Information Technology

One of Facebook’s data centres in Prineville, Oregon.
Image: Meta
After years of testing various approaches for detecting silent data corruptions (SDCs), Meta has outlined its approach for resolving the hardware issue. SDCs are data errors that do not leave any record or trace in system logs. Sources of SDCs include datapath dependencies, temperature variance, and age, among other silicon factors. Since these data errors are silent, they can stay undetected within workloads and propagate across several services. The data error can affect memory, storage, networking, as well as computer CPUs and cause data loss and corruption. Meta engineers started testing three years ago as they had a difficult time detecting SDCs once components had already gone into one of its production data centre fleets. “We [needed] novel detection approaches for preserving application health and fleet resiliency by detecting SDCs and mitigating them at scale,” Meta engineer Harish Dattatraya Dixit said in a blog post. According to tests, Meta found its most preferred way for detecting SDCs is using both out-of-production and ripple testing. Out-of-production testing is a SDC detection method that occurs when machines go through a maintenance event such as system reboots, kernel upgrades, and host provisioning among others. This type of testing piggybacks onto these events to allow for tests to have longer runtimes thereby enabling a “more intrusive nature of detection”. Ripple testing, meanwhile, occurs by running silent error detection in conjunction with workloads being active. This is done through shadow testing with workloads and injecting bit patterns with expected results intermittently within fleets and workloads, which Meta found enabled faster SDC detection than out-of-production testing. This faster type of testing “ripples” through Meta’s infrastructure, allowing for test times that are 1,000x lower than out-of-production test runtimes. Meta engineers observed, however, ripple testing could only detect 70% of fleet data corruptions, although it was able to detect them in 15 days. By comparison, out-of-production testing took six months to detect the same corruptions along with other ones. In explaining these benefits and tradeoffs, Dattatraya Dixit recommended that organisations with large-scale infrastructure should use both approaches to detect SDCs. “We recommend using and deploying both in a large-scale fleet,” Dattatraya Dixit said. “While detecting SDCs is a challenging problem for large-scale infrastructures, years of testing have shown us that [out-of-production] and ripple testing can provide a novel solution for detecting SDCs at scale as quickly as possible.” When Meta engineers used both tests for detecting SDCs, they found all SDCs could eventually be detected. Meta said 70% of SDCs were from ripple testing after 15 days, out-of-production testing caught up to 23% of the remaining SDCs in six months, while the remaining 7% was found through repeated ripple instances within its data centre fleets. To push further innovation in detecting SDCs, Meta has also announced it will provide five grants, each worth around $50,000, for academia to create research proposals in this field of research.  Related Coverage More

Ransomware causes problems no matter what brand it is, but some forms are noticeably more prolific than others, with four strains of the malware accounting for a combined total of almost 70% of all attacks. According to analysis by cybersecurity company Intel 471, the most prevalent ransomware threat towards the end of 2021 was LockBit 2.0, which accounted for 29.7% of all reported incidents. Recent victims of LockBit have included Accenture and the French Ministry of Justice.  

