Happy holidays from your security news friends! As a special gift, we got you this analysis of the Resistance’s tactical shortcomings in The Last Jedi. And so much more! The US this week officially pinned this year’s devastating WannaCry ransomware attack on North Korea, after the security community had largely come to that same conclusion months ago. Learn about your ad choices: dovetail.prx.org/ad-choices
Dec 25, 2017•6 min
In the early bitcoin years, proponents promised that you would soon be able to pay for anything and everything with cryptocurrency. Order pizza! Buy Etsy trinkets! Use a bitcoin ATM! While PayPal had existed for more than a decade, frictionless, social payment platforms like Venmo were just first taking off, and cryptocurrency seemed like a legitimate way for digital transactions to evolve. It didn't happen. Learn about your ad choices: dovetail.prx.org/ad-choices...
Dec 25, 2017•13 min
Your digital security, any sufficiently paranoid person will remind you, is only as good as your physical security. The world's most sensitive users of technology, like dissidents, activists, or journalists in repressive regimes, have to fear not just hacking and online surveillance, but the reality that police, intelligence agents, or other intruders can simply break into your home, office, or hotel room. Learn about your ad choices: dovetail.prx.org/ad-choices...
Dec 22, 2017•9 min
As a fourth year medical student at Yale, Matthew Erlendson says he had to think long and hard about whether to participate in a recent hackathon at the Department of Health and Human services. The two-day event seemed like an innovative way to confront the opioid crisis, which kills more than 90 people in the US every day. Learn about your ad choices: dovetail.prx.org/ad-choices
Dec 22, 2017•11 min
Tech giants love to tout how good their computers are at identifying what’s depicted in a photograph. In 2015, deep learning algorithms designed by Google, Microsoft, and China’s Baidu superseded humans at the task, at least initially. This week, Facebook announced that its facial-recognition technology is now smart enough to identify a photo of you, even if you’re not tagged in it. Learn about your ad choices: dovetail.prx.org/ad-choices...
Dec 21, 2017•7 min
For last-minute shoppers, tech toys hold a special appeal. They’re crowdpleasers, and generally available with two-day shipping—or faster—from any number of online retailers. Stapling on internet connectivity also might make these flashy kids gadgets sound all the more appealing; it’s not just a teddy bear, it’s a machine learning teddy bear. On the other hand: don't. Learn about your ad choices: dovetail.prx.org/ad-choices
Dec 21, 2017•9 min
The biggest story in tech this week—and maybe this year—was net neutrality, which the FCC effectively abolished by rolling back Obama-era rules that prevented the creation of internet “fast lanes.” They did so despite overwhelming evidence that the mandatory public comment period was overrun with bots, form letters, and over maladies. How bad was it? We tracked down all 39 Nicholas Thompsons who commented, and could only confirm that three were humans. Learn about your ad choices: dovetail.prx.o...
Dec 20, 2017•5 min
The International Space Station is one of the few nonstellar things up there that we can see from down here without instruments. It’s a prefab home the size of a football field, 462 tons and more than $100 billion worth of pressurized roomlike modules and gleaming solar arrays, orbiting 250 miles above the surface of the Earth. Its flight path is available online, and you can find out when it will make a nighttime pass over your backyard. Learn about your ad choices: dovetail.prx.org/ad-choices...
Dec 20, 2017•6 min
Over the course of the Star Wars franchise, we’ve been treated to some epic battles: dogfights between X-Wings and TIE fighters at Yavin-4, AT-ATs on the frozen wastes of Hoth, jungle warfare on Endor, and Rogue One’s epic battles on the beaches of Scarif. The Last Jedi offers no shortage of skirmishes, either. Except this time, the Resistance’s consistently bad military tactics finally catch up with it. Learn about your ad choices: dovetail.prx.org/ad-choices...
Dec 19, 2017•9 min
All software has flaws, no matter how carefully you vet it. So the question isn't how to write perfect code, but how to respond to mistakes as you find them. And while Apple has earned a strong reputation for security, a string of significant vulnerabilities in macOS and iOS have strained Apple's safety net—and led some security researchers and developers to question whether the issues are systemic. Take the release of Apple's macOS High Sierra operating system at the end of September. Learn abo...
