Takealot.com Data Leak

takealot-logo

Cloudflare, which provides services to millions of websites, has revealed that a bug has caused website passwords, cookies, and authentication tokens to be temporarily available in plain text. The list of 4.2 million domains possibly affected includes some of the internet’s most popular websites.

The Internet infrastructure company Cloudflare, which provides a variety of performance and security services to millions of websites, revealed late Thursday that a bug had caused it to randomly leak potentially sensitive customer data across the internet.

The flaw was first uncovered by Google vulnerability researcher Tavis Ormandy on February 17, but could have been leaking data since as long ago as September 22. In certain conditions, Cloudflare’s platform inserted random data from any of its six million customers—including big names like Fitbit, Uber, and OKCupid—onto the website of a smaller subset of customers. In practice, it meant that a snippet of information about an Uber ride you took, or even your Uber password, could have ended up hidden away in the code of another site.

South African e-commerce website, takealot.com compromised.

One of these websites is Takealot.com, the popular online shopping site in South Africa. I have not searched the entire list of 4.2 million sites but I am quite sure that there are a few thousand South African websites affected by this data leak.

What is disturbing is that Takealot.com undoubtedly know about this leak but have not notified any of their customers about the leak and that their personal information could be compromised.

You can search the list here: http://cloudflarelistcheck.abal.moe/

Or you can download the list of 4.2 million sites here: https://github.com/PIRATE/SITES-USING-CLOUDFLARE

It is possible that your passwords and personal information from affected websites may be at risk. I strongly recommend that you immediately change the passwords for accounts that are most critical to you to be strong, unique and not used for any other account. When reused passwords are stolen, it will impact your other accounts. This was true before Cloudbleed and is even truer today.

Notable sites compromised

Facebook and the Law

Facebook and the Law

I manage a few Facebook Groups and a number of Facebook pages and I am constantly confronted with the issue of defamation on social media. As social media becomes more popular and ubiquitous the issue around defamation has received quite a bit of public attention. Unfortunately many people still don’t understand how social media works, jurisdiction and how South African law views posts and comments on Facebook.

I have been involved in social media and online marketing for many years and have studied the laws pertaining to privacy and social media in detail as it affects my work on an almost daily basis. What follows is an attempt to demystify the concept of social media defamation. I am not going to deal with privacy issues and will leave that for another article.

The innocuous looking case of H v W which was handed down in the South Gauteng High Court on 30 January 2013 is the best and most recent case we have to determine how South African courts interpret cases of social media defamation. Judge Willis’ 30 page judgment recognises the harm a Facebook post can do to a person’s reputation and throws the weight of the Court behind the person defamed (and who can afford the legal fees). In this particular case the defamation was clear and the applicant won the case.

The law the Court relied on

The lawyers involved in the matter conducted what appears to be fairly substantial research on the law on defamation online and with reference to Facebook. Judge Willis relied fairly heavily on two academic articles by –

Context

Resolving the tensions between every human being’s constitutionally enshrined rights both to freedom of expression and to dignitas is all about balance. In the case of Le Roux v Dey Freedom of Expression Institute and Another as amici curiae) the Constitutional Court emphasized the need to take into account the context in which a publication occurs.

Similarly, Grimmelmann has referenced the legal maxim de minimis non curat lex which Judge Willis translated as “the law is not concerned with trivia”.

Businesses and defamation

With respect to public figures and businesses, he pointed out that while they enjoy a right to privacy, “[t]here is legitimate public interest in the affairs of public figures” and this means that they may not enjoy the same degree of protection as citizens not in the public spotlight when it comes to defamation online. As Judge Willis put it –

Trenchant commentaries on the performances of politicians as politicians, entertainers as entertainers, musicians as musicians, artists as artists, writers as writers, poets as poets, sports stars as sports stars will generally pass legal muster, even if posted in the social media. When it comes to freedom of expression in South Africa, there are oceans in which to swim and upon which to sail as freely as the wind blows.

A customer of a business will always have the right to publish on Facebook an account of her experience at that businesses. As long as the experience passes the test of defamation then it is not defamation but a review. Reviews can either be positive or negative and negative reviews, if made by a customer, cannot be classified as defamation because it is in the public interest and to the public benefit.

