It was a big week for smartphone privacy, or at least in various ways that external forces make your location data more or less secure. On the bad side of the ledger, most 5G connections in the US today aren’t actually full 5G, which means they’re susceptible to the sort of stingray surveillance that the next-generation standard was supposed to prevent. On the plus side, researchers have figured out a way to prevent your carrier from knowing where you are every single time you reconnect to a cell tower. It’s difficult to get them to implement it.
This week, privacy advocates also published documents showing that the NYPD spent $159 million to buy surveillance tools since 2007. These tools included stingrays and policing software.
Our colleagues in the UK took a look at new research that shows how and where extremists have set up shop on platforms like Steam and Discord. It’s a long-stewing problem, which makes it all the more frustrating that these well-resourced services haven’t managed to tackle it yet.
Google has made some changes to the Play Store, most of which matter for developers more than end users. Scammers will be unable to sell malware-laden sideloaded applications if they switch to an Android package instead.
The Poly Network decentralized financial system has been on a rollercoaster ride. The hacker took over $600,000,000 in just the first week and began returning it Wednesday. They had already returned $342million of the stolen funds by Thursday and had also frozen $33million worth of Tether stablecoins. They have placed the remaining crypto assets in a wallet which requires keys from Poly Network as well as the hacker. Their fate remains in doubt.
Virtual private networks are nice in theory; they let you browse without your ISP knowing what you’re up to, and their encrypted connections make it harder for anyone to snoop on your activity. A new study by the Markup has shown that many VPNs allow third-party trackers to monitor your activities, even though they don’t themselves log it. It’s a practice that undermines the whole privacy aspect of a VPN–and also something we factor into our best VPN recommendations.
Apple filed a lawsuit against Corellium in 2019 over their iOS virtualization software. Corellium’s products are popular among security researchers, who have limited insight into iOS itself; Apple claimed that the software violated the company’s copyright claims. The retreat comes at a time Apple has come under fire from privacy advocates over it introduced controversial steps to find child sexual abuse materials in iCloud that involves iPhones themselves. The security community needs to support it. A lawsuit against an important research tool was not going to help.
Microsoft has had to deal with many security problems over the past few months related to Windows Print Spooler. This includes more than one unsuccessful attempt to fix a PrintNightmare vulnerability. Although it is a temporary solution, Microsoft finally provided a means to resolve its printer problems this week. Anyone who uses Windows Point and Print to install drivers must have administrative rights. That should stave off most PrintNighmare attacks–but has already been demonstrated not to stop all of them.
- The latest on tech, science, and more: Get our newsletters!
- Hundreds of ways to get s#!+ done–and we still don’t
- Mass Effect: Andromeda is not to be criticized
- Watch a hacker hijack a hotel’s lights, fans, and beds
- How to keep your indoor air quality in check
- The truth about the quietest town in America
- Explore AI like never before with our new database
- WIRED Games: Get the latest tips, reviews, and more
- Our Gear Team’s top picks for home improvement, including robot vacuums and affordable mattresses as well as smart speakers.
Publited Sat, 14 August 2021 at 13:56.42 +0000