Posted on

Facebook slips, Snapchat grows among teens

Facebook slips, Snapchat grows among teens

By Larry Magid

This post first appeared in the San Jose Mercury News

Listen to Larry Magid’s CBS News Radio interview with the study’s lead author, Monica Anderson
[youtube https://www.youtube.com/watch?v=3ewLMYQr6tY]

A new survey from Pew Research found that Snapchat is now the social media app that teens use most often, followed closely by YouTube.

A slight majority (51 percent) still uses Facebook, but that’s down from 71 percent compared with Pew’s 2014-2015 survey.

The report, Teens, Social Media & Technology 2018 is based on a nationally representative sample of 1,058 parents and 743 teens.

Instagram, which is owned by Facebook, is growing among teens. It’s now used by 72 percent, up from 52 percent in 2015. Nearly seven in 10 (69 percent) of teens use Snapchat, up from 41 percent in 2015.

But the more interesting statistics aren’t so much the number of users of each service but the number of teens who use them most often.  Facebook was once the dominant platform for young Americans, but that honor now goes to Snapchat, which 32 percent of teens say they use most often. It’s followed by YouTube, which is the most commonly used app by 32 percent of teens followed by Instagram (15 percent) with Facebook at 10 percent and Twitter a distant 3 percent.

 

Although many teens post content to YouTube, most just use it to consume videos while other platforms are used by people who frequently post as well as consume content.

What I find interesting about these numbers is that the two most popular interactive services — Snapchat and Instagram — are different from Facebook in three important ways.

First, they are based around pictures and videos rather than words. Sure, you add text to your Snapchat and Instagram posts but the text is essentially a photo caption or an adjunct to a video.

The second is that users post to these apps almost exclusively from smartphones while Facebook can be fully accessed from either computer or a phone.

Finally, Snapchat and Instagram are more ephemeral than Facebook. Snapchat posts, by default, disappear shortly after they’re viewed, and an increasing number of Instagram users are taking advantage of its optional-stories posts which disappear after 24 hours. Although Facebook posts can be deleted, the default is for them to stay around forever.

Nearly all teens have smartphones

Another big reveal is that smartphone use among American teens is nearly ubiquitous, with 95 percent reporting they have or have access to a smartphone. That compares with 88 percent who say they have access to a computer at home. Unlike smartphone penetration, which is nearly universal, computer access correlates with income with 96 percent of teens from households with incomes of $75,000 or more a year having access to PCs compared with 75 percent of those in households with incomes below $30,000.

I don’t think this is just about affordability. You can purchase a low-end laptop for less than the cost of most smartphones and, unlike smartphones, you don’t need an expensive cellular plan to use them. Getting access to the internet only via smartphone has an impact on how it’s used, according to the 2016 report, Digital Equity: Technology and Learning in the Lives of Lower-Income Families. “Low- and moderate-income parents who only have Internet access via mobile phones are less likely to shop online (36% vs. 66% of those with home access), use online banking or bill-paying (49% vs 74%), apply for jobs or services online (42% vs. 56%), or follow local news online (70% vs. 82%). The same is true for their children, who are significantly less likely to look up information online about things they are interested in (35% vs. 52% with home access), or to use the internet daily (31% to 51%).”

Online constantly

One of the Pew findings that I find amazing is that 45 percent of teens say they’re online “almost constantly,” up from 24 percent in 2015. If you also count the 44 percent who say they go online “several times a day,” 89 percent are using the internet a lot.

Only 11 percent say they use it “less often,” such as once a day or several times a week. Girls are more likely (50 percent) to be online constantly compared with boys (39 percent) and the report said “Hispanic teens are more likely than whites to report using the internet almost constantly (54 percent vs. 41 percent).

The survey also found that most kids are gamers. According to the report, “84 percent of teens say they have access to a game console at home and 90% say they play video games of any kind,” whether on a computer, a phone or a console. Games are popular with both boys and girls, although 92 percent of boys have a console at home compared with 75 percent of girls. Income isn’t much of a barrier when it comes to games with 85 percent of teens with households earning less than $30,000 a year having access to a console at home.

Mixed impact on lives

The report points out that “teens have mixed views on the impact of social media on their lives.” Just under a third (31 percent) of teens say that social media has a mostly positive impact on their lives while nearly a fourth (24 percent) say its effect is mostly negative.