If individuals can be sued for making a negative post about a business, of which they are/were a customer then Facebook, Google, Tripadvisor, Booking.com and many large websites will cease to exist. Reviews have become a de faco means of expressing one’s opinion about a product or service.

The test of defamation

The test for determining whether words published are defamatory is to ask whether a ‘reasonable person of ordinary intelligence might reasonably understand the words . . . to convey a meaning defamatory of the plaintiff. . . . The test is an objective one. In the absence of an innuendo, the reasonable person of ordinary intelligence is taken to understand the words alleged to be defamatory in their natural and ordinary meaning. In determining this natural and ordinary meaning the Court must take account not only of what the words expressly say, but also of what they imply’

Referencing one of the justifications for (or defences to) defamation, namely that the defamatory material be true and to the public benefit or in the public interest, Judge Willis drew an important distinction that is worth bearing in mind –

A distinction must always be kept between what ‘is interesting to the public’ as opposed to ‘what it is in the public interest to make known’. The courts do not pander to prurience.

Important points to consider when you feel that someone (not you) has posted something that could be defamatory.

  • South African law does not require a person to be the originator of the defamatory content to be held liable – merely repeating or “sharing” a defamatory post is sufficient to constitute defamation;
  • a person may be equally liable for another person’s posts where that person knows that they have been tagged in the other person’s post and allows their name to be used, and fails to take steps to disassociate themselves from the defamatory post;
  • a series of comments or posts published via social media may have a defamatory meaning when read together, despite each comment or post appearing individually harmless; and
  • an apology on the same social media where a defamatory statement has been made may assist in mitigating the damage to a person’s dignity and reputation.

The Truth is On Your Side

Ultimately, you have every right to leave a bad review or make a negative post about a business, as long as you act in good faith and don’t lie. The difference between a legal negative review and an illegal one comes down to libel in many cases: “While defamation laws can vary depending on the jurisdiction, libel is the defamation of a company or individual in written form,” explained TekRevue. “To prevail on a libel claim, the plaintiff must prove that the defendant made a published statement about the plaintiff that was false, injurious, and unprivileged.” 

 

Marthinus Strydom

 

References: 

www.saflii.org/za/cases/ZAGPJHC/2013/1.html
uir.unisa.ac.za/bitstream/handle/10500/7643/A_Roos_Inaugural_.pdf?sequence=1
dealnews.com/lw/artclick.html?2,1051185,10629690
webtechlaw.com/2013/02/04/johannesburg-high-court-rules-on-facebook-defamation-html/
chili.co.za/News/1939/When-leaving-a-negative-review-can-get-you-sued

Watch out Trump Thumpers!

Watch out Trump Thumpers!

trump-lead2I find all the Trump Thumpers hilarious. The indignation they have because of this obnoxious man that stole the presidency.

Watching CNN today and it’s all they can talk about. How unfit he is to be president and how he’s going to destroy the most powerful country in the world. He’s going to be Putin’s new best buddy and the rest of the world is going to be destroyed in a nuclear holocaust.

It’s hilarious.

I’m making a list of all the Trump Thumpers and when he turns out to be a great president I will be the first to mock them. I don’t particularly like the guy but that’s not important. Having a president that you “like” is not important. What is important that he gets things done. Period.

What’s important is that he manages to fix a catastrophic foreign policy that has seen the US engaged in countless wars over the past 50 years.

What’s important is that he creates employment and saves the economy from imminent disaster.

What’s important is that he extricates the US from all their international meddling. I don’t particularly care if he’s not a nice guy. The best leaders are seldom “nice” guys.

Frankly, the many negative aspects that everyone is focused on, are in my opinion, the very reasons why he will be a good president.

He’s not ideological.
He’s a pragmatist. That’s a good thing. Ideology is for dreamers and a president shouldn’t be a dreamer but a doer.

He’s a dealmaker.
Like him or loathe him, one thing is certain. He can do deals and that is what a president should do – every day.

He’s financially minded.
At least he can count, not like South Africa’s president, Jacob Zuma. Actually, being a good businessman requires all the character traits needed to be a good president.

He’s not a politician.
Politicians are the pits. We all know this and we all hate them, so why are we so against a president that is not a politician? That’s a good thing, right?