Dec 19, 2017•10 min
The Federal Communications Commissions' public comment period on its plans to repeal net neutrality protections was bombarded with bots, memes, and input from people who don't actually exist. The situation's gotten so bad that FCC Commissioner Jessica Rosenworcel, as well as several members of Congress, including one Republican, have called for the FCC to postpone its December 14 net neutrality vote so that an investigation can take place. The FCC seems unlikely to comply. Learn about your ad ch...
Dec 18, 2017•14 min
There was a time when high-status people signaled their worth with an ostentatious key fob for an expensive car. Today the keyring of an important person—or at least a paranoid one—might be distinguished by a less obvious marker: a pair of inconspicuous plastic dongles that protect an inbox full of secrets worth keeping. Learn about your ad choices: dovetail.prx.org/ad-choices
Dec 18, 2017•7 min
Hackers can threaten your smartphone in lots of ways, and if you want (or need) to lock it down completely, ironclad protection gets a little complicated. Fortunately, you can take some quick and easy steps to make big improvements to your mobile security. They don’t eliminate all risk, but they’re a solid baseline for any smartphone owner. Learn about your ad choices: dovetail.prx.org/ad-choices
Dec 15, 2017•7 min
Any self-respecting paranoiac long ago taped over the webcam on their laptop—and for good measure, the cameras on their smartphone too. But for those truly concerned that their computers have been hacked and turned into spy tools, the microphones on those devices represent just as much of a security threat as the cameras. They would allow a hacked gadget to bug an entire room. Learn about your ad choices: dovetail.prx.org/ad-choices
Dec 15, 2017•8 min
You've covered the basics. You've checked off the more-than-basics. But you still can't fight a nagging feeling that it's not quite enough. At a certain point, if a nation-state wants to compromise your devices or your privacy badly enough, it's going to find a way. You can at least make it harder for them. Here are a few measures designed to do just that. The Air Gap Up There The best way not to get your computer hacked? Don't connect it to any other computer, a practice known as air-gapping. L...
Dec 14, 2017•6 min
If you're facing targeted security threats, your problems run deeper than spyware on your devices. You need to check your physical spaces as well—your home, hotel room, office, and so on—for hidden cameras, mics, and other eavesdropping tools that someone may have planted. That means performing regular "technical surveillance counter measures" inspections. In other words? Checking for bugs. Learn about your ad choices: dovetail.prx.org/ad-choices...
Dec 14, 2017•8 min
When you think about online security, you think digital solutions. Install a reputable antivirus program; use end-to-end encryption. But protection can be physical as well. To up your security game, think outside the code with these IRL reinforcements. Tape Over Your Webcam Mark Zuckerberg does it. So does James Comey. And you, too, should also take this high-reward, low-tech security step. Learn about your ad choices: dovetail.prx.org/ad-choices...
Dec 13, 2017•5 min
There are few more toxic practices online than doxing, the distribution of someone's personal information across the internet against their will. It’s all too common, though, deployed regularly and devastatingly as a means to harass and intimidate. The practice is not limited to public—or briefly internet famous—figures either. Anyone can be a victim, at any time. Learn about your ad choices: dovetail.prx.org/ad-choices
Dec 13, 2017•6 min
Like any classic hustle, phishing has staying power. The fake emails and texts that lure you into a digital con—Free cruise! Act now!—may not comprise a very technical hack, but the attackers behind them still put a lot of resources and expertise into giving their cons as much authenticity as possible. That’s what makes it so difficult to protect yourself against phishing. You know not to click links in shady emails. You know to think twice before clicking any link in any email. Learn about your...
Dec 12, 2017•5 min
If the web were an amusement park attraction, you’d have to be 10 feet tall to ride—it's terrifying enough for adults and a funhouse of horrors for kids, from inappropriate content to unkind comment sections to outright predators. And yet! The internet also affords opportunities to learn, to socialize, to create. Besides, at this point trying to keep your kids off of it entirely would be like keeping them away from electricity or indoor plumbing. They’re going to get online. Learn about your ad ...
