CaptainDork shares a report from Bleeping Computer: Starting yesterday, there have been numerous reports of people's Windows computers being infected with something called "All-Radio 4.27 Portable." After researching this heavily today, it has been determined that seeing this program is a symptom of a much bigger problem on your computer. If your computer is suddenly displaying the above program, then your computer is infected with malware that installs rootkits, miners, information-stealing Trojans, and a program that is using your computer to send send out spam.

Unfortunately, while some security programs are able to remove parts of the infection, the rootkit component needs manual removal help. Due to this, if you are infected with this malware, I strongly suggest that you create a malware removal help topic in our Virus Removal forum in order to receive one-on-one help in cleaning your computer. Some of the VirusTotal scans associated with this infection have also indicated that an information stealing Trojan could have been installed by this malware bundle as well. Therefore, it is strongly suggested that you change your passwords using a clean machine if you had logged into any accounts while infected. 6/29/18: The story has been updated to specify that this malware campaign is targeting Windows computers.

Citing a number of complaints following Google's Gmail makeover, TechCrunch's Romain Dillet makes the case for why some users don't want smart suggestions in the email service: There's a reason why Gmail lets you disable all the smart features. Some users don't want smart categories, important emails first and smart reply suggestions. Arguably, the only smart feature everyone needs is the spam filter. A pure chronological feed of your email messages is incredibly valuable as well. That's why many Instagram users are still asking for a chronological feed. Sure, algorithmic feeds can lead to more engagement and improved productivity. Maybe Google conducted some tests and concluded that you end up answering more emails if you let Gmail do its thing. But you may want to judge the value of each email without an algorithmic ranking.

VCs could spot the next big thing without any bias. Journalists could pay attention to young and scrappy startups as much as the new electric scooter startup in San Francisco. Universities could give a grant to students with unconventional applications. The HR department of your company could look at all applications without following Google's order.

An anonymous reader shares an excerpt from a report via The Atlantic, written by Alexis C. Madrigal: No one picks up the phone anymore. Even many businesses do everything they can to avoid picking up the phone. Of the 50 or so calls I received in the last month, I might have picked up four or five times. The reflex of answering -- built so deeply into people who grew up in 20th-century telephonic culture -- is gone. There are many reasons for the slow erosion of this commons. The most important aspect is structural: There are simply more communication options. Text messaging and its associated multimedia variations are rich and wonderful: words mixed with emoji, Bitmoji, reaction gifs, regular old photos, video, links. Texting is fun, lightly asynchronous, and possible to do with many people simultaneously. It's almost as immediate as a phone call, but not quite. You've got your Twitter, your Facebook, your work Slack, your email, FaceTimes incoming from family members. So many little dings have begun to make the rings obsolete.

But in the last couple years, there is a more specific reason for eyeing my phone's ring warily. Perhaps 80 or even 90 percent of the calls coming into my phone are spam of one kind or another. [...] There are unsolicited telemarketing calls. There are straight-up robocalls that merely deliver recorded messages. There are the cyborg telemarketers, who sit in call centers playing prerecorded bits of audio to simulate a conversation. There are the spam phone calls, whose sole purpose seems to be verifying that your phone number is real and working.

Facebook Stories has reached 150 million daily active users after launching nearly 14 months ago. So what's the next logical step after reaching such a milestone? Advertisements. According to TechCrunch, Facebook Stories will start testing its first ads today in the U.S., Mexico and Brazil. From the report: They're 5- to 15-second video ads users can skip, and while there's no click-through or call to action now, Facebook plans to add that in the coming months. Advertisers can easily extend their Instagram Stories ads to this new surface, or have Facebook automatically reformat their News Feed ads with color-matched borders and text at the bottom. Facebook also plans to give businesses more metrics on their Stories performance to convince them the feature is worth their ad dollars.

Yesterday, Twitter announced several new changes to quiet trolls and remove spam. According to Slate, the company "will begin hiding tweets from certain accounts in conversations and search results." In order to see them, you'll now have to scroll to the bottom of the conversation and click "Show more replies," or go into your search settings and choose "See everything." From the report: When Twitter's software decides that a certain user is "detract[ing] from the conversation," all of that user's tweets will be hidden from search results and public conversations until their reputation improves. And they won't know that they're being muted in this way; Twitter says it's still working on ways to notify people and help them get back into its good graces. In the meantime, their tweets will still be visible to their followers as usual and will still be able to be retweeted by others. They just won't show up in conversational threads or search results by default. The change will affect a very small fraction of users, explained Twitter's vice president of trust and safety, Del Harvey -- much less than 1 percent. Still, the company believes it could make a significant difference in the average user's experience. In early testing of the new feature, Twitter said it has seen a 4 percent drop in abuse reports in its search tool and an 8 percent drop in abuse reports in conversation threads.

