close

Facebook

Facebook open sources Spectrum for efficient uploading of images

Facebook launches open-sourced Spectrum

Facebook launches open-sourced Spectrum for better mobile image production

Facebook has officially released an open source tool to the developer community to make the process of uploading images more efficient.

Dubbed as “Spectrum”, this tool is a cross-platform image transcoding library that can easily be integrated into an Android or iOS project to efficiently perform common image operations. It aims to improve the reliability and quality of image uploads while reducing image uploading time and mobile data consumption.

“As modern smartphones capture high-resolution images, the large file size makes uploads unreliable on some mobile networks. Sending it at full resolution is often wasteful, as the content delivery network (CDN) will resize the image for the recipient anyway,” said Facebook mobile software engineer Daniel Hugenroth.

“Resizing the image on the sender’s device reduces the bandwidth required to send the image. As a result, the entire pipeline has minimal payload overhead, improving the end-to-end experience. The remaining challenge is how to maintain image quality while benefiting from the smaller file.”

Spectrum uses a “declarative” API that allows developers to focus on the desired output properties instead of the individual steps. It prefers a lossless operation for cropping and rotating JPEG images, while in resizing it “optimizes the interplay between decoder sampling and pixel-perfect resizing.” It also uses C/C++ code for higher performance with Java and Objective-C wrapper APIs to make development easier.

Spectrum integrates with native image compression libraries, including MozJpeg, that allows to control encoding parameters beyond the general-purpose platform APIs. It allows developers to utilize computationally intensive encoding, which requires more processing time but significantly reduces the file size. Additionally, it enables control over more advanced parameters such as chroma subsampling to improve the quality of images with sharp edges and illustrations.

“The consistent API makes these features accessible to developers who are not image experts,” Hugenroth added.

“We hope Spectrum will benefit developers in the same way it has helped Facebook create a better image production experience. In our apps, Spectrum has improved the reliability and quality of image uploads at large scale across our apps. The default integration with Mozilla JPEG allows a reduction of up to 15 percent in upload file size compared with a baseline encoder. We are excited to see how the community uses the Spectrum 1.0.0 library to improve the photo experiences in applications.”

The open source project ‘Spectrum 1.0.0’ is now available on GitHub code repository.

read more

Facebook bug exposed unposted photos of 6.8 million users

Facebook bug exposed unposted photos of 6.8 million users

Facebook accidentally exposed 6.8 million users’ private photos to developers

Facebook on Friday disclosed a data breach that may have exposed unposted photos of as many as 6.8 million users.

According to the company’s developer blog, a photo API bug accidentally gave hundreds of third-party apps unauthorized access to photos of as many as 6.8 million users during a 12 days period between September 13 and 25. It is believed that up to 1,500 apps built by 876 developers may have been affected by the bug.

“When someone gives permission for an app to access their photos on Facebook, we usually only grant the app access to photos people share on their timeline,” engineering director Tomer Bar said in a message to developers.

“In this case, the bug potentially gave developers access to other photos, such as those shared on Marketplace or Facebook Stories.”

Apparently, the bug inadvertently also gave third-party apps access to photos that were not shared on timelines, for example, if someone uploads a photo to Facebook but doesn’t finish posting it, Bar added.

“We store a copy of that photo so the person has it when they come back to the app to complete their post,” he said.

Bar added that potentially affected Facebook users will get a Facebook notification, which will direct them to a Help Center link where they will be able to see if they have used any apps that were affected by the bug.

“We’re sorry this happened,” Bar said. “Early next week we will be rolling out tools for app developers that will allow them to determine which people using their app might be impacted by this bug. We will be working with those developers to delete the photos from impacted users.”

Bar also suggested that users should log into any apps with which they have shared their Facebook photos to find out if they have access to photos they shouldn’t.

Besides the Facebook photo API bug discovered in September, the social networking giant was also hit by another data breach the same month where data of some 30 million users were exposed to hackers as a result of a flaw in Facebook’s ‘View As’ feature.

read more

UK Parliament Seizes Facebook’s Internal Documents

UK Parliament Seizes Facebook’s Internal Documents

Facebook’s internal documents seized by the UK Parliament to investigate privacy practices

As a part of an investigation into the Cambridge Analytica scandal, the UK Parliament has used its legal powers to seize a cache of internal Facebook documents, according to The Observer, which first reported the story.

