Good Monday Morning

It’s July 18. The federal government is advising people that their COVID-19 immunity may be significantly lowered if they haven’t had a booster shot this calendar year as a new surge is starting to drive up hospitalization and death rates. Adults over 50 and those with certain medical conditions are eligible for a fourth booster. About 3-in-4 eligible people have not yet received that booster. Learn more at the official vaccination website.

News To Know Now

Quoted:“We do not use [third party seller] individual data when we’re making decisions to launch private brands.”

— Amazon executive Nate Sutton to the House Judiciary Committee in 2019. His claims were confirmed to the same committee a year later by Jeff Bezos. The Wall St. Journal reported last Friday afternoon that Amazon has made a non-monetary offer to European regulators to settle an antitrust action over the same issue.

Driving the news: One week before they report on second quarter earnings, Big Tech companies are looking to clear up lingering issues.

a) Meta companies Facebook and Instagram are removing posts offering abortion pills to women. In the first reporting on the topic, a Motherboard reporter successfully repeated the experience related by a person whose post was canceled. They shared the messages they received from Meta explaining that they had violated “community standards.” The account was also unable to post or comment on the sites for 24 hours.

b) Google has asked the Federal Elections Commission to approve their plan to make political email exempt from spam detection, reports Axios. It’s especially noteworthy given that robocalls received a similar exemption for political calls that commercial calls weren’t offered.

c) The UK Daily Mail had more engagement than any other publisher on Facebook, according to News Whip’s Q2 data. NBC News came in second and Nigerian publisher Legit was third. The most engaged piece of content was by Fox News about a high school coach winning a case at the Supreme Court allowing him to offer postgame prayer.

Trends & SpendsTrends & Spends

Spotlight Explainer — About VPNs

Prompted by my friends, Jamie and Heather, who were prompted by a Washington Post article this week, I did some thinking about VPNs. I have some definitions and recommendations for you, as well as describing what a VPN can and can’t do.

What a VPN Does
Think about a VPN as a private connection between your phone or computer and a private server somewhere else. Imagine that a private tunnel connects your device with the server so that anyone in between you two can’t see what you’re doing online.

That includes the company providing you an internet connection. While the VPN is on, everything between you and that other server is encrypted.

You Are Not Anonymous
For starters, everything you do is known to the VPN company. Everything. 

But just as importantly, every place you visit using that VPN connection still has an opportunity to add tracking cookies or other ways of monitoring you.

I’m using a VPN right now that bypasses my internet provider, Verizon. As far as they are concerned, I’m accessing a site in Atlanta. But the company that provides that service to me knows that I am really in the metro Washington area and using their Atlanta connection to access an email software company called MailChimp.

And MailChimp knows who I am because I accessed the system using my account credentials.

Why Use A VPN Then?
The most important thing a VPN does is protect the transmission between your device and the VPN server. I’m not trying to screen out Verizon per se. I want to ensure that a nosy but skilled neighbor isn’t able to see my work nor is someone parked on the street outside. 

A VPN is excellent for times when you are away from home and accessing your bank or credit card, or even email. Places like hotels have long been targets for bad people trying to use software to spy on someone’s Wi-Fi signal. That goes for anyplace offering free public Wi-Fi — airports, coffee shops, or malls.

A VPN also confuses basic software analytics programs that companies use to track us. Remember, as far as my internet carrier knows, I’ve been connected to Atlanta this whole time. And any site that hasn’t put cookies on my browser or requires a login probably thinks that I’m in Atlanta too. That’s helpful in my line of work where I do a lot of competitor research for clients.

Security experts will tell you to never use public Wi-Fi to access sensitive information or websites. That includes any financial sites (banks, credit cards, etc.), health information, and sites with private information. Having a VPN to use while traveling and on your mobile device is smart.

Your Browser Might Have Free VPN
And this is where you have to start doing solid research to figure out your risk profile. Opera, a popular browser offshoot from the same code as Chrome and other popular browsers, started in Norway, but is now primarily owned by a Chinese organization. 

And the Avast browser made by the antivirus software company of the same name was the subject of withering criticism regarding its privacy practices just a few short years ago.