ZDNet Recommends

Almost one in five reported incidents involved Conti ransomware, famous for several incidents over the past year, including an attack against the Irish Healthcare Executive. The group recently had chat logs leaked, providing insights into how a ransomware gang works. PYSA and Hive account for one in 10 reported ransomware attacks each. SEE: Cybersecurity: Let’s get tactical (ZDNet special report)  “The most prevalent ransomware strain in the fourth quarter of 2021 was LockBit 2.0, which was responsible for 29.7% of all reported incidents, followed by Conti at 19%, PYSA at 10.5% and Hive at 10.1%,” said the researchers.Cybersecurity researchers at Intel 471 examined 722 ransomware attacks that took place between October and December 2021 and identified the most impacted sectors. Top of the list was consumer and industrial products, which accounted for almost a quarter of the organisations affected by ransomware attacks, up significantly compared to the previous quarter. Consumer and industrial products are a tempting target for ransomware criminals because they are services that people rely on as part of their everyday lives. If the network of the provider is encrypted, users can’t access the services they need.  One of the most high-profile instances of this issue occurred in 2020 when wearables, fitness tracker and smartwatch manufacturer Garmin was impacted by a ransomware attack, locking users out of services. It was reported that Garmin paid a multi-million-dollar ransom for a decryption key to help restore services. Manufacturing was the second-most impacted sector, accounting for 15.9% of ransomware attacks. Many manufacturing businesses work around the clock, often producing vital goods that people need every day.  Professional services and consulting was the third-most targeted sector by ransomware, accounting for 15.4% of incidents, followed by real estate with 11.4%. Life sciences and health care was the fifth-most targeted sector, following a rise in attacks against it. This includes ransomware attacks against hospitals. Hospitals make a tempting target because the nature of healthcare means that if networks are offline, patients can’t be treated, so some hospitals pay ransoms.SEE: This sneaky type of phishing is growing fast because hackers are seeing big paydaysRansomware is still a major cybersecurity issue and attacks continue to be successful because many victims choose to pay the ransom, despite being warned not to because that approach encourages more attacks. But there are actions that businesses can take to help avoid falling victim to a ransomware attack. This includes applying security patches as soon after release as possible, so hackers can’t exploit known vulnerabilities. Applying multi-factor authentication across the network is also recommended, so it’s harder for hackers to break into accounts and exploit them to lay the groundwork for ransomware or other malware attacks.  Organisations should also regularly update and test offline backups, so in the event of a successful ransomware attack, there’s a possibility of restoring the network without paying the ransom. MORE ON CYBERSECURITY More

Microsoft has revealed how the Trickbot trojan botnet has been using compromised MikroTik routers for stealthy communications with infected PCs.Trickbot, known for stealing banking credentials and delivering ransomware, seemed unstoppable once. It continued to thrive despite an effort led by Microsoft in 2020 to patch millions of infected PCs and take down most of its command and control (C2) servers, with the exception of its Internet of Things (IoT) C2 devices, until it finally shut down earlier this year. 

ZDNet Recommends

Now, Microsoft has filled in one detail about how the TrickBot gang’s IoT C2 devices, namely compromised MikroTik routers, were being used since 2018 for stealthy communication with infected PCs. SEE: Cybersecurity: Let’s get tactical (ZDNet special report)Back in 2018, when many hackers were targeting CVE-2018-14847 in MikroTik’s RouterOS software, security researchers found Tickbot was using compromised MikroTik routers for C2 infrastructure. Routers are a useful C2 tool since they allow communication between C2 and Trickbot-infected PCs in a way that standard defenses can’t detect. Microsoft security researchers say they have now cleared up exactly how the devices were being used in its infrastructure.   After gaining control of the router through a compromised password, Trickbot used RouterOS’s SSH shell to create a set of commands that RouterOS understands but which don’t make sense on normal Linux-based shells. SSH is intended to enable secure network communications over an unsecured network. The ultimate goal was to redirect the compromised router’s traffic. This command created a new network rule that redirected traffic from the infected device to a server and the redirected traffic was received from port 449 and redirected to port 80, Microsoft explains. “The said command is a legitimate network address translation (NAT) command that allows the NAT router to perform IP address rewriting. In this case, it is being used for malicious activity. Trickbot is known for using ports 443 and 449, and we were able to verify that some target servers were identified as TrickBot C2 servers in the past,” Microsoft adds. “As security solutions for conventional computing devices continue to evolve and improve, attackers will explore alternative ways to compromise target networks. Attack attempts against routers and other IoT devices are not new, and being unmanaged, they can easily be the weakest links in the network. Therefore, organizations should also consider these devices when implementing security policies and best practices,” Microsoft said. It has included details of how to find out if your routers have been affected.Despite Trickbot’s notoriety and durability, researchers at Intel 471, which was involved in the 2020 takedown, said that by February this year the Trickbot malware was on its last legs, with former developers moving on to new malware like BazarLoader and the Conti ransomware gang. “Intel 471 cannot confirm, but it’s likely that the Trickbot operators have phased Trickbot malware out of their operations in favor of other platforms, such as Emotet. Trickbot, after all, is relatively old malware that hasn’t been updated in a major way. Detection rates are high and the network traffic from bot communication is easily recognized,” its researchers wrote. More

The Cyclops Blink botnet is now targeting Asus routers in a new wave of cyberattacks. Cyclops Blink, a modular botnet, is suspected of being the creation of Sandworm/Voodoo Bear, a Russian advanced persistent threat (APT) group. 

