When a news site immediately loads up a big privacy consent popup box blocking the article which was displayed in the title and thumbnail image of the link it displayed to get the click, that is malicious and false advertising. It's not ok. It is wrong.
If you want to display ads along the side of your news article, ok whatever that's fine and I expect a profit generating site to fairly use advertising space.
But you are not allowed to deceptively lure clicks to read something, and then falsely claim that "always necessary" cookies exist or try to coerce me into allowing even further invasive data to be siphoned away contrary to my interests. That is abusive and harmful conduct.
Which these days almost always results in me either quickly leaving the site without reading the article or agreeing to anything, or using the wonderful F12 button to pull up the browser tools which allow me to close the abusive popup consent box...
and read the content without agreeing to anything- Because the site has already sent the words to my device and I am completely justified in reading what they advertised as present and then sent to me before they then tried to cover it up like a bunch of jerks.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Chris Vickery

Chris Vickery Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @VickerySec

20 Oct
About 14 years ago I was reading through Major Use of Force reports from the Polunsky prison unit, which had been provided in response to a public records request sent to TDCJ (TX Dpt Crim Justice).

Two specific guards had been mentioned in too many prisoner grievance filings.
While it is certainly possible for a coordinated group of inmates to conspire together in planning and filing complaint paperwork focused on one or two target guards in order to carry out some sort of false smearing... I never observed a likely example of that actually happening.
In the situation I mentioned up top, the pair of guards accused of acting outside acceptable TDCJ protocol did themselves no favors on the several instances where one of them had literally copied the other's personal narrative incident report paperwork word-for-word.
Read 11 tweets
20 Oct
Beware of opportunistic tyranny.
1. "covid-19! quick, everybody install surveillance cameras that can detect body temperature to monitor for infected people!" (despite the prevalence of asymptomatic infections which makes these cameras not fit for the stated purpose)
2. City/Municipality owns the streetcorner, airport, govt building, jail, and other public places where these cameras observe things. (and their presence means nearby shops have less of a personal incentive to install their own private cameras)
3. The city/municipality decides that it is definitely an entity that has to abide by HIPAA regulations and without actually knowing what that means the city simply goes with the false, common public perception that "HIPAA requires absolute privacy for anything health related!"
Read 10 tweets
18 Oct
To explain:

It is dangerously foolish to trust that an entire file system with “non-repudiatable time stamp” as safe from manipulation.

This is because if a malicious entity knows what hashing technique is being used, and...
...has any ability to affect a file system’s content before or during the hash capture, the malicious entity can choose what the final calculated hash is determined to be.

Realistic example (but hypothetical) scenario:
1. PC has Kaspersky antivirus installed.
2. RU military intelligence flexes muscle to force Kaspersky into updating antivirus definitions minutes prior to (or during) covert hash capture or calculation of that PC.
3. The definition update is consistent and universally applied to all customers, but...
Read 6 tweets
18 Oct
I ask this question because after I discovered an openly exposed live database containing a copy of Mexico’s national voter registration rolls (the “Padron”) (and appropriately notified Mexico’s electoral authority)...
I soon thereafter made an additional discovery of a different similar database apparently limited to the Sinaloa region of Mexico and being hosted on servers under apparent control of the PRI political party.

(the first, national db had been a different political party, “MC”)
The second db, the PRI affiliated one, contained a large amount of additional data tables I did not widely mention. I do not speak or read Spanish very well. My two years of high school Spanish classes have not stuck with me.
Read 7 tweets
18 Oct
An evolution of this tactic is made possible by reliance on outdated hash signature approaches to detection. Modern computing power and hash collision generation techniques mean that an attacker can trick law enforcement into believing innocent files are illegal imagery.
Hash based detection alone is no longer a strong way to uniquely identify files if there is any potential incentive or motive for malicious trickery to be involved.
Unfortunately there are going to be several layers of blanket denialsand reluctance to accept this as true. The detection software makers do not want to admit any flaw past or present and would like to continue their streams of profit.
Read 9 tweets
17 Oct
In my head, I think of this as a "Lavos Bits" approach to botnet regeneration.
#ChronoTrigger #itsAVideoGameReference #snes #rpgs
For the non-90s nintendo nerds in the audience- Lavos is the primary villain's name in one of the most revered single-player video games of all time.
To defeat Lavos's Core, the floating "Bit" device to the left must first be eliminated (a less important 2nd Bit is on right).
The left Bit will regularly heal itself, the other Bit, and the Core pod until the player can inflict lethal damage to it between waves of heals.
This becomes worrisome when combined with the Lavos Core pod's ability to resurrect the Bit devices at will.
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!