It is alleged that the documents contain significant revelations about Facebook decisions on data and privacy controls that caused the Cambridge Analytica scandal, including correspondence between Facebook CEO Mark Zuckerberg and company executives.

Damian Collins, chairman of the Commons Digital, Culture, Media and Sport (DCMS) Committee used a rare parliamentary mechanism and compelled Ted Kramer, the founder of Six4Three, a US app software company, to hand over the documents who was on a business trip in London last week.

Kramer was given a final warning and a two-hour deadline to comply with the order sent along with a serjeant at arms.

When Kramer failed to produce these documents within the prescribed two-hour deadline, he was escorted to Parliament warned that he could face possible fines or imprisonment.

“We are in uncharted territory. This is an unprecedented move but it’s an unprecedented situation. We’ve failed to get answers from Facebook and we believe the documents contain information of very high public interest,” Collins said.

“We have very serious questions for Facebook. It misled us about Russian involvement on the platform. And it has not answered our questions about who knew what, when with regards to the Cambridge Analytica scandal.

“We have followed this court case in America and we believed these documents contained answers to some of the questions we have been seeking about the use of data, especially by external developers.”

Apparently, the company Six4Three is involved in a legal case against Facebook in the U.S., where the documents were obtained through legal procedures. The company had invested $250,000 in Facebook and claims that the media giant exploited its privacy policy.

The social networking giant has asked the DCMS committee to refrain from reviewing those documents, as they are subject to a protective order in the U.S.

“The materials obtained by the DCMS committee are subject to a protective order of the San Mateo Superior Court restricting their disclosure,” Facebook told the Observer.

“We have asked the DCMS committee to refrain from reviewing them and to return them to counsel or to Facebook. We have no further comment.”

Apparently, since the files are subject to an order of the California superior court, they cannot be made public in the U.S.

However, since the summons was issued in the UK, where Parliament has superiority, the Six4Three founder was obliged to hand over the documents. It is believed that the founder has informed both Facebook and the Californian court in the US.

read more

Hack Facebook or Instagram accounts and get paid up to $40,000

Hack Facebook or Instagram accounts and get paid up to $40,000

Facebook to pay up to $40,000 for finding ways to hack Facebook or Instagram accounts

Facebook has been going through a rough patch this year after suffering two severe security breaches that affected millions of its users.

While every year, Facebook pays millions of dollars to researchers and bug hunters to find security holes in its products and organization, it is still facing security breaches. Facebook has been running its Bug Bounty program since 2011.

Now, in order to step up its efforts to tighten the security of the platform, Facebook on Tuesday announced in a post that it has increased the average payout for account takeover vulnerabilities so as “to encourage security researchers to work on finding high-impact issues”.

The announcement further read, “The researchers who find vulnerabilities that can lead to a full account takeover, including access tokens leakage or the ability to access users’ valid sessions, will be rewarded an average bounty of:

* $40,000 if user interaction is not required at all, or
* $25,000 if minimum user interaction is required.

“This change applies to all products owned by Facebook, including Instagram, WhatsApp, and Oculus.

“Further, we will not require a full exploit chain in cases where leveraging the vulnerability requires bypassing our Linkshim mechanism.

“While monetary reward may not be the strongest incentive for why bug bounty researchers hack, we believe it remains a strong motivator for our white hat researchers to invest time in helping us identify and mitigate vulnerabilities. We encourage researchers to share their proof of concept reports with us without having to also discover bypasses for Facebook defense mechanisms.

“By increasing the award for account takeover vulnerabilities and decreasing the technical overhead necessary to be eligible for bug bounty, we hope to encourage an even larger number of high-quality submissions from our existing and new white hat researchers to help us secure over 2 billion users.”

For those unaware, earlier this year, it was the Facebook–Cambridge Analytica data scandal where the personal information of 87 million Facebook users was harvested by Cambridge Analytica without their consent and used for political purposes.

Later, in September this year, Facebook discovered a major security issue that allowed hackers to access information, which could allow them to take over around 50 million accounts.

