Below is a rush transcript of this segment, it might contain errors.

Airing date: 02/02/2019

Apple Holding Facebook Accountable For Privacy – Cybersecurity Tips For SMB – FBPurity Plugin For Facebook

Craig Peterson: 0:00
Hey, good morning, everybody. Craig Peterson here. And of course, we are going to talk about tech, some of the latest things, some latest articles, some of the nastiest things that are happening out there. I don’t know if you’ve seen about this feud. But our friends at Facebook and Apple are fielding in a big way. You know, I’m asked if you listen to this radio show and if you listen to me appearing as a featured guest on some of these other shows, you know, I’m asked all the time about security and what we’re going to do about our friends at Facebook. It looks like Apple’s taking this into their own hands is just fantastic. So we’ll talk about that and that’s all due to a an article that came out that really kind of nailed them I got a really cool little tool in fact I learned it from a couple of friends of mine up in Maine who host a radio show that I’m on every week but Matt and Ken do this was actually Matt’s idea but plugin you are going to love and this is going to clean up your Facebook feed.

Hidden cameras again, AirBNB. This thing is scary as heck. The Fortune 100 you know about Equifax you know above the breach. While this is not very fun. We’ve got a cyber security worker shortage is all that to surprise a 3 million people is where that’s at right now. So we’ll talk a little bit about that. Three, cybersecurity must haves for small businesses. That kind of ties into what I’m doing here next week. I’ve got just a ton of training for small businesses. Make sure you visit my website. http://CraigPeterson.com. This stuff is all free. I’m giving away my best stuff. absolute best stuff for free this week. So make sure you sign up. http://CraigPeterson.com.

But here’s some basic must haves for small business Mac users. You are not in vulnerable, you’re being targeted by piece of malware. So we got a lot going on today. And that’s what we’re going to be talking about right here. Of course, this is Craig Peterson. And this is Tech Talk.

There’s another guy I just don’t I just don’t get it. But little confusion. He calls himself Craig Peterson. I’ve been doing this for what, 25 years now. And then he said, Craig Peterson Tech Talk. What that’s me. That’s not you. Anyways, here we go.

Unknown 2:41
Facebook had this controversial program. And this is really what’s gotten this little bit of a war started. And the war is between Apple and Facebook. Now we all know that Facebook, their founder thought that we were idiots for giving him our information. And that now been documented in a court case over in Europe thinks we are idiots. In fact, he used a swear word an expletive in they’re describing what kind of idiots he thought we were. Well, Apple is now ratcheting up its tug of war over privacy this week, you might have seen a little bit about it. But now we’re going to explain what it’s really about what’s really going on. But there was a report that talked about Facebook collecting data on users. In fact, they were paying users for this data. Remember, I mentioned that Facebook has a free VPN and that you should never use it. Because typically, when you’re thinking about a VPN, you’re thinking about privacy, right? You thinking about security, hey, and people aren’t going to be able to track me, have you ever used a VPN before, if you’re a business person, you probably should. But you need to understand more about them. Well, Facebook had this whole VPN setup that was tracking you were you are going what you were doing what you were saying it was really just a piece of nasty spyware just crazy what they were doing. Well, they offered a $20 a month, I think it was kind of a bounty for anybody that would use their VPN. And they made it very obvious that what they were doing is tracking you they’re trying to track people age 13 to 35 as much as $20 a month or it install this Facebook research app.

Now, if that’s what is called a Facebook research app, and it’s designed to track phone and web usage habit. And this was reported by TechCrunch. This became a bit of a big deal when they started looking into it a little bit further, because it turned out the TechCrunch report said that Google’s running a data collector that also similar to Facebook’s app on Apple system. So you got Google doing something that collecting all this data, and you got Facebook doing something? Well, apparently, Google pulled the plug on their little project, Apple did not pull the excuse me, Facebook did not pull the plug on their little project. And so gate Facebook. So Facebook did not get nailed, and Google did get nailed.

