Stop using SMS for private messages

We all need to up our online security game, which is why I read a recent article by Zak Doffman, a cybersecurity expert, with great interest. He has advised his followers to stop using Facebook Messenger and switch to WhatsApp for security reasons. This is interesting because Facebook also owns WhatsApp, but the difference between the app and Messenger is one of security.

WhatsApp has end-to-end encryption. It’s so secure that as Doffman says, “lawmakers actually want weaknesses introduced to help them investigate crimes.” And if you think that perhaps Apple iMessage and SMS—including Google Messages –are safe, then Doffman says, the answer isn’t a simple yes or no.

Most messaging from your devices is encrypted, but the security depends on who holds the encryption keys. Doffman states, “When you end-to-end encrypt data or messages, keys are only held by the two (or multiple) endpoints of that link—you and the person you’re messaging, for example.” So, with WhatsApp, it can’t read what you send, which is the bonus, and it can be trusted to keep your messages safe and secure.

By contrast, Facebook’s Messenger is not end-to-end encrypted by default. Even Facebook recommended using WhatsApp instead of Messenger. Why don’t they fix the problem with Messenger you may ask? Well, apparently it’s technically complex.

SMS messages are another issue. Did you know “When you send an SMS, while it might be secure between your phone and your network, once there it can be easily intercepted and collected?” This makes SMS child’s play for hackers who can target senders and recipients. On the other hand, SMS is available on every single phone in the world, hence it’s popularity. However, it is used for “longer messages, MMS attachments, financial details, private data, sensitive information,” and that is where problems lie.

Whichever service you use, whether Apple or Android, there are SMS messages you will need to still receive—one time security codes, for example. But beyond texts from service providers, with security codes etc, you should not use SMS for your own private messages – stick to WhatsApp, or if you want even more security, use Signal, which is the app of choice for many working in the Cybersecurity sector.

The Ugly Exploitation of 5G Fears

The COVID-19 pandemic has proved to be a fertile breeding ground that has brought together disparate groups, including anti-vaxxers and the anti-5G movement, on any platform they can find to share their conspiracy-based views. One of the most prominent claims is that 5G technology spread the coronavirus, even though 5G is not available ‘everywhere’.

Before that became a widely shared theory, we already knew that those who don’t want to see 5G launched had been pushing out information about the alleged dangers of 5G. We were all about to be ‘wi-fried’ by it, and children would be particularly vulnerable. I’m not here to debate the claims of the anti-5G movement, but I would like to alert people to one of the dangers that this kind of scaremongering can produce: the opportunity to be scared into buying into a health scam.

A Forbes story by John Koetsier illustrates it perfectly. It concerns a ‘5G Bioshield’ that is being sold for $350 per unit. The USB stick boasts features such as “quantum oscillation” and “restoring coherence of atoms” as well as “emitting life force frequencies.”

This is what the company selling it claims on its the website:

“Through a process of quantum oscillation the 5G BioShield USB Key balances and reharmonizes the disturbing frequencies arising from the electric fog induced by devices, such as laptops, cordless phones, wi-fi, tablets, etc., The 5G BioShield USB Key restores the coherence of the geometry of the atoms, which allows a perfect induction for life forces, by (re-)creating a cardiac coherence, via plasmic support and interactivity.”

It sounds like the answer to all those fears about the health damage that 5G is purported to inflict. It must be a very special USB stick to do all the above, must it not? You’d like to think so for $350.

The expert analysis

But when Pen Test Partners reviewed the stick’s properties, it “revealed nothing more than what you’d expect from a regular 128MB USB key,” states its blog. And they went on to say: “Usually with USB devices, one can look at the properties and it will list the manufacturer and extra information about the device. However, we found that all the default values remained. This is often an indication of cheap, unbranded devices.”

So, basically it is a $6 USB stick being sold for $350. Furthermore, the founders of the 5G Bioshield don’t appear to exist. Koetsier says, “A search for “Dr. Ilija Lakicevic,” listed on the website as one of the founders of the company, turns up nothing on LinkedIn. A search for him on the Max Planck Institute for Plasma Physics, where the 5G BioShield website says he worked, also turns up no results.”

Have they sold any? Yes. To the city of Glastonbury in the UK, which issued a statement saying, “We use this device and find it helpful.” It is also worth mentioning that other health protection used in Glastonbury include Shungite, a mineral which is said to have healing powers that one “healing crystal” company says “span the board from purity to protection.”

Whether you agree with the theory that 5G is a health danger or not, I expect you can agree that paying $350 for a $6 product is quite simply — exploitation!

Are banking APIs the real revolution?

Application programming interfaces (APIs) have been around for 20 years, but, as Ron Shevlin points out, just one in five community banks in the USA had deployed APIs before 2020, and they aren’t even on the radar of at least 20% of the banks.