Source: Facebook 

read more

Facebook is the least-trusted major tech company- study

Facebook is the least-trusted major tech company- study

Facebook Is the Least Trusted Major Tech Company Among Americans For Protecting Personal Data, Suggests Polls

Facebook, the social networking giant, has been voted as the least trustworthy tech company, according to a recent survey conducted by Fortune. Thanks to Facebook’s increasing scrutiny for its handling of data privacy, ad targeting, and propaganda that has made its users trust the company the least.

According to the survey, only 22 percent of Americans trust Facebook with their personal information out of all major tech companies. On the other hand, Amazon with 49 percent ranks the highest in terms of trust, followed by Google (41 percent), Microsoft (40 percent), and Apple (39 percent).

“Facebook is in the bottom in terms of trust in housing your personal data,” said Harris Poll CEO John Gerzema. “Facebook’s crises continue rolling in the news cycle.” The poll was carried out by Harris Poll on behalf of Fortune in mid-October that surveyed over 2,000 U.S. adults.

This obvious lack of trust is bad news for Facebook, which is mainly due to factors such as leadership, ethics, trust, and image. Also, the Cambridge Analytica scandal earlier this year where up to 87 million Facebook users data was shared without their permission, along with the September data breach in which roughly 50 million of its users’ data was exposed through an attack on its network, has only attributed to Facebook’s low rankings.

Additionally, 48 percent of those who took the survey admitted to viewing Facebook more negatively than six months ago.

According to the survey, only 59 percent of respondents said they were “at least somewhat confident” in Zuckerberg’s leadership in the ethical use of data and privacy information. With 77 percent, Amazon CEO Jeff Bezos came in first, followed by Apple’s CEO Tim Cook at 72 percent, Microsoft’s CEO Satya Nadella at 71 percent, and Google’s CEO Sundar Pichai at 68 percent.

“That would be a C or D in grade school,” Gerzema said about Zuckerberg.

Facebook declined to comment on the poll. The company instead pointed to recent remarks made by Zuckerberg where he said that Facebook continues to invest in security and that its defenses are improving.

Not only the Facebook users, but some of the company’s major investors too are disappointed by Zuckerberg. Last month, several major public investment funds had proposed removing Zuckerberg as the company’s chairman of the board.

Source: PYMTS

read more

Facebook quietly launches Lasso, a TikTok-clone app to win teens over

Facebook quietly launches Lasso, a TikTok-clone app to win teens over

Facebook launches Lasso, a short video app like competitor TikTok

Facebook on Friday quietly launched its stand-alone music app to rival popular short-video social network, TikTok, without any official announcement on its website, reports The Verge.

Called “Lasso”, the music app is directed at teens which allows users to create short music videos similar to TikTok, the short 15-second video app that had recently merged with Musical.ly. Lasso is available on both, iOS and Android. Currently, the app is available only for users in the U.S.

Apparently, almost half of teenagers in the U.S. say they use Facebook, which is a decrease of 20 percent from 2015, according to Pew. In comparison, nearly 69 percent of US teenagers use Snapchat, 72 percent say they use Instagram and 85 percent say they use YouTube. Hence, it is believed that Facebook has introduced Lasso app to lure the teenagers and gain its lost hold.

“Lasso is a new standalone app for short-form, entertaining videos — from comedy to beauty to fitness and more. We’re excited about the potential here, and we’ll be gathering feedback from people and creators,” Facebook told The Verge.

With Lasso, users can record themselves dancing and lip-syncing to music and also record short clips. It allows users to add music and text to their videos, add cool effects, etc. Users can also find popular hashtags, follow creators, and browse videos.

Users can sign in to Lasso through Instagram or create an account using Facebook. They can share their videos directly from the app to their Facebook Stories, with the feature to share them as Instagram Stories coming soon. All profiles and videos on Lasso would be public, which means you cannot keep anything private.

Currently, it is unclear when Facebook would be releasing the app globally.

read more

Personal Facebook Messages Of 81,000 Hacked Users Up For Sale

Personal Facebook Messages Of 81,000 Hacked Users Up For Sale

Private conversations stolen from 81,000 Facebook users are up for sale

Hackers have published private messages from the compromised accounts of some 81,000 Facebook users and put them up for sale on the internet, according to a BBC News report.