An anonymous reader shares a report: If you're a Gmail user, your messages and emails likely aren't as private as you'd think. Google reads each and every one, scanning your painfully long email chains and vacation responders in order to collect more data on you. Google uses the data gleaned from your messages in order to inform a whole host of other products and services, NBC News reported Thursday.

Though Google announced that it would stop using consumer Gmail content for ad personalization last July, the language permitting it to do so is still included in its current privacy policy, and it without a doubt still scans users emails for other purposes. Aaron Stein, a Google spokesperson, told NBC that Google also automatically extracts keyword data from users' Gmail accounts, which is then fed into machine learning programs and other products within the Google family. Stein told NBC that Google also "may analyze [email] content to customize search results, better detect spam and malware," a practice the company first announced back in 2012.

You would think that after decades of analyzing and fighting email spam, there'd be a fix by now for the internet's oldest hustle -- the Nigerian Prince scam. But the problem, a new report suggests, has only grown to become more widespread and sophisticated. From the report: There's generally more awareness that a West African noble demanding $1,000 in order to send you millions is a scam, but the underlying logic of these "pay a little, get a lot" schemes, also known as 419 fraud, still ensnares a ton of people. In fact, groups of fraudsters in Nigeria continue to make millions off of these classic cons. And they haven't just refined the techniques and expanded their targets -- they've gained minor celebrity status for doing it.

On Thursday, the security firm Crowdstrike published detailed findings on Nigerian confraternities, cultish gangs that engage in various criminal activities and have steadily evolved email fraud into a reliable cash cow. The groups, like the notorious Black Axe syndicate, have mastered the creation of compelling and credible-looking fraud emails. Crowdstrike notes that the groups aren't very regimented or technically sophisticated, but flexibility and camaraderie still allow them to develop powerful scams.

An anonymous reader writes: The BBC has a video celebrating the 40th birthday of spam email. Here's a transcript of the video: "It is 40 years since the first spam email was sent. Marketer Gary Thuerk composed an email selling his company's newest computers and sent it to 400 users on ARPANET, which was the network that become the basis for the internet. Why is it called spam? It has been suggested that it was called spam after a song in a Monty Python sketch. Where patrons of a cafe were repeatedly offered something they didn't want. The concept of spam is nothing new. Unsolicited telegrams were sent over 100 years ago and we've come to accept junk mail as part of everyday life. Now [nearly 60%] of all email is spam. Like most rubbish, it can be found everywhere on earth."

An anonymous reader quotes a report from Mashable: At F8, Facebook's Vice President of Messaging Products, David Marcus, jovially reported that Messenger's integration with business is going swimmingly. According to Marcus, over 8 billion messages have been sent between people and businesses. And there are 300,000 monthly active bots engaging with customers on messenger. Facebook introduced messenger bots for businesses at F8 in 2016. The idea is that bots allow for automated communication between businesses and customers, helping with issues like product recommendations and customer service. According to Marcus, that 300,000 number grew from just 100,000 monthly active bots in its first year.

Google on Wednesday pushed out the biggest revamp of Gmail in years. The company is bringing to the flagship Gmail service many (but not all) of the features it trialed in Inbox for Gmail, and adding a few new ones, too. From a report: While the overhaul does usher in a new look to the Gmail web app, bringing it into the material design fold, this update is more about throwing new features into the mix than moving things around and causing confusion. G Suite -- Google's paid productivity service for businesses, which also includes Gmail -- appears to be the core focus of this update, however these features will also be made available to standard Gmail users. [...] Google is adamant that no person within the company will ever read your emails, but that doesn't mean your email content is protected from third-party infiltration. To address this, Gmail will soon offer users a dedicated "confidential mode" -- on the web and in its mobile apps -- that is designed to protect against two kinds of attacks. [...] In addition to privacy and security updates, Gmail on mobile and the web is getting a bunch of new features to help solve the perennial problem of email overload. One of those tools is "nudging," which leans on Google's AI smarts and automated processing, similar to how its spam filter works, to remind users to follow up on a message they've received.

