Slashdot Mirror

Google Drive has a pretty bad spam problem, and it seems Google doesn't care. Spammers can share files that automatically appear in your Drive, and there's no way to stop it. From a report: Google Drive's sharing system is the problem. Since it doesn't offer any sharing acceptance, all files and folders shared with your account are automatically available to you in Drive -- they just show up. To make matters worse, if you only have "View" permission, you can't remove yourself from the share. It's a mess. And to make matters even worse, this is far from a new problem, but Google still hasn't done anything to fix it.

Google got back to us with a statement saying that changes are coming to Drive's sharing features and they're"making it a priority." Here's the statement in full: "For the vast majority of users, the default sharing permissions in Drive work as intended. Unfortunately, this was not the case for this user and we sincerely apologize for her experience. In light of this issue, we are evaluating changes to our spam, abuse, and blocking features that will prevent this kind of activity from taking place on Drive. In the interim, users who are experiencing similar issues can remove themselves from the folder, and the folder should not reappear in either 'My Drive' or 'Shared with Me' unless they revisit it."

Iwastheone shares an article by former PC World columnist Chris Hoffman.

"No PC users asked Microsoft for Windows as a service," Hoffman complains. "It was all Microsoft's idea." "Software as a service" is trendy. But these types of services are generally hosted on a remote platform, like Amazon Web Services or even Microsoft Azure. Web applications like Gmail and Facebook are services. That all makes sense -- the company maintains the software, and you access it remotely. An operating system that runs on millions of different hardware configurations is not a service. It can't be updated as easily, and you'll run into issues with hardware, drivers, and software when you change things. The upgrade process isn't instant and transparent -- it's a big download and can take a while to install... [M]illions of applications (or computers!) could break if Microsoft makes a mistake with Windows.

What has Windows as a service even gotten us? How much has Windows 10 improved since its release? Sure, Microsoft keeps adding new features like the Timeline and Paint 3D, but how many Windows users care about those? Many of these new features, like Paint 3D and updates to Microsoft Edge, could be delivered without major operating system upgrades. Just take a look at the many features in Windows 10's October 2018 Update and ask whether they were worth all the deleted files and drama. Texting from your PC is great, but Microsoft could release an app that does that -- in fact, this was once supposed to be a Skype feature. Clipboard history is cool, and a dark theme for File Explorer is cute. But couldn't we have waited another six months for Microsoft to properly polish and test this stuff?

"Windows as a Service" does get us a few things. It gets us applications like Candy Crush installed on our PCs. It gets us an ever-increasing number of built-in advertisements. And it gets us activation problems when Windows phones home once a day and discovers that Microsoft has a server problem.
"Please Microsoft, slow down," the article concludes. "How about releasing a new version of Windows once per year instead? That's what Apple does, and Apple doesn't need 'macOS as a Service' to do it. Just create a new version of Windows every year, give it a new name, and spend a lot of time polishing it and fixing bugs.

"Wait until it's stable to release it, even if you have to delay it."

Chris Hoffman, writing for How To Geek: You launch Edge on your new PC, search for "download Chrome," and click the first result headed to "google.com" on Bing. You're now on a phishing website pushing malware, disguised to look like the Chrome download page. That's the story Gabriel Landau tells on Twitter. We were able to reproduce this problem, although it doesn't happen every time. Usually, you'll end up seeing an ad for "https://www.google.com". That goes to the real Chrome download page, and everything is fine. But, sometimes, you'll see an ad for "google.com". Guess what -- that doesn't actually go to Google.com. This ad was created by a scammer and goes elsewhere. Microsoft is apparently not verifying the web address the advertisement actually goes to. Bing is letting this advertisement to lie to people. Microsoft says it has resolved the issue.

Microsoft has "taken action" to change its Bing search engine after it was found to give "horrifying" results for some terms. From a report: Journalist Chris Hoffman discovered Bing suggested racist topics when he looked up words such as "Jews", "Muslims" and "black people". Bing also ranked widely debunked conspiracy theories among the top suggestions for other words. Mr Hoffman said Microsoft had to do better at moderating its search system. In his investigation, Mr Hoffman looked up racially-themed terms and found that the majority of suggestions for further searches that accompanied results pointed people to racist sites or images. Racist memes and images were also returned for many of the words he tried. "We all know this garbage exists on the web, but Bing shouldn't be leading people to it with their search suggestions," wrote Mr Hoffman. It is believed that the suggestions for further searches connected to these terms have emerged from a combination of user activity and concerted action by far-right groups to skew responses. [...] Jeff Jones, a senior director at Microsoft, said: "We take matters of offensive content very seriously and continue to enhance our systems to identify and prevent such content from appearing as a suggested search. As soon as we become aware of an issue, we take action to address it."

Chris Hoffman, writing for How To Geek: I'm getting sick of Windows 10's auto-installing apps. Apps like Facebook are now showing up out of nowhere, and even displaying notifications begging for me to use them. I didn't install the Facebook app, I didn't give it permission to show notifications, and I've never even used it. So why is it bugging me? Windows 10 has always been a little annoying about these apps, but it wasn't always this bad. Microsoft went from "we pinned a few tiles, but the apps aren't installed until you click them" to "the apps are now automatically installed on your PC" to "the automatically installed apps are now sending you notifications." It's ridiculous.