Contrast this with Europe, where 97% of UK banks are already using them, and even the lowest uptake country, the Netherlands, has 83% of its banks deploying APIs. The reason for this huge gap between the USA and Europe is the latter’s Open Banking initiative, however Shevlin says that American banks cannot simply use this as an excuse for their low adoption of the technology.

As a result of the lack of API deployment, US banks are missing out on a number of opportunities, including the reduction of time and costs in several business processes, particularly product application-related processes.

The best known API providers include Stripe, Plaid and Yodlee. These three have furthered the connections between financial institutions and fintech companies. However, Shevlin says there are three fintech startups that are “poised to have a significant impact on the banking industry: Pinwheel, Sila, and Codat.”

Pinwheel

Pinwheel, which has just announced a $7 million funding raise, offers an API for payroll data, “that handles everything from income and employee verification to easily switching and managing direct deposit.”

How would this revolutionise banking? According to a Techcrunch article, “For consumers, the main draw is automated direct deposit control, which will allow consumers to control where their paychecks go. For instance, if they want to split a direct deposit into multiple accounts, or regularly move part of their paycheck into a savings app like Digit or Acorns, Pinwheel can help them do that easily.”

Sila

According to Coindesk, Sila, “is an API platform that issues an ERC-20 stablecoin called SilaToken (SILA). Every transaction on the platform is done using the token, which is pegged 100:1 to the U.S. dollar. Sila plans to install card payments, international payments, business ID verification and begin issuing tokens within one business day. Its partner bank, Evolve Bank & Trust, plans to connect to the Clearing House system, a network started by big banks that provides access to instant payments.”

Techcrunch comments that Sila’s API would: “Supplant ACH as the payments choice for companies who need to move money. Sila’s API for identity verification, which empowers developers to identify users and use that info in the company’s banking API, allows users to debit their accounts and move funds from one account to another. On top of that infrastructure, Sila allows for the creation of smart contracts, which should allow for more rapid deployment of financial apps.”

Codat

Codat, which is based in London, has an API focused on small businesses, and is signing up 10,000 new customers per month. According to TechCrunch:

“Codat is building an API that connects with all the systems that hold all the relevant financial data. That type of information is usually spread across multiple systems, and small businesses often use different systems. On the other side, banks, insurance companies and more can speed up their internal processes and give you an educated answer for your next loan or insurance product.”

Codat is especially on point right now as small businesses are struggling and need funds. However, the current lending processes are time-consuming and confusing. Its API simplifies and streamlines the flow of data between small businesses and financial institutions, and could potentially disrupt the way SME loans are handled today.

Blockchain

On the other hand, perhaps APIs aren’t the ultimate answer for a banking revolution. Brian Platz, co-CEO of Fluree, says, “The answer isn’t to build a better API; rather, it is to turn the database inside out and let data escape from the walls that confine it. Blockchain is how data frees itself. It’s time to end the era of data APIs and begin to look into the blockchain.”

Facebook and the Advertiser Backlash

The Washinton Post has published an explosive story about the tech giant this week, reporting that Facebook started altering its policies in 2015 to accommodate the Trump campaign for the Presidency. Numerous former Facebook employees supplied the information, which is behind this paywall.

Facebook also saw 7% shaved off its share price on Friday following the announcement by Coca Cola that it is pausing all its social media advertising. This move also wiped $7 billion off Mark Zuckerberg’s personal net worth!

The advertisers’ revolt

At the same time, Starbucks also said it would pause its advertising on social media platforms, according to CNBC, “and promises to have discussions internally and with media partners and civil rights organizations to stop the spread of hate speech.”

Others joining this move include Unilever, which is halting advertising on Facebook, Instagram and Twitter in the U.S. through to 31st December, and Diageo said it will be pausing paid advertising globally on “major social media platforms” beginning in July.

Facebook and Hate Speech

According to CNBC, Facebook CEO Mark Zuckerberg said the company will change its policies to prohibit hate speech in its advertisements. Under its new policies, Facebook will ban ads that claim people from a specific race, ethnicity, nationality, caste, gender, sexual orientation or immigration origin are a threat to the physical safety or health of anyone else.

Zuckerberg said: “I am committed to making sure Facebook remains a place where people can use their voice to discuss important issues,” Zuckerberg said. “But I also stand against hate or anything that incites violence or suppresses voting, and we’re committed to removing that content too, no matter where it comes from.”

Zuckerberg’s comments come after nearly 100 brands announced that they would pull their advertising from Facebook for the month of July or longer as part a movement called #StopHateForProfit. The movement is protesting “Facebook’s repeated failure to meaningfully address the vast proliferation of hate on its platforms.”

Led by Twitter

At first Zuckerberg said he wouldn’t follow Twitter’s decision to label some of Trump’s tweets as false information. However, it now seems he has bowed to heavy criticism from his own employees for refusing to censor or moderate a post from President Trump in late May. Facebook will now label content that it decides to leave up because it is deemed newsworthy and valuable to the public interest, even if it otherwise violates the company’s policies, which is exactly what Twitter does.