The hackers told the BBC Russian Service that they had personal information of more than 120 million accounts, which they were attempting to sell. Many of the users whose details have been compromised are based in Ukraine and Russia but some were also from the UK, US, Brazil and elsewhere.

“The hackers offered to sell access for 10 cents per account. However, their advert has since been taken offline,” the report added.

Data stolen by the hackers include photos of a recent holiday sent privately between two Facebook friends, private messages between couples, complaints about a son-in-law and a chat about a recent Depeche Mode (British rock band) concert.

Russian Facebook users whose private messages had been uploaded were contacted, who confirmed to the BBC that the information was indeed theirs.

The breach was discovered in September when a user named FBSaler posted an advertisement on an English-language internet forum offering to sell the details of 120 million Facebook accounts at 10 cents a handle.

However, Facebook responded to the report and said its security had not been compromised and the messages were reportedly obtained through malicious browser extensions.

“We have contacted browser-makers to ensure that known malicious extensions are no longer available to download in their stores,” Facebook executive Guy Rosen told the BBC. “We have also contacted law enforcement and have worked with local authorities to remove the website that displayed information from Facebook accounts.”

The social media giant also assured its users that it had taken preventive measures to avoid further accounts from being affected.

Cybersecurity company Digital Shadows investigated the claim for the BBC and confirmed that the compromised data of the 81,000 users posted online as samples included private messages.

Earlier in September, there was a report that over 50 million Facebook accounts were hacked, which included accounts Facebook CEO Mark Zuckerberg and chief operating officer, Sheryl Sandberg. Later, in October, Facebook confessed that hackers had broken into nearly 30 million users’ accounts by stealing their “access tokens” or digital keys.

read more

Facebook is working on a TikTok rival called Lasso

Facebook is working on a TikTok rival called Lasso

Facebook is developing a TikTok-like music video app called Lasso

Facebook is reportedly working on a stand-alone music app to rival TikTok, formerly known as Musical.ly.

For those unaware, China’s Beijing Bytedance Technology Co., which owns the company Tik Tok, the immensely popular 15-second video-sharing app, had acquired Musical.ly, Inc. for a reported US $1 billion in November 2017.

According to a report from TechCrunch, the social network giant is developing an app called “Lasso” directed at teens, where users can record themselves dancing and lip-syncing to music.

“It’s basically TikTok/Musically. It’s full-screen, built for teens, fun and funny, and focused on creation. A lot of what they’re doing is just trying to be cool and trying to be something that Facebook isn’t,” a source was quoted by TechCrunch.

The product is being built by members of Facebook’s video and Watch team under leadership from Facebook’s principal lead product designer Brady Voss.

The news of Lasso comes closely after Facebook announced new music features on Thursday. The social media giant has added music stickers to its Stories feature and rolled out lyrics to its Lip Sync Live in certain markets, which is a singalong feature integrated into Facebook Live. This feature allows you to perform for friends in real time and read their comments as you sing. Lasso would most likely be the stand-alone app version of Lip Sync Live.

Also Read– Facebook announces AI-powered video calling device “Portal”

The company also recently rolled out the ability to add songs to photos and videos for Stories and News Feed updates. It’s also working on a new profile section that will allow users to pin songs to the top of their profile.

read more

Facebook fined £500,000 for Cambridge Analytica data breach scandal

Facebook fined £500,000 for Cambridge Analytica data breach

UK watchdog fines Facebook £500,000 over Cambridge Analytica data scandal

Britain’s privacy watchdog has fined Facebook £500,000 ($645,000) over Cambridge Analytica data scandal. This is the maximum possible fine that can be imposed by UK’s Information Commissioner’s Office (ICO) for breaching data protection rules.

The ICO had issued a Notice of Intent to Fine to Facebook in July following an investigation into the company’s data sharing policies that exploited the data of 87 million users.

“The ICO’s investigation found that between 2007 and 2014, Facebook processed the personal information of users unfairly by allowing application developers access to their information without sufficiently clear and informed consent, and allowing access even if users had not downloaded the app, but were simply ‘friends’ with people who had,” the ICO said confirming the fine.