The Trump Thumpers are in for a shock. I predict that he will be a great president (don’t confuse that with great guy).

He’s focused inward.
That’s a really good thing. The US has been sticking it’s nose into other people’s business for far too long. They can’t be the policeman of the world any longer. Trump is going to focus on the US.

He’s going to shake things up.
The US/Russia relationship has been a disaster since the second world war. He wants to fix that. Critics gasp in horror at the thought. Why? Because they need a boogeyman. Who’s going to be the boogeyman if Putin becomes “cuz Vlad”?

He doesn’t give a shit.
I like that. You need a fearless leader that forges ahead against all odds. One thing is certain. He’s not playing this game to lose.

The majority of the world underestimated him when he joined the presidential race. He won. The majority of the world think he’s going to be a lousy president. He’s going to prove everyone wrong again. He loves being the underdog and I like underdogs too.

Tripadvisor epitomises new age arrogance

New age arrogance is a really horrid thing. It’s a cancer that started about 10 years ago and it has been growing rapidly.

New age arrogance is when a company such as Tripadvisor resorts to complex forums and other techniques to avoid speaking to their customers. Customers that have problems with their property or business listing on Tripadvisor has no way of resolving their issues or problems and Tripadvisor has become so big that they don’t give a shit. They can lose thousands of customers and it won’t make the slightest difference.

Instead of providing proper customer service, they create support forums that are , you guessed it, managed by their clients! And the incredible thing is that the average customer is such an idiot that he does it gladly, spending hours answering support questions for the “community” for no reward.

Tripadvisor has not one email address listed. No way to contact anyone at the Tripadvisor Empire. It’s actually really pathetic. What makes it worse is that their systems are really poor. They are great at raking in the money by enticing customers to join due to their size, but when it comes to after sales support, they must be in the Top 10 worst customer service organisations on the planet. Google of course takes the number one spot for being über assholes.

Now, other companies are also following suit, the suits and pony tails doing the Macarena in the hallways because they managed to find a way to avoid employing decent support staff – milking their stupid customers for more, whilst actually doing less.

This model will backfire. The Tripadvisor’s and Google’s will perish one day to be replaced by companies that are truly customer centric and service orientated.

I don’t need their crap service and you don’t either. The less people support these parasitic organisations the sooner we will create the space for quality companies to thrive. Companies that appreciate their customers.

I think the Oval Office will be redecorated

I think the Oval Office will be redecorated

Take a peek inside the home of the new President of the United States. His primary residence, Trump’s penthouse was decorated by legendary designer Angelo Donghia in the early 1980s. The Trump family’s primary residence is the penthouse of Trump Tower in New York City, located at 725 Fifth Avenue.

gallery-1462815532-gettyimages-465121153

2fd9465400000578-3387426-all_for_show_though_trump_pictured_in_2001_often_criticizes_hill-a-66_1452117605695_1

2d9411ad00000578-3303819-image-a-1_1446653257605

The apartment has a color scheme of warm neutrals, such as gold, beige, rose, and blush, throughout.

920x920

The decor is rococo, the 18th century French style that preferred ornate details, curving furniture, and an abundance of gold.

2e1daac300000578-3303819-image-a-1_1446734796686

At 58 stories high, the Trump apartment has views including all of Central Park, the five boroughs of New York City, and neighboring New Jersey.

gallery-1462813673-donald-trump-index

Breakfast takes the form of fruits divided into golden bowls.

 

 

It’s time to quit internet banking on your computer

It’s time to quit internet banking on your computer

I have been saying this for years. Your computer is not safe. It never has been and never will be. Despite the efforts of anti virus companies, banks and everyone else, Internet fraud has been increasing rapidly. There are no signs that it’s going to decrease soon. The reason is simple. It’s much, much safer from criminals to steal your money from somewhere in Russia than to storm into a bank with machine guns.

Once again my suspicions that these are mostly inside jobs has been confirmed. MyBroadband reported today that the FBI is being called in to help catch syndicates that have infiltrated Vodacom and ABSA. These insiders have been doing illegal sim swaps and committing internet banking fraud on mostly ABSA clients.

I have been going on about this for years but the only response I ever got from Vodacom and ABSA was that there is no problem. It seems that these two companies are masters in spinning the bullshit. The sad thing is that thousands of people have lots millions due to the negligence of both Vodacom and ABSA.

