentially never be fixed. Now that the World Wide Web Consortium and all the major browser vendors (even including Mozilla) have capitulated on adding DRM to the Web, this is the most significant political problem in the world of trusting your browser.

Read the rest

Jay Lake, on blogging your own death

jaylake

Simon Owens writes, "I got a chance to interview Jay Lake extensively not long before his death and wrote a long profile on him and his cancer blogging that explores the impact he's had, both on the cancer and science fiction communities. He spoke extensively on what he hoped his legacy would be and how he'd be remembered after he died."

Read the rest

Twitter account that de-bullshitizes linkbaity headlines

The @Savedyouaclick Twitter account decodes linkbaity headlines so you don't have to click on things that aren't likely interesting to you.

Read the rest

Encrypt like a boss with the Email Self-Defense Guide


Libby writes, "Today the Free Software Foundation is releasing Email Self-Defense, a guide to personal email encryption to help everyone, including beginners, make the NSA's job a little harder. We're releasing it as part of Reset the Net, a global day of action to push back against the surveillance-industrial complex. The guide will get you encrypting your emails in under 30 minutes, and takes you all the way through sending and receiving your first encrypted email."

Email Self-Defense - a guide to fighting surveillance with GnuPG (Thanks, Libby!)