So this app is discontinued on Apple iOS, how those can continue to run on Android devices. Doesn’t that figure, right? Android? Yeah, yeah, again, spying on you, man, Facebook’s finally going to suffer some consequences for their actions. This is kind of interesting when you think about it. Because what’s happened is, Apple completely pulled the plug on Facebook’s development. Now, if you don’t know much about the Apple ecosystem, let me explain a couple of things. Even if you’re an Apple user, you might not be aware of this, if you are developing, you’re trying to develop apps for iOS, you apply you pain money, and you get from Apple, a special key you can use to sign your applications. And then that key is used by Apple to verify Yes, and D. This is assigned application by developer x. And therefore it will run it’ll be accepted on iOS. And Apple has some similar things in place for Mac OS, that’s part of the reason Mac OS is so much safer than Windows is, well, one of the things you have to do if you write software is tested. And a lot of people do a lot of testing. And so with that developer license, you can now make your app available to people who kind of sign into your developer account, right? They don’t have to have your credentials or anything, but they associate with your account, they can now use your software. So now it’s kind of an alpha and beta stages before it gets its final release. So if you don’t have one of these keys, if you cannot sign the software, you can’t distribute it
at all, basically. So you are kind of out of business. And that’s what Apple did, Apple polled Facebook’s developer key. And a one more big problem. You might not be aware of this, you know, there’s one millions of apps in the app stores now. It’s just it’s it’s incredible. How many I think it’s over a million just an apple store itself. And I’m sure someone’s about to text me with how many. 855-385-5553, 855-385-5553. Let me know how many there are. But there’s at least a million apps in the app store. But did you know that there are more apps that are not in the App Store, then are in the app store? Now, you got to ask yourself, why would that be? Well, you know, I think Craig must be talking about development, right? developer apps, not real apps that people are using everyday. Well, obviously, there’s a lot of developer apps that never ever hit the App Store. But there are more internally used business apps out there. Then there are apps that are for sale in the App Store. So companies like Facebook, for instance, will develop apps to be used internally by their staff to do different things. Now, in Facebook’s case, it includes things like send a bus my way a bus to work, or maybe it’s pick up my clothes from the triangle, and whatever might be all of the internal apps. And Facebook was using on iOS got shot in the head, they are all down. So now there’s these people who work for Facebook are used to somebody in their little bus. And that bus is not showing up anymore. There’s somebody in the bus and the app doesn’t work. And they’re trying to get in to an office by using an app. And that’s not working.

So this is very, very big. And Apple did this to basically punish Facebook for doing things that violated Apple’s privacy. Apple has a whole thing they have to sign. I’m an Apple developer for iOS as well as for Mac. And when you get your developers license, you then have to accept their terms. You have to accept their contract, very big deal. No, and their contract says that you will keep our users data safe, and they did not do it. So Facebook, shut it all
down.

And we’ll see where this ends up going. I’m sure they’ll reach some sort of terms. I also wonder now if Facebook’s going to switch from you in iOS is its primary development target and maybe switch to Android, which I think would be a mistake, but this is from Apple. They said the permission was intended solely for internal distribution of apps within an organization. Facebook has been using their membership to distribute a data collecting app to consumers, which is a clear breach of their agreement with Apple. So you know, Tim Cook hadn’t been involved in this decision, Mark Zuckerberg was criticized over his handling of Cambridge Analytica over his handling of the whole Obama campaign where they gave Obama access to everything makes Cambridge Analytica look like just ridiculous bikers. They just don’t know what they’re doing right now, news to ask me, oh, wait a minute, you’re Republican, I’m not going to give it to you. So it goes on and on extremely glib is how this was how this was described here, and Zuckerberg. So we’ll, we’ll see what happens. Hey, mentioned, apps and apple. So we’re going to talk now about something if you have an Apple Mac, there is some new malware out there, you need to be aware of,

Hey, as I was just mentioning, we’re talking about security. Apple has a lot of things in place to help secure our devices and Mojave on the desktop added a bunch of stuff that it’s just phenomenal what Apple’s doing. And they’re doing it, I think, basically the right way. And, and it is going to provide security that we’re just we can’t get in any other platform. So good for them. But there is a new sneaky piece of malware out back out there that’s going after Mac users. And this one is image based. Now we’ve seen image based attacks before. But in this case, it’s a little bit different. It seems like a key piece of data that used to launch the attack has been hidden in this harmless looking white triangle. There’s a little image now we saw something like this late last year, when researchers discovered criminal hackers were controlling malware using Twitter means now how’s that for an interesting way to do it. So what happens is a malware got on your computer. And then it monitored a trip a Twitter feed, and then looked at the means that were placed in the Twitter feed. And hidden inside those means were the control codes for the malware, yes, they are getting very tricky.