A bit under half (45 percent) say it has neither a positive nor negative impact. When asked to explain their views, a 14 year-old girl said, “I think social media has a positive effect because it lets you talk to family members far away.”

A 15-year-old girl said that she feels “social media can make people my age feel less lonely or alone. It creates a space where you can interact with people.”

Another 15-year-old girl said “It has given many kids my age an outlet to express their opinions and emotions, and connect with people who feel the same way.”

Yet, there were those who expressed negative thoughts such as a 13 year-old boy who commented, that it “gives people a bigger audience to speak and teach hate and belittle each other,” and a 15-year-old boy who said “People can say whatever they want with anonymity, and I think that has a negative impact.”

While almost all teens are users of connected technology, what this survey shows is that there is variance in both the types of social media they use and their attitudes toward it. As with all demographic groups, one size does not fit all, and not all teens speak with one voice when it comes to how social media is affecting them.

Larry Magid is CEO of ConnectSafely.org, a nonprofit internet safety organization that receives financial support from Facebook, Snapchat and other tech companies.

Source: Connect Safety

Posted on

Sharesniffer – Network Share Sniffer And Auto-Mounter For Crawling Remote File Systems

Sharesniffer – Network Share Sniffer And Auto-Mounter For Crawling Remote File Systems

 

sharesniffer is a network analysis tool for finding open and closed file shares on your local network. It includes auto-network discovery and auto-mounting of any open cifs and nfs shares.

How to use
Example to find all hosts in 192.168.56.0/24 network and auto-mount at /mnt:

python sniffshares.py -l 4 --hosts 192.168.56.0/24 -a -m /mnt


Requirements

  • Python 2.7 or 3.5
  • Linux or macOS
  • Nmap https://nmap.org in PATH
  • Nmap scripts (.nse) in PATH (on Linux/macOS they are usually in /usr/local/share/nmap/), if you don’t have the ones required are also in the rootdir of sharesniffer.
  • python-nmap (pip install python-nmap)
  • netifaces (pip install netifaces)

Download

$ git clone https://github.com/shirosaidev/sharesniffer.git
$ cd sharesniffer

CLI Options

usage: sniffshares.py [-h] [--hosts HOSTS] [-e EXCLUDEHOSTS] [-l SPEEDLEVEL]
                      [-n] [--nfsmntopt NFSMNTOPT] [-s]
                      [--smbmntopt SMBMNTOPT] [--smbtype SMBTYPE]
                      [--smbuser SMBUSER] [--smbpass SMBPASS] [-a]
                      [-m MOUNTPOINT] [-p MOUNTPREFIX] [-v] [--debug] [-q]
                      [-V]

optional arguments:
-h, –help show this help message and exit
–hosts HOSTS Hosts to scan, example: 10.10.56.0/22 or 10.10.56.2
(default: scan all hosts)
-e EXCLUDEHOSTS, –excludehosts EXCLUDEHOSTS
Hosts to exclude from scan, example:
10.10.56.1,10.10.56.254
-l SPEEDLEVEL, –speedlevel SPEEDLEVEL
Scan speed aggressiveness level from 3-5, lower for
more accuracy (default: 4)
-n, –nfs Scan network for nfs shares
–nfsmntopt NFSMNTOPT
nfs mount options (default: ro,nosuid,nodev,noexec,udp
,proto=udp,noatime,nodiratime,rsize=1024,dsize=1024,ve
rs=3,rdirplus)
-s, –smb Scan network for smb shares
–smbmntopt SMBMNTOPT
smb mount options (default: ro,nosuid,nodev,noexec,udp
,proto=udp,noatime,nodiratime,rsize=1024,dsize=1024)
–smbtype SMBTYPE Can be smbfs (default) or cifs
–smbuser SMBUSER smb username (default: guest)
–smbpass SMBPASS smb password (default: none)
-a, –automount Auto-mount any open nfs/smb shares
-m MOUNTPOINT, –mountpoint MOUNTPOINT
Mountpoint to mount shares (default: ./)
-p MOUNTPREFIX, –mountprefix MOUNTPREFIX
Prefix for mountpoint directory name (default:
sharesniffer)
-v, –verbose Increase output verbosity
–debug Debug message output
-q, –quiet Run quiet and just print out any possible mount points
for crawling
-V, –version Prints version and exits


Source: FeedBurner

Posted on

Prowler – Distributed Network Vulnerability Scanner

 

Prowler is a Network Vulnerability Scanner implemented on a Raspberry Pi Cluster, first developed during Singapore Infosec Community Hackathon – HackSmith v1.0.

