Tag Archives: Facebook

Dozens killed as gunman livestreams New Zealand mosque shootings

An injured person is loaded into an ambulance following a shooting at the Al Noor mosque in Christchurch, New Zealand, March 15, 2019. REUTERS/SNPA/Martin Hunter

By Praveen Menon and Charlotte Greenfield

WELLINGTON/CHRISTCHURCH (Reuters) – A gunman shot dead 49 people and wounded more than 40 at two New Zealand mosques, some as they were kneeling at prayer, livestreaming online some of the killings that Prime Minister Jacinda Ardern condemned as terrorism.

The gunman broadcast footage of the attack on one mosque in the city of Christchurch on Facebook, mirroring the carnage played out in video games, after publishing a “manifesto” in which he denounced immigrants, calling them “invaders”.

The video footage widely circulated on social media, apparently taken by a gunman and posted online live as the attack unfolded, showed him driving to one mosque, entering it and shooting randomly at people inside.

Worshippers, possibly dead or wounded, lay huddled on the floor, the video showed. Reuters was unable to confirm the authenticity of the footage.

It was the worst ever mass killing in New Zealand which raised its security threat level to the highest, Ardern said, adding that “this can now only be described as a terrorist attack”.

Police said three people were in custody including one man in his late 20s who had been charged with murder. He will appear in court on Saturday.

Police have not identified any of the suspects.

“We were not chosen for this act of violence because we condone racism, because we are enclave for extremism,” Ardern said in a national address. “We were chosen for the fact that we are none of these things. It was because we represent diversity, kindness, compassion, a home for those who share our values.

“You have chosen us but we utterly reject and condemn you.”

Police Commissioner Mike Bush said 49 people had been killed in total. Health authorities said 48 people were being treated for gunshot wounds, including young children.

U.S. President Donald Trump condemned the “horrible massacre” in what the White House called a “vicious act of hate”.

“The U.S. stands by New Zealand for anything we can do,” Trump wrote in a post on Twitter.

The gunman’s manifesto praised Trump as “a symbol of renewed white identity and common purpose”. The White House did not immediately respond to a request for comment.

One man who said he was at the Al Noor mosque told media the gunman was white, blond and wearing a helmet and a bulletproof vest. The man burst into the mosque as worshippers were kneeling for prayers.

“He had a big gun … he came and started shooting everyone in the mosque, everywhere,” said the man, Ahmad Al-Mahmoud. He said he and others escaped by breaking through a glass door.

Forty-one people were killed at the Al Noor mosque, seven at a mosque in the Linwood neighborhood and one died in hospital, police said. Hospitals said children were among the victims.

The visiting Bangladesh cricket team was arriving for prayers at one of the mosques when the shooting started but all members were safe, a team coach told Reuters.

Three Bangladeshis were among the dead and one was missing, the consulate said.

Shortly before the attack began, an anonymous post on the discussion site 8chan, known for a wide range of content including hate speech, said the writer was going to “carry out an attack against the invaders” and included links to a Facebook live stream, in which the shooting appeared, and a manifesto.

The manifesto cited “white genocide”, a term typically used by racist groups to refer to immigration and the growth of minority populations, as his motivation.

The Facebook link directed users to the page of a user called brenton.tarrant.9.

A Twitter account with the handle @brentontarrant posted on Wednesday images of a rifle and other military gear decorated with names and messages connected to white nationalism. What looked like the same weapons appeared in the livestream of the mosque attack on Friday.

Facebook and Twitter said they would take down content involving the shootings.

KILLINGS CONDEMNED

It was not immediately clear if the attacks at the two mosques were carried out by the same man.

Australian Prime Minister Scott Morrison said one of the men in custody was Australian.

All mosques in New Zealand had been asked to shut their doors and post armed guards, police said, adding they were not actively looking for any other “identified suspects”.

Political and Islamic leaders across Asia and the Middle East condemned the killings.

“I blame these increasing terror attacks on the current Islamophobia post-9/11,” Pakistan Prime Minister Imran Khan posted on social media. “1.3 billion Muslims have collectively been blamed for any act of terror.”

Al-Azhar University, Egypt’s 1000-year-old seat of Sunni Islamic learning, said the attacks had “violated the sanctity of the houses of God”.

“We warn the attack is a dangerous indicator of the dire consequences of escalating hate speech, xenophobia, and the spread of Islamophobia.”

Six Indonesians had been inside one of the mosques, with three managing to escape and three unaccounted for, its foreign minister said.

Afghanistan’s ambassador said on Twitter three Afghans had been wounded. Two Malaysians were wounded, their foreign ministry said.

Muslims account for just over 1 percent of New Zealand’s population, a 2013 census showed.

‘FIRING WENT ON AND ON’

The online footage, which appeared to have been captured on a camera strapped to a gunman’s head, showed him driving as music played in his vehicle. After parking, he took two guns and walked a short distance to the mosque where he opened fire.

Over the course of five minutes, he repeatedly shot worshippers, leaving more than a dozen bodies in one room alone. He returned to the car during that period to change guns, and went back to the mosque to shoot anyone showing signs of life.

One man, with blood still on his shirt, said in a television interview that he hid from a gunman under a bench and prayed that he would run out of bullets.

“I was just praying to God and hoping our God, please, let this guy stop” Mahmood Nazeer told TVNZ.

“The firing went on and on. One person with us had a bullet in her arm. When the firing stopped, I looked over the fence, there was one guy, changing his gun.”

