In Canon City, Colorado, one of the biggest sexting scandals of all-time breaks out. Scores of high school students are in trouble for carrying nude photos of underage peers on their smartphone. Many face felony counts, child pornography charges and years of prison. How did they do it?
They do it through the ghost apps. These apps look like normal apps but hide a secret photo vault. It turns out a calculator ghost app was used during the Canon City High sexting scandal. On the surface, it looked like a calculator app. But if you type in a password through the calculator, it will take you to a secret room where you can hide pictures and other personal belongings. But these kids used it to take and receive nude and explicit pictures. One can simply search Google ‘vault apps’ and you’ll get an assortment of choices of ghost apps, including this calculator. These ghost apps first sold in 2012, and are extremely popular. The Private Photo Vault is the 28th most popular app in Apple’s App Store. The calculator ghost app called Secret Calculator Folder Free has over 800 reviews. And the Canon City High scandal is hardly unique. Unfortunately, sexting is a disturbing trend for many Gen Zers today.
So what do we do? I urge parents to stay on top of their kids’ smartphone activity. Check it often. Check their social media pages often. Talk to them about the dangers and long term consequences of sexting. It’s not a game, and what you do online can effect you for life. They’re a lot of teens in Canon City that will find that out the hard way. But it’s not just teenagers that could fall prey to this. There’re plenty of adults who would use ghost apps for sinister and perverted purposes. And there’re plenty of adults who would be victimized by adult culprits who use ghost apps for such underhanded purposes. The technology isn’t the problem. The person behind the technology is the problem. So what do we do?
For over two years, cybersecurity and surveillance have been hot button issues. In the midst of all the debates and controversy, US Senators introduce the Cybersercurity Information Sharing Act.
For privacy advocates, this act is nothing good. What is does is protect government surveillance activities and programs and make it look like they’re protecting our right to privacy. Despite outcry over it’s most controversial aspects, and pleas to change them, the US Senate didn’t listen. They voted 74-21 in favor of the old CISA. CISA is supposed to allow companies to share cyber threats with Dept. of Homeland Security, FBI, NSA and other federal agencies. It’s believed we can thank the landslide Senate vote to major hacks over the last year or two, like Target and Sony Pictures. So what’s the problem? According to civil libertarians and privacy rights groups, CISA allows companies to spy on their customers and report any misinterpreted posts, comment, or joke to the federal authorities, no matter how innocent the post may be. Privacy advocates criticized how vague CISA’s definition of ‘cybersecurity threat’ is. As it turns out, the majority of Silicon Valley is against CISA, citing the same concerns. But supporters of CISA say company information sharing is voluntary and peoples’ personal information must be left out of it. Of course, this is according to Senate Intelligence Committee chair Richard Burr.
I already find something wrong with this. Senator Burr said peoples’ personal information must be left out. What if that person really is a dangerous threat to society? How are you going to bring them to justice if you don’t know who they are? That’s a warning sign. And what’s up with this superficial definition of cybersecurity? Could that really mean a terrorist threat or hacker threat? ?Or could that mean anything that could be ‘offensive’ or ‘obscene’ could be subject to federal scrutiny? How far can this go?
In yesterday’s blog, I talked about Facebook’s warning of potential hacks from international governments. Facebook, and others, may have a reason to be concerned.
According to a cyber security company named CrowdStrike, a close ally of the US government, Chinese hackers have gone after American corporate interest for weeks. In fact, this cyber security agency employs former NSA and FBI experts in their war against cyber attacks. This would violate the most recent agreement between United States and China which says in layman’s terms, “We won’t hack you if you don’t hack us”. CrowdStrike says it’s really bad against US technology companies and the pharmaceutical industry. In fact, CrowdStrike says the first of these attacks came on September 26. That’s the very day after US President Barak Obama and Chinese President Xi Jiniping made the anti-hack pact. We don’t know which company was hit because of confidentiality. But they take credit for finding and thwarting the attacks before it got too serious. In other words, no corporate secrets were leaked and nobody’s personal information was compromised. CrowdStrike chose not to discuss how they knew it was China, since hackers are so good at hiding their IP and disguising themselves. But they did say Deep Panda was a main suspect. That’s a hacking group believed to be close to the Chinese military.
Okay, if they’re not going to tell the public which companies were hit, I hope they told everybody in the respective company that was attacked, from the CEO to the custodian. If they’re told, at least they’ll look out and protect themselves. I believe it’s better to warn people than let people believe nothing is happening or that nothing will ever happen. I also believe there are two sides to every story. We heard one side. Of course, China insists their hands are clean, and it was the threat of US sanctions that got their attention. What is China‘s side of this story?
Look at the news today. Look at the war in Syria. Look at the violence between Israel and Palestine. Look at tensions in Asia, and mass shootings in the United States. The world is becoming a dangerous place.