“Facebook also failed to keep the personal information secure because it failed to make suitable checks on apps and developers using its platform. These failings meant one developer, Dr Aleksandr Kogan and his company GSR, harvested the Facebook data of up to 87 million people worldwide, without their knowledge. A subset of this data was later shared with other organizations, including SCL Group, the parent company of Cambridge Analytica who were involved in political campaigning in the US.

“Even after the misuse of the data was discovered in December 2015, Facebook did not do enough to ensure those who continued to hold it had taken adequate and timely remedial action, including deletion. In the case of SCL Group, Facebook did not suspend the company from its platform until 2018.”

During its investigation, ICO found that personal information of at least one million UK users was among the harvested data that was subsequently put at risk of further misuse. The information was used to help Donald Trump during his 2016 presidential election campaign.

“Facebook failed to sufficiently protect the privacy of its users before, during and after the unlawful processing of this data,” ICO said. “A company of its size and expertise should have known better and it should have done better.”

The penalty of £500,000 is the maximum allowed under the Data Protection Act 1998 at the time of the breach. This fine represents 0.00001 percent of Facebook’s CEO Mark Zuckerberg’s £43 billion ($61.5 billion) fortune. However, it could have been a lot worse had the data breach taken place under the General Data Protection Regulation (GDPR) law passed in May.

Under the EU’s new data protection laws, Facebook could have faced a maximum fine of £17m or 4% of global turnover – whichever is higher.

“We considered these contraventions to be so serious we imposed the maximum penalty under the previous legislation. The fine would inevitably have been significantly higher under the GDPR. One of our main motivations for taking enforcement action is to drive meaningful change in how organizations handle people’s personal data,” ICO said.

“Our work is continuing. There are still bigger questions to be asked and broader conversations to be had about how technology and democracy interact and whether the legal, ethical and regulatory frameworks we have in place are adequate to protect the principles on which our society is based.”

In response to the ICO announcement, Facebook commented that it is “reviewing” the decision.

“While we respectfully disagree with some of their findings, we have said before that we should have done more to investigate claims about Cambridge Analytica and taken action in 2015,” a Facebook spokesperson said in a statement.

“We are grateful that the ICO has acknowledged our full cooperation throughout their investigation, and have also confirmed they have found no evidence to suggest UK Facebook users’ data was in fact shared with Cambridge Analytica.”

read more

Facebook’s major investors want Mark Zuckerberg to step down as chairman

Facebook’s major investors want Mark Zuckerberg to step down as chairman

Major Facebook shareholders propose the removal of Mark Zuckerberg as chairman

Several major public investment funds on Wednesday proposed removing Facebook CEO Mark Zuckerberg as the company’s chairman of the board. The proposal comes right after the recent data breach that affected 30 million Facebook accounts.

State treasurers from Illinois, Rhode Island and Pennsylvania, and New York City Comptroller Scott Stringer, who oversees money including pension funds co-filed the proposal. They joined a proposal originally filed by the investor, Trillium Asset Management in June that called for Zuckerberg to resign as chairman.

Also Read- Hackers accessed 29 million user accounts, says Facebook

The proposal is largely symbolic since Zuckerberg holds absolute control of the board. The removal demand comes at a time when recent security lapses at the social networking giant have raised questions over the company’s leadership.

“We need Facebook’s insular boardroom to make a serious commitment to addressing real risks — reputational, regulatory, and the risk to our democracy — that impact the company, its share owners, and ultimately the hard-earned pensions of thousands of New York City workers,” New York City Comptroller Scott Stringer said in a statement.

“An independent board chair is essential to moving Facebook forward from this mess, and to reestablish trust with Americans and investors alike,” Stringer said.

The proposal by the investors calls for a separation of the roles of CEO and the Chairman, that is currently held by Zuckerberg. They argue that separating Facebook’s chairman and CEO roles is “in the best interest of shareholders, employees, users, and our democracy.”

Considering Zuckerberg’s outsized influence on the company, the proposal is likely to go in vain. A similar shareholder proposal looking for an independent chair had gone down in 2017 at Facebook. Zuckerberg holds a majority of supervoting shares and controls 59.9 percent of the company’s voting power.

While Facebook declined to comment, it quoted it’s response to the prior proposal in which it said that it did not believe an independent chairman would “provide appreciably better direction and performance, and instead could cause uncertainty, confusion, and inefficiency in board and management function and relations.”

read more