According to 9to5Google, Google's dialer app for Pixel, Nexus, and Android One devices is being upgraded with the ability to send spam calls straight to voicemail. "In 2016, the app began alerting users to potential spam callers by flashing the incoming call screen bright red, with another 'Suspected spam caller' alert just underneath the phone number," reports 9to5Google. The new spam filtering feature goes a step further. From the report: [U]sers will not receive a missed call or voicemail notification, though filtered calls will appear in call history and any voicemails left will still show up in that respective tab. This feature is rolling out worldwide over the next few weeks, but those who join the new beta will have initial access to it. Like its other programs, Google notes that the test allows you to use experimental features before they're released. Google warns that features will still be in-development, might be unstable, and have "a few problems." Meanwhile, users will have the ability to submit in-app feedback throughout the process. Head to the Google Play listing for the Phone app and scroll down to "Become a tester" in order to join.

Facebook owns many other apps and services, including the Oculus virtual-reality platform, which collects incredibly detailed information about where users are looking and how they're moving. Since most of the discussion about how Facebook handles user information is focused on the social network itself, The Verge's Adi Robertson looks into the link between Facebook and Oculus: A VR platform like Oculus offers lots of data points that could be turned into a detailed user profile. Facebook already records a "heatmap" of viewer data for 360-degree videos, for instance, flagging which parts of a video people find most interesting. If it decided to track VR users at a more detailed level, it could do something like track overall movement patterns with hand controllers, then guess whether someone is sick or tired on a particular day. Oculus imagines people using its headsets the way they use phones and computers today, which would let it track all kinds of private communications. The Oculus privacy policy has a blanket clause that lets it share and receive information from Facebook and Facebook-owned services. So far, the company claims that it exercises this option in very limited ways, and none of them involve giving data to Facebook advertisers. "Oculus does not share people's data with Facebook for third-party advertising," a spokesperson tells The Verge.

Oculus says there are some types of data it either doesn't share or doesn't retain at all. The platform collects physical information like height to calibrate VR experiences, but apparently, it doesn't share any of it with Facebook. It stores posts that are made on the Oculus forums, but not voice communications between users in VR, although it may retain records of connections between them. The company also offers a few examples of when it would share data with Facebook or vice versa. Most obviously, if you're using a Facebook-created VR app like Spaces, Facebook gets information about what you're doing there, much in the same way that any third-party app developer would. You can optionally link your Facebook account to your Oculus ID, in which case, Oculus will use your Facebook interests to suggest specific apps or games. If you've linked the accounts, any friend you add on Facebook will also become your friend on Oculus, if they're on the platform. Oculus does, however, share data between the two services to fight certain kinds of banned activity. "If we find someone using their account to send spam on one service, we can disable all of their accounts," an Oculus spokesperson says. "Similarly, if there's 'strange activity' on a specific Oculus account, they can share the IP address it's coming from with Facebook," writes Robertson. "The biggest problem is that there's nothing stopping Facebook and Oculus from choosing to share more data in the future."

Apple cofounder Steve Wozniak has formally deactivated his Facebook account. In an email interview with USA Today, Wozniak wrote that he was no longer satisfied with Facebook, knowing that it makes money off of user data. "The profits are all based on the user's info, but the users get none of the profits back," he wrote. "Apple makes its money off of good products, not off of you. As they say, with Facebook, you are the product." Ars Technica reports: His Sunday announcement to his Facebook followers came just ahead of Facebook CEO Mark Zuckerberg's scheduled testimony before Congress on Tuesday. The CEO is also reportedly set to meet with members of Congress privately on Monday. Wozniak wrote that Facebook had "brought me more negatives than positives." Still, when Wozniak tried to change some of his privacy settings in the aftermath of Cambridge Analytica, he said he was "surprised" to find out how many categories for ads he had to remove. "I did not feel that this is what people want done to them," added Wozniak. "Ads and spam are bad things these days and there are no controls over them. Or transparency."

The woman who entered the YouTube headquarters in San Bruno, California, this morning and started shooting has been identified as Nasim Aghdam. According to ABC7 News, "the YouTube shooter was a user of the platform" and had "a website with an alleged manifesto that targeted YouTube for censorship and demonetization of her video content. According to her website, a possible motivation for the shooting could have been tied to her many YouTube accounts, which she says have seen a decline in viewership over the past few months."

