Security
Facebook will force at-risk users to use two-factor authentication
As part of its Protect program
Compromised accounts are now a part of our daily lives. Every week, more and more of our personal accounts get involved in potential attacks. As such, several platforms always encourage us to change our passwords especially when the account is involved in a massive breach. Now, with more security options available to us, sites can encourage us to do much more. Reflecting this, Facebook will soon force potentially compromised accounts to implement two-factor authentication.
The platform’s Protect program detects individuals in a higher risk of having their account compromised. It can help activists, politicians, celebrities, journalists, and public figures to save their accounts before attacks happen. As part of that program, Facebook will start forcing members of the program to implement the additional safety feature as soon as possible. The new policy will start rolling out all over the world in the coming months.
Two-factor authentication involves using an authentication app — like Google’s Authenticator — to access the app right after inputting the account’s password. Nowadays, a password is already an inadequate way to protect an account. Though the program will force compromised accounts to use the security feature, it is still recommended for everyone to use two-factor authentication to protect their accounts.
SEE ALSO: Facebook terminates Facial Recognition from platform
Finding new vulnerabilities is part and parcel of a device’s lifecycle. Cybersecurity firms discover new holes in a device’s security regularly. Thankfully, a firm’s discovery quickly leads to a patch from the affected brand. A newly discovered one, however, is defying common practices. Apple has recently uncovered a hardware vulnerability that’s impossible to patch.
Recently, a team of researchers sprinkled throughout the United States brought the vulnerability to everyone’s attention. The potential exploit is present in Apple’s M-series, a recent lineup of chipsets for newer Macs.
The vulnerability works by exploiting a feature that complements the chipset’s memory called the data memory-dependent prefetcher (or DMP). The DMP can predict where a piece of code is based on previous behavior. It reduces the chipset’s latency, ensuring better performance.
Now, the exploit, which the researchers have named GoFetch, disguises itself as a “pointer,” which tells the DMP which data to fetch. GoFetch can effectively point at data it wants to steal, and the feature will hand the data over willingly.
In more practical terms, malicious parties can hide this exploit inside innocent-seeming apps. Though the exploit still needs a significant amount of time to work, it’s not impossible to trick users into having an illicit app open for an extended length of time.
The other catch is how impossible it is to patch. Because the exploit is a hardware-based vulnerability, Apple cannot patch it out without re-engineering the silicon. There are software-based patches; however, doing so will reportedly compromise the performance of the chipset. The team is still researching for the effects of other software patches.
At this point, the only way to protect against the vulnerability is the same piece of advice for all hacks: Be careful of what you install.
SEE ALSO: Apple M3 MacBook Air Review
According to Google, Filipino netizens had a higher interest in cybersecurity last year.
The Philippines ranked among the top in the world in keyword searches for the following terms:
- malinformation
- cybercrime
- phishing
- malware
- fraud
- scam
- one-time password
- password strength
The word “fraud” particularly reached a 13-year high in search volume. Meanwhile, searches for “scam” increased by 40% from 2022.
These keyword search trends are a reflection of the Filipino netizen’s better interest in internet safety practices.
To help more Filipinos maintain safe browsing online, here are eight tips from Google.
Install the latest OS, updates
Turn on auto-updates on your device and web browser. Don’t ignore warnings or notifications. It’s also crucial to run the latest updates for security enhancements and protection against new threats.
For Android device users, Google Play Protect should be automatically turned on to provide protection against malicious apps and more.
Use password manager
Google’s Password Manager is a free, built-in tool to help users create, store, and manage secure passwords for all accounts.
Aside from the convenience it gives, the service also analyzes saves passwords for weaknesses or if they’ve been exposed for breaches.
Secure accounts with passkeys
Speaking of passwords, Passkeys like fingerprints or face IDs provide an extra layer.
They can keep your accounts safe against phishing since they are stored on your device.
Run regular security checkups
Google Security Checkup is a simple tool within one’s Google Account that reviews and improves their online security.
This helps users identify and fix potential vulnerablities across digital properties from connected devices and third party apps.
Review your data settings
Run a deeper checkup to see whether your apps and accounts are above-board.
Make sure you’re not sharing any data, especially sensitive information. Look through each app and site as well to see if you agree with their terms and conditions, and settings.
Avoid suspicious links
Take a moment before clicking any online or SMS links. These are usually links that can steal your sensitive information.
If a link does not look legitimate, report them immediately and block the source.
Don’t give in to pressure
Scams and frauds, whether online, over the phone, or in person, rely on pressuring someone or getting them nervous and careless.
When you are rushed to make a decision and it feels unusual, take a moment to stop, think, and assess the situation. If you’re not allowed to pause, something is not right.
Check the facts
Before posting or sharing, verify information first. See if the information is from a trusted source. Using Google Search, check the way it is written or said, who shared it, and other details.
Over the years, Chrome’s Incognito Mode accumulated quite the reputation. For most users, the alternative browsing mode was a quick way to browse dubious websites away from prying eyes. However, the mode isn’t as incognito as the name implies, as evidenced by a lawsuit from years ago. Now, Google has caved in and admitted the shortcomings of Incognito Mode.
Back in 2020, Google faced a lawsuit against the purported security of Chrome’s Incognito Mode. The lawsuit alleges that the private mode still lets websites track a user’s data.
At the time, Google themselves confirmed that websites can do that. Now, almost four years after the lawsuit, the company has agreed to settle the US$ 5 billion lawsuit.
Now, Chrome is adding a new disclaimer (spotted via MSPowerUser) to hopefully keep users from expecting complete privacy while using Incognito Mode. Besides alerting users that the device still saves downloads and bookmarks, the disclaimer that shows up whenever Incognito Mode is opened now also reads: “This won’t change how data is collected by websites you visit and the services they use, including Google.”
Unfortunately, the disclaimer isn’t meant to change how websites process your data. It’s just a way to reduce Google’s liability whenever someone complains about the security of their data.
Now, if you’re looking for a more secure way to browse the internet, other methods will serve your purposes more. For example, VPNs and Tor offer more anonymity online. Some browsers — Brave, for instance — offer those services built into the software already.
SEE ALSO: Google sued for tracking Chrome users in Incognito Mode
-
Reviews1 week ago
realme 12 5G review: It was enchanting to meet you
-
Buyer's Guide2 weeks ago
2024 Samsung TV: Buyer’s Guide
-
Reviews3 days ago
OnePlus 12R review: Making sense of OnePlus’ latest flagship
-
Reviews2 weeks ago
JBL Soundgear Sense review: Make every run magical
-
Smartphones2 days ago
Huawei Pura 70 Pro Unboxing and First Impressions
-
Reviews2 weeks ago
Challengers review: A thrilling drama wrapped as a tennis anime
-
News1 week ago
Xiaomi Redmi A3 Philippine pricing, availability
-
Smartphones1 week ago
Infinix NOTE 40 Pro+ 5G: Philippine pricing, availability