The video shows the gunman then driving off at high speed and firing from his car. Another video, taken by someone else, showed police apprehending a gunman on a pavement by a road.

Police said improvised explosive devices were found. The gunman’s video had shown red petrol canisters in the back of his car, along with weapons.

The Bangladesh cricket team is in Christchurch to play New Zealand in a third cricket test starting on Saturday.

“They were on the bus, which was just pulling up to the mosque when the shooting begun,” Mario Villavarayen, a team coach, told Reuters in a message. “They are shaken but good.”

The third cricket test was canceled, New Zealand Cricket said later.

Violent crime is rare in New Zealand and police do not usually carry guns. Britain’s Queen Elizabeth, the head of state of New Zealand, said she was deeply saddened by the shootings.

Before Friday, New Zealand’s worst mass shooting was in 1990 when a gun-mad loner killed 13 men, women and children in a 24-hour rampage in the tiny seaside village of Aramoana. He was killed by police.

(Additional reporting by Tom Westbrook, John Mair and Swati Pandey in Sydney, Ruma Paul in Dhaka and Michael Holden in London; Writing by Micheal Perry; Editing by Robert Birsel and Nick Macfie)

NewsGuard’s ‘real news’ seal of approval helps spark change in fake news era

Facebook CEO Mark Zuckerberg is surrounded by members of the media as he arrives to testify before a Senate Judiciary and Commerce Committees joint hearing regarding the company’s use and protection of user data, on Capitol Hill in Washington, U.S., April 10, 2018. REUTERS/Leah Millis TPX IMAGES OF THE DAY

By Kenneth Li

NEW YORK (Reuters) – More than 500 news websites have made changes to their standards or disclosures after getting feedback from NewsGuard, a startup that created a credibility ratings system for news on the internet, the company told Reuters this week.

The latest major news organization to work with the company is Britain’s Daily Mail, according to NewsGuard, which upgraded what it calls its “nutrition label” rating on the paper’s site to “green” on Thursday, indicating it “generally maintains basic standards of accuracy and accountability.”

A representative of the Daily Mail did not respond to several requests for comment.

NewsGuard markets itself as an independent arbiter of credible news. It was launched last year by co-chief executives Steven Brill, a veteran U.S. journalist who founded Brill’s Content and the American Lawyer, and Gordon Crovitz, a former publisher of News Corp’s Wall Street Journal.

NewsGuard joins a handful of other groups such as the Trust Project and the Journalism Trust Initiative which aim to help readers discern which sites are credible when many readers have trouble distinguishing fact from fiction.

After facing anger over the rapid spread of false news in the past year or so, Facebook Inc and other tech companies also say they have recruited more human fact checkers to identify and sift out some types of inaccurate articles.

These efforts were prompted at least in part by the 2016 U.S. presidential election when Facebook and other social media sites were used to disseminate many false news stories.

The company has been criticized by Breitbart News, a politically conservative site, which described NewsGuard as “the establishment media’s latest effort to blacklist alternative media sites.”

The way NewsGuard works is this: red or green shield-shaped labels are visible in a web browser window when looking at a news website if a user downloads NewsGuard’s software from the web. The software is free and works with the four leading browsers: Google’s Chrome, Microsoft Corp’s Edge, Mozilla’s Firefox and Apple Inc’s Safari.

‘CALL EVERYONE FOR COMMENT’

NewsGuard’s investors include the French advertising company Publicis Groupe SA and the non-profit Knight Foundation. Thomas Glocer, the former chief executive of Thomson Reuters, owns a smaller stake, according to NewsGuard’s website. News sites do not pay the company for its service.

The startup said it employs 35 journalists who have reviewed and published labels on about 2,200 sites based on nine journalistic criteria such as whether the site presents information responsibly, has a habit of correcting errors or discloses its ownership and who is in charge of the content.

News sites field questions if they choose to from NewsGuard journalists about its performance on the nine criteria.

“We call everyone for comment which algorithms don’t do,” Brill said in an interview, highlighting the difference between NewsGuard’s verification process with the computer code used by Alphabet Inc’s Google and Facebook in bringing new stories to the attention of users.

Some news organizations have clarified their ownership, financial backers and identity of their editorial staff after interacting with the company, NewsGuard said.

GateHouse Media, which publishes more than 140 local newspapers such as the Austin American-Statesman and Akron Beacon Journal, made changes to how it identifies sponsored content that may appear to be objective reporting but is actually advertising, after being contacted by NewsGuard.  

“We made our standards and practices more prominent and consistent across our digital 460 news brands across the country,” said Jeff Moriarty, GateHouse’s senior vice president of digital.

Reuters News, which earned a green rating on all nine of NewsGuard’s criteria, added the names and titles of its editorial leaders to the Reuters.com website after being contacted by NewsGuard, a Reuters spokesperson said.

NewsGuard upgraded the Daily Mail’s website rating on Thursday to green after giving it a red label in August, when it stated that the site “repeatedly publishes false information and has been forced to pay damages in numerous high-profile cases.”

The Daily Mail objected to that description, and started discussions with NewsGuard in January after the red label became visible for mobile users of Microsoft’s Edge browser, NewsGuard said.

NewsGuard has made public many details of its exchange with the Daily Mail on its website.

“We’re not in the business of trying to give people red marks,” Brill said. “The most common side effect of what we do is for news organizations to improve their journalistic practices.”