Our recommendation is to stick with a private VPN service offering.

But I Use Incognito Mode
Incognito mode’s best feature is not saving your information to the browser that you’re using. In other words, you’re incognito from people using that browser on that device in the future. Everyone else is still tracking you.

A Word About Password Managers
You need one, now more than ever. As part of our work, we have access to client software and accounts. Some have decent password protocols, but most don’t, and that trend hasn’t changed in nearly 15 years. Security experts will correctly tell you that passwords are an issue because they’re a hassle that people avoid. You need a strong one with a mix of numbers, characters, and letters, and the ability to change it on the fly, save it to all your devices, and use two-factor authentication with your phone or another device.

Here’s Everything We Recommend
This is what we use. You should look into these to see if they fit your needs.

Virtual Private Networks for being on public connections or research
We use Mullvad, a Swedish company that only offers VPN services and charges 5 euros per month to install software on up to 5 devices. You pay without disclosing your name or address to them. They’ve been operating without incident since 2009. You’ll need to toggle it off to use a local printer or log into Google or Facebook, but you can go right back to it once you’ve logged in.

1 Password as a password manager
This robust Canadian software company has a product that has been in the market since 2006 without incident. You’ll pay $36/year for a personal account or $60 for a family membership. Business accounts start at $8/month and include free family accounts. If you don’t want to pay for password management, look into highly recommended BitWarden.

Browser 
We use and love Brave’s privacy browser. Mozilla Firefox is also very, very good. Its Firefox Focus browser for iOS and Android devices is outstanding.

Did That Really Happen? — PA Still Has Mail-In Voting

Disinformation about elections can be devastatingly effective, which is why we were pleased to see Reuters disprove a viral tweet that falsely claimed that mail-in ballots would not be accepted in Pennsylvania.

 Following Up — Amazon Released Doorbell Video To Police 11 Times

Responding to a request from Sen. Edward Markey (D-MA), Amazon acknowledged that it had shared private customer videos with police agencies 11 times this year. The company said that it did so while complying with its disclosures that allow for the videos to be released in the event of a warrant or emergency situation.

Miss our 3rd annual look at police technology that affects you?  Check it out here.

Protip — Find Out Your Missing Wi-Fi Password

I need to remind you that your password manager is a great place to store your Wi-Fi password, but let’s assume that you are trying to do just that right now. You’re covered with this handy how-to explainer that won’t require you install software.

Screening Room — Meta Portal

This 30 second spot does a nice job of showing off the smart Meta Portal videoconferencing device that gets rave reviews. 

Science Fiction World — Amazon Drones Fly in Texas

If you remember Jeff Bezos getting laughed at in 2013 for predicting that Amazon would deliver packages by drone, I’m sure that he would like you to read this article about the company following Walmart into testing drone delivery in Texas. 

Coffee Break — Banned Books

Researchers have compiled this public spreadsheet that offers a sobering look at censorship by parents groups and school boards. Sort by author, title, or plenty of geographic markers among the thousands of records. Authors on the list include Toni Morrison, Judy Blume, John Steinbeck, S.E. Hinton, James Patterson, and Margaret Atwood as well as books by actors George Takei, Trevor Noah, and Neil Patrick Harris.

Sign of the Times

You read all the way to here? [swoon] I would love to send you Spotlight every week for free. It arrives in your email every Monday at 6 a.m. Click below, and we’ll make it happen.

 1. Good Monday Morning

Crypto enthusiasts and industry insiders will be eagerly anticipating Coinbase’s upcoming IPO this week. Coinbase will now be one of just three companies with a billion dollar valuation exclusively operating within the crypto market according to CB Insights’ data.

As Ramadan begins today, a quick correction from last week when Spotlight said Easter had occurred the previous day. As I was graciously reminded by Reverend Laura Cochran, Easter Sunday was the beginning of the 50 day Eastertide season. In addition, the world’s Eastern Orthodox observers celebrate Easter Sunday this year on May 2. 

Today’s Spotlight is 1,275 words — about a 5 minute read.