Is this why Facebook warns of state attacks, attacks sponsored by foreign governments? Last Friday, October 16, Facebook’s Chief Security Officer Alex Stamos put a notice out. The notice said if they believe your page was targeted by a government hacker, they will pop-up a message urging you to secure your account. One thing you’ll be instructed to do is turn on ‘Login Approvals’. This prevents others from logging in your account. For mobile Facebook users, Login Approvals will send a security code to your phone. Only those who enter the code, aka the smartphone’s owner, can login. Stamos didn’t mention a credible threat, but noticed state sponsored and government hacks are more dangerous than other hacks. So if you see a message of this severity, chances are a lot more than your Facebook account was hit. Chances are your whole computer was hit by malware or some other dangerous virus. Facebook advises that if you see this pop-up message on your system, you should either rebuild or replace your whole entire system.
I appreciate Facebook warning us of such a serious threat. I even appreciate them telling us how venerable we are to international government hackers. But why are they telling about this now? I’m especially inquisitive when I read that Chinese cyber attacks are happening to US companies, and these hacks have been intensifying for weeks. Is this a coincidence? And I notice Facebook didn’t say which specific nationalities or states. This may sound crazy, but could they have included even US entities like the NSA? Are we to be that concerned with the foreign enemy? Or are our enemies right beside us?
For the last couple of years, technology and the Obama administration has had quite the relationship. Recently, it’s flared up again over the encryption issue.
Intense deliberation about encryption has taken months. The Obama administration decided it won’t push legislation requiring communication technology companies to decode messages for law enforcement whenever law enforcement wants. That’s a small victory for privacy rights advocates and Constitution advocates, but don’t pop the champagne yet. The White House still wants telecommunication companies to create ways for government to go into people’s data, but only for criminal and terrorist investigations. This is basically government agencies trying to walk the tightrope between public safety and ensuring privacy rights. However, FBI officials complain encryption makes it harder and harder to catch the bad guys. Take any smart device. Only the device owner has access to such data. So basically, in the case of smartphones, companies would be of little if any help even with a search warrant. National Security Council spokesman Mark Stroh addressed this dilemma. He said, “As part of those efforts, we are actively engaged with private companies to ensure they understand the public safety and national security risks that result from malicious actors? use of their encrypted products and services.? ?Privacy rights advocates don’t trust the administration’s definition of strong encryption.
After months of quarreling over the encryption issue, little progress has been made. Don’t expect this issue to be solved or resolved anytime soon. Some of these complaints might be valiant. What if the guy with the smartphone is a terrorist, sociopath, psychopath, or career criminal? It might take more effort to catch him. But the point is, 99% of smartphone users don’t fit in such categories. So what about us? How long will they walk this tightrope? And can the handful of criminals be punished without taking it out on the rest of us?
Seven of Donald Trump’s hotels are hacked! The billionaire/real estate mogul/presidential candidate’s Trump Hotel Collection confirmed certain hotels were hit by cyber attacks. Now, customers’ information could be at risk.
These hotels include Trump SoHo New York City, Trump International New York, Trump International Chicago, and Trump International Hotel and Tower Las Vegas. Seven of the 14 hotels Trump manages have been hit. Trump Hotel Collection stated unauthorized malware access may be the blame. In layman’s terms, hotel guest’s and customer’s credit card numbers, security codes and expiration dates may have been compromised. The breached has reportedly happened between May 2014 and early June 2015. ?Trump Hotel Collection confirmed no person’s information was taken, to the best of their knowledge. But they’re taking major precautions and urging customers to do what they can to protect themselves. The company said that during these months, hackers attacked hotel check-in desks, hotel restaurants, gift shops, and other hotel points where credit cards are often used. The attacks have been reported to the FBI, and hackers involved can face severe prosecution and prison time. Trump Hotel Collection is offering a year of free fraud protection and restoration to any customers whose information was compromised.
Yes, I’m reporting another hacking. But the timing of this one is eerie to me. Someone chose to hack Donald Trump’s hotel franchise at a time when Trump is still leading in the Republican polls. His lead has decreased over the last couple of weeks, but he’s still a political force to be reckon with. So who hacked it and why? Something tells this is more than a just a typical hacking. Maybe I’m sounding paranoid, and no, I don’t have any proof of it, but I smell a mystery in the making. Trump haters have come out the woodwork, especially since his presidential candidacy. Could somebody could have done this to disrupt Trump’s campaign? Could somebody have done this to make Trump look incompetent, something like, “If Trump can’t even run his hotels, how can he run the country?”? Is that the cyber attackers’ spin on this? ?Was this cyber attack politically motivated? Did an anti-Trump person do this?