(Reporting by Kenneth Li; editing by Bill Rigby)

Zuckerberg plans to integrate WhatsApp, Instagram and Facebook Messenger

Silhouettes of mobile users are seen next to a screen projection of Instagram logo in this picture illustration taken March 28, 2018. REUTERS/Dado Ruvic/Illustration

(Reuters) – Facebook Inc Chief Executive Officer Mark Zuckerberg is planning to unify the underlying messaging infrastructure of its WhatsApp, Instagram and Facebook Messenger services and incorporate end-to-end encryption to these apps, the New York Times reported on Friday.

The three services will, however, continue as stand alone apps, the report said, citing four people involved in the effort.

The company is still in the early stages of the work and plans to complete it by the end of this year or in early 2020, the report said.

Facebook did not immediately respond to a request for comment.

After the changes, a Facebook user, for instance, will be able to send an encrypted message to someone who has only a WhatsApp account, according to the report.

End-to-end encryption protects messages from being viewed by anyone except the participants in the conversation.

(Reporting by Munsif Vengattil in Bengaluru; Editing by Shinjini Ganguli)

U.S. bill seeks to give Americans more control over online data

Senator Marco Rubio (R-FL) speaks to reporters before a series of votes on legislation ending U.S. military support for the war in Yemen on Capitol Hill in Washington, U.S., December 13, 2018. REUTERS/Joshua Roberts/File Photo

WASHINGTON (Reuters) – U.S. Senator Marco Rubio introduced a bill on Wednesday aimed at giving Americans more control over information that online companies like Facebook Inc and Alphabet Inc’s Google collect on their location, financial data, job history or biometric data like fingerprints.

Lawmakers from both parties have criticized the tech giants and others over data breaches, a lack of online privacy options and concern about political bias.

Congress has been expected to pass some sort of online privacy bill to pre-empt a stringent law passed by California.

Rubio’s bill, which would pre-empt the California law if passed by Congress, would require consumer protection regulator the Federal Trade Commission to draw up rules for companies to follow that are based on the Privacy Act of 1974, with a goal of having them in place within 18 months of the Republican senator’s bill becoming law.

The bill won early praise from Marc Rotenberg, president of the independent Electronic Privacy Information Center. “Senator Rubio has put forward a very good proposal to address growing concerns about privacy protection. The federal Privacy Act is also the right starting point,” he said.

The 1974 measure requires government agencies to give public notice of what records they keep, prohibits most disclosures of records unless the person gives written consent and gives people a way to fix inaccurate records.

Three lawmakers on the Senate Commerce, Science and Transportation Committee – Republicans John Thune and Jerry Moran and Democrat Richard Blumenthal – talked about potential privacy legislation last year.

The Washington-based Center for Democracy and Technology proposed a bill in December that strictly limits the collection of biometric and location information and calls for punishment by fines.

In November, Intel Corp began seeking public comment on a bill it drafted that would shield companies from fines if they attest to the FTC that they have strong data protection measures.

(Reporting by Diane Bartz, Editing by Rosalba O’Brien)

Facebook discovers bug that may have affected up to 6.8 million users

FILE PHOTO: The entrance sign to Facebook headquarters is seen in Menlo Park, California, on Wednesday, October 10, 2018. REUTERS/Elijah Nouvelage/File Photo

(Reuters) – Facebook Inc said on Friday it has discovered a bug that may have affected up to 6.8 million people who used Facebook login to grant permission to third-party apps to access photos.

The company said in a blog that the problem has been fixed but that it may have affected up to 1,500 apps built by 876 developers.

Facebook said some third-party apps may have gained access to a broader set of photos than usual for 12 days between Sept. 13 to Sept. 25.

The bug is the latest in a string of privacy problems the tech giant disclosed this year, including the massive Cambridge Analytica data scandal in April and a data breach of nearly 30 million accounts in October.

Facebook shares were down 1.3 percent at $143.07 in early trading on Friday. The Nasdaq composite index <.IXIC> fell 0.9 percent.

(Reporting by Angela Moon in New York Arjun Panchadar in Bengaluru; Editing by Arun Koyyur and Bill Trott)

Special Report: How Iran spreads disinformation around the world

FILE PHOTO: Iran's national flags are seen on a square in Tehran

By Jack Stubbs and Christopher Bing

LONDON/WASHINGTON (Reuters) – Website Nile Net Online promises Egyptians “true news” from its offices in the heart of Cairo’s Tahrir Square, “to expand the scope of freedom of expression in the Arab world.”

Its views on America do not chime with those of Egypt’s state media, which celebrate Donald Trump’s warm relations with Cairo. In one recent article, Nile Net Online derided the American president as a “low-level theater actor” who “turned America into a laughing stock” after he attacked Iran in a speech at the United Nations.

Until recently, Nile Net Online had more than 115,000 page-followers across Facebook, Twitter and Instagram. But its contact telephone numbers, including one listed as 0123456789, don’t work. A Facebook map showing its location dropped a pin onto the middle of the street, rather than any building. And regulars at the square, including a newspaper stallholder and a policeman, say they have never heard of the website.

The reason: Nile Net Online is part of an influence operation based in Tehran.

It’s one of more than 70 websites found by Reuters which push Iranian propaganda to 15 countries, in an operation that cybersecurity experts, social media firms and journalists are only starting to uncover. The sites found by Reuters are visited by more than half a million people a month and have been promoted by social media accounts with more than a million followers.