Capabilities
  • Scan a network (a particular subnet or a list of IP addresses) for all IP addresses associated with active network devices
  • Determine the type of devices using fingerprinting
  • Determine if there are any open ports on the device
  • Associate the ports with common services
  • Test devices against a dictionary of factory default and common credentials
  • Notify users of security vulnerabilities through an dashboard. Dashboard tour
Planned Capabilities
  • Greater variety of vulnerability assessment capabilities (webapp etc.)
  • Select wordlist based on fingerprint
Hardware
  • Raspberry Pi Cluster HAT (with 4 * Pi Zero W)
  • Raspberry Pi 3
  • Networking device

Software Stack

  • Raspbian Stretch (Controller Pi)
  • Raspbian Stretch Lite (Worker Pi Zero)
  • Note: For ease of setup, use the images provided by Cluster Hat! Instructions
  • Python 3 (not tested on Python 2)
  • Python packages see requirements.txt
  • Ansible for managing the cluster as a whole (/playbooks)

Key Python Packages:

  • dispy (website) is the star of the show. It allows allows us to create a job queue that will be processed by the worker nodes.
  • python-libnmap is the python wrapper around nmap, an open source network scanner. It allows us to scan for open ports on devices.
  • paramiko is a python wrapper around SSH. We use it to probe SSH on devices to test for common credentials.
  • eel is used for the web dashboard (seperate repository, here)
  • rabbitmq (website) is used to pass the results from the cluster to the eel server that is serving the dashboard page.

Ansible Playbooks
For the playbooks to work, ansible must be installed (sudo pip3 install ansible). Configure the IP addresses of the nodes at /etc/ansible/hosts. WARNING: Your mileage may vary as these were only tested on my setup

  • shutdown.yml and reboot.yml self-explanatory
  • clone_repos.yml clone prowler and dispy repositories (required!) on the worker nodes
  • setup_node.yml installs all required packages on the worker nodes. Does not clone the repositories!

Deploying Prowler

  1. Clone the git repository: git clone https://github.com/tlkh/prowler.git
  2. Install dependencies by running sudo pip3 install -r requirements.txt on the controller Pi
  3. Run ansible-playbook playbooks/setup_node.yml to install the required packages on worker nodes.
  4. Clone the prowler and dispy repositories to the worker nodes using ansible-playbook playbooks/clone_repos.yml
  5. Run clusterhat on on the controller Pi to ensure that all Pi Zeros are powered up.
  6. Run python3 cluster.py on the controller Pi to start Prowler

To edit the range of IP addresses being scanned, edit the following lines in cluster.py:

test_range = []

for i in range(0, 1):

for j in range(100, 200):

test_range.append(“172.22.” + str(i) + “.” + str(j))

Old Demos

Useful Snippets

  • To run ssh command on multiple devices, install pssh and pssh -h pssh-hosts -l username -A -i "command"
  • To create the cluster (in compute.py): cluster = dispy.JobCluster(compute, nodes='pi0_ip', ip_addr='pi3_ip')
  • Check connectivity: ansible all -m ping or ping p1.local -c 1 && ping p2.local -c 1 && ping p3.local -c 1 && ping p4.local -c 1
  • Temperature Check: /opt/vc/bin/vcgencmd measure_temp && pssh -h workers -l pi -A -i "/opt/vc/bin/vcgencmd measure_temp" | grep temp
  • rpimonitor (how to install):


Source: FeedBurner

Posted on

Attackintel – Tool To Query The MITRE ATT&CK API For Tactics, Techniques, Mitigations, & Detection Methods For Specific Threat Groups

A simple python script to query the MITRE ATT&CK API for tactics, techniques, mitigations, & detection methods for specific threat groups.

Goals
  • Quickly align updated tactics, techniques, mitigation, and detection information from MITRE ATT&CK API for a specific threat
  • Brush up on my python skills and get familiar with GIT while drinking coffee
How To
Use one of two methods:
  • If (python3 is installed):
    • Download script from git
    • python3 attackintel.py
  • Else:
  • Select a threat number from the menu to get tactics, techniques, mitigation, and detection information
Resources
Requirements
  • Python ver.3+


Source: FeedBurner