Police have responded to multiple 911 calls at YouTube headquarters in San Bruno, California. From a report: Vadim Lavrusik, a product manager at the company, tweeted that there is an active shooter on campus. The San Bruno Police Department instructed people to stay away from 901 Cherry Avenue, where the company is located. Multiple 911 calls have been received from inside the building, according to a report from local news station KRON. In a Twitter thread, YouTube product manager Todd Sherman said that employees first thought there had been an earthquake. People began running out of their meetings, he said, but before reaching the exit, they got word that someone had a gun. Sherman said he saw blood on the floor and the stairs. He also said the shooter may have committed suicide. Vadim Lavrusik, who works at YouTube's products team, tweeted, "Active shooter at YouTube HQ. Heard shots and saw people running while at my desk. Now barricaded inside a room with coworkers."

Update 20:30 GMT: Google has issued the following statement, "we are coordinating with authorities and will provide official information here from Google and YouTube as it becomes available." San Bruno Police said it was "responding to an active shooter. Please stay away from Cherry Ave & Bay Hill Drive."

Update 20:40 GMT: CBS San Francisco reports: KPIX 5 reporter Andria Borba said at least two Homeland Security units were responding. Police radio transmissions describe casualties being taken to local hospitals. San Francisco General Hospital spokesman Brent Andrew said the hospital received patients from the incident but could not confirm a number. Update 21:20 GMT: ABC News is reporting that the suspected shooter is a white adult female, and that this is "leaning towards a workplace violence situation."

Update 21:30 GMT: Law enforcement has confirmed that the shooter was a white female dressed in a headscarf. The woman reportedly shot her boyfriend then herself. It's unclear exactly how many people have been injured, but early reports estimate at least 9-10 victims. There is no word on their conditions.

Update 03:10 GMT: ABC7 News is reporting that the shooter has been identified as Nasim Aghdam. She reportedly had a website with an alleged manifesto that targeted YouTube for censorship and demonetization of her video content. Contrary to previous reports, she is said to have no relationship with anyone in the YouTube facility.

UPDATE 03:40 GMT: Aghdam's website can be found here.

Update 04:15 GMT: The shooter is believed to have known at least one of the victims, two law enforcement officials told CNN. Other sources suggest the shooter drove up from San Diego. YouTube says her YouTube channel "has been terminated due to multiple or severe violations of YouTube's policy against spam, deceptive practices, and misleading content or other Terms of Service violations."

An anonymous reader quotes a report from Quartz: Zuckerberg should have heeded what he heard from the late Steve Jobs eight years ago. Then, when the social network had a measly half-billion users, Jobs spoke at The Wall Street Journal's AllThingsD conference, where Zuckerberg was in the audience, waiting to be interviewed himself, and described what privacy meant. Journalist Walt Mossberg asked Jobs his thoughts on recent privacy issues around Facebook (which at the time was revamping its privacy controls after criticism it was forcing people to share data) and Google (which was literally recording private wifi information), and whether Silicon Valley looks at privacy differently than the rest of the world.

"Silicon Valley is not monolithic," Jobs responded, "We've always had a very different view of privacy than some of our colleagues in the Valley." Apple, for instance, does not leave it up to developers to decide whether to be dutiful about warning users that their apps are tracking their location data, instead forcing pop-ups on users to alert them that an app is tracking them, and to turn off that ability if they don't want. "We do a lot of things like that, to ensure that people know what these apps are doing," he added. It's a stance his successor, Tim Cook, still holds. Mossberg then asked Jobs if that applied to Apple's own apps in the cloud. Here's what Jobs said: "Privacy means people know what they're signing up for, in plain English, and repeatedly. I'm an optimist; I believe people are smart, and some people want to share more data than other people do. Ask them. Ask them every time. Make them tell you to stop asking them if they get tired of your asking them. Let them know precisely what you're going to do with their data." If the company had been more forthright about how developers could take data shared with them by Facebook users and sold to third parties, it may not have been in the mess it's in today. Additionally, TechCrunch reports that Zuckerberg was warned about app permissions in 2011 by European privacy campaigner and lawyer Max Schrems. "In August 2011, Schrems filed a complaint with the Irish Data Protection Commission exactly flagging the app permissions data sinkhole (Ireland being the focal point for the complaint because that's where Facebook's European HQ is based)."