The sites underline how political actors worldwide are increasingly circulating distorted or false information online to influence public opinion. The discoveries follow allegations that Russian disinformation campaigns have swayed voters in the United States and Europe. Advisers to Saudi Arabia’s crown prince and the army in Myanmar are also among those using social media to distribute propaganda and attack their enemies. Moscow has denied the charges; Riyadh and Yangon have not commented.

Former CIA director John Brennan told Reuters that “countries around the globe” are now using such information warfare tactics.

“The Iranians are sophisticated cyber players,” he said of the Iranian campaign. “There are elements of the Iranian intelligence services that are rather capable in terms of operating (online).”

Traced by building on research from cybersecurity firms FireEye and ClearSky, the sites in the campaign have been active at different times since 2012. They look like normal news and media outlets, but only a couple disclose any Iranian ties.

Reuters could not determine whether the Iranian government is behind the sites; Iranian officials in Tehran and London did not reply to questions.

But all the sites are linked to Iran in one of two ways. Some carry stories, video and cartoons supplied by an online agency called the International Union of Virtual Media (IUVM), which says on its website it is headquartered in Tehran. Some have shared online registration details with IUVM, such as addresses and phone numbers. Twenty-one of the websites do both.

Emails sent to IUVM bounced back and telephone numbers the agency gave in web registration records did not work. Documents available on the main IUVM website say its objectives include “confronting with remarkable arrogance, western governments and Zionism front activities.”

Nile Net Online did not respond to questions sent to the email address on its website. Its operators, as well as those of the other websites identified by Reuters, could not be located. Previous owners identified in historical registration records could not be reached. The Egyptian government did not respond to requests for comment.

“UNSPOKEN TRUTH”

Some of the sites in the Iranian operation were first exposed in August by companies including Facebook, Twitter and Google’s parent, Alphabet after FireEye found them. The social media companies have closed hundreds of accounts that promoted the sites or pushed Iranian messaging. Facebook said last month it had taken down 82 pages, groups and accounts linked to the Iranian campaign; these had gathered more than one million followers in the United States and Britain.

But the sites uncovered by Reuters have a much wider scope. They have published in 16 different languages, from Azerbaijani to Urdu, targeting Internet users in less-developed countries. That they reached readers in tightly controlled societies such as Egypt, which has blocked hundreds of news websites since 2017, highlights the campaign’s reach.

The Iranian sites include:

* A news site called Another Western Dawn which says its focus is on “unspoken truth.” It fooled the Pakistani defense minister into issuing a nuclear threat against Israel; * Ten outlets targeting readers in Yemen, where Iran andU.S. ally Saudi Arabia have been fighting a proxy conflict since civil war broke out in 2015; * A media outlet offering daily news and satirical cartoons in Sudan. Reuters could not reach any of its staff; * A website called Realnie Novosti, or “Real News,” for Russian readers. It offers a downloadable mobile phone app but its operator could not be traced. The news on the sites is not all fake. Authentic stories sit alongside pirated cartoons, as well as speeches from Iran’s Supreme Leader Ayatollah Ali Khamenei. The sites clearly support Iran’s government and amplify antagonism to countries opposed to Tehran – particularly Israel, Saudi Arabia and the United States. Nile Net’s “laughing stock” piece was copied from an Iranian state TV network article published earlier the same day.

Some of the sites are slapdash. The self-styled, misspelled “Yemen Press Agency” carries a running update of Saudi “crimes against Yemenis during the past 24 hours.” Emails sent to the agency’s listed contact, Arafat Shoroh, bounced back. The agency’s address and phone number led to a hotel in the Yemeni capital, Sana’a, whose staff said they had never heard of Shoroh.

The identity or location of the past owners of some of the websites is visible in historical Internet registration records: 17 of 71 sites have in the past listed their locations as Iran or Tehran, or given an Iranian telephone or fax number. But who owns them now is often hidden, and none of the Iranian-linked operators could be reached.

More than 50 of the sites use American web service providers Cloudflare and OnlineNIC – firms that provide website owners with tools to shield themselves from spam and hackers. Frequently, such services also effectively conceal who owns the sites or where they are hosted. The companies declined to tell Reuters who operates the sites.

Under U.S law, hosting and web services companies are not generally liable for the content of sites they serve, said Eric Goldman, co-director of the High Tech Law Institute at Santa Clara University. Still, since 2014, U.S. sanctions on Iran have banned “the exportation or re-exportation, directly or indirectly, of web-hosting services that are for commercial endeavors or of domain name registration services.”

Douglas Kramer, general counsel for Cloudflare, said the services it provides do not include web-hosting services. “We’ve looked at those various sanctions regimes, we are comfortable that we are not in violation,” he told Reuters.

A spokesman for OnlineNIC said none of the sites declared a connection to Iran in their registration details, and the company was in full compliance with U.S. sanctions and trade embargoes.

The U.S. Treasury’s Office of Foreign Assets Control (OFAC) declined to comment on whether it planned an investigation.

ANOTHER WESTERN DAWN

The Kremlin is widely seen as the superpower in modern information warfare. From what is known so far, Russia’s influence operation – which Moscow denies – dwarfs Iran’s. According to Twitter, nearly 4,000 accounts connected to the Russian campaign posted over 9 million tweets between 2013 and 2018, against over 1 million tweets from fewer than 1,000 accounts believed to originate in Iran.