So this new piece of malware is called VeryMal. And the image it’s been linked to is using some parameters that get added to our URL in order to try and control malware. And you’ve seen this, I’m sure if you’re an Apple user, where you go to a website, what comes up, it comes up and says, hey, you’ve got to update your flash bright, it’s a fake Adobe Flash update, or, and of course, Adobe Flash, highly recommended to not use it, never use it, that don’t use it for the last at least five to 10 years, really don’t use it. And we had our friend Steve Jobs back in the day who saying we will never support Adobe Flash. And he had a lot of good reasons for it, not the least of which was he didn’t like Adobe and what they were doing. But this is a fake flash up data, it’s being pushed by this very mail campaign. And here’s the bottom line Mac users, you don’t want this app, you don’t want to update your flash buy a little pop up that comes when you visit a website. legit flash up dates for Chrome comes straight from Google, they get pushed automatically with other browser updates, right.

So ignore anything that says you have to upgrade and update flash, because you don’t want to even have it on your machine. And if you’re using Chrome, it’s going to get updated automatically. Now, if you ignore that, by the way, you might be in trouble. Because just in two days in January this year, there were more than 190,000 impressions of this image.

So that’s a lot of people that might have been hit by this researchers are estimating as many as 5 million users per day have been exposed to the malware, fewer than a third the anti malware engines on the virus, total scanning service detect very mouse payload as of this morning. And these attacks, of course, they can be expensive. And we’re going to be talking about that this week as well. But bottom line, a single round of attacks in January probably cost about $1.2 million to businesses. And that’s on a per business basis. Now, if you’re a small business, it’s going to cost you less, but on average, right now it’s about $120,000 per attack.

So I want to make sure that you’re aware of this. I’ve been sending out emails this week. If you didn’t see them and you didn’t see my invite in this morning’s email make sure you sign up next week I’m going to be holding I’m going to have four different classes I’m going to be holding a live online class we’re going to be going through kind of the DIY What do you need to do to protect your business online what’s your drew be watching for what kind of software can you install for free some of the stuff that you should be using this paid that’s all this week we’re going to give you some of my best stuff and I’m not going to charge you a dime probably have an offer for you for people who really want to go the next level but this is absolutely mandatory must attend go to Craig Peterson comments right there on my homepage. So we’re going to get right now into three cybersecurity must have here some things you’ve got to do if you are a small business and kind of a little bit of flash ahead to what we’ll be talking a lot more about this coming week on my con shares page and in the live webinars as well.

Alright, we got cybersecurity must haves for small businesses. Pop quiz, what percentage of small businesses in the United States, what percentage of small businesses in the US suffered a cyber attack in 2017? This is from an article from security today. And I’ve seen these stats before. So I know they’re pretty much right. What would you estimate 10% of small businesses had a cyber attack 25% maybe higher?

The answer is 47% of small businesses had their networks breached at least once by cyber criminals in 2017. In other words, half of all small businesses had their networks breached in 2017. Now, almost half of those businesses that were breached once were breached twice or more. Now, that’s according to a survey though, that was reported in 2018 USA Today story. So when you look at all of the data from this is the he can only really draw one conclusion. And the researchers team concluded that only about three intend small businesses would be able to even handle a cyber attack. If they were hit with one today.

So 3 in 10 could handle it, they’d be able to survive, and half of the small businesses were hit. So those numbers are pretty scary, frankly. And I want to ask you a couple of questions here. Why are you not prepared for a cyber attack? If you’re a small business person, whether you own the business or you work in the small medium business, you know, maybe a $10 million a year business still considered to be a small business. But why? Well, there’s a lot of reasons. Of course, small companies have limited budgets, that you don’t have the IT resources you can’t afford the professionals.

I got another article here from Fox Business that is saying that data breaches of course, a big problem, but they’re going to get even bigger and 2019 and there is a shortage of cybersecurity professionals. There’s growing globally. And right now it’s at about 3 million people. That’s a pretty big shortage. And then we’ve got all the infrastructure, get all the software we’ve got it all been very confusing, right? You probably spend some time on YouTube, trying to figure it out some time on Google searching around again, trying to figure it out. And it’s just hard to tell what to do. And of course, that’s why next week, in fact, this whole year I’m dedicating to try and help you out but this next week is the week I have a bunch of training, a bunch of video training and stuff you can watch all for free, I’m giving my best stuff away.

So I’m trying to take away the excuses because you’ve got to pull up your socks. You know, as I said, my email this week, a lot of small medium businesses thinks that their businesses are so small, so insignificant compared to these giant multi billion dollar companies and banks and agencies, you know, these these big names that we all know I’m not Equifax I’m not any of these. I’m not going to get hit. But in fact, you are. You are the real target because what I just said you have a limited budget, you lack the IT resources you can find the staff that know cyber security well enough. Sure you can talk to people who know more than you do. But do they really know enough to be able to protect you even these outsourced it firms. I’m just shocked every time I see them. When I talked to them about how little they actually know and how little they can do there just is not a whole lot of competence out there.

