Faceboök Harm Reduction?

So in the interests of harm reduction, I offer the following suggestions for people who want to have a richer, safer, and more satisfying experience.

tl;dr

You can avoid a shitload of Facebõok problems by

  1. Using the mobile browser version m.facebook.com
  2. Use the Mozilla Firefox browser with Fàcebook Container extension
  3. Unfriend people you don’t interact with much

All of these are described below.

IMPORTANT WARNING: If you are in an abusive relationship or being stalked, quit Facebõok, In-sta, and WhåtsApp immediately. Social media is the number one way abusers track down their victims. For help with domestic violence, telephone in the USA
800-799-7233
Don’t use the Internet for this because your abuser may have tampered with your browser. Better to phone. Even better if you can use a friend’s phone.

https://www.thehotline.org

Ways to Use Fåcebook More Safely

“… it works for me, so fuck off” (Friend)

This was a friend’s humorous response to my observations about Facêbook’s social and privacy problems. These are the kinds of things people in InfoSec/Cybersecurity are trained to notice. The only people I know who quit or drastically cut back on FB are InfoSec/CyberSecurity professionals or victims of FB retaliation. (Retaliation)

To almost everyone else, it doesn’t seem so bad or they haven’t yet experienced any harm. This blog will provide some ways FB is less than good for ordinary people. Then it will suggest some ways to reduce harm while using FB.

What harm?

Betty White famously framed one answer when she hosted Saturday Night Live due to a FB petition gaining over 1,000,000 likes. She said: “I didn’t know what Facebøok was. And now that I do know, it sounds like a huge waste of time.” Yes.

FB: “And now that I do know, it sounds like huge waste of time”

When I’ve shared with people horrible things about Fß, the most common response is “But I only use it to keep up with friends and family.”

Thus, people who might agree that FB is leveraged for evil by others, they still use it for themselves. This isn’t the first time people do things that aren’t good for them. That’s why I’m a big advocate of harm reduction. This is the simple idea that if you give people factual information about options and respect their dignity, they will do things in a way that is least harmful. Example of Harm Reduction: Wearing a seatbelt while driving. (Controversy)

First of all, what harm does FB inflict on ordinary people? It

  • manipulates our emotions through it’s selection of what it shows us (CBS)
  • makes us feel worse when we’re sad, down, or angry (Sad)
  • wastes our time by making us look at things we don’t want (see Betty White above)
  • fills our feed with ads that range from idiotic (ads1) to disturbing (ads2)

Harm Reduction Tactics

So in the interests of harm reduction, I offer the following suggestions for people who want to have a richer, safer, and more satisfying experience.

  1. Download and use the Mozilla Firefox browser with the FB container fence extension enabled (Fence)
  2. Use the old, but still active mobile phone browser m.facebook.com
  3. Unfriend people who don’t add positive value to your life
  4. Unfriend people whose constant bragging makes you compare yourself negatively
  5. Download and use the free version of CCleaner that will erase FB cookies and web storage files https://www.ccleaner.com (Reputable)

Harm Reduction Benefits

If you do these things, you will gain the following benefits:

  • Your feed will be more specific to your needs (and not those of advertisers)
  • You’ll enjoy better, richer interaction with friends and family
  • YOU will be in control of your FB experience more than the algorithm

Not a Personal Problem

One of the blindspots we westerners have is that we tend to cast everything as an individual problem. We’re not very good at group thinking. This hilarious mock educational film about Faceboök Manners is a good example of side-stepping group and corporate responsibility .

Spoof of Educational Film re: The Electric Friendship Generator

Privacy Badger

Although not specific to FB, when it comes to online protection, I highly recommend the Electronic Frontier Foundation’s Privacy Badger that can be added to Firefox, Chrome, Edge, and Opera https://privacybadger.org/

Additional Info

For me, FB is one big steaming pile of holocaust deniers, racists bigots, a flood of raw sewage disinformation and info-warfare by well-funded troll farms, and the target of many breaches of user data.

Footnotes

(Friend) This partial quote is wildly out of context. After listening to my technology and privacy concerns about Facébook, he humorously replied: “Well, you do security for a living so I respect your views, but it works for me, so fuck off.” Still makes me laugh recalling that.