Even though the Iranian operation is smaller, it has had impact on volatile topics. AWDnews – the site with the focus on “unspoken truth” – ran a false story in 2016 which prompted Pakistan’s defense minister to warn on Twitter he had the weapons to nuke Israel. He only found out that the hoax was part of an Iranian operation when contacted by Reuters.

“It was a learning experience,” said the deceived politician, 69-year-old Khawaja Asif, who left Pakistan’s government earlier this year. “But one can understand that these sorts of things happen because fake news has become something huge. It’s something which anyone is capable of now, which is very dangerous.”

Israeli officials did not respond to a request for comment.

AWDnews publishes in English, French, Spanish and German and, according to data from web analytics company SimilarWeb, receives around 12,000 unique visitors a month. Among others who shared stories from AWDnews and the other websites identified by Reuters were politicians in Britain, Jordan, India, and the Netherlands; human-rights activists; an Indian music composer and a Japanese rap star.

In August 2015, an official account for a European department of the World Health Organization (WHO) tweeted an AWDnews story. Annalisa Buoro, secretary for the WHO’s European Office for Investment for Health and Development, said the person running the department’s Twitter account at the time did not know the website was part of an Iranian campaign.

She said the tweet had gone out when the account had a relatively small following, limiting the damage, but “on the other hand, I am very concerned … because as a UN agency we have a huge responsibility.”

JOBS FOR WOMEN

FireEye, a U.S. cybersecurity firm, originally named six websites as part of the Iranian influence operation. Reuters examined those sites, and their content led to the Tehran-based International Union of Virtual Media.

IUVM is an array of 11 websites with names such as iuvmpress, iuvmapp and iuvmpixel. Together, they form a library of digital material, including mobile phone apps, items from Iranian state media and pictures, video clips and stories from elsewhere on the web, which support Tehran’s policies.

Tracking usage of IUVM content across the Internet led to sites which have used its material, registration details, or both. For instance, 22 of the sites have shared the same phone number, which does not work and has also been listed for IUVM. At least seven have used the same address, which belongs to a youth hostel in Berlin. Staff at the hostel told Reuters they had never heard of the sites in question. The site operators could not be reached to explain their links with IUVM.

Two sites even posted job advertisements for IUVM, inviting applications from women with “ability to work effectively and knowledge in dealing with social networks and (the) Internet.”

DEMOLISHED HOME

One of IUVM’s most popular users is a site called Sudan Today, which SimilarWeb data shows receives almost 150,000 unique visitors each month. On Facebook, it tells its 57,000 followers that it operates without political bias. Its 18,000 followers on Twitter have included the Italian Embassy in Sudan, and its work has been cited in a report by the Egyptian Electricity Ministry.

The office address registered for Sudan Today in 2016 covers a whole city district in north Khartoum, according to archived website registration details provided by WhoisAPI Inc and DomainTools LLC. The phone number listed in those records does not work.

Reuters could not trace staff members named on Sudan Today’s Facebook page. The five-star Corinthia hotel in central Khartoum, where the site says it hosted an anniversary party last year, told Reuters no such event took place. And an address listed on one of its social media accounts is a demolished home.

Sudan used to be an Iranian ally but has changed sides to align itself with Saudi Arabia, costing Tehran a foothold in the Horn of Africa just as it becomes more isolated by the West. In that environment, Iran sees itself as competing with Israel, Saudi Arabia and the United States for international support, and is taking the fight online, said Ariane Tabatabai, a senior associate and Iran expert at the Center for Strategic and International Studies in Washington, D.C.

Headlines on Sudan Today’s homepage include a daily round-up of stories from local newspapers and Ugandan soccer results. It also features reports on bread prices – which doubled in January after Khartoum eliminated subsidies, triggering demonstrations.

Ohad Zaidenberg, senior researcher at Israeli cybersecurity firm ClearSky, said this mixture of content provides the cover for narratives geared at influencing a target audience’s attitudes and perceptions.

The site also draws attention to Saudi Arabia’s military actions in Yemen. Since Sudanese President Omar al-Bashir ended his allegiance with Iran he has sent troops and jets to join Saudi-led forces in the Yemeni conflict.

One cartoon from IUVM published by Sudan Today in August shows Donald Trump astride a military jet with an overflowing bag of dollar bills tucked under one arm. The jet is draped with traditional Saudi dress and shown dropping bombs on a bloodstained map of Yemen. The map is littered with children’s toys and shoes.

Turkish cartoonist Mikail Çiftçi drew the original. He told Reuters he did not give Sudan Today permission to use it.

Alnagi Albashra, a 28-year-old software developer in Khartoum, said he likes to read articles on Sudan Today in the evenings when waiting for his baby to fall asleep. But he and three other Sudan Today readers reached by Reuters had no idea who was behind the site.

“This is a big problem,” he said. “You can’t see that they are not in Sudan.”

Government officials in Khartoum, the White House, the Italian Embassy and the Egyptian Electricity Ministry did not respond to requests for comment.

BACKBONE

It is unclear who globally is tasked with responding to online disinformation campaigns like Iran’s, or what if any action they should take, said David Conrad, chief technology officer at ICANN, a non-profit which helps manage global web addresses.

Social media accounts can be deleted in bulk by the firms that provide the platforms. But the Iranian campaign’s backbone of websites makes it harder to dismantle than social media because taking down a website often requires the cooperation of law enforcement, Internet service providers and web infrastructure companies.