ZDNet Recommends

The best security key

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Read More

Several weeks ago, the UK National Cyber Security Centre (NCSC) and the United States’ Cybersecurity and Infrastructure Security Agency (CISA), alongside the NSA and FBI, warned of the botnet’s existence. According to the agencies, the APT is supported by the Russian General Staff Main Intelligence Directorate (GRU) and has been linked to the use of BlackEnergy malware against Ukraine’s electricity grid, Industroyer, NotPetya, and cyberattacks against Georgia.  “Cyclops Blink appears to be a replacement framework for the VPNFilter malware exposed in 2018, which exploited network devices, primarily small office/home office (SOHO) routers and network-attached storage (NAS) devices,” the agencies warned.  This week, cybersecurity researchers from Trend Micro said that while the malware is “state-sponsored”, it does not appear to be inactive use against targets that would have Russia’s state interests at heart. The botnet is vast, and over 150 past and current command-and-control (C2) server addresses have been traced so far that they belong to the network.  However, WatchGuard Firebox and Asus devices compromised by the botnet “do not belong to critical organizations, or those that have an evident value on economic, political, or military espionage” — an important point to note considering the current invasion of Ukraine by Russia’s military.  Also: Cloudflare debuts Friendly Bot validation serviceWhile the botnet is busy enslaving generic, open, and exposed devices online, Trend Micro suspects that amassing nodes could then be used to “build an infrastructure for further attacks on high-value targets.” First detected in 2019, Cyclops Blink is written in C and uses TCP to communicate with a C2 server. The malware makes use of OpenSSL encryption functions and will attempt to brute-force devices to obtain access. The modular malware is able to read and write from a device’s flash memory, enabling persistence. Trend Micro also says that these functions may allow it to “survive factory resets.” “Although it cannot be used as proof of attribution, the preceding code reminded us of a routine from the third-stage code of VPNFilter’s process called “dstr” that was intended to “brick” the infected device,” the researchers say.  Other modules gather device information and allow the botnet to download and execute additional files from the web.  “Asus is likely only one of the vendors that are currently being targeted by Cyclops Blink,” the researchers say. “We have evidence that other routers are affected too, but as of reporting, we were not able to collect Cyclops Blink malware samples for routers other than WatchGuard and Asus.” In a security advisory published on March 17, Asus said it was aware of Cyclops Blink and is “investigating.”  The vendor has urged customers to reset their devices to a factory default setting, to update their products to the latest firmware, and to change any default administrator credentials to stronger options. In addition, Asus recommends that the Remote Management function, disabled by default, remains so.  “If it is suspected that an organization’s devices have been infected with Cyclops Blink, it is best to get a new router,” Trend Micro added. “Performing a factory reset might blank out an organization’s configuration, but not the underlying operating system that the attackers have modified.” The affected product list is below: GT-AC5300 firmware under 3.0.0.4.386.xxxx GT-AC2900 firmware under 3.0.0.4.386.xxxx RT-AC5300 firmware under 3.0.0.4.386.xxxx RT-AC88U firmware under 3.0.0.4.386.xxxx RT-AC3100 firmware under 3.0.0.4.386.xxxx RT-AC86U firmware under 3.0.0.4.386.xxxx RT-AC68U, AC68R, AC68W, AC68P firmware under 3.0.0.4.386.xxxx RT-AC66U_B1 firmware under 3.0.0.4.386.xxxx RT-AC3200 firmware under 3.0.0.4.386.xxxx RT-AC2900 firmware under 3.0.0.4.386.xxxx RT-AC1900P, RT-AC1900P firmware under 3.0.0.4.386.xxxx RT-AC87U (EOL) RT-AC66U (EOL) RT-AC56U (EOL)See alsoHave a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

Cloudflare has introduced “Friendly Bots,” a new way to verify an online bot’s identity. Bots are applications designed to automatically perform specific, repetitive tasks online without the need for human oversight. 