Five years ago I told Vodacom that their practice of allowing sim swaps without proper security verification is a serious security threat. They did nothing.

Mobile apps are far more secure than internet banking on your computer browser. Your computer browser (Internet Explorer, Chrome, Firefox) is probably the least secure piece of software on your computer. Every bank has a mobile banking app today. Stop using your computer to do your banking. Switch to the apps and you will not be exposed to the risk of spyware, malware and keyloggers.

The safest way to do your banking is by using the banks mobile apps on iPhone or iPad. Yes, I’m not the greatest Apple fan but Apple is way more secure than Android.

You have been warned. Continue using internet banking on your PC at your own peril.

Read more at MyBroaband

 

Best South African Banks for Airport Lounge Access

Best South African Banks for Airport Lounge Access

We like to to travel but we definitely don’t like sitting at the departure gate on uncomfortable chairs with screaming children playing hide-and-seek.  Although some travellers love the hustle and bustle of airports, chances are that if you’re a frequent traveller the one thing you’d love before your flight departs is an hour or two of peace and quiet.

Access to airport lounges used to be a privilege only a few – with a business-class ticket in hand, of course – enjoyed.  Certain banks and financial institutions provide access to the lounges for free and some require you to jump a number of hurdles (or in bank parlance, ‘qualifying criteria’) before you can gain access.

Here are the best banks and accounts for airport lounge access – and the worst.

FNB and RMB

RMB and FNB Private Clients

RMB and FNB are both connected to the awful eBucks program which means you have to earn rewards in order to gain access to the lounges. Even as a RMB Private Bank client you don’t get free access to the airport lounges. The real annoying part of their rewards system is that you never know what level you are on. The airport lounges are not connected to the bank so when you swipe your card at the lounge they can’t tell you if you have earned enough rewards points to gain free access. They just swipe your card and you go in. It’s when you get home when you get the shock, because they then charge you for the access. You thought it was free. Nope. Neither FNB or RMB offer a credit card that offers free local or international lounge access.

Verdict: Terrible (change your bank)

Standard Bank

World Citizen Credit Card

The top Standard Bank credit card is called the World Citizen Credit Card.  You need to spend R15,000 per quarter to get complimentary access to over 500 airport lounges within SA and abroad, through their chosen partner, LoungeKey

Verdict: Bad

Diners Club

With Diners you need to spend R15,000 per quarter to get free access and the same rules/benefits as the Standard Bank World Citizen Credit Card.

Verdict: Bad

ABSA

Platinum Cheque Account

The ABSA Platinum cheque account offers an optional DragonPass membership, offering five free airport lounge visits per 12-month cycle at R59 per month.

Verdict: Terrible

ABSA Private Clients

6 visits (Only 6? Really?) per year to more than 800 airport lounges in over 300 cities across 100 countries affiliated to the DragonPass program.

Verdict: Bad

Nedbank

Platinum Card

Nedbank’s Platinum Card provides free access to the Bidvest Premier airport lounges for domestic flights only.

Verdict: Nothing to write home about

American Express Gold Charge Card

8 visits per year to the Bidvest Premier airport lounges for domestic flights only.

Verdict: Very average for Amex

American Express Platinum Charge Card

Amex Platinum Charge Card provides free access to over 900 local and international airport lounges in over 100 countries, with Priority Pass.

Verdict: Good (Because there are no other benefits to the Amex Platinum Card that’s comparable to a Private Banking offering.)

Investec

Investec Credit Card

Every Investec card holder has complimentary, unlimited access to SAA-owned Lounges and Bidvest Premier Lounges.

Verdict: Very Good

Investec Enigma Card

The Investec Enigma Card (SA’s own Black AMEX card) offers unlimited and free access to over 900 local and international airport lounges in over 100 countries, with Priority Pass.

Verdict: Excellent

Conclusion

Investec is the only bank that provides a really good airport lounge benefit to it’s card holders. Investec also offers a wide range of other benefits to card holders, which makes it a better choice than American Express. The great disappointment is RMB who have lost serious ground to Investec due to their complicated and terrible eBucks rewards program.

Private banking is definitely not what it used to be. There is very little special about it.