Though the U.S. Congress voted to roll back privacy rules, broadband customers can still opt-out of targeted advertising from Comcast, Charter, AT&T, and T-Mobile. But an anonymous reader explains why that's not enough: "It's not clear that opting out will prevent ISPs from putting your data to use," reports The Verge, adding "you're opting out of seeing ads, but not out of providing data." Neema Singh Guliani, legislative counsel for the American Civil Liberties Union, tells NPR that consumers can also "call their providers and opt out of having their information shared." But he also suggests a grass roots effort, calling this "an opportunity to pressure companies to implement good practices and for consumers to say 'I think that you should require opt-in consent and if you're not, why not?'"

To try to stop the creation of that data, Brian Krebs has also posted a guide for choosing a VPN provider, and shared a useful link to a chart comparing VPN providers that was recommended by the EFF. This may help avoid some of the problems reported with VPN services, and Krebs also recommends Tor as a free (albeit possibly slower) option, while sharing an informational link describing Tor's own limitations.
I'm curious what steps Slashdot's readers are taking (if any) to protect their own privacy online?

Over the years, Apple may have improved security, filters, and screening process of apps for its Mac's App Store, but even today things the quality of fraudulent apps continue to not only seep through its gatekeepers, but often times outnumber the good apps. How To Geek did some investigation over this and published the findings yesterday in a story titled, "Don't Be Fooled: The Mac App Store Is Full of Scams". It didn't take long for the publication to find scam apps on Apple's marquee app store for Mac computers. A search for "Microsoft Excel", for instance, returns "Office Bundle" made by a third-party. The app offers templates -- and just that -- for $30. Same is the case with any Office suite application. This might not seem as a real problem to many, but as How to Geek points out, there is one more problem: almost all these apps have icons and title names that are similar to those of Microsoft's, and Apple has had no issues with that. From the article: Let's be blunt: these customers were ripped off, and Apple pocketed $10 each (Editor's note: Apple charges 30 percent on all transactions on App Store(. And you'll only see these comments if you scroll past the two five star reviews that mention the word "app" numerous times. All of these fakes use Microsoft brands like Office, Word, and Excel in the product names. The logos aren't one-to-one copies of Microsoft's official logos, but they're almost always the correct color and letter (blue "W" for Word, green "E" for Excel, etcetera).

How-To Geek has tested and described something that you probably shouldn't do on your own computer -- unless, as they did, you do it on a virtual machine just for this purpose. Namely, they downloaded 10 of the most popular software titles from download.com, clicking through as a naive user might, accepting the defaults or the most obvious Next buttons, as most users surely do. They note that download.com's stated policies certainly look good on-screen; it says that the site comprehensively screens for, and disallows, malware of all kinds. But malware of various kinds, even if much of it is in a grey zone rather than actually malicious, is a fair description of what the authors encountered as they clicked through. Bundled software, some pieces of it at odds with others, was attached to each of the downloads, and from download to installation the process by design foisted more and more junk on their system, even if some of the bundled junk could have been avoided by a user jaded by previous hijackings. The conclusion: [N]o matter how technical you might be, most of the installers are so confusing that there's no way a non-geek could figure out how to avoid the awful. So if you recommend a piece of software to somebody, you are basically asking them to infect their computer. And it doesn’t matter which antivirus you have installed — we've actually done this experiment a number of times with different antivirus vendors, and most of them completely ignored all of the bundled crapware. Avast did a pretty good job this time compared to some of the other vendors, but it didn't block all of it for sure. There are also no safe freeware download sites because as you can clearly see in the screenshots in this article, it isn't just CNET Downloads that is doing the bundling it's EVERYBODY. The freeware authors are bundling crapware, and then lousy download sources are bundling even more on top of it. It's a cavalcade of crapware.

alphadogg (971356) writes A startup called Antumbra run by 5 college students is looking to throw a little soothing light on this situation: People who hunker down in front of their computers until the wee hours, until it feels like their eyes might fall out. Antumbra's open-source-based Glow, which launches in a limited beta of 100 $35 units on Thursday, is a small (1.5" x 1.5"x 0.5") doohickey that attaches to the back of your computer monitor via USB port and is designed to enhance your work or gaming experience — and lessen eye strain — by spreading the colors from your screen onto the wall behind it in real time. The idea is to reduce the contrast in colors between the computer screen and the background area. The the idea might not be new, and people have been home-brewing their own content-driven lighting like this for a while, but this is the first I've seen that looks like a simple add-on.

capedgirardeau writes: An update to the Google Play store now groups app permissions into collections of related permissions, making them much less fine grained and potentially misleading for users. For example, the SMS permissions group would allow an app access to both reading and sending SMS messages. The problem is that once an app has access to the group of permissions, it can make use of any of the allowed actions at any time without ever informing the user. As Google explains: "It's a good idea to review permissions groups before downloading an app. Once you've allowed an app to access a permissions group, the app may use any of the individual permissions that are part of that group. You won't need to manually approve individual permissions updates that belong to a permissions group you've already accepted."

musicon writes "According to Nadim Kobeissi, Windows 8 is configured by default (using a new featured called Windows SmartScreen) to immediately tell Microsoft about every app you download and install. This is a very serious privacy problem, specifically because Microsoft is the central point of authority and data collection/retention here and therefore becomes vulnerable to being served judicial subpoenas or National Security Letters intended to monitor targeted users. This situation is exacerbated when Windows 8 is deployed in countries experiencing political turmoil or repressive political situations." While SmartScreen is enabled by default, it's possible for users to turn it off. Also, it's worth noting that Microsoft is hardly alone in this regard, given the rise of app stores over the past several year. (Not that it exculpates this behavior.)