ZDNet Recommends

Many bots are set to beneficial tasks such as crawling web pages, for analytics, providing payment services, chatting to website users, and giving them advice or pointing them to the right customer service department — but not all. So-called ‘bad’ bots can be used to scrape user data, send spam, overwhelm a domain with traffic and disrupt services (DoS/DDoS attacks), or perform automatic account access attempts in what is known as credential stuffing.  In an effort to stop malicious bots from causing too much havoc online, some online service providers implement allow and deny lists to stop known bad bots from accessing resources.  However, according to Cloudflare, there are many “well-behaved” bots online — and so it can be a challenge to maintain a balance between the good and the bad.  “At Cloudflare, we manually “verify” good bots, so they don’t get blocked,” the firm says. “Our customers can choose to allowlist any bot that is verified. Unfortunately, new bots are popping up faster than we can verify them.” Therefore, Cloudflare has developed new functionality for customers called “Friendly Bots.” Normally, bots are verified through public forms and documentation provided by a developer, including its IP addresses — whether static or dynamic — rDNS, user agents, and machine learning (ML), the use of smart algorithms that detect patterns in bot behavior and aim to profile the innocent ones.  It can take a few weeks for bots to be verified, but smaller developers may have to join a long queue unless the bot is working at a vast scale.  In the meantime, Cloudflare hopes that by considering a bot ‘friendly’ while it is waiting to be verified, this can cut some of the legwork and time required for good bots to be given the seal of approval.  Friendly Bots will allow users to “auto validate” bot traffic through the Cloudflare dashboard. Users can provide information about a bot, and the company will then be better equipped to verify bots based on their traffic.  “In the past, we’ve struggled to verify bots that did not crawl the web at a large scale,” Cloudflare says. “[…] Bots were sometimes difficult to verify if they did not make thousands of requests to Cloudflare. With Friendly Bots, we’ve eliminated that requirement, introducing a new, dynamic cache that optimizes for fun-sized projects.” In addition, if users in large numbers are submitting the same bot to allow lists, such as through a specific IP address, this bot will be automatically added to the ‘to verify’ list.  “Previously, we required bot operators (e.g. Google) to submit verification data themselves,” the firm added. “If there was a bot you wanted to verify but did not own, you were out of luck. Friendly Bots eliminates this dependency on bot operators. Anyone who can find identifying information can register a bot on their site.” Cloudflare says that Friendly Bots will be launched “soon” and will “reduce false positives, improve crawl-ability, and generally stabilize sites.” Verified bots to are also being added to the Logs feature under Cloudflare Radar.  See alsoHave a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

LokiLocker, a relatively new form of ransomware, uses the standard extortion-through-encryption racket but also incorporates disk-wiper functionality.     Double extortion became a hit last year, when ransomware gangs started stealing files before encrypting them to threaten victims with a sensitive data leak if they didn’t pay up. 

ZDNet Recommends

BlackBerry Threat Intelligence is now warning that LokiLock, first seen in August 2021, now features an “optional wiper functionality” to put pressure on victims in a slightly different way. SEE: Cybersecurity: Let’s get tactical (ZDNet special report)Instead of attackers using the threat of leaking a victim’s files to pressure them into paying, LokiLock’s customers threaten to overwrite a victim’s Windows Master Boot Record (MBR), which wipes all files and renders the machine unusable. But that tactic effectively ends all negotiations about payment, of course.Disk-wiper functionality has come into focus recently because of destructive malware attacks on Ukrainian organizations. The US government fears destructive malware could target organizations in the West in retribution for sanctions against Russia. Historically, disk-wiper malware has often been favoured by state-sponsored hackers, as was the case in NotPetya, WhisperGate and HermeticWiper – all directly or loosely connected to Russian state-sponsored actors – where ransomware is a decoy for the true destructive intent. But commercially motivated ransomware that destroys the victim’s computer? It certainly appears to be a different style of ransom negotiation than ransomware linked to Russian actors.  “With a single stroke, everyone loses,” BlackBerry notes. However, Microsoft has been tracking emerging – presumed state-backed or affiliated – Iranian hacking groups that are employing both encryption and destructive malware.  BlackBerry points to some evidence that suggests LokiLocker was developed by Iranian hackers and designed to target English-speaking victims. The evidence: there are very few English spelling errors in the malware’s debugging strings; LokiLocker affiliates are chatting on Iranian hacking forums; and Iran is the only location currently blacklisted for activating encryption. Additionally, some credential-cracking tools distributed in early samples of LokiLocker “seem to be developed by an Iranian cracking team called AccountCrack”.”Although we’ve been unable to reliably assess exactly where the LokiLocker RaaS originates, it is worth mentioning that all the embedded debugging strings are in English, and – unlike the majority of malware originating from Russia and China – the language is largely free of mistakes and misspellings,” BlackBerry notes. “It’s not entirely clear whether this means they truly originate from Iran or that the real threat actors are trying to cast the blame on Iranian attackers,” it said.It’s common for Russia-based ransomware gangs to not activate malware on machines within Commonwealth of Independent States nations – often configured by blacklisting specific language codes within a machine’s language settings.SEE: How Russia’s invasion of Ukraine threatens the IT industry   But BlackBerry says LokiLocker appears to be in beta. The Iran blacklist functionality hasn’t been implemented.  As for the disk-wiper functionality, BlackBerry says the malware will attempt to destroy a system if a ransom isn’t paid within the specified timeframe. It deletes all of a victim’s files, except for system files, and also tries to overwrite the MBR and then, after forcing a Blue Screen of Death error message, reboots the wiped machine and displays the message: “You did not pay us. So we deleted all of your files : ) Loki locker ransomware_”.   Prior to the payment deadline, the malware changes the victim’s login screen and desktop wallpaper to the ransom message, and drops a web file that displays the ransom note on the victim’s desktop detailing the time left “to lose all of your files”. LokiLocker is written in .NET and protected with NETGuard (modified ConfuserEX), using an additional virtualization plugin called KoiVM, according to BlackBerry.”LokiLocker’s use of KoiVM as a virtualizing protector for .NET applications is an unusual method of complicating analysis. We haven’t seen a lot of other threat actors using it yet, so this may be the start of a new trend,” the company notes.   More