(Retaliation) FB does not welcome criticism: https://www.technologyreview.com/2021/07/29/1030260/facebook-whistleblower-sophie-zhang-global-political-manipulation/

(Controversy) Harm reduction for illicit drugs more controversial. Teaching people to use alcohol pads to cleanse needles can prevent infection, but many “guardian types” insist that they only approach should be “Don’t Do Drugs!!!”

(CBS) “The thing I saw at F B over and over again was there were conflicts of interest between what was good for the public and what was good for F B. And FB, over and over again, chose to optimize for its own interests, like making more money.”  https://www.cbsnews.com/news/facebook-whistleblower-frances-haugen-misinformation-public-60-minutes-2021-10-03/

(Sad) Science Explains How FB Makes You Sad https://www.psychologytoday.com/us/blog/what-mentally-strong-people-dont-do/201603/science-explains-how-facebook-makes-you-sad

(ads1) When I was active on F B, I received countless ads for very expensive gentlemen’s underpants. I would screen-capture those for fun. How do you say “gay” without saying “gay”? Code an ad to reach men in certain zip codes in a relationship with someone of the same gender. In 2018, FB made a video just for me. I was sure to use those screen-captures:

Very Expensive Underoos for Men

(ads2) An ad looking to drum up a class action suit against PrEP medicines showed up in my feed in 2018. When I clicked on “Why am I seeing this ad?” the info was the advertiser was looking for people who live or lived in California. They did NOT reveal the whole search criteria. They were looking for gay men, using advanced search logic such as zip codes, cities, relationship status with another of the same sex, gender, etc..

Some people deny that FB allows advertisers to target gay men. How many straight men would wear the shirt on the left?

Does FB Let Advertisers Target Gay Men?

(Fence) Faceböok Container works by isolating your FB identity into a separate container (like a fence) that makes it harder for Fa cebook to track your visits to other websites with third-party cookies.

(Reputable) There are many bad programs that claim to clean up your computer, but actually contain adware or spyware. Be sure to use one that has a good reputation such as CCleaner

The Three Biggest Lies

20-years ago, the biggest lie was “The check is in the mail.”

10-years ago, the biggest lie was “Please listen carefully as our menu options have recently changed.”

Today the biggest lie is “We care about your privacy.”

Recently my cable internet provider updated their privacy policy. They were actually honest about avoiding sweeping grandiose promises. When they rolled out their new privacy policy, they introduced it as:

“We know you care about your privacy and the protection of your personal information.

“We also know it is our responsibility to be clear about how we protect your information.

Like most companies, they then go on for about 2,000 words (10-pages) of detailed explanations of how they share your information with 3rd parties and adamantly refuse to acknowledge the “Do Not Track” setting of your browser. (I consider it less than honest to loudly proclaim “We do not SELL your information” when they have entered into 3rd party relationships to exchange data for the purpose of increasing ad revenue. Consumers are rarely given the information to block this type of sharing.)

Fortunately there is a wonderful browser plug-in called Privacy Badger that enables you to enforce “Do Not Track.” I’ve been using it for a few years now and commend it to you https://www.eff.org/privacybadger

Image via Tenor.com

Credit Reporting Bureau Hacked: What Next?

Two immediate actions will greatly help you — and six more things will happen over the next 6 to 12 months. Immediately, you’ll want to:

1. Take Equifax up on their offer of the free monitoring service.

2. Place a “freeze” on all credit reports on each of the 3 services (yes, you have to pay some of them, but it’s worth it). Also do a freeze on the business-to-business company called Innovis.

Note: If your kids already have a social security number, put a freeze on their credit reports, too. (They shouldn’t have anything in the report except their name, address, and social security number.)

What Next?

Over the next 6 to 12 months, banks, auto financing firms, and landlords will implement more and more bureaucratic requirements to prove your identity.

1. Whenever a bank, brokerage, or insurance company provides 2-factor authentication for web log in, use it. Same for voice biometrics at their call centers.

2. Whenever you get a notice from a bank for a credit card you did not apply for, follow up in 2 calls. First, call the toll-free number and stop the application. Second, get the number for the ID theft department and ask for a 7-year fraud alert on your credit report.

3. Don’t let your drivers license or state ID expire. Make sure you keep it up to date. An expired ID is no longer good enough.

4. Likewise keep your passport up-to-date. If you do not have one, get one. In the US, an expired passport is no longer considered valid ID. The law changed.

5. Make sure you have a copy of your birth certificate. Order one now from the Bureau of Vital Records in your county or state. You’ll need to send a photocopy of your ID.