2. News To Know Now

Quoted: “Targeting LinkedIn is not rocket science. It is social media for the corporate world with a description of the key players in every industry. I assume that I am a target too and always look for that.” — Chris Morales, CIO of Netenrich to Threatpost about new phishing attacks on LinkedIn job searchers.

a) Amazon’s share of U.S. digital advertising grew to 10 percent in 2020, up from 7.8 percent the year before, according to a new report from eMarketer on Wednesday that examines the company’s growing dominance in what it calls the US advertising triopoly. Despite this, Google and Facebook’s market share remained relatively unchanged

b) An algorithm operated by Google allegedly used data gathered from past ad-buying bids to give its own system an edge over competitors. Google’s controversial Project Bernanke had been withheld from publishers according to court documents filed in the case 10 states have filed against Google. This is the same lawsuit that alleged proof of a deal with Facebook to competitively cooperate. (Wall Street Journal)
c) A Texas man who allegedly plotted to blow up a data center in Virginia has been charged with a malicious attempt to destroy a building with an explosive. Seth Aaron Pendley, 28, was arrested on Thursday after allegedly attempting to obtain an explosive device from an undercover FBI employee in Fort Worth. Pendley reportedly stated that 70% of all internet traffic flowed through the Ashburn data center, demonstrating a profound misunderstanding of how the internet works. He also participated in the January 6 insurrection at the US Capitol.

Also know these headlines:

DoorDash, Instacart Eye Launching Credit Cards — Retail Brew

YouTube Testing Hiding Dislike Counts — Search Engine Journal

3. COVID-19 Tech News

Data — Daily Average (7 day trailing)

US Deaths — 761
US Hospitalizations — 43,706
US fully vaccinated — 29.1%

Great Trackers

Overview — Johns Hopkins
Vaccine Distribution — Washington Post
Vaccine Finder — CDC Project
Risk Calculator — Brown

New York Times tracker that allows you to customize a daily email with multiple cities and towns that you’re monitoring: Click here to configure.

Coronavirus & Tech News

Counterfeit Vaccine Cards Pop Up, Virginia Tells Twitter, eBay — Dogwood

The Next Great Disruption is Hybrid Work. Are We Ready? — Microsoft

4. Search Engine News

Google has released updated product review guidelines.They include demonstrating expert knowledge, providing unique content beyond manufacturer’s information, quantitative metrics, and more. Google provided writers with nine bulleted review questions to consider. That is the closest thing to a template that we’ve ever seen Google offer. Expect to see much more standardization in product reviews across the internet any moment.

Google also clarified that it does not want businesses to include telephone numbers in posts to Google My Business, but rather to use a “Call Now” button widget available to business owners. Some among you may think they have done so to track consumers and act as gatekeepers between companies and consumers. I applaud that thought process. 

5. In The Spotlight — Police Facial Recognition Use

A great deal of misinformation continues to spread regarding police facial recognition use in addition to a conflation of biometrics and police work. There are more reasons to embrace biometrics including facial recognition, but consider these high profile events:

  • Following the U.S. Capitol domestic terror attack, Facebook provided police facial recognition data and “helped them identify people who posted photos of themselves from the scene, even after the attack was over.”
  • Using automated license plate readers, the Oklahoma government is tracking uninsured vehicles throughout the state and mailing $174 citations to the owners. 
  • Minneapolis police are banned from using facial recognition technology.
  • Police in Massachusetts are allowed to conduct searches while under a judicial order, with a non-law enforcement agency conducting the search.|
  • Police in New York City are coming under fire for running thousands of searches using a controversial system called Clearview AI that scraped social media sites to build its database.

But biometric identification isn’t just for law enforcement; schools, companies, and landlords use it for access to restricted areas. Another use is WorldReach’s Know Your Traveller service that enables people to easily apply for eVisas and travel documents from home. 

Those who work with facial recognition admit that the technology has shortcomings, but not biases since the code functions exactly as humans direct. Within the limitations of the system, further distinctions are drawn between false positives and false negatives and the outcomes for each. Another key issue is the way the images are collected. 

Those Clearview AI images NYPD officers used for searches were collected scattershot from social media. They show people in wildly differing conditions and were stored in low-resolution formats. A higher resolution image taken in consistent lighting with consistent equipment responds best to an algorithm created by humans.

