Tag: email

What can be done about taming political rhetoric on online services?

24/06/2020 Current and Future Trends, Government-Citizen Online Activity, Social Web No Comments

Article

Australian House of Representatives ballot box - press picture courtesy of Australian Electoral Commission

Online services may have to observe similar rules to traditional media and postal services when it comes to handling election and referendum campaigns

There’s a simple way to reduce extreme political rhetoric on Facebook and Twitter | FastCompany

My Comments

In this day and age, a key issue that is being raised regarding the management of elections and referenda is the existence of extreme political rhetoric on social media and other online services.

But the main cause of this problem is the algorithmic nature associated with most online services. This can affect what appears in a user’s default news feed when they start a Facebook, Twitter or Instagram session; whether a bulk-distributed email ends up in the user’s email inbox or spam folder; whether the advertising associated with a campaign appears in search-driven or display online advertising; or if the link appears on the first page of a search-engine user experience.

This is compared to what happens with traditional media or postal services while there is an election or referendum. In most of the democracies around the world, there are regulations overseen by the electoral-oversight, broadcasting and postal authorities regarding equal access to airtime, media space and the postal system by candidates or political parties in an election or organisations defending each option available in a referendum. If the medium or platform isn’t regulated by the government such as what happens with out-of-home advertising or print media, the peak bodies associated with that space establish equal lowest-cost access to these platforms through various policies.

Examples of this include an equal number of TV or radio commercial spots made available at the cheapest advertising rate for candidates or political parties contesting a poll, including the same level of access to prime-time advertising spaces; scheduled broadcast debates or policy statements on free-to-air TV with equal access for candidates; or the postal service guaranteeing priority throughput of election matter for each contestant at the same low cost.

These regulations or policies are to make it hard for a candidate, political party or similar organisation to “game” the system but allow voters to make an informed choice about whom or what they vote for. But the algorithmic approach associated with the online services doesn’t guarantee the candidates equal access to the voters’ eyeballs thus requiring the creation of incendiary content that can go viral and be shared amongst many people.

What needs to happen is that online services have to establish a set of policies regarding advertising and editorial content tendered by candidates, political parties and allied organisations in order to guarantee equal delivery of the content.  This means marking such content so as to gain equal rotation in an online-advertising platform; using “override markers” that provide guaranteed recorded delivery of election matter to one’s email inbox or masking interaction details associated with election matter posted on a Facebook news feed.

But the most important requirement is that the online platforms cannot censor or interfere with the editorial content of the message that is being delivered to the voters by them. It is being seen as important especially in a hyper-partisan USA where it is perceived by conservative thinkers that Silicon Valley is imposing Northern-Californian / Bay-Area values upon people who use or publish through their online services.

A question that can easily crop up is the delivery of election matter beyond the jurisdiction that is affected by the poll. Internet-based platforms can make this very feasible and it may be considered of importance for, say, a country’s expats who want to cast their vote in their homeland’s elections. But people who don’t live within or have ties to the affected jurisdiction may see it as material of little value if there is a requirement to provide electoral material beyond a jurisdiction’s borders. This could be answered through social-media and email users, or online publishers having configurable options to receive and show material from multiple jurisdictions rather than the end-user’s current jurisdiction.

What is being realised here is that online services will need to take a leaf out of traditional regulated media and communication’s playbook to guarantee election candidates’ fair equal access to the voters through these platforms.

WhatsApp now highlights messaging services as a fake-news vector

03/04/2019 Current and Future Trends, Fake News, Disinformation and Propaganda, Network Lifestyle And Activities, Social issues involving home computing, Social Web No Comments

Articles

WhatsApp debuts fact-checking service to counter fake news in India | Engadget

India: WhatsApp launches fact-check service to fight fake news | Al Jazeera

From the horse’s mouth

WhatsApp

Tips to help prevent the spread of rumors and fake news {User Advice)

Video – Click or tap to play

My Comments

As old as the World-Wide-Web has been, email has been used as a way to share online news amongst people in your social circle.

Typically this has shown up in the form of jokes, articles and the like appearing in your email inbox from friends, colleagues or relatives, sometimes with these articles forwarded on from someone else. It also has been simplified through the ability to add multiple contacts from your contact list to the “To”, “Cc” or “Bcc” fields in the email form or create contact lists or “virtual contacts” from multiple contacts.

The various instant-messaging platforms have also become a vector to share links to articles hosted somewhere on the Internet in the same manner as email, as has the carrier-based SMS and MMS texting platforms when used with a smartphone.