6. Be prepared for more and more bank/financial documents to require a thumbprint and Medallion Guaranteed Signature (which credit unions cannot provide — only commercial banks).

Image Courtesy of GIPHY

Bank Stupidity?

This really happened:

Thank you for calling [bank-name] lending services, how may I help you?

Hello, someone is using my name, social security number, and date of birth to fraudulently apply for credit cards with your bank.

May I please verify your name, social security number, and date of birth?

After a moment of stunned silence, I explained: Yes, but, that’s the info the fraudsters are using to fraudulently attempt fraud by fraudulently impersonating me for fraudulent purposes.

Sir, I cannot help you if you won’t verify your identity.

Does this qualify as stupidity? The Merriam-Webster dictionary defines stupidity as “the state of being foolish or unintelligent.”

My late father used to observe: “Ignorance can be fixed, but stupidity cannot.”

Suggestion:

When a customer wants to report identity theft, fraud, or any of the like, the alternative “out-of-wallet” verification should be used. That method is far from perfect, but it at least it wouldn’t make a customer wonder about your company’s intelligence.

Note: “Out-of-wallet” is the jargon for asking questions based on an individual’s credit report. This is called “out-of-wallet” because it attempts to circumvent nefarious actions by people who find a lost bank card. The lost card is “out-of-wallet.”

Also note: My guess is that most banks are like this, so the specific bank’s name isn’t really that important.

Image courtesy of GIPHY

TunnelBear: A Personal VPN App

“TunnelBear” is a cool, free VPN app you can use to protect your laptop or phone. People need this protection when using public WiFi (such as when you’re at the airport, coffee place, or on airplanes).

Ever since that reporter got hacked on an airplane while using an in-flight WiFi service, it seems many people are telling us to use a VPN. However, they do NOT say how to get one.

For personal use, a VPN app like TunnelBear does the trick. Just search for TunnelBear on your favorite app store or browser search engine.

Tunnel Bear Graphic
Search for Tunnel Bear on your favorite app store or search engine

Q: Is the VPN client my company put on my laptop enough? A: The VPN client that is put on your laptop is used to “tunnel into” the internal network of that company. ALWAYS use that when in a public place and you are working on company business. However, your personal laptop or phone also needs a VPN. That’s where an app like Tunnel Bear comes in.

Q: What’s the catch? A: Glad you asked. The free version of TunnelBear is limited to 500MB per month. That’s plenty for email and web surfing. Not enough for streaming movies or music. If you need more data, you can buy it. (You can pay by credit card, PayPal, or jars of honey.)

Q: I’ve been using free hotspots for years without any problem. Why do I need a VPN now? A: Unfortunately, the technology for hacking WiFi has become more widespread and easier to obtain than in the past. Consequently, the risk has been increasing.

Q: What do bears have to do with it? A: The Tunnel Bear company is located in Canada. The bear motif strikes me as an expression of True North’s freedom.

Q: Are there other VPN apps? A: Yes, but I have not used them.

Q: Do you get anything out of it? A: No. Although there is a referral program that issues a custom link, I’m not using it. Just search for tunnel bear on your favorite app store or Google it.

Q: What does VPN stand for? A: Virtual Private Network

Q: What does “virtual private network” mean? A: Let’s break that down. “Virtual” means “pretend.” “Private network” means it’s separate from the public network. A VPN secures data through encryption (so outsiders cannot intercept it). It’s not really a private network, but because of the encryption it acts like it.

Q: What do tunnels have to do with it? A: It’s a metaphor. It might not be a perfect metaphor, but it’s good. When we send and receive data over the Internet, it’s broken into smaller units of data called packets. Metaphorically, each packet is surrounded by the encryption. All the packets lined up are encased by the shell that forms a metaphorical tunnel that protects the data. All metaphors break down. In this case, the encryption shell acts like a tunnel, but packets can still be intercepted. However, because the packets are encrypted, no one can read/understand the data.

Q: I’ve heard people from my company’s I.T. department use “VPN” as a verb; as in: “You’ll need to VPN into the network to access the Wiki.” Is VPN a verb? A: I have been told that any word can be verbed. However, when you read technical documentation, they will usually use the verb “to tunnel” as in, “Start your VPN client in order to tunnel into the secure network.”

Q: Seriously, can you pay with jars of honey? A: Yes, according to the pix on their web. It’s probable, however, that this is more for publicity. Not easy to pack up jars of honey and ship them.