Facebook Login now required to view a business’ page

Update – 2020-09-11T06:55:00+12:00: Looks like as quietly Facebook snuck this in, they have since reversed this.

Alright, this makes me pretty unsettled. I’ve noticed today that If I now try to view any Facebook page of any given business, I’m now met with a login wall.

Its unsettling because more and more businesses recently seem to be moving exclusively to running a Faceborg business page as their only web presence.

Facebook Login now required to view a business’ page

Security Warning – Click Hijack investigation

Investigations so far suggest that there is some type of conditional redirect exploit/hijack being planted on many WordPress websites redirecting search engine referred visitors to fake award/survey sites such as “applefacetook”, “hurryexpectsugar”, “mouthtroubleask”, “ondiesmall”, “thendownmeat”, “makemodernfive”, “sayhitome”, “whateyeweight” among several others typically ending in a “.live” address. While this Hijack, as far as I have seen appear to predominantly affect WordPress websites, I wouldn’t be surprised to learn that this possibly affects other types of websites as well.

In my experience, for sites that are affected, to replicate…
(These most certainly could differ depending on the site affected)

  1. Prerequisites…
    • Needs to be done from an IP address that has yet to access the site in question. (e.g Mobile Data Connection, activate and deactivate airplane mode to get a new IP address)
    • Chrome or Firefox browser (Win 10 or Android) in Incognito Mode (No plugins). Reportedly in other variations of the exploit, it only occurs on Safari under iOS
  2. Search for your site in Google search
  3. Click on the search result that points to your website. Instead of loading up your website as expected, you get redirected to a hijack site.

The hijack will not fire If you access your site directly. This appears to be some conditional exploit based on visitors coming from Search Engines. (e.g by typing the site URL directly into the Address bar, you won’t get redirected) and it looks like it will only fire once per IP Address.

I probably should add that many so called WordPress vulnerability scanners online I’ve discovered aren’t even set up to detected this sort of hijack. The scanners based on “Securi” certainly will not detect this exploit, I’ve found.

Other resources…

Original Post (Old):
Noticing some apparent weird intermittent redirect hijack on the general web where some sites are allegedly redirecting to some dodgy website with names such as “mouthtroubleask”

Update – 2020-09-11T06:55:00+12:00: Added steps to replicate (from my own experience)

Update – 2020-09-12T18:20:00+12:00: Added note to mention that all of the online WordPress malware scanners I’ve tried won’t detect this sort of hijack.

 

 

Security Warning – Click Hijack investigation

Facebook Alleged Arbitrary Bans

Apparently when someone appears as deactivated in one’s friends list, this may not always be the case and can sometimes mean they’ve been thrown into Facebook Jail. Usually the first thing I noticed when a friend has their account deactivated (voluntarily or not) is that their profile picture has disappeared and then when you click on the friend’s profile, this message comes up…

Friends’ Facebook Account shows as deactivated, but she claims that Facebook has banned her. This friend also happened to be a huge fan / supporter / advocate for using Facebook.

Have had some friends over the years mentioning they were blocked without any sort of warning and it has taken ages, sometimes a month before they are allowed back on. Often they show up as being deactivated in my friends list.

This is a timely reminder that we shouldn’t rely solely on Facebook, run by a single for-profit company, as our sole means of staying in contact with Friends and Family, ever.

Remember, you aren’t the customer here (you don’t pay anything financially towards using Facebook), you’re the product being milked for your personal data.

I have been hearing more and more of these anecdotes and in behoves that people ensure they maintain a separate means of contact, least you end up like this guy mentioned in the Elliot Advocacy article, who has been unable to ever get his account back.

As an aside, a mass concerted movement off of Facebook I strongly feel is long past overdue. I would also even go as far as to state there is perhaps a moral obligation for the more tech inclined among us to lead the way and make the effort to make ourselves available on other (preferably federated, decentralized) platforms and gradually remove our dependence on Facebook for the purposes of staying in contact with friends and family.

 

 

Facebook Alleged Arbitrary Bans

Pi-Hole on a Raspberry Pi 4

Experimented with running Pi-hole on the Raspberry Pi 4 that I have.

5 Minutes in, Pi-Hole showing how tragically ad ridden the modern web has become.

The Set up at least for the more tech inclined is very easy, all you had to do was launch a command line prompt and type this command…

curl -sSL https://install.pi-hole.net | bash

After running it for an evening. Thoughts and findings so far…

  • Predominantly Does a DNS level block with a blocklist of known advertisement serving IP addresses.
  • YouTube is a moving target whereby ads are served from youtube.com itself and therefore very difficult to (completely) block with Pi-Hole.
  • Mobile devices with Ad laden apps will perhaps see the greatest reduction in ads.
  • The default configuration doesn’t block nearly as many ads as say uBlock Origin installed on Desktop Firefox. This is not a replacement to having Client side ad blocking.

Curiously noticed these appearing in the query-log…

  • www.collab.apps.mil
  • www.gov.teams.microsoft.us
  • www.dod.teams.microsoft.us

Why would Teams try and poll for these addresses is beyond me. It does raise a sufficient level of curiosity that I will be checking this out.

 

Pi-Hole on a Raspberry Pi 4