But the concern raised about the distribution of misinformation and fake news has been focused on the popular social media and image / video sharing platforms. This is while fake news and misinformation creep in to your Inbox or instant-messaging client thanks to one or more of your friends who like passing on this kind of information.

WhatsApp, a secure instant-messaging platform owned by Facebook, is starting to tackle this issue head-on with its Indian userbase as that country enters its election cycle for the main general elections. They are picking up on the issue of fake news and misinformation thanks to the Facebook Group being brought in to the public limelight due to this issue. As well, Facebook have been recently clamping down on inauthentic behaviour that was targeting India and Pakistan.

WhatsApp now highlighting fake news problem in India, especially as this platform is seen as a popular instant-messenger within that country. They are working with a local fact-checking startup called Proto to create the Checkpoint Tipline to allow users to have links that are sent to them verified. It is driven on the base of a “virtual contact” that the WhatsApp users forward questionable links or imagery to.

But due to the nature of its end-to-end encryption and the fact that service is purely a messaging service, there isn’t the ability to verify or highlight questionable content. But they also have placed limits on the number of users one can broadcast a message to in order to tame the spread of rumours.

It is also being used as a tool to identify the level of fake news and misinformation taking place on the messenger platform and to see how much of a vector these platforms are.

Personally, I would like to see the various fact-checking agencies have an email mailbox where you can forward emails with questionable links and imagery to so they can verify that rumour mail doing the rounds. It could operate in a similar vein to how the banks, tax offices and the like have set up mailboxes for people to forward phishing email to so these organisations can be aware of the phishing problem they are facing.

The only problem with this kind of service is that people who are astute and savvy are more likely to use it. This may not affect those of us who just end up passing on whatever comes our way.

What can be done to support secure email?

19/06/2018 Data security No Comments

Personal and business Internet users are showing interest in the concept of secure email. This is to assure that confidential emails only end up being viewed by the eyes of their intended recipients.

It is being driven by issues relating to confidential personal and business information being leaked to the Web along with a common personal worry regarding government surveillance in the age of terrorism and extremism. Along with this, activists, journalists and the like are wanting to rely on secure communications to pass through critical information in areas that are hostile to freedom of speech and the press. In some cases, people travelling through countries known to be hostile to freedom of speech like Russia and China have been encouraged to keep their data highly secure due to the espionage taking place in these countries.

Compose Email or New Email form

More work needs to be done on secure email

There is a slow increasing prevalence of secure email platforms appearing on the Web. These platforms such as the Swiss-based ProtonMail and the secure iteration of Google’s GMail service are dependent on a Web-based user interface. Along with this, most of us are implementing instant-messaging platforms like WhatsApp, Viber and Telegram to send personally-confidential material to each other.

But they offer a series of features intended to assure personal privacy and corporate data security. They offer end-to-end encryption for the emails at rest (while they are on the servers pending delivery) and in transit (while they are being moved between servers). They also offer the ability for users to send seif-destructing emails that don’t stay in the recipient’s or the sender’s storage space after they are read unlike with conventional emails which stay in the user’s storage space after being sent or read. These self-destructing emails cannot even be forwarded to others or printed out (although it could be feasible to take a screenshot of that email and print or forward it). Some of these setups even have the ability to detect screenshots and let the sender know if the recipient took one of a confidential email. As well the metadata about the emails isn’t held on the servers.

But there are current limitations associated with these services. One of these is that the privacy features are only available to users who subscribe to the same email platform. This is because the common standards for secure email such as S/MIME, PGP and GnuPG only support basic key-based encryption and authentication abilities and the common email protocols like IMAP and POP3 don’t support email-handling control at the message level. As well, these services rely on a Webmail interface and require users to click on links sent as part of standard emails to view the secure messages if they aren’t part of that system.

There are certain features that need to be added to IMAP4 to allow for secure email handling. One of these is to permit message-level email control to permit self-destructing emails and to allow the sender to limit how the recipient can handle the messages. But the message-control features may run against legal-archive and similar requirements that will be asked of for business correspondence. In this situation, there may be the ability to indicate to senders or recipients if the emails are being archived as a matter of course and message-level email control can’t be assured.

Of course this may be about a newer feature-level email standard, preferably open-source or managed by many in computing academia and industry, to add this kind of secure email control.