Efforts by social media companies in the United States and Europe to tackle the campaign have had mixed results.

Shortly after being contacted by Reuters, Twitter suspended the accounts for Nile Net Online and Sudan Today. “Clear attribution is very difficult,” a spokeswoman said but added that the company would continue to update a public database of tweets and accounts linked to state-backed information operations when it had new information.

Google did not respond directly to questions about the websites found by Reuters. The company has said it identified and closed 99 accounts which it says are linked to Iranian state media. “We’ve invested in robust systems to identify influence operations launched by foreign governments,” a spokeswoman said.

Facebook said it was aware of the websites found by Reuters and had removed five more Facebook pages. But a spokesman said that based on Facebook user data, the company was not yet able to link all the websites’ accounts to the Iranian activity found earlier. “In the past several months, we have removed hundreds of Pages, Groups, and accounts linked to Iranian actors engaging in coordinated inauthentic behavior. We continue to remove accounts across our services and in all relevant languages,” he said.

Accounts linked to the Iranian sites remain active online, especially in languages other than English. On Nov. 30, 16 of the Iranian sites were still posting daily updates on Facebook, Twitter, Instagram or YouTube – including Sudan Today and Nile Net Online. Between them, the social media accounts had more than 700,000 followers.

(Additional reporting by Nadine Awadalla in Cairo, Erich Knecht and Khalid Abdelaziz in Khartoum, Bozorgmehr Sharafedin Nouri and Ryan McNeill in London; Edited by Sara Ledwith)

Facebook unearths security breach affecting 50 million users

FILE PHOTO: A 3D-printed Facebook logo is seen in front of displayed binary digits in this illustration taken March 18, 2018. REUTERS/Dado Ruvic/Illustration/File Photo

By Munsif Vengattil, Arjun Panchadar and Paresh Dave

(Reuters) – Facebook Inc said on Friday that hackers had discovered a security flaw that allowed them to take over up to 50 million user accounts, a major breach that adds to a bruising year for the company’s reputation.

Facebook, which has more than 2 billion monthly active users, said it has been unable to determine yet whether the attackers misused any of the affected accounts or stole private information.

Facebook made headlines earlier this year after the data of 87 million users was improperly accessed by Cambridge Analytica, a political consultancy. The disclosure has prompted government inquiries into the company’s privacy practices across the world, and fueled a “#deleteFacebook” movement among consumers.

Shares in Facebook fell more than 3 percent in afternoon trading, weighing on major Wall Street stock indexes.

The latest vulnerability had existed since July 2017, but Facebook did not discover it until this month when it spotted an unusual increase in use of its “view as” feature.

“View as” allows users to see what their own profile looks like to someone else. The flaw inadvertently issued users of the tool a digital code, similar to browser cookie, that could be used to post from and browse Facebook as if they were someone else.

The company said it fixed the issue on Thursday. It also notified the U.S. Federal Bureau of Investigation, Department of Homeland Security and Irish data protection authority about the breach.

Facebook reset the digital keys of the 50 million affected accounts, and as a precaution reset those keys for another 40 million that have been looked up through the “view as” option over the last year.

About 90 million people will have to log back into Facebook or any of their apps that use a Facebook login, the company said.

Facebook is also temporarily disabling “view as,” it said.

In 2013, Facebook disclosed a software flaw that exposed 6 million users’ phone numbers and email addresses to unauthorized viewers for a year, while a technical glitch in 2008 revealed confidential birth-dates on 80 million Facebook users’ profiles.

(Reporting by Munsif Vengattil and Arjun Panchadar in Bengaluru, Paresh Dave in San Francisco; Editing by Sai Sachin Ravikumar and Meredith Mazzilli)

Facebook, Google to tackle spread of fake news, advisors want more

FILE PHOTO - Commuters walk past an advertisement discouraging the dissemination of fake news at a train station in Kuala Lumpur, Malaysia March 28, 2018. REUTERS/Stringer

By Foo Yun Chee

BRUSSELS (Reuters) – Facebook, Google, and other tech firms have agreed on a code of conduct to do more to tackle the spread of fake news, due to concerns it can influence elections, the European Commission said on Wednesday.

Intended to stave off more heavy-handed legislation, the voluntary code covers closer scrutiny of advertising on accounts and websites where fake news appears, and working with fact checkers to filter it out, the Commission said.

But a group of media advisors criticized the companies, also including Twitter and lobby groups for the advertising industry, for failing to present more concrete measures.

With EU parliamentary elections scheduled for May, Brussels is anxious to address the threat of foreign interference during campaigning. Belgium, Denmark, Estonia, Finland, Greece, Poland, Portugal, and Ukraine are also all due to hold national elections next year.

Russia has faced allegations – which it denies – of disseminating false information to influence the U.S. presidential election and Britain’s referendum on European Union membership in 2016, as well as Germany’s national election last year.

The Commission told the firms in April to draft a code of practice or face regulatory action over what it said was their failure to do enough to remove misleading or illegal content.

European Digital Commissioner Mariya Gabriel said on Wednesday that Facebook, Google, Twitter, Mozilla, and advertising groups – which she did not name – had responded with several measures.

“The industry is committing to a wide range of actions, from transparency in political advertising to the closure of fake accounts and …we welcome this,” she said in a statement.

The steps also include rejecting payment from sites that spread fake news, helping users understand why they have been targeted by specific ads, and distinguishing ads from editorial content.