CafePress’s past owner has been fined $500,000 over a litany of security failures and data breaches. CafePress is a US platform offering print-on-demand products including clothing, home decor, and kitchenware. Sellers can sign up to the platform, upload their designs, and CafePress takes a cut of any sales made. 

ZDNet Recommends

The best security key

While robust passwords help you secure your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.

Read More

These businesses require key financial information from sellers and purchasers to operate, and as such, they are expected to securely manage this information and handle transactions with security in mind.  However, CafePress became the subject of a US Federal Trade Commission (FTC) investigation surrounding how it handled security — and how the firm allegedly “failed to secure consumers’ sensitive personal data and covered up a major breach.” On March 15, the US regulator said that Residual Pumpkin is required to pay $500,000 in damages. According to the FTC’s complaint (.PDF), issued against the platform’s former owner Residual Pumpkin Entity, LLC, and its current owner PlanetArt, LLC, there was a lack of “reasonable security measures” to prevent data breaches.   In addition, the FTC claims that CafePress kept user data for longer than necessary, stored personally identifiable information (PII) including Social Security numbers and password reset answers in cleartext, and did not patch against known system vulnerabilities.  “As a result of its shoddy security practices, CafePress’ network was breached multiple times,” the FTC says.  CafePress experienced a major security incident in 2019. An attacker infiltrated the platform in February 2019 and was able to access data belonging to millions of users.  This included email addresses, poorly-encrypted passwords, names, home addresses, security questions and answers, some partial card payment records, phone numbers, and at least 180,000 unencrypted Social Security numbers.  The datasets, some of which were then sold online, were added to Troy Hunt’s HaveiBeenPwned search engine in August 2019.  According to the FTC, CafePress was notified a month after the breach and did patch the security flaw — but did not investigate the breach properly “for several months.”  Customers were also not told. Instead, CafePress implemented a forced password reset as part of its “policy” and only informed users in September 2019, once the data breach had been publicly reported.  In a separate case in 2018, CafePress allegedly was made aware of shops being compromised. These accounts were closed — and the shopkeepers, the victims, were then charged $25 account closure fees.  The FTC also claims that the company “misled” users by using consumer email addresses for marketing, despite promises to the contrary.  While Residual Pumpkin will bear the cost of the order, PlanetArt is also required to notify consumers who were impacted by CafePress security incidents.  In addition, both companies will have to hire third-party experts to perform security audits and must redress any existing security issues — including replacing security questions with multi-factor authentication (MFA) processes, encrypting Social Security numbers, and tightening up their data storage and retention practices.  “CafePress employed careless security practices and concealed multiple breaches from consumers,” commented Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. “These orders dial-up accountability for lax security practices, requiring redress for small businesses that were harmed, and specific controls, like multi-factor authentication, to better safeguard personal information.” The agreement is subject to public comment before being made final.  Update 14.58 GMT: CafePress told ZDNet: “The data breach occurred well before PlanetArt bought the CafePress brand and happened under the technology leadership of the brand’s prior owner. PlanetArt was happy to agree to the FTC’s request that PlanetArt also become obligated to the FTC’s settlement with the prior owner, as it comports with the priority PlanetArt has always placed on cybersecurity specifically and, more generally, on consumer protection.”Clarification 10.32amGMT: ZDNet has corrected the penalty amount to $500,000. ZDNet regrets the error. See alsoHave a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