Then there is the requirement to encourage the use of encrypted-email / authenticated-email standards like S/MIME or PGP within email endpoints, both Web-based and client-based. It will also include the ability for users to create asymmetrical key pairs and store their correspondents’ public keys in their contact manager software. There will also have to be the ability to support automated public-key discovery as a new contact is added, something currently feasible with encrypted messaging platforms that maintain their own contact directory.

Other questions that will come up in the course of building a secure email ecosystem is how the encryption keys are stored on the end-user’s system and whether an end-user needs to create new encryption keys when they change devices along with how to store them securely. This can be of concern with most computer users who typically maintain multiple devices, typically a smartphone along with a regular desktop or laptop computer and / or a tablet of the iPad ilk. Similarly there is the fact that one may not have the same computing device for the long haul, typically due to replacing one that has broken down or upgrading to a better-performing device.

There will also have to be the issue of security and portability thanks to issues like users temporarily using different computer devices such as friends’ computers, work / school computers or public computers. Here, it may be a question about where contact-specific encryption keys are held, whether on a server or on removable media along with how email sessions are handled on these temporary setups.

What will need to happen is for email platforms to support various secure-messaging features in a manner that can exist on a level playing field and without the need for correspondents to be on the same provider.

Google brings forward a feature that ends email remorse

25/06/2015 Data security No Comments

Article

Compose Email or New Email form

Sometimes you may wish you haven’t sent that email

Now you can avoid email sender’s remorse with Gmail’s ‘Undo Send’ feature | Naked Security (Sophos blog)

My Comments

You end up sending that misspelled email to your boss or click “Reply All” instead of “Reply” when you send that reply. Or a late Friday night alone with some music playing on the stereo and a half-empty bottle of whiskey beside you means that you type out that inappropriate email to that former love interest. These can lead to situations where the email you sent can have embarrassing or disastrous consequences.

Google has now integrated a “delayed sending” feature in to the GMail service so that you can opt to cancel sending that email. Here, once you enable this feature, you can specify a certain amount of time to wait before actually sending that email. This enables a “Cancel Send” button which takes the email out of the Outbox so it isn’t on its embarrassing way and would cope with situations like misspelt or misaddressed messages or “half-the-facts” situations. This is another feature that Google dabbled with in their labs to beat the “I wish I didn’t send that” blues and they rolled this in to production GMail deployments.

The previous feature they worked on was a CAPTCHA setup that would come in to play when it is the late evening. Here, you would have to solve a maths equation before you could send out that email, as a way of assessing whether you had a bit too much to drink and were about to send that drunken email. But they could extend this functionality to cope with the drunk email by having a user-selectable option to hold all emails that you send during a certain time window like 10pm-6am on Friday and Saturday nights for a longer time or until the next day.

This can easily be implemented in email client software as well as Webmail setups so you don’t have to use GMail to have these features. But Google is the main email service provider who is targeting the issue of sender’s remorse by providing the delay options.

Older people using the Internet to link with relatives and friends

19/06/2015 IP-based telecommunications, Network Lifestyle And Activities, Video-conferencing, Voice Over IP No Comments

Article

The rise of the ‘GranTechie’: closing the generational gap | NBN Press Releases

My Comments

Skype Android

Skype for Android – one of the popular videoconferencing clients

It is now being identified that older people are finding computers and the Internet as valuable communications tools.

One technology that has allowed for this is videocalling that has been facilitated by Skype and Facetime. Both these popular IP videocalling applications have been engineered for simplified operation such as not needing any setup or configuration as far as the network is concerned. As well, Apple baked Facetime in to newer versions of the iOS mobile platform and made sure it had hooks to the user’s contacts directory on their iPhone as well as providing integrated behaviours for this solution. Similarly, Skype is being written to take advantage of application-programming interfaces that the various platforms offer as regards with directory management and other things are concerned. As well, there are smart-TVs and video peripherals that can work as Skype videophones once you add a camera / microphone accessory. These have made the process of making and taking videocalls more simplified and task-focused.

Lenovo Yoga Tablet 2 tablet

The Lenovo Yoga Tablet 2 tablet – good for Skyping to relatives

As the article has said, the main driver with this is for people and families to communicate with relatives and friends who are separated by distance. An example of this that I have seen for myself was seeing a friend of mine in an armchair at home using their iPhone to engage in a long Facetime videocall conversation with another interstate friend who had a young child. Here, she talked to that friend’s child as though she and the child were in the same room. Similarly, an Italian who is my barber and whose computer I regularly support also makes use of Skype to keep in touch with his family in Italy.

