Help a sick child with cancer. Help us raise funds for this poor boy beaten by his stepfather. Learn how to help yourself if you have a heart attack and nobody is around. Isn’t Facebook a fantastic place, you can learn so much and get involved in things that matter through posts that your friends pass around. I’m sure you know what I’m talking about. We have all seen these posts that circulate on Facebook and other communities.
What do you think about them? Do you pass them on? Does this kind of messages play on your emotions? Do you like the feeling of helping a poor child somewhere in the word by clicking share? Have you ever tried to verify if the sad story is true? Or do you want to hold on to the dream that you are helping, and avoid checking the background even if there is a grain of doubt? Or are you one of the skeptics who dislike chain letters and write an angry reply instead?
Chain letter may be an old-fashion term from the snail-mail era. But that is really what we are talking about here. They are also called hoaxes, which refer to the content rather than the spreading mechanism. Our modern communities on the net provide an ideal environment for them. It has never before been so easy to share information with a large number of friends globally, just by a click. The content might be anything, but there are some easy ways to identify them.
Here comes a couple of examples from different categories.
Help save baby with cancer is a really classical example. Who can resist a sick child? And that thing on the little boy’s face. OMG! In reality, this story is just made up and the boy doesn’t exist. Or the baby in the picture certainly exists, but he has appeared in many different chain letters and nobody knows where the picture comes from or if that thing is fake or real. The promise of one dollar per share is also just made up, there is no such commitment in reality.
YOU COULD SAVE A LOVED ONES LIFE BY KNOWING THIS SIMPLE INFORMATION!!! First aid and medical advice is another common chain letter category. I have attended a number of first aid courses at different levels, and this example is legit as far as I can tell. The described STR-rule is also well known and used elsewhere too. But how do you know that? If you can assess that, you don’t need the advice. And if you can’t, you have no clue if the advice is reliable and accurate. This one might be legit, but that can’t be said about all the other messages of this kind. They can in the worst case be directly harmful! (I have selected to not share one of those here.)
Facebook is not a good info source for matters of life and death. If you truly care about your loved ones and want to be able to help, then there is no substitute for professional first aid training. Trash all chain letters of this kind and sign up for a course today!
[Insert celebrity of your choice] found dead at Dominican Republic resort. This is really a sick form of humor. There’s a web-based generator that can generate hoaxes like this. It even creates fake news pages that can be passed around with the chain letter. I’m including the link to the generator here. I trust that you use it only to learn how to spot these hoaxes, not to make one yourself.
If you see some shocking news like this and the source isn’t one of the big news networks that you recognize, then turn to Google and get a second opinion before you hit share. Well, sites can be faked so Google is a good idea even if you recognize the news source.
But these chain letters are mostly harmless, you might think. Is it really that bad to pass one on? Well, they don’t harm the reader directly. Messages that trick you into downloading a file or opening a site that can contain malware is a different cup of tea. Phishing scams that trick you into entering secret data at a faked site are also truly harmful. Chain letters and hoaxes are not harmful in this way.
But that’s not the full story. There are still several reasons to avoid them:
And by the way. Why should you support this particular child? Just because you got a picture of him? There are probably thousands of real children with the same disease. You feel emotionally involved, that’s good. Let’s use your emotions for something more productive than just passing hoaxes around. Look up a local charity organization that work with children and make a donation while watching the picture. That really matters!
So, to summarize. Don’t feel bad if you have shared chain letters like this. As said, they do no direct harm. But I hope that as many as possible become aware of the downsides and start ignoring them. Our Facebook experience would be tidier.
So now you know how to spot a chain letter. Just click the share button and make sure all your friends on Facebook also know. Hey, wait…
Image from About.com Urban legends
Collision is coming to a close today, and what a week it’s been. F-Secure’s Chief Research Officer Mikko Hyppönen was there earlier in the week, and gave a compelling talk on the evolution of cyber crime. He also gave a quick post-talk interview, so check out this Quickfire article to learn who Mikko thinks deserves a slap in the face. F-Secure also ran a basic Wi-Fi experiment at Collision*, similar to ones conducted in 2014 and 2015. While the experiment conducted at Collision had a smaller scope than our previous investigations, it does prove that people are still pretty promiscuous when it comes to connecting to public Wi-Fi hotspots without the proper protection, such as a VPN. In the first two days of Collision, we observed nearly one hundred people connecting to a phony Wi-Fi hotspot. And none of them were encrypting their traffic. Connecting to a phony Wi-Fi hotspot can open the door to all kinds of problems. Hackers have been known to use similar setups to help them “sniff” people’s Internet traffic, allowing them to do things like read personal messages, log the websites people visit, and even steal passwords and other sensitive information. So if you make a habit of using public Wi-Fi hotspots – whether you’re at a tech conference, an airport, a café, or a hotel – you should give Freedome a try to keep you and your private data safe and secure. [Image by Erin Pettigrew | Flickr]
Finland is home to the freest news media in the world, according to Reporters Without Borders. It's fitting, then, that the annual UNESCO World Press Freedom Day conference will be held in Helsinki this year, May 2-4. Freedom of information is a topic that's close to our heart. We were fighting for digital freedom before it was cool - yes, before Edward Snowden. A free press is foundational to a free and open society. A free press keeps leaders and authorities accountable, informs the citizenry about what's happening in their society, and gives a voice to those who wouldn't otherwise have one. Journalists shed light on issues the powers that be would much rather be left in the dark. They ask the tough questions. They tell stories that need to be told. In a nutshell, they provide all of us with the info we need to make the best decisions about our lives, our communities, our societies and our governments, as the American Press Institute puts it. That's a pretty important purpose. But it can also be a dangerous one. Journalists working on controversial stories are often subject to intimidation and harassment, and sometimes imprisonment. Sometimes doing their job means risking their lives. According to the Committee to Protect Journalists, 1189 journalists have been killed worldwide in work-related situations since 1992, when they began counting. 