But the advisory group criticized the code, saying the companies had not offered measurable objectives to monitor its implementation.

“The platforms, despite their best efforts, have not been able to deliver a code of practice within the accepted meaning of effective and accountable self-regulation,” the group said, giving no further details.

Its members include the Association of Commercial Television in Europe, the European Broadcasting Union, the European Federation of Journalists and International Fact-Checking Network, and several academics.

(Reporting by Foo Yun Chee; editing by Philip Blenkinsop and John Stonestreet)

Air strike warning app helps Syrians dodge death from the skies

Dave Levin, one of two co-founders of Hala System, an early warning alert system linked to sirens inside rebel-held areas in Syria that warns people ahead of an airstrike, displays the mobile phone application of Sentry at his office in Turkey September 11, 2018. REUTERS/Umit Bektas

By Sarah Dadouch

ISTANBUL (Reuters) – A Russian military aircraft thunders into the skies at 4.47 pm from Russia’s air base at Hmeimim in western Syria, veering to the east.

An observer takes note of all three details, opens a phone app and enters the information into three designated fields.

Fourteen minutes later and 100 kilometers away, Abdel Razzaq sees the aircraft flying over his town of Maaret al-Numan. He opens his own app and types: Maaret al-Numan, Russian military aircraft, headed northeast.

The data is processed by a program, known as Sentry, that estimates the plane’s trajectory and sends a warning, triggering Facebook and Telegram messages, Tweets and, most importantly, loud sirens throughout cities in opposition-held Syria.

Air strikes have been a fact of daily life for millions of Syrians living in rebel-held areas, becoming far more intense since Russia joined the war in 2015.

Before Sentry was introduced, the main warning people had of an air strike was when they heard the planes themselves — when it was already too late, said Omayya, 50, who was displaced from Aleppo to its northwestern countryside.

“There was no use for one to do anything. Sometimes we would actually see the barrels as they fell,” she said by Skype, referring to the barrel bombs — oil drums filled with shrapnel and explosives — dropped across rebel areas. “We would watch and see the barrels fall and the children would cry.”

Omayya attended a course run by volunteers about Sentry and how best to survive air strikes. She now knows to open her window so blast pressure doesn’t shatter the glass and that her bathroom, in the middle of the house, is the best place to hide.

John Jaeger and Dave Levin, co-founders of Hala System, an early warning alert system linked to sirens inside rebel-held areas in Syria that warns people ahead of an airstrike, work at their office in Turkey September 11, 2018. REUTERS/Umit Bektas

John Jaeger and Dave Levin, co-founders of Hala System, an early warning alert system linked to sirens inside rebel-held areas in Syria that warns people ahead of an airstrike, work at their office in Turkey September 11, 2018. REUTERS/Umit Bektas

The volunteers taught Omayya’s six grandchildren, three of whose fathers have died, what to do if they are told an air strike may hit their school. Naela, one of the volunteers, said they trained children to duck under desks and curl up in the fetal position if they hear the alarm. If the warning is early enough, teachers can take the children down to basements.

Women have emerged as one of the main targets of the campaign, Naela said: “Women always carry their mobiles with them, so they get the message wherever they are, whether they are at home, in the kitchen, with their neighbor.”

The warning system was founded by two Americans, John Jaeger and his business partner Dave Levin, after Jaeger had held a job working with Syrian civilians for the U.S. State Department.

“I recognized that the biggest threat to peace inside of Syria was the indiscriminate bombing of civilians,” Jaeger explained. “We simply thought that there was more that the international community could and should do to warn civilians in advance of this indiscriminate violence.”

Their company, Hala Systems, says it has received funding from countries including Britain, Canada, the Netherlands and the United States as well as private donors.

The White Helmet rescue workers operating in opposition-held Syria work with Sentry to operate and maintain air raid sirens.

“Before, whenever there was bombardment, we wouldn’t have knowledge of a strike until the wounded reach us,” said Yousef, a 23-year old nurse in a field hospital outside Aleppo.

“But now with Sentry, we immediately find out through our mobile that a strike happened. So we know that it’s in this area, where there are civilians. So we know there are wounded for sure.” The hospital can notify doctors, make sure materials are prepped, and wait for the wounded.

“We hugely depend on (the system) because it’s become the foundation of our work,” he said.

Around three million people live in Syria’s last major rebel stronghold in northwest Syria. Half are already displaced, having fled government advances in other parts of Syria.

In preparation for an expected army offensive, civilians have been readying food and digging shelters. Some even improvised gas masks in case of chemical attacks.

PLANE SPOTTING

Last week, the Syrian government and allied forces resumed air and ground bombardments, although recent days have been relatively quiet, said Abdel Razzaq, who watches for aircraft and enters the information into the Sentry app.

He clicks on the image of a plane to identify what type of aircraft he saw. He chooses the location and what the plane is doing or where it’s headed. This dispatches messages on channels like Telegram, sometimes with time-stamped warnings for specific towns and villages.

“9:37 pm: Shahshabo Mountain – transport aircraft now heading northeast. Can reach the following areas: Maaret al-Numan: two minutes from now/ Kafranbel: one minute from now.”

A former English teacher, Abdel Razzaq has been diligently watching planes since 2011, later joining Sentry as an observer.

“We’re a bunch of guys who are everywhere. Each of us holds a specific district,” he said. “We see the plane, the type of plane, with the naked eye and then send the warning.”

