MadHATTERS HATTERs Bulletin Board Free trial

The Sundar-ing

12 December Subscribe
Tech news with a HAT perspective 
Issue 58

When browser gunk gets nasty  

Session replay scripts, autofill forms and anti-ad-blockers. Your browser sifts through a lot of gunk, and it seems like even the most clued up user might not always know what they're at risk to…

Research from Princeton University has showed how password managers are exploited by marketing companies (Adthink and OnAudience were named and shamed) to extract email addresses and personal information. This is an 11 year old vulnerability, known for enabling password extraction by cross-site scripting (XSS) attacks. So Adtech is using an old school hacking technique to get our information? That's pretty bleak.

The same Princeton research institute exposed a bunch of weaknesses from the use of session replay scripts. These are services which help websites improve their UX by providing huge amounts of user behaviour data: where users scroll, their mouse movements – the lot. But the resulting scripts turn out to leak a lot of sensitive stuff... honestly, since when has software sitting on our devices and computers been SO intrusive?

Geek Out

In the spirit of all that is terrifying... There's a new series of Black Mirror out, featuring a gorgeous, hyper-stylised and by all accounts utterly brilliant Star Trek parody (although it's not a Star Trek parody, it's a lot more than that, but it also is).

The Doghouse

Google. Tax. Need I go on? Apparently Google avoids tax on the majority of its international profits using a little something involving the words 'Double', 'Irish', 'Dutch' and 'Sandwich' – apparently a kind of complex international hopscotch also involving Bermuda that saves companies like Google several billions of dollars of tax a year. Yeah me neither.

Elsewhere in Techland

If there's one thing a tech giant hates, it's tax (see above), so security minister Ben Wallace has come forward in threatening YouTube and Facebook with financial penalties for failing to remove extremist content fast enough. He emphasises the millions of pounds spent on de-radicalisation and human surveillance, and says that firms will not 'get away' with being less than cooperative.

Everything (else) that's wrong with YouTube. Disgraced vlogger Logan Paul, who posted a video of himself and his friends finding a dead body in a forest, and joking about it, has apologised, but the incident throws up concerns about YouTube's accountability. The thing about disgrace on YouTube is that it rarely sticks, and I'm sure Paul will still have made a pretty penny from the monetisation of this video...

Iran restricts use of Telegram and Instagram. Anti-establishment protests in Iran have caused President Hassan Rouhani to 'temporarily' ban the use of social media sites used to organise demonstrations. Telegram is especially popular in Iran, with around 50% of the population actively using the app.

Leila Trilby, Editor-in-chief
Happy New Year from the HAT team!

2018 is going to be big. 2017 was a year of building, a year of preparation, of putting many many pieces in place; 2018 will be the year we turn what we've built into value for our community – the ability to learn from, use, and control your own data. And we're very excited about it. Get ahead, and support all the development work we're doing by downloading the HAT App, if you're on iOS), or getting yourself a HAT on the web, if you're not, then telling us everything that you think about it by joining our gang of testers. Forward MadHATTERs to your friends who care about data, spread the word on data empowerment and control – there's a lot happening in 2018 which will really push this message, and show the world that there is another way to interact with digital services.

Irene is in Norway this week, at NHH in Bergen – checkout her slides talking about the new regulation of PSD2 (Payment Services Directive 2), spending data that is about to be available in a few weeks, and the HAT!

A lot of thinking has also gone on about the overlaps and distinctions between the HAT Ecosystem and the Blockchain Ecosystem – both are disruptive, both are decentralising, but there are some key points of difference which Irene teases out in her latest blog post. Give it a read! 

Happy 2018!

Yours in HAT,

Jonathan Holtby, Community Manager

Previous Issues