Tag Archives: Computer access control

Technology

One Of The Best-Selling Steam Games Last Month Was A Police Sim

Leave a comment

Image: Aesir Interactive

Valve just updated its list of the top new releases on Steam for November. There are the usual suspects like Crysis 2 and 3, Spider-Man: Miles Morales, and Sonic Frontiers. There’s also my favorite single player game of the year, Pentiment, and a neat little pixely extraction shooter that caught our eye a few months ago called Zero Sievert. But one of the top 20 best-selling Steam games last month was, of all things, a fucking police sim.

Released last month, Police Simulator: Patrol Officers takes place in the fictional U.S. city of Brighton. The game asks you to “take up the badge” as a cop, which actually means harassing citizens with traffic violation citations, arresting them for possession of drugs, “chasing graffiti sprayers,” and other cop things. It’s currently holding a “very positive” review status, with several active and former law enforcement officers chiming in to the comments, and others who didn’t get enough of a kick out of bullying people in childhood weighing in, as well.

One reviewer sums up a typical experience in Police Simulator. It’s written out like a poem (and you should read it as such):

I started my first shift.
I saw a lady jay walking, so I stopped her.
She seemed nervous, so I asked for her ID.
I decided then to search her.
She ran.
I shot her with my stun gun.
I found a switch blade and human teeth, so I arrested her.
I called for back up, and they threw her in the patty wagon.
Cleaning the streets, one person at a time.

I mean where to even begin with this? Honestly, this makes that Call of Duty level from the last game look tame. And what is with the human teeth? Do the devs assume people carry such things around, and do that regular ol’ street cops spend most of their time thwarting murders with a penchant for taking teeth? “First person I searched I found human teeth. 10/10” reads another review.

Other reviews suggest this is a pretty straightforward, somewhat buggy and feature-lacking civil duty sim. Such a boring job, it seems, isn’t up to everyone’s hopes. Another Steam review reads:

Pro’s[sic]: Be a cop.

Con’s[sic]: Can’t be a bad cop.

First thing I did was pull out my pistol and shoot a lady that was jaywalking and I got booted off the job. I couldn’t even do the remaining 16 bullets in my mag before reloading and yelling at her not to move.

Fun game, but a bit unrealistic.

7/10 – worth it for ramming your policecar [sic] into randoms and fleeing the scene.

G/O Media may get a commission

“Shoot first talk later” reads another review. “This game was pretty fun at first” laments a negative review, “but unlike LSPDFR mod in Grand Theft Auto V, you HAVE to play by a real Cop’s duties. You have no real freedom to goof around.”

I’ve played a ton of GTA, a game where you regularly do horrible things to people, but this one strikes me as a little odd. I probably shouldn’t throw stones, and there are other examples of questionably tone deaf uses of police imagery in games. But it’s hard not to read comments from people bemoaning that a game meant to simulate daily police work which is mostly, boring civil offenses like traffic violations is not exciting enough because it doesn’t give you enough opportunities to shoot people.

 

Read original article here

Technology

A Complete Guide to Not Getting Hacked

Leave a comment

Photo: Shutterstock (Shutterstock)

Go Off the Paranoia-Soaked Deep End and Lose Your Mind

Look, the truth is this—you can do all this stuff and still have your privacy and data completely wrecked. Hackers can still get in. Whatever Western government you’re living under can probably still target you with eye-of-Sauron-level surveillance. The social media company holding your data can misconfigure its databases and leave your email address and phone number exposed. In reality, it’s a wash.

However, if you really want to be totally safe and make sure your personal information is protected, I’ve thought about it and there are a couple of additional steps you can take. Here they are:

— Drink heavily and ruminate on the madness of the modern world.

— After a nightcap or three, go to the nearest window and throw your stupid computer out of it while screaming “I’M MAD AS HELL” like Peter Finch in Network.

