Headlines 

Trump’s New Executive Order Slaps a Bandaid on Election Interference Problems

On Wednesday, President Donald Trump signed an executive order that would automatically impose sanctions against any person or group attempting to interfere in United States elections. "The proliferation of digital devices and internet-based communications has created significant vulnerabilities and magnified the scope and intensity of the threat of foreign interference [to elections]," Trump writes in the order. "I hereby declare a national emergency to deal with this threat." The order covers attacks not just on vote integrity and election infrastructure, but also disinformation campaigns, information leaking, propaganda, and other types…

Read More
Headlines 

Phone Numbers Were Never Meant as ID. Now Were All At Risk

On Thursday, T-Mobile confirmed that some of its customer data was breached in an attack the company discovered on Monday. It's a snappy disclosure timeframe, and the carrier said that no financial data or Social Security numbers were compromised in the breach. A relief, right? The problem is the customer data that was potentially exposed: name, billing zip code, email address, some hashed passwords, account number, account type, and phone number. Pay close attention to that last one. The cumulative danger of all of these data points becoming exposed—not just…

Read More
Headlines 

Security News This Week: A Devastating Report on the CIA’s Deadly Mistakes in China

There's no such thing as summer vacation in security, and researchers started off this week by disclosing a problematic flaw in Intel processors that undermines the company's so-called secure enclave offering, and potentially other capabilities like virtual machines. A different group of analysts realized that they could potentially take a power grid down by conscripting air conditioners, water heaters, and other devices into a botnet and coordinating a massive power draw. And yet another research team exposed risks in how developers manage app storage on Android. Plus, an analysis of…

Read More
Headlines 

Taking Away John Brennan’s Clearance Threatens National Security

In a move that has shocked career national security officials, President Trump stripped former CIA Director John Brennan of his security clearance this week, and announced he was considering doing so for a host of others. The move so enraged retired Navy Admiral William McRaven—the man who oversaw the killing of Osama Bin Laden—that he wrote an op-ed telling Trump to revoke his clearance too, in solidarity with Brennan. But what the general public might not realize is that cutting off Brennan and others has more than just symbolic cost.…

Read More
Odds and Ends 

Google acquires GraphicsFuzz, a service that tests Android graphics drivers

Google has acquired GraphicsFuzz, a company that builds a framework for testing the security and reliability of Android graphics drivers. The news, which was first spotted by XDA Developers, comes on the same day Google announced the release of Android 9 Pie. A Google spokesperson confirmed the news to us but declined to provide any further information. The companies also declined to provide any details about the price of the acquisition. The GraphicsFuzz team, which consists of co-founders Alastair Donaldson, Hugues Evrard and Paul Thomson, will join the Android graphics team to…

Read More
Headlines 

Security News This Week: Surprise, the FCC Lied About That DDoS Attack

It’s Black Hat and DefCon conference time again, when the world’s top security researchers descend on the den of iniquity that is Las Vegas in August and try to scare the bejeezus out of people with new research into ominous hacks. Hooray! WIRED’s been there for a few days already. Lily Hay Newman discovered that several mobile credit card readers are rife with bugs, potentially leaving you exposed. She also reports that researchers found a way to hack new Mac computers right out of the box, and the hubs that…

Read More
Headlines 

Millions of Android Devices Are Vulnerable Right Out of the Box

Security meltdowns on your smartphone are often self-inflicted: You clicked the wrong link, or installed the wrong app. But for millions of Android devices, the vulnerabilities have been baked in ahead of time, deep in the firmware, just waiting to be exploited. Who put them there? Some combination of the manufacturer that made it, and the carrier that sold it to you. That’s the key finding of new analysis from mobile security firm Kryptowire, which details troubling bugs preloaded into 10 devices sold across the major US carriers. Kryptowire CEO…