Old lady making a video call at the dinner table press picture courtesy of NBNCo

A video call at the dining table

Other technologies that were being embraced were Facebook and email as ways to share messages and photos. They were also raising the issue of the Internet being used to allow this kind of connection on a highly-frequent basis such as every week. The article also highlighted the smartphone and tablet as an enabling form factor due to their highly-portable nature – they can use these devices from where they are highly comfortable as I have cited before. In some cases, it has become possible to show the distant relative around the house simply by carrying one of these devices around during the videocall.

A technique worth investigating and showing to older people and their families is the use of Dropbox and similar services as a way to distribute high-resolution photos and video footage in a manner that allows the relatives to “take it further” like creating high-resolution prints. I highlighted this in an article about making Dropbox and similar services work with a DLNA-capable NAS highlighting the applications like printing, showing on a DLNA-capable TV, or maintaining occasion-based photo/video content pools consisting of images contributed by many people.

What has been shown in the article is that a killer application has been identified for personal-computing and Internet technology amongst a certain class of users. This killer application is for older people to use this technology to maintain contact with distant relatives and friends in an improved manner.

Beware of fake posts and online scams relating to the Nepal earthquake

28/04/2015 Current events, Data security, Fake News, Disinformation and Propaganda, Social issues involving home computing No Comments

Previous coverage

Malaysia Airlines air disaster–another event bringing out the online scams

My Comments

Just lately, a disaster that has affected many people has occurred with many casualties in the form of the Nepal earthquake.

But what follows on the tail of these disasters is an avalanche of spam email and flaky social-media posts that offer extra insight or paths to assistance for people who are touched by these events. As well, it is the time when scams pretending to be charity appeals intending to provide aid to the victims of this earthquake also appear on the Internet. It is something I have drawn attention to previously when there was the Malaysian Airlines MH370 air disaster which drew out these scams and am drawing attention to in relation to the latest earthquake. But they lead you to malware or to harvest users’ personal or financial details. In these situations, it pays to think before you click on that link so you are safe with the Net.

Check for legitimate resources that offer information about your relatives’ or friends’ wellbeing and some of these could include Nepalese consulates in your area, the Red Cross or similar services and work with them “from the horse’s mouth”. That means to deal with official websites that are known to the public and are usually published by the media as part of their coverage on the issue.

Facebook does offer a legitimate Safety Check service which comes in to play during civil emergencies. Here, it would identify if one was in an affected geographical area and allow the person to interact with them to know if they are safe and this status would appear in your Facebook Friends’ news feed. For that concerned person, they would be able to check on the News Feed for their relative’s or friend’s status. But be careful of any “fake friends” that appear around the time of this disaster and any post from a friend of yours that isn’t known to be in the area but is out of order should be questioned.

As for charity appeals, most of the media provide information about legitimate fundraising efforts that are taking place so you don’t get fleeced easily.

What to do is to be aware and careful with using the Internet to find details about who is affected by a major event and check with trusted resources.

A timely reminder to beware of suspicious emails in your inbox

25/11/2014 Computing Tips, Data security No Comments
Windows Live Mail client-based email interface

Slow down when you check those emails so you are safe

Increasingly people are receiving emails that are becoming very dangerous to their personal or business security.

This happens during November and December, especially between when the American community celebrates Thanksgiving (last Thursday in November) to Epiphany / Twelfth Night (January 5), where there is a lot of Christmas-driven communications and most, if not all, of us are thinking about Christmas. This includes responding to the shopping offers that are being made available through this time. Here, these emails are being sent in a manner as to “get at” the user and take control of their computing equipment or data..

Over this past weekend, some friends of mine from church had approached me about email issues and I had found out that the husband fell victim to a phishing attack against his Outlook.com Webmail account with it ending up being used to send spam messages. Here, I visited these friends on Monday night for dinner and to help him change his account’s password and report it as being compromised. Then a close friend of his rang him about receiving the Australia Post phishing emails and I suggested to that friend to delete that email immediately.

One example is to supply  malware as an attachment typically obfuscated as a compressed “file of files” or a malformed document file; or direct users to pick up the questionable software at a Web link. The idea is to get users to install this software of questionable provenance on their computer so that it makes it become part of a large botnet that is intended to wreak havoc on other computer users, steal your personal or business information, or extort money from you.