786 of those were murdered. Freedom of the press and digital technology are inextricably intertwined. Journalists' tools and means of communication are digital - so to protect themselves, their stories and their sources, they also need digital tools that enable them to work in privacy. Encrypted email and messaging apps. Secure, private file storage. A password manager to protect their accounts. A VPN to hide their Internet traffic and to access the content they need while they're on assignment abroad. F-Secure at World Press Freedom Day It's because press freedom and technology are so intertwined that it's our honor to participate in this year's World Press Freedom Day conference. Here's how we'll be participating in the program: Mikko Hypponen, Chief Research Officer at F-Secure, will keynote about protecting your rights. Tuesday May 3, 14:00 to 15:45 Erka Koivunen, our Cyber Security Advisor, will participate in a pop-up panel debate on digital security and freedom of speech in practice. Tuesday May 3, 15:45 – 16:15 Sean Sullivan, our Security Advisor, will be on hand to answer journalists' questions about opsec tools and tips. One of our lab researchers, Daavid, will be inspecting visitors' mobile devices for malware. We'll feature our VPN, Freedome. Check out our Twitter feed on May 3 for livestream of Mikko's and Erka's stage time. Banner photo: Getty Images
AirBNB. Uber. These are but two examples of disruptive startups that are popping up to challenge big organizations' legacy mindsets and business models. Digitalization has completely shaken the world, and companies have two options: adapt to stay in the game, or be left behind in a cloud of dust. But it's hard to turn a big ship around. That's why F-Secure's Harri Kiljander, Janne Jarvinen and Marko Komssi believe that a great way for companies to accelerate innovation is to bring the startup model in-house. They've collaborated with peers from other organizations in a new ebook, The Cookbook for Successful Internal Startups. The book is a practical guide to establishing and running an internal startup. An internal startup, they say, is a great route to cheaper innovation execution and faster time to market. And the three have experience to draw on: F-Secure has developed its VPN product, Freedome, its password manager, Key, and its smart home security device, Sense, all as internal startups. The book pulls together F-Secure's learnings as well as the learnings of other companies who use the model. I caught up with Harri, Janne and Marko to talk about the internal startup scene. What is your definition of a startup? Harri: A startup is an organization that is established to build a new product or a new service under a significant uncertainty. Trying to do something new that doesn't exist yet, and constrained by a lack of established processes or budgets or resources. Janne: To me, a startup is the means to build something new and disruptive, and build it as fast as possible, with the intention of scaling as quickly as possible. You're not trying to make something that just a few people can do for a living, but you're trying to build up a big business quickly from something new. Marko: A startup is an entity that is searching for a scalable, profitable business model. It differs from a company in that a company has already found its business model. Why do you want to encourage big companies to form internal startups? Harri: Big companies are really good at doing old things. An internal startup is great way to introduce new ways of working and to try developing and launching new and better products and services. Janne: All companies want to explore new areas, but in the established organization it's difficult to start something new. With an internal startup, you don't worry about the existing organizational structures. From a company perspective, because the startup is not embedded into the larger organization, it's easier to handle and it's easier to see whether it's producing results. It also gives employees the chance to be involved in something new. How has the internal startup model been beneficial for F-Secure products Freedome and Key? Harri: One of the key elements has been the rapid development and feedback cycle - the classic cycle of build, measure, learn. Build something, release it, gather feedback from users and markets, and then adjust your product, pricing, channels, etc. The more rapid you can make this cycle, the higher the likelihood of being able to generate success. Janne: We built Freedome and Key much faster as internal startups than we would have done in the traditional way. The global launch took place just nine months after the idea, and that's extremely fast. Marko: Freedome was incubated in strategic unit, not the business unit. It had more freedom as it was able to work independently, without being under any existing business pressure. What is the biggest advantage an internal startup has over an independent startup? Harri: The ability to access the big company resources, including free labor and expertise. In a big company there are a lot of experienced people who yes, may be stuck with old ways of working, but they still have lots of experience and know about doing business. Marko: Access to the company lawyers, marketing competence, PR, company name brand, social media channels with established followings, etc. A startup has to pay for everything or get the competence somehow, whereas a big company has it in house. And vice versa, what is the biggest advantage an independent startup has over an internal startup? Janne: It's not constrained by a company's mindset and objectives, so it has more freedom. However, once an independent startup gets financing, the people writing the checks will start to want some control anyway, so in that sense it's not so different from an internal startup. Marko: The feeling of ownership. The independent startup team really feels that they own the idea. With an internal startup you somehow still feel that you are a company employee first. So ownership is weaker in an internal startup and that has an impact. What do you hope people take away from the startup cookbook? Harri: I hope people get a spark of courage to establish this kind of exercise in their own established organization. If they're not sure how to go about it, they are welcome to contact the writers of the book and we might be able to help them. Even big organizations can do things fast if they follow the recipes or principles we outline in the book. Janne: I hope people in large organizations see that they can explore new areas using this model. Our goal is to really help people learn from other companies' experiences so that they don't have to learn everything on their own. Read The Cookbook for Successful Internal Startups The Cookbook for Successful Internal Startups was created by the industrial organizations and research partners of Digile’s Need 4 Speed program. F-Secure is the driver company of N4S and Janne Järvinen leads the N4S consortium. Harri Kiljander is Director of Privacy Protection, Janne Jarvinen is Director of External R&D Collaboration, and Marko Komssi is Senior Manager, External R&D Collaboration at F-Secure.