Connect with us

Tech News

Mozilla rushes to patch Firefox zero-day exploit used to unmask Tor browser users

(TECH NEWS) Mozilla (Firefox) engineers quickly responded to and are working to patch a zero-day exploit that is being used de-anonymize The Onion Router (Tor) users.

Published

on

firefox

First responders

The bug was first made public on a Tor mailing list at 21:55:23 UTC 2016 on Tuesday and was quickly confirmed by Tor co-founder Roger Dingledine. Dingledine announced shortly the vulnerability had been initially discovered that Mozilla security engineers were actively working on a fix.

bar
As of 12:45 p.m. ET, Mozilla had released Firefox 50.0.01 to patch the bug, although a Tor browser update is still needed. Dingledine said in a message board post that after Mozilla released its patch, “then the step after that is a quick Tor Browser update.”.

The bug was believed to affect multiple Windows versions of Firefox, including the current version 50 and going back as far as version 41. The exploit code is a combination of HTML, CSS, and JavaScript and when hosted on a website and accessed through Firefox or Tor, would construct an SVG file that would trigger vulnerability that could send details about the user’s computer and connection to to a remote server.

The collected data included the user’s IP address and hostname.

Similarities to previous bugs

Analysis of the exploit is still underway, but the code appears to be similar to a 2013 Javascript zero-day in which attack code could be used to find a Tor user’s real IP address and relay it back to a server.

bar
That exploit was implemented by the United States Federal Bureau of Investigation in attempts to track down Tor users using the browser to access child pornography.

It is not known who is behind the current exploit.

What to do

Although a patch has been released, it is still recommended that Firefox users temporarily switch to an alternate browser such as Chrome or Safari when possible. Alternatively, they are advised to temporarily disable JavaScript on Firefox for as many sites as possible. Tor users are also recommended to turn off JavaScript, although disabling it goes against the official Tor recommendations.

Although it appears that the exploit currently only targets Firefox on Windows, security Dan Guido, noted on Twitter that macOS users of Firefox are also vulnerable.

#FirefoxExploit

Brian is a staff writer at The American Genius who lives in Brooklyn, New York. He is a graduate of Washington University in St. Louis, and majored in American Culture Studies and Writing. Originally from California, Brian has a podcast, "Revolves Around Me," and enjoys public transportation, bicycles, the beach.

Tech News

Bet you forgot about them: Yahoo Groups is shutting down

(TECH NEWS) After over a year-long process, Yahoo is finally shutting down Yahoo Groups for good, marking the end of an internet era.

Published

on

Yahoo Groups is shutting down.

For a long while, most of us forgot that Yahoo Groups still existed in a very limited way, of course. But now, it’s going to be discontinued for good. Yahoo announced that the Yahoo Groups website will be shutting down on December 15, 2020.

The removal process of Yahoo Groups is one that began in October of last year. At that time, Yahoo decided to no longer allow new content to be uploaded to the Groups site. Features that allowed for sharing files and photos, creating polls, etc. were all removed. However, users could still view and download any existing content. On its website, a statement read, “Don’t worry, though, Yahoo Groups is not going away…” But, we all knew that was never going to be the case.

In December 2019, the Yahoo Customer Care Twitter account tweeted that content on the Groups site would no longer be available or viewable. Users had until the end of January to download their data before it would be permanently deleted. All public groups became private and would require administrator approval to join. Also, admins had limited access to other administration tools, but group members could, at least, still send messages to each other.

Earlier this month, the creation of new groups was disabled. And now, the end of Yahoo Groups is on the horizon. On its site, a pop-up message reads:

Announcement: End of Yahoo Groups
We’re shutting down the Yahoo Groups website on December 15, 2020 and members will no longer be able to send or receive emails from Yahoo Groups. Yahoo Mail features will continue to function as expected and there will be no changes to your Yahoo Mail account, emails, photos or other inbox content. There will also be no changes to other Yahoo properties or services. You can find more information about the Yahoo Groups shutdown and alternative service options on this help page.

Yahoo said, “Yahoo Groups has seen a steady decline in usage over the last several years.” As a result, this is why the company decided to shut it down. “While these decisions are never easy, we must sometimes make difficult decisions regarding products that no longer fit our long-term strategy as we hone our focus on other areas of the business,” Yahoo added.

What became of Yahoo Groups isn’t even a bare-bones version of what it was during its prime. And, frankly, I don’t think it will ever be resurrected. Sometimes all good things must come to an end.

But, if you are a former Groups user and want to stay connected with your groups, the Yahoo Groups’ help page, hopefully, has all your answers.

Continue Reading

Tech News

This app connects music fans with their favorite bands

(TECH NEWS) With the Band, a Nashville-based company, is using tech to reshape virtual concerts and fandom experiences for music fans during COVID-19.

Published

on

Music concert crowd no longer safe but can be experienced virtually.

Nothing beats the experience of seeing your favorite artist live – except maybe that moment when you look next to you to see that others are feeling the music just as much as you are. Musical communities are a truly special bond that aren’t location specific. Perhaps that’s why fan engagement platforms, such as Patreon and Memberful, are so successful in cultivating online fanbases.

