aqhgfhsypytnpaiazh

aqhgfhsypytnpaiazh t1_je7xe4u wrote

  • The survey website could be filled with ads or other tracking bullshit which earns them advertising or sales revenue.
  • The website could trick you into running malware, such as ransomware which pays money.
  • The survey data could legitimately be used by marketing and product research companies who will pay money for that info.
  • The survey could provide the scammers with enough personal info to break into your accounts, which could enable identity theft, taking out credit in your name, sucking your bank accounts dry etc. Or sell the data to other malicious parties who will do this.
  • The cost to operate these survey sites is basically nothing, if the gift cards are even real they will be stolen or obtained fraudulently.
1

aqhgfhsypytnpaiazh t1_je7sw5v wrote

Encryption means information is transformed in some way such that it cannot be read or changed by unauthorised parties. Typically some kind of secret key is required to read the original information. Modern cryptography uses fancy maths to achieve this.

But "encryption" is kind of an ambiguous thing. Like a lot of services say they use "military-grade encryption!" but the claim is kind of meaningless. What really matters is what data is encrypted, where and by whom.

In a typical computer messaging service, you have the Sender, the Recipient, and in the middle a Server operated by the service provider (eg. WhatsApp/Meta). The Server is needed because directly communicating between two end user devices over the internet is actually pretty hard. The Recipient device may be switched off or out of service range and unable to receive messages, there may be NAT, firewalls or other barriers to establishing connections etc. So the Server handles all messages, temporarily storing messages for retry later, sending out push notifications etc.

In between these 3 parties, you have additional parties involved. The cafe who provides the WiFi; the ISPs who provide the internet connections; other companies or governments who operate the internet infrastructure between ISPs; hackers or rogue employees who gain access to systems and networks; governments who force companies to provide access etc.

So at the very least you want to ensure that the connection between the user (Sender or Recipient) and Server are encrypted to prevent any malicious parties snooping on your messages. A common encryption mechanism uses a pair of keys: a Public key that can be used to encrypt messages, and a Private key that can decrypt them.

End-to-end encryption is a specific type of encryption that takes it a step further; the message content is encrypted on the Sender device (one end), and only decrypted on the Recipient device (the other end). The Server only has enough unencrypted information to route the messages to the correct users/devices, it doesn't need to decrypt the message content. In theory, only the Recipient has the decryption key, so the messaging service provider cannot decrypt it even if they wanted to (or were forced to).

The problem is, end-to-end encryption does not enforce this. You use an app like WhatsApp to generation the keys. There isn't anything that prevents WhatsApp sending a copy of the Private (decryption) key to themselves and reading your messages when they want to. You're trusting them to do what they claim. Then we get to the last part: what is encrypted. It's only the contents of the message. Metadata like how many messages you send, their size, to whom & when, are all accessible to WhatsApp. So end-to-end encryption sounds good in theory, but it you need to understand is limitations.

1

aqhgfhsypytnpaiazh t1_je3081x wrote

Modern computers, in terms of data storage and processing, basically only operate on bytes (groups of 8 binary digits [bits]). So at least in most cases you can assume that 00001001 should be treated as a single value.

Beyond that, it's really up to the software interacting with that data to determine how to process it. This is where file formats come into play. The file format is a specification that clearly defines how to interpret the data in a file. So it will tell you what each byte in a file means.

Sometimes the rules are very strict, like a format will say "Every byte of the file represents a character of the alphabet, here's an ANSI table that maps binary numbers to characters". Or it might be less rigid, like "The first section of the audio file is free text ANSI metadata, which ends when the null byte (00000000) is encountered. The next section..."

Without some context as to what the data represents, it's meaningless. Often this can be conveyed by following the conventions for file extensions - the part of the file name after the last dot (eg .txt is universally recognised as text data encoded with the ANSI or Unicode standards). Often there is also a specific pattern of data at the very beginning of the file (a magic number) that indicates what type of file it is. The file is stored in a file system, which is a particular arrangement of data on a storage device following file system standards. Programs are stored using standard data formats built into the operating system, which in turn send a series of electrical signals to the CPU and other processors following a standard instruction set. It's standards all the way down.

Binary data is ultimately just a series of binary digits - an abstract representation of on/off electrical signals - that the program (by way of the programmer and/or user) has to figure out what to do with. If your friend came to you and blurted out "Eleven! Seventy four! Two! Five thousand, nine hundred and sixty six!" it's not going to mean anything without context.

1