6. Debunked — KC Superintendent Didn’t Tweet at Rapper

Someone created a parody Twitter account of Kansas City Schools Superintendent Mark Bedell and tweeted to rapper Bhad Bhabie about her Only Fans account.

You already know it’s not him, but here’s the AP confirming it.

7. Following Up — Google AI Ethics Again, LinkedIn Data Leak

We’ve been writing about Google’s ouster of the co-founders of the company’s AI ethics team after one co-authored an academic paper critical of the type of machine learning that the company’s search engine uses.  According to Bloomberg, the executive they reported to has announced his departure at the end of the month.

We also wrote extensively last week about a massive Facebook data leak being made available free on the dark web. Now Cybernews reports that hackers have scraped 500 million LinkedIn records and are selling them. They’ve posted two million of the records free as proof.

8. Protip — Google Chrome Live Captions

Whether you have impaired hearing or simply work in a noisy environment, Google Chrome can now  automatically caption videos as they play. 

There’s a video at the announcement to show you how to do it.

  9. Screening Room –  Sam Adams’ Cousin & Vaccination

The brewer’s popular Cousin from Boston does his shtick while getting vaccinated.

10. Science Fiction World — Elon Musk’s Monkey

I was pretty impressed with Elon’s new tunnel under Vegas, but the Neuralink company he owns swears that their brain machine interface has now allowed a primate to control a Pong-like video game with its mind. The implications are staggering for a world of people with disabilities and injuries.

Here’s their announcement and video.

11. Coffee Break — Tokyo Live

This remarkable site shows activity throughout the Tokyo metro system including live ground level and underground images of where vehicles are located. 

You can add in layers for weather, view live cameras, and watch a real city go about its real activities.

The mesmerizing Tokyo map is here.

12. Sign of the Times

1. Good Monday Morning

Easter and Passover ended yesterday. Ramadan begins next Monday. Happy celebrations to everyone who observes them.
Today’s Spotlight is 1,329 words — about a 5 minute read.

2. News To Know Now

a) “You make the tax laws @SenWarren; we just follow them. If you don’t like the laws you’ve created, by all means, change them. Here are the facts …” read the tweet from an Amazon official Twitter account last week after she criticized the company online. We later learned that Amazon’s own security team filed a report suggesting the account had been hacked after criticizing three members of Congress by name, but it turned out that the social media staff were following Jeff Bezos’ direction to more vigorously defend the company. (Recode)

b) Apple has added two new voices to Siri and removed the default option of a female voice. A UN report released in 2019 criticized Apple, Google, Amazon, and Microsoft for using female default voices in virtual assistants. (TechCrunch)

c) Wyatt Travnichek, a 22-year-old former employee of the Ellsworth County Rural Water District in Kansas, was indicted last week on charges of entering a remote system and changing the disinfectant mix to toxic levels. Officials have not disclosed how Travnichek gained access to the system, though the Florida system that was compromised earlier this year used a shared password among multiple employees. (Ars Technica)

3. COVID-19 Tech News

Data — Daily Average (7 day trailing)

US Deaths – 825
US Hospitalizations – 40,665
US partial or full vaccination – 32%

Great Trackers

Overview — Johns Hopkins
Vaccine Distribution — Washington Post
Vaccine Finder — CDC Project
Risk Calculator — Brown

New York Times tracker that allows you to customize a daily email with multiple cities and towns that you’re monitoring: Click here to configure.

Coronavirus & Tech News

Apple Maps To Display Travel Guidance – The Verge

Everything You Need to Know About Vaccine Passports – Recode

Microsoft Delays Full Office Reopening to At Least September – Engadget

4. Search Engine News

Google has always had a problem coordinating its policies across huge divisions of its empire. I encountered this repeatedly when I would visit Google with evidence of conflicting advice. The Googlers I met would shrug and apologize that they didn’t know how the advertising people wanted to do things. Then the advertising people would smile, shrug, and say that they did not follow the rules from other Google divisions.