An app in the fandom world that has been making cutting-edge headway in the COVID-19 concert-less era is Nashville-based With the Band. The fan engagement platform, which connects artists with fans and fans with each other, has found itself in a pivotal position – how can they expand engagement to fill the growing needs during quarantine?

Before COVID, the app was used primarily to empower music fans and artists to create and participate in fan projects and meet ups. Perhaps the most notable example of a With the Band moment was September of 2019, where fans organized for 16,000 signs to be distributed at a Jonas Brothers concert in Nashville.

Since COVID-19, however, the platform has had to adjust to a live concert-less world. How are they doing? Pretty good in my opinion

With the Band has a new (and exciting!) feature called Fan Crews, which is a modern day, virtual version of a fan club that even Dr. Fauci could get behind.

With Fan Crews, artists will be able to engage with their fan bases (and monetize their brand) through:

  • Posting
  • Private messaging
  • Virtual meet & greets
  • Live streams (the modern-day concert?)
  • Exclusive content
  • Special giveaways
  • & much more

The most helpful feature of Fan Crews is that artists and artists teams will have access to an analytic dashboard, where they can see data pertaining to their fan base – all at a zero start-up cost to the artist!

Founder and CEO Sarah Beth Perry – a boyband fangirl – began the With the Band venture from her dorm room in 2017. Now, just three short years and a global pandemic later With the Band has grown in size and scale, and just might be the best thing to happen to fandom since everything went virtual.

Coronavirus has threatened the music industry from all angles – live concerts must abide by CDC guidelines, which means decreased profit for everyone. Fan meet ups and events have had to go mostly digital, putting the onus on tech features that allow for online fan engagement. Artists are losing money during this time, and fans are not able to engage with the artists and each other in the capacity they crave.

If the COVID-induced crumbling live concert industry is a call, With the Band’s Fan Crews is one hell of a response. I’m excited to see what artists and fans do with their new, full-integrated platform.

Continue Reading

Tech News

What is “Among Us”? The meme sensation two years in the making

(TECH NEWS) When a game has invaded even the most focused of social media feeds, we have to figure out what it’s all about. Enter Among Us.

Published

on

Among Us game cover, the latest game meme sensation.

If you’ve been seeing bean-shaped characters pop up in memes, on Twitch, or even on Facebook saying words like “Impostor” or “Red is sus”, you’re not alone.

Among Us, an online multiplayer social deduction game has taken the online world by storm as of late. Originally released back in 2018, the game gained a massive surge in popularity during the COVID-19 lockdown. According to Sensor Tower’s data, the game passed 100 million downloads on the IOS App Store and Google Play in Q3 of 2020 alone. While the game is free to play on mobile, users can also play on PC for a small fee of $4.99. As it stands, Among Us is currently the third-most played game on Steam, with a solid chance it breaks into the top spot in the next few months.

Haven’t played the game? Well, let’s cover the basics so you understand the endless number of memes coming your way.

The game is played with 4 to 10 people, all of whom are placed together on a single map. Depending on the game settings, 1 to 3 of these people will be randomly assigned as Impostors, whose goal is to kill a certain number of non-Impostors without getting voted off of the map. The rest of the users will be designated as Crewmates, who can win the game by either completing a set number of assigned tasks in the form of minigames or by voting the Impostors off of the map. Impostors gain the advantage of being able to use portions of the map (like vents) that Crewmates cannot, as well as being assigned fake tasks so it can appear that they are a Crewmate. Impostors can also sabotage areas of the map that will require Crewmates to complete an additional task within an allotted time, with failure to do so resulting in an Impostor team win.

Impostors will be able to move across the map and kill other players they are next too, turning those players into Ghosts who will still need to complete their tasks for the Crewmates to win. When a player finds a dead body, they can report it, which essentially allows for a time-based discussion and the option to vote for someone to be kicked off of the map. Each player can also use one “emergency meeting”, which can call for a discussion and vote at any time. Since players are allotted a cone of vision that allows them to only see other players within a certain distance, the game relies a lot on convincing other users you are not an Imposter.

Among Us was inspired by the party game Mafia, proving that a few adjustments to a classic concept can pay dividends. Due to the mostly chat-based dialogue, memes have popped up of Crewmates accusing people of being suspicious by saying they are “sus” based on their actions. There has also been a rise in memes highlighting a group of people saying someone must be an Impostor and voting them off, only to view the “X was not the Impostor” dialogue from the game.

Hopefully, this helps you understand some of the bean shape images you’ve been seeing recently. With the game rising rapidly on streaming platforms over the summer, it’s unlikely the wave of memes and references to the game will end anytime soon. If you still don’t understand it, then I recommend you take the plunge and play the game—after all, it’s free on mobile.

Continue Reading

Our Great Partners

The
American Genius
news neatly in your inbox

Subscribe to our mailing list for news sent straight to your email inbox.

Emerging Stories

Get The American Genius
neatly in your inbox

Subscribe to get business and tech updates, breaking stories, and more!