Read More
Headlines 

The Explosive-Carrying Drones in Venezuela Won’t Be the Last

On Saturday, as Venezuelan President Nicolas Maduro gave a speech in Caracas before a large military assemblage, drones carrying explosives approached, officials there said, detonating near the stage. While Maduro was unharmed, Venezuelan information minister Jorge Rodriguez said that the attack injured seven soldiers. It's a method of assault that only a few years ago felt unthinkable, but has quickly become inevitable. Details remain scarce about the exact nature of the attack, which Rodriguez characterized as an “assassination attempt,” including what type of drones were used and the nature of…

Read More
Headlines 

DIY Gun Blueprints Have Been Taken OfflineFor Now

A belated legal scramble to stop public access to blueprints for 3-D-printed guns has succeeded, at least for now. Late Tuesday, a federal judge granted a temporary nationwide injunction against Defense Distributed, prohibiting it from making its designs available online. Several hours after the ruling, Defense Distributed founder Cody Wilson has finally complied. The suit, filed Monday by the attorneys general of eight states and the District of Columbia, is just one of several last-ditch legal efforts to prevent the spread of plans for 3-D-printed guns. Last month, the State…

Read More
Headlines 

How to Secure Your Accounts With Better Two-Factor Authentication

Hopefully by now you’ve heeded the repeated warnings from your friends and loved ones (and friendly, beloved internet writers) to use two-factor authentication to secure your digital accounts. That’s where access to Facebook or Twitter or your online bank—anything that supports it, really—requires not just a password but also a special code. Not all two-factor is created equal, however. For better protection, you’re going to want an authenticator app. Yes, the easiest way to implement two-factor is with SMS, receiving a text with an access code every time you try…

Read More
Headlines 

Security News This Week: Maybe Go Ahead and Make Your Venmo Private

This week started with a controversial, widely derided meeting between President Trump and Russian leader Vladimir Putin, and ended with… an invite for round two! And yes, all manner of craziness managed to happen in between. That includes yet more denials on Trump’s part that Russia interfered—and continues to—with US democracy, a stance that has serious repercussions, however many times he walks it back. The Putin press conference performance also prompted concern across the aisle, as senators Marco Rubio and Mark Warner cast it as a major setback in efforts…

Read More
Headlines 

Shadow Politics: Meet the Digital Sleuth Exposing Fake News

When we met in early March, Jonathan Albright was still shrugging off a sleepless weekend. It was a few weeks after the massacre at Marjory Stoneman Douglas High School had killed 17 people, most of them teenagers, and promptly turned the internet into a cesspool of finger pointing and conspiracy slinging. Within days, ultraconservative YouTube stars like Alex Jones had rallied their supporters behind the bogus claim that the students who survived and took to the press to call for gun control were merely actors. Within a week, one of…

Read More
Headlines 

Facebook Gave a Russian Internet Giant a Special Data Extension

Since March, when news broke that the political consulting firm Cambridge Analytica used a Facebook app to amass data on as many as 87 million people without their consent, the social networking giant has been forced to repeatedly answer for how it has given away user data and who it's given that data to. In the immediate wake of the scandal, Facebook rushed to defend itself in a blog post, saying that in 2014, it changed an element of its API to prevent apps from collecting data on their users'…

Read More
Headlines 

All the Ways iOS 12 Will Make Your iPhone More Secure

The annual iOS refresh is on the way—Apple has previewed it, beta testers have installed it, and the rest of us should get iOS 12 when iPhones arrive in September. While features such as winking 3-D emoji and screen-time limits for your apps might take much of the attention when the software arrives, iOS 12 is a major step forward in one other crucial area: smartphone security. It's something Apple has always prided itself on, with its tightly locked App Store and full device encryption, but iOS 12 is going…

Read More
Headlines 

Security News This Week: Mapping the NSA’s Secret Spy Hubs

It has been, to be quite honest, a fairly bad week, as far as weeks go. But despite the sustained downbeat news, a few good things managed to happen as well. So we'll start with those. California has passed the strongest digital privacy law in the United States, for starters, which as of 2020 will give customers the right to know what data companies use, and to disallow those companies from selling it. It's just the latest in a string of uncommonly good bits of privacy news, which included last…

Read More