Dec 12, 2017•8 min
Your passwords are a first line of defense against many internet ills, but few people actually treat them that way: Whether it’s leaning on lazy Star Wars references or repeating across all of your accounts—or both—everyone is guilty of multiple password sins. But while they’re an imperfect security solution to begin with, putting in your best effort will provide an immediate security boost. Don’t think of the following tips as suggestions. Learn about your ad choices: dovetail.prx.org/ad-choice...
Dec 11, 2017•6 min
Throughout 2016 and 2017, individuals in Canada, United States, Germany, Norway, United Kingdom, and numerous other countries began to receive suspicious emails. It wasn’t just common spam. These people were chosen. WIRED OPINION ABOUT Ronald Deibert (@rondeibert) is professor of political science and director of the Citizen Lab at the University of Toronto’s Munk School of Global Affairs. The emails were specifically designed to entice each individual to click a malicious link. Learn about your...
Dec 11, 2017•10 min
When North Korea tested an intercontinental ballistic missile on Tuesday, analysts quickly determined that the weapon would be able to reach any target in the continental United States. Further photo and video analysis since, though, indicate that the missile test represents an even greater advance in capabilities than analysts first thought. Learn about your ad choices: dovetail.prx.org/ad-choices
Dec 08, 2017•7 min
The Internet of Things security crisis persists, as billions of inadequately secured webcams, refrigerators, and more flood homes around the world. But IoT security researchers at Microsoft Research have their eye on an even larger problem: the billions of gadgets that already run on simple microcontrollers—small, low-power computers on a single chip—that will gradually gain connectivity over the years, exponentially expanding the internet of things population. Learn about your ad choices: dovet...
Dec 07, 2017•9 min
Pretending to be someone you're not in an email has never been quite hard enough—hence phishing, that eternal scourge of internet security. But now one researcher has dug up a new collection of bugs in email programs that in many cases strip away even the existing, imperfect protections against email impersonation, allowing anyone to undetectably spoof a message with no hint at all to the recipient. Learn about your ad choices: dovetail.prx.org/ad-choices...
Dec 07, 2017•8 min
Most ad blockers—and there are so, so many of them now—operate roughly the same way, comparing the scripts they encounter on a given site to their whitelist and block list letting the former run and stopping the others. This means they largely share the same drawback, as well; they can’t block what they’ve never seen before. With its latest release, popular ad blocker Ghostery attempts to solve that common dilemma, with a fashionable solution: artificial intelligence. Learn about your ad choices...
Dec 06, 2017•9 min
A massive effort to encrypt web traffic over the last few years has made green padlocks and "https" addresses increasingly common; more than half the web now uses internet encryption protocols to keep data protected from prying eyes as it travels back and forth between sites and browsers. But as with any sweeping reform, the progress also comes with some new opportunities for fraud. And phishers are loving HTTPS. Learn about your ad choices: dovetail.prx.org/ad-choices...
Dec 06, 2017•7 min
A series of leaks has rocked the National Security Agency over the past few years, resulting in digital spy tools strewn across the web that have caused real damage both inside and outside the agency. Many of the breaches have been relatively simple to carry out, often by contractors like the whistleblower Edward Snowden, who employed just a USB drive and some chutzpah. Learn about your ad choices: dovetail.prx.org/ad-choices
Dec 05, 2017•6 min
It's been a rough week for a lot of people, but particularly for Apple. On Tuesday, a security researcher tweeted information about a dire bug in the company's macOS High Sierra operating system that allowed anyone being prompted for system user credentials to bypass the authentication by simply typing "root" as the username and leaving the password blank. Apple rushed to push out a necessary update on Wednesday, but botched it a bit; if you hadn't yet updated to macOS 10.13. Learn about your ad...
Dec 05, 2017•7 min
When a company like Apple rushes out a software patch for a critical security bug, it deserves praise for protecting its customers quickly. Except, perhaps, when that patch is so rushed that it's nearly as buggy as the code it was designed to fix. Learn about your ad choices: dovetail.prx.org/ad-choices
Dec 04, 2017•6 min