— Escalate things and murder your phone. Desolder the fucker, smash it to pieces with a ball-peen hammer—then burn the parts in a ritualistic conflagration in the backyard. Later, siphon the phone’s ashes into a little glass vial and hang it around your neck to remind you of your triumph over evil.

— Cancel your lease, sell your earthly possessions and just drive. Where? It doesn’t matter. You just have to get out of there.

— Live in a tent in an unincorporated territory and read books and river bathe. Learn to enjoy the simple things—like the sound of crickets at night, the majestic sight of a buck as it traipses across the prairie, and your own body odor.

— Pray that someday, in some as yet unseen American future, your congressional leaders will grow real, actual testicles and introduce laws to regulate the dystopian corporate monsters that have swallowed the world and eradicated human privacy.

— Weep for humanity.

Read original article here

Technology

Twitter to Add More Context to Rejected Verification Requests

Leave a comment

Photo: Alastair Pike (Getty Images)

Now when Twitter rejects your request for that coveted blue checkmark, it’ll be personal. The social media platform announced on Friday plans to provide users with a more thorough explanation of why they failed to meet its verification requirements, as opposed to just firing off generic rejection emails.

“We’ve heard your feedback that we can be more clear on why an application didn’t get approved. Decision emails will now give more context on why requests don’t meet our criteria,” Twitter wrote.

This announcement comes after Twitter relaunched its public verification process in May for the first time since 2017… and then promptly hit pause on it again after being flooded with verification requests. All the while, Twitter quietly opened up the process to certain companies, brands, news organizations, activists, and other accounts that it’s deemed worthy of a blue checkmark.

Twitter said Friday that it’s slowly been rolling out public access once more to keep from overwhelming its team, and the option to apply will soon be available to all users. With this in mind, it’s working to make the entire process more transparent, such as by adding additional context to rejection emails.

“[We] know that generic rejection emails were confusing and frustrating for folks, so getting more specific information into the emails about verification decisions has been a top priority for our team,” said Twitter product lead of verification B Byrne.

G/O Media may get a commission

Twitter also said it plans to add more explicit guidelines within the application and will continue to incorporate feedback about how to make the verification process more user-friendly.

“Patience isn’t part of the criteria, but we appreciate yours,” Twitter wrote.

So if you (like me) are still among the checkless plebs, look on the bright side! At least Twitter will explain why you aren’t worthy of verification the next time it turns you down.



Read original article here

Technology

Uninstall These Malicious Android Apps That Stole Facebook Passwords

Leave a comment

Photo: sitthiphong (Shutterstock)

Researchers from Dr. Web have found nine apps with more than 5.8 million combined downloads that were sneakily stealing user’s Facebook passwords using a genuine Facebook login page. As of writing, Google has banned the developer and removed these nine apps from the Play Store, but if you’ve downloaded any of them, it’s time to change your passwords.

How did the apps steal the data?

According to the researchers at Dr. Web, the developer, chikumburahamilton, created fully functional apps for photo editing, exercising, horoscopes, and junk cleaning (among others). After a point, these apps would prompt users to log in using Facebook to unlock the full functionality of the app.

When users did that, the app would kick in their own C&C server (a Command-and-Control server controlled by the developer used to copy and store data from a webpage). After receiving the settings from the C&C server, the app loaded then loaded the legitimate Facebook login page.

Then, the app loaded the JavaScript received from the C&C server into the Facebook login page (JavaScript code is versatile and can be inserted at any point, even when a user just taps on a text field). This Javascript code was then used to copy the username and password.

G/O Media may get a commission

The JavaScript then passed the copied data to the application, which in turn passed it to the app’s C&C server, where it was saved. Once the user logged in to the application, the app also stole cookies from the current authorized session, which were in turn sent to cybercriminals.

In this instance, the apps only used Facebook’s genuine login page. But because of the way JavaScript and C&C servers work, they could have easily done this with any service requiring you to log in.

What can you do about it?