So when we tell you that Gary Illyes of Google said last week during a podcast that a page’s title can be any length in a search engine snippet, we realize it is accurate. What wasn’t discussed is that the title will truncate after a certain amount of pixels or that the words that appear in search engine results have a huge impact on whether potential visitors click on them.

Ilyes correctly states that the search marketing world has adopted its own industry standards. That’s true too, and I remember when those standards did not include Google because it wasn’t built yet. The point is that there is a lot of bad advice out there even when it’s technically accurate. 

His podcast statement quoted by Search Engine Journal: Try to keep it precise to the page, but I would not think too much about how long it is and whether it’s long enough or way too long. If it fills up your screen, then probably it’s too long, but if it’s just one sentence that fits on one line or two lines, you’re not going to get a [penalty] …”

We understand that the words and the truncated text can affect user behavior, so we adhere to best practices. You do the same thing in your job. That’s why we cannot give you a book or a class and realistically expect you to your job and keep pace with search engine optimizations. Search best practices can be technically correct and effective. It’s great when they’re both. 

5. In The Spotlight — Facebook Data Posted Online

A trove of personal information about Facebook users has been making its way around the internet ever since it was leaked in 2019. The last major sighting of the information was in January when Vice reported that “a user of a low-level cybercriminal forum is selling access to a database of phone numbers belonging to Facebook users.”

According to Business Insider, that information was released for free on Saturday. The Facebook data includes phone numbers, Facebook IDs, full names, locations, birth dates, bios, and email addresses from 533 million people in more than 100 countries. The Cambridge Analytica scandal is often talked about, but it had a relatively small database of 80 million users.

Did your data get scraped? Troy Hunt’s Have I Been Pwnd website has been a great resource for years. The data from the 2019 Facebook data breach is also in this database. It is easy to search with an email address.

Caveat: In Hunt’s data, the three email addresses that I used most in the past ten years appear between 10 to 26 times each including the 2019 Facebook data breach. You should be doing three things to help secure your data online.

1. Subscribe to a great password manager. I use 1Password. I also read good things about Bit Warden for free basic password tools.

2. Turn on two-factor authentication everywhere you can. You have to use a code or press a button sometimes. But bad actors who have your Facebook data won’t know your credentials because they can’t access those codes or buttons. Learn about 2FA.

3. Keep your phone and computer software current. Do not press the “remind me later” link because big companies constantly provide updated software to fix security issues.

6. Debunked — 12 People Create 65% of Anti-Vax Propaganda

A stunning report from the Center for Countering Digital Hate found that 65% of the anti-vaccine content on Facebook and Twitter can be traced back to just 12 people.

Coverage in The Guardian.

7. Following Up — Ransomware, NFTs, Solar Winds

We learned last week that the University of California and Brown University are recent ransomware victims. We also learned that Stanford and Maryland data was released online following ransomware attacks at those two schools.

The owner of Atari’s intellectual property cashed in on the non-fungible token (NFT) craze by earning $110,000 in one day from selling an image of an Atari 2600 Centipede game cartridge. There were 10 images in the sale.

We also learned last week that hackers breached the email account of former acting Homeland Security head Chad Wolf and members of the agency’s cybersecurity staff. You’ve seen us warn for months that these interconnected hacking incidents remain one of the biggest threats the U.S. faces. Officials still can’t describe the full extent of classified information obtained throughout the months of attacks.

8. Protip — Disable Facebook Friend Suggestions

Maybe you have enough friends. Maybe you don’t really know any of the people Facebook suggests that you add as friends.

Here’s a guide on disabling those suggestions

9. Screening Room –  Google “Get Back to What You Love”

Google dipped into its own history for a commercial and hit a home run with its spot imagining post-pandemic search.

10. Science Fiction World — Tourist on Mars Takes Selfie

The Curiosity rover on Mars seems a little jealous of the attention that new arrival Perseverance is getting.

See the selfie. I’ll change the heading to Science Fact Universe.

 11. Coffee Break — The Simpson Intro Using Only Stock Video Footage.

Creator Matt Highton posted, “It took a day, but here it is.”

701 original episodes of The Simpsons have aired since it debuted more than 32 years ago.
And speaking of 30 years ago…