Image: Google
Google has announced it will be expanding age verification checks to users in Australia who want to access age-restricted content on YouTube and Google Play.In the coming month, the search giant will introduce age verification checks where users are asked to provide additional proof-of-age when attempting to watch mature content on YouTube or downloading content on Google Play. The move is to provide users with “age appropriate experiences,” Google government affairs and public policy senior manager Samantha Yorke explained in a blog post. “As part of this process some Australian users may be asked to provide additional proof of age when attempting to watch mature content on YouTube or downloading content on Google Play.”If our systems are unable to establish that a viewer is above the age of 18, we will request that they provide a valid ID or credit card to verify their age.”Google considers a valid ID as one issued by government, such as a driver’s licence or passport. The company assured if a user uploads a copy of their ID, it would be “securely stored, won’t be made public, and would be deleted” once a person’s date of birth is verified. It noted, however, that it will not only use a person’s ID to confirm their age but also to “improve our verification services for Google products and protect against fraud and abuse”. Google said the move is in response to the Australian government’s Online Safety (Restricted Access Systems) Declaration 2022, which requires platforms to take steps to confirm users are over the age of 18 before they can access content that could potentially be inappropriate for under-18 viewers. The declaration was introduced under the Online Safety Act. See also: eSafety thinks identity verification for social media would be impracticalSimilar age verification steps have already been implemented in the European Union under the Audiovisual Media Services Directive (AVMSD). To ensure the experience is consistent, viewers who attempt to access age-restricted YouTube videos on “most” third-party websites will be redirected to YouTube to sign-in and verify their age to view it. “It helps ensure that, no matter where a video is discovered, it will only be viewable by the appropriate audience,” Yorke said.Meanwhile, Meta is rolling out parental supervision tools on Quest and Instagram, claiming it will allow parents and guardians to be “more involved in their teens’ experiences”. The supervision tool for Instagram will allow parents and guardians to view how much time their teens spend on the platform and set time limits; be notified when their teens shares they’ve reported someone; and view and receive updates on what accounts their teen follow and the accounts that follow their teen. There are also plans to add additional features, including letting parents set the hours during which their teens can use Instagram and the ability for more than one parent to supervise a teen’s account.The supervision tool on Instagram is currently available only in the US, but Meta says there are plans for a global rollout in the “coming months”. Teens will need to initiate Instagram parental supervision for now in the app on mobile devices, Meta said, but it explained parents would have the option to initiate supervision in the app on the desktop by June.”Teens will need to approve parental supervision if their parent or guardian requests it,” Meta said. As for the VR parental supervision tools being introduced to Quest, it will be rolled out over the coming months, starting with the expansion of the existing unlock pattern on Quest headsets to allow parents to use it block their teen from accessing experiences they deem as inappropriate. In May, Meta will automatically block teens from downloading IARC rated age-inappropriate apps, as well launch a parent dashboard, hosting a suite of supervision tools that will link to the teen’s account based on consent from both sides.Additionally, Meta has established what it is calling the Family Center to provide parents and guardians access to supervision tools and resources, including the ability to oversee their teens’ accounts within Meta technologies, set up and use supervision tools, and access resources on how to communicate with their teens about internet use.”Our vision for Family Center is to eventually allow parents and guardians to help their teens manage experiences across Meta technologies, all from one central place,” the company said. The moves from both tech giants follow the parliamentary committee responsible for conducting Australia’s social media probe releasing its findings earlier this week.In its findings, it believes online harms would be reduced if the federal government legislates requirements for social media companies to set the default privacy settings for accounts owned by children to the highest levels and all digital devices sold in Australia to contain optional parental control functionalities.  Related Coverage More