As well as providing warning of attacks that come out of the blue, the system has also helped indicate brief pauses during more sustained attacks, said Hala Systems co-founder Levin. During the offensive on Ghouta, near Damascus, earlier this year, civilians relied on the system to time their brief forays from basements and shelters to get food and water.

“That was a big relief for us, that we were actually having impact even when it’s raining bombs,” Levin said.

(Editing by Dominic Evans and Peter Graff)

Exclusive: Iran-based political influence operation – bigger, persistent, global

FILE PHOTO: Silhouettes of mobile users are seen next to a screen projection of Instagram logo in this picture illustration taken March 28, 2018. REUTERS/Dado Ruvic/Illustration

By Jack Stubbs and Christopher Bing

LONDON/WASHINGTON (Reuters) – An apparent Iranian influence operation targeting internet users worldwide is significantly bigger than previously identified, Reuters has found, encompassing a sprawling network of anonymous websites and social media accounts in 11 different languages.

Facebook and other companies said last week that multiple social media accounts and websites were part of an Iranian project to covertly influence public opinion in other countries. A Reuters analysis has identified 10 more sites and dozens of social media accounts across Facebook, Instagram, Twitter and YouTube.

U.S.-based cybersecurity firm FireEye Inc and Israeli firm ClearSky reviewed Reuters’ findings and said technical indicators showed the web of newly-identified sites and social media accounts – called the International Union of Virtual Media, or IUVM – was a piece of the same campaign, parts of which were taken down last week by Facebook Inc, Twitter Inc and Alphabet Inc.

IUVM pushes content from Iranian state media and other outlets aligned with the government in Tehran across the internet, often obscuring the original source of the information such as Iran’s PressTV, FARS news agency and al-Manar TV run by the Iran-backed Shi’ite Muslim group Hezbollah.

PressTV, FARS, al-Manar TV and representatives for the Iranian government did not respond to requests for comment. The Iranian mission to the United Nations last week dismissed accusations of an Iranian influence campaign as “ridiculous.”

The extended network of disinformation highlights how multiple state-affiliated groups are exploiting social media to manipulate users and further their geopolitical agendas, and how difficult it is for tech companies to guard against political interference on their platforms.

In July, a U.S. grand jury indicted 12 Russians whom prosecutors said were intelligence officers, on charges of hacking political groups in the 2016 U.S. presidential election. U.S. officials have said Russia, which has denied the allegations, could also attempt to disrupt congressional elections in November.

Ben Nimmo, a senior fellow at the Atlantic Council’s Digital Forensic Research Lab who has previously analyzed disinformation campaigns for Facebook, said the IUVM network displayed the extent and scale of the Iranian operation.

“It’s a large-scale amplifier for Iranian state messaging,” Nimmo said. “This shows how easy it is to run an influence operation online, even when the level of skill is low. The Iranian operation relied on quantity, not quality, but it stayed undetected for years.”

FURTHER INVESTIGATIONS

Facebook spokesman Jay Nancarrow said the company is still investigating accounts and pages linked to Iran and had taken more down on Tuesday.

“This is an ongoing investigation and we will continue to find out more,” he said. “We’re also glad to see that the information we and others shared last week has prompted additional attention on this kind of inauthentic behavior.”

Twitter referred to a statement it tweeted on Monday shortly after receiving a request for comment from Reuters. The statement said the company had removed a further 486 accounts for violating its terms of use since last week, bringing the total number of suspended accounts to 770.

“Fewer than 100 of the 770 suspended accounts claimed to be located in the U.S. and many of these were sharing divisive social commentary,” Twitter said.

Google declined to comment but took down the IUVM TV YouTube account after Reuters contacted the company with questions about it. A message on the page on Tuesday said the account had been “terminated for a violation of YouTube’s Terms of Service.”

IUVM did not respond to multiple emails or social media messages requesting comment.

The organization does not conceal its aims, however. Documents on the main IUVM website  said its headquarters are in Tehran and its objectives include “confronting with remarkable arrogance, western governments, and Zionism front activities.”

APP STORE AND SATIRICAL CARTOONS

IUVM uses its network of websites – including a YouTube channel, breaking news service, mobile phone app store, and a hub for satirical cartoons mocking Israel and Iran’s regional rival Saudi Arabia – to distribute content taken from Iranian state media and other outlets which support Tehran’s position on geopolitical issues.

Reuters recorded the IUVM network operating in English, French, Arabic, Farsi, Urdu, Pashto, Russian, Hindi, Azerbaijani, Turkish and Spanish.

Much of the content is then reproduced by a range of alternative media sites, including some of those identified by FireEye last week as being run by Iran while purporting to be domestic American or British news outlets.

For example, an article run by in January by Liberty Front Press – one of the pseudo-U.S. news sites exposed by FireEye – reported on the battlefield gains made by the army of Iranian ally Syrian President Bashar al-Assad. That article was sourced to IUVM but actually lifted from two FARS news agency stories.

FireEye analyst Lee Foster said iuvmpress.com, one of the biggest IUVM websites, was registered in January 2015 with the same email address used to register two sites already identified as being run by Iran. ClearSky said multiple IUVM sites were hosted on the same server as another website used in the Iranian operation.

(Reporting by Jack Stubbs in LONDON, Christopher Bing in WASHINGTON; Additional reporting by Bozorgmehr Sharafedin in LONDON; Editing by Damon Darlin and Grant McCool)