Another example is a link that send users to a forged login or other customer-interaction page for a Webmail, banking, Social Web or similar online service to steal their personal details. This is typically to steal the user’s money or identity, create a bank account or similar financial account for laundering ill-gotten gains, or use an email mailbox and contact list to send further spam to computer users.

The email is suspicious if

It is out-of-character with the sender

This may be reflecting a situation that you know the sender is not in, such as them or their business being in financial dire straits. It may also simply be an email of a kind the don’t normally send.

Contains nothing but enticing “click-bait” text

You may find some enticing text written in the Subject line or in the body of the message that gets you to either open the attachment or click on that link.

Implores on you to open it or click on the link under pain of losing service continuity or something similar

Looks very official and has copy that threatens you that you will lose access to your funds or continuity of a service you use, or something similar; and requires you to click on a link in that message to take action to remedy the situation. This may also be about the pending arrival of a parcel or some funds and you have to click on a link or open an attachment to print out a “claim form”.

What to do?

Do not click on the links in that email or open the attachment

Under no circumstances should you click on any links in the suspicions email or open any attachment that is part of that email.

Check the email out

In the case of a personal email, check the email address that purports to be in the name of your contact to see if it is one that you and your contact regularly use. Here, some people may operate a business email address alongside a personal email address and you need to confirm these addresses through conversation, business collateral that they supply, amongst other things.

In the case of a business email, check to see if the email looks as though it genuinely represents that organisation. If the email is requiring you to do something to assure “continuity of service”, access to funds, etc. contact that business directly using their customer-service number or email.

One obvious red herring would be if you receive a contact from a bank or other business you don’t do any business with. Another red herring is an email that isn’t addressed to you personally, rather it uses a generic “all-call” salutation like “Dear Customer”. Yet another red herring is the quality of the document. Here, you look out for whether the email represents the company’s current “trade dress” such as current logos, colour schemes and the like. As well, you look for the quality of the document to see that it reflects what is expected for a business document coming from the company’s location of business, such as spelling, grammar, punctuation, etc.

Sometines, what may appear in the “To” list may be contacts, including “virtual contacts” which represent a cluster of email address, whom you don’t have anything to do with. This is also a sign of a suspicious email.

Check with the sender

If you receive an email from a contact of yours which appears to be out-of-character with them, contact them about that email. You must do this not by replying to that email but by either calling them on the phone, sending an SMS or instant-messaging message to them or sending a separate email to them.

If it is business-related like correspondence from your bank or other organisation, log in to the business’s Website yourself using its commonly-publsihed or commonly-known Web address. Here, you type the address in to your Web browser’s address bar or, if you do regular business with the site, go to the bookmark or favourite link you have created for it. As well, it may also be of value to contact the organisation on their published phone number to check the veracity of that email. Here, you may find this in the regular business correspondence that you have for them or use the common telephone directory or the organisation’s Web page to find that number.

Report the email then delete it

If you are using your Webmail provider’s Web-based user interface, you may have an option to report that email as spam, hacking, fraud or something similar. If you are using a client-based email setup, forward the email as an attachment to your ISP’s or email provider’s email address that has been set up for reporting email abuse or fraud.

Business users who work for a company that has an in-house or contracted IT team should let that IT team know about the suspicious email. This will also apply to those of us who study at a school or university which has its own IT team.

As well, if the email appeared to be in the name of the bank or other organisation, look on the organisation’s Website for a “report fraud” link or email and use that to report the fraudulent emails that you received. Here, they can engage local or national law enforcement to take further action especially if the behaviour is consistent.

Then delete the fraudulent email immediately.

Security tips

  • Keep the computer’s operating system and application software up-to-date with the latest patches
  • Make sure you are running a good anti-malware utility and that it is updated frequently and regularly. It may also be a good practice to run a full scan with this software
  • Make sure that you have strong and preferably unique passwords on your online services
  • Make sure that your home network hardware is on the latest firmware and has strong non-default passwords.
  • Consider using a password manager program or service. As well, it may be worth it to implement a two-factor authentication setup on your online services with your smartphone showing a key number as a “second factor”.
  • As well, you may find that if you have an account with a major online service like a Microsoft service or one of the popular social networks, you may have the opportunity to implement a single sign-on. This may be worth using especially with games, forums, comment functionality, online music or similar services so you don’t have to work out extra passwords.
  • Back up the data you created yourself using your computer to a NAS and/or USB hard disk and preferably make a separate copy of this backup in a separate location
  • Only visit Websites and online services that are known to be reputable