So anyhow. Bad news, hackers know that small medium businesses don’t prioritize cyber security and that’s precisely why the targeting them of your burglar makes sense, right? Go to the house with the weakest locker no lock or the windows open. And unfortunately, that’s what your business looks like to them. So keep keep an eye on your email. If you haven’t signed up make sure you do right now. Go to http://CraigPeterson.com. It’s right there on the homepage today because we start on Monday, you can sign up you can get a free ticket to this whole event. Absolutely free.

I want to mention this study a little bit more. Studied by ISC squared, the world’s largest nonprofit Association of Certified global or cyber security pros. And they’re saying that we’re really close to 3 million people short in the cyber security biz. And a lot of people, a lot of organizations are at risk. And of course, that’s part of what I’m doing here on the radio and on the podcasts. And with these courses that we’re teaching bring you up to date on cybersecurity.

This one is shocking, out of TechCrunch. It’s been two years almost since Equifax had their massive breach. And we know that it expose the personal data of almost every American and a lot of Europeans and Canadians etc. It was a terrible breach. We also know that it was caused because they were using vulnerable software that was not up to date. Now, if they had upgraded it, it’s called Apache Struts, if they had patched it if they had been paying attention. There was a patch released six months prior to that. Six months they had to fix it and they didn’t fix it.

Well, another little study that came out of a company called Sonatype, and they monitor open source software which are patchy structure struts is a piece of open source software. And they’re saying that in the last last six months or 2018, two thirds of the Fortune 100 companies downloaded a vulnerable version of Apache Struts. That’s the same vulnerable server software used by hackers to steal the personal data and close to 150 million customers. Isn’t that bad. All in all, by the way, more than 18,000 businesses downloaded vulnerable versions of Struts. So if you have a website and you are have a slightly larger one, if you are using Java, take a look no matter what it is.

I found three WordPress sites just simple WordPress, right. Who cares about WordPress, just this last week, three WordPress sites. I found that and I helped their owners fix them. They’d all been hacked and they were all being used for malicious purposes. They still worked as well as websites for the owners, but they were hacked. So keep your software up to date, especially software that is facing the public Internet.

Panasonic released a new home security camera earlier this month. And it looks like a floor lamp. It’s one of those floor lamps that shoots right up at the roof, you know, and you get the reflective light which is really kind of nice. The long thin one I’ve had those for ages. In fact, those are some of the first lamps I forgot. It’s called HomeHawk Floor. And it’s designed to be discreet. The whole idea is you can monitor the inside of your house. There’s no obvious cameras. This thing even has batteries and has local storage. They started an Indiegogo campaign and the lamp you could buy on Indiegogo 485 bucks, Panasonic just suddenly had the time.

Well, we already have reports of Airbnb owners hiding the cameras in the homes capturing the activities of the renter. So it’s not exactly a new concern. But keep an eye out because this is going to be a hard one to spot.

Two more quick things here. We talked about the tug of war over privacy with Facebook that Apple is involved in and this all started with a TechCrunch article. But I wanted to mention too that you know, Facebook’s been under fire for months Facebook settled they came to an arrangement with the federal government about privacy been What about a decade since that happened. And now the US Federal Trade Commission is likely to impose a record fine against Facebook for failing to protect users personal information. The District of Columbia also sued Facebook and this FTC finds going to come because of the settlement that apparently they have not been honoring.

Now another Facebook tip I learned this week about a plugin for Chrome called FBPurity, look it up online. I have it on my website. http://CraigPeterson.com. But FBPurity has been around since 2009. It’s one of the top 150 highest rated Firefox extensions and I like the Firefox browser. By the way, half a million happy users. Check it out. It will let you block all of the crap that comes up in your Facebook feed. You are going to love it FB purity online. http://CraigPeterson.com. Make sure you sign up for my training this week. Okay, there’s going to be three training videos I’m releasing there’s going to be a live webinar we are going to be discussing small business security, do it yourself. This is all about teaching you exactly what you need to do how you need to do it and backing you up slowly. You can get your small business Small, Medium Business secure. I’ve helped everybody from a little mom and pop Soho all web to fortune 100 companies. We’re security I’m going to help you as well. http://CraigPeterson.com. Have a great week and we will chat next week. Bye bye.