"[T]his means that not the data subject but 'friends' of the data subject are consenting to the use of personal data," wrote Schrems in the 2011 complaint, fleshing out consent concerns with Facebook's friends' data API. "Since an average facebook user has 130 friends, it is very likely that only one of the user's friends is installing some kind of spam or phishing application and is consenting to the use of all data of the data subject. There are many applications that do not need to access the users' friends personal data (e.g. games, quizzes, apps that only post things on the user's page) but Facebook Ireland does not offer a more limited level of access than 'all the basic information of all friends.'" [...] "The data subject is not given an unambiguous consent to the processing of personal data by applications (no opt-in). Even if a data subject is aware of this entire process, the data subject cannot foresee which application of which developer will be using which personal data in the future. Any form of consent can therefore never be specific," he added. It took Facebook from September 2012 until May 2014 and May 2015 to implement changes and tighten app permissions.

An anonymous reader shares a report: Continuing its battle against the "tweetdeckers," Twitter suspended on Friday several popular accounts known for stealing tweets or mass-retweeting tweets into manufactured virality. @Dory, @GirlPosts, @SoDamnTrue, Girl Code/@reiatabie, Common White Girl/@commonwhitegiri, @teenagernotes, @finah, @holyfag, and @memeprovider were among the accounts that got swept up in the purge. Many of these accounts were hugely popular, with hundreds of thousands or even millions of followers. In addition to stealing people's tweets without credit, some of these accounts are known as "tweetdeckers" due to their practice of teaming up in exclusive Tweetdeck groups and mass-retweeting one another's -- and paying customers' -- tweets into forced virality. A Twitter spokesperson declined to comment on individual accounts, but BuzzFeed News understands the accounts were suspended for violating Twitter's spam policy.

An anonymous reader writes: GitHub has quietly made a few changes this month. Labels for issues and pull requests will now also support emojis and on-hover descriptions. And they're also deprecating the anonymous creation of "gist" code snippets on March 19th, since "as the only way to create anonymous content on GitHub, they also see a large volume of spam." Current anonymous gists will remain accessible.

But the biggest change involves permanently removing support for three weak cryptographic standards, both on github.com and api.github.com.
The three weak cryptography standards that are no longer supported are:

• TLSv1/TLSv1.1. "This applies to all HTTPS connections, including web, API, and Git connections to https://github.com and https://api.github.com."

• diffie-hellman-group1-sha1. "This applies to all SSH connections to github.com."

• diffie-hellman-group14-sha1. "This applies to all SSH connections to github.com."

Twitter is getting serious about its bot problem. From a report: Hours after a massive bot purge that prompted the #TwitterLockOut hashtag to trend, the company is announcing new rules for developers meant to prevent bots from using third-party apps to spread spam. According to the new rules, developers that use Twitter's API will no longer be able to let users: Simultaneously post identical or substantially similar content to multiple accounts. Simultaneously perform actions such as Likes, Retweets, or follows from multiple accounts Use of any form of automation (including scheduling) to post identical or substantially similar content, or to perform actions such as Likes or Retweets, across many accounts that have authorized your app (whether or not you created or directly control those accounts) is not permitted.

According to Mashable, Facebook account holder Gabriel Lewis tweeted that Facebook texted "spam" to the phone number he submitted for the purposes of 2-factor authentication. Lewis insists that he did not have mobile notifications turned on, and when he replied "stop" and "DO NOT TEXT ME," he says those messages showed up on his Facebook wall. From the report: Lewis explained his version of the story to Mashable via Twitter direct message. "[Recently] I decided to sign up for 2FA on all of my accounts including FaceBook, shortly afterwards they started sending me notifications from the same phone number. I never signed up for it and I don't even have the FB app on my phone." Lewis further explained that he can go "for months" without signing into Facebook, which suggests the possibility that Mark Zuckerberg's creation was feeling a little neglected and trying to get him back. According to Lewis, he signed up for 2FA on Dec. 17 and the alleged spamming began on Jan. 5. Importantly, Lewis isn't the only person who claims this happened to him. One Facebook user says he accidentally told "friends and family to go [to] hell" when he "replied to the spam."