The first thing you should do is to check if you were running one of these nine apps:

  1. PIP Photo
  2. Processing Photo
  3. Rubbish Cleaner
  4. Inwell Fitness
  5. Horoscope Daily
  6. App Lock Keep
  7. Lockit Master
  8. Horoscope Pi
  9. App lock Manager

If you have any of these apps installed, the first step is to uninstall the application.

Then, if you used Facebook login with the app, you need to reset your password immediately.

Next, stay vigilant. Use a trusted anti-virus application like Malwarebytes to detect apps with malicious code. If possible, avoid connecting third-party services like Facebook with random apps downloaded from the Play Store. Because of the way Play Store works, it’s trivially easy for developers to reenter and resubmit apps even after they are taken down (a developer license only costs $25).

Lastly, turn on two-factor authentication for any site that allows it, and pair it with a password manager. This will help you generate and store long passwords securely. And even if a website leak reveals your password, two-factor authentication will protect you from hackers.

[Ars Technica]

Read original article here

Technology

Why You Should Switch From LastPass to Bitward’s Password Manager

Leave a comment

Whether you’re looking to make a change in your password management just because, or you’re a LastPass user annoyed with the service’s recent changes to its free tier, switching to the much-loved (and free) Bitwarden service is a good choice. Bitwarden is now the best free password manager for most people—since it works across all of your devices to add convenience and security to your logins—and setting it up is quick and easy.

To get started, head to Bitwarden’s site and create an account. It’s free to do, and all you need to worry about is giving yourself a solid master password. Make it a good one, and one that you don’t use anywhere else, because it’ll be one of the gatekeepers for all of your other passwords that you’ll store on the service. Once you’ve created your account and logged in, make sure you verify your email address using the option in the upper-right corner.

Screenshot: David Murphy

If you’re coming from another service—like LastPass, for example—you’ll want to find a tool you can use to export your passwords. On LastPass, this is tucked away under the Advanced Options link at the bottom; exporting your passwords basically transforms them into a simple .CSV list.

Screenshot: David Murphy

G/O Media may get a commission

You then copy the list (which I’m not screen-shotting, for obvious reasons) directly into Bitwarden via the Tools menu > Import Data.

Screenshot: David Murphy

Your passwords will all appear in your main screen, and should also synchronize to your various Bitwarden apps the next time you go to use them. To edit any of your passwords, simply click on the hyperlink for a given site or service. You can also use the gear icon that appears when you hover over each listing to copy your user name or password directly to your clipboard.

Screenshot: David Murphy

Those are the basics of Bitwarden, but you’re not quite done yet. Click on the profile image in the upper-right corner and select My Account. From there, click on Two-step login in the left-most sidebar.

Screenshot: David Murphy

Here is where you’ll set up two-factor authentication for your account—this isn’t required in order for you to use Bitwarden, but it’s highly recommended to keep your account secure from unauthorized logins. You can choose to have 2FA codes emailed to you to verify any login attempts, but I recommend you use an authenticator app instead. They’re similarly easy to set up, and act like a password manager for all your two-factor authentication tokens.

You might also want to visit the Options link on the lefthand sidebar, which will let you adjust your Vault timeout—as in, how long it’ll stay open from the last time you accessed it. Go past that time, and you’ll have to enter your password once again. Turn this down if you’re on a shared computer, and consider turning it up a bit if you’re feeling especially secure in your setup.

Screenshot: David Murphy

After that, grab all the Bitwarden apps and extensions you’ll need for your devices and browsers. Installing them is easy, and they grant you access to everything you’ve stored in your Bitwarden vault. In the case of your browser, for example, you’ll simply need to right-click on a password prompt to pull up your Bitwarden autofill:

Screenshot: David Murphy

And that’s it. Bitwarden’s free version doesn’t offer a ton of features—no checking your saved passwords for leaks, for example—but it does give you an quick and easy way to synchronize passwords across all your devices. What’s not to like?

Read original article here