The CIA created a "Snowden Stopper" to catch future whistleblowers

The latest Wikileaks release of leaked CIA cyberweapons includes "Scribbles" -- referred to by the CIA as the "Snowden Stopper" -- a watermarking tool that embeds web-beacon style tracking beacons into secret documents that quietly notify a central server every time the document is opened. Read the rest

Ex-Fox News host: when I filed a sexual harassment claim against Ailes, the company hacked and stalked me

In a federal complaint against Fox News, former Outnumbered host Andrea Tantaros claims that after she filed a sexual harassment claim against the former CEO Roger Ailes, Fox News contracted with a psyops team to set up a "black room" to run a hate campaign that targeted her by cyberstalking her, implanting malware on her computer, and libeling her on "fake news" sites. Read the rest

The next iteration of Alexa is designed to watch you while you get dressed

The Echo Look is the next version of the Alexa appliance: it has an camera hooked up to a computer vision system, along with its always-on mic, and the first application for it is to watch you as you dress and give you fashion advice (that is, recommend clothes you can order from Amazon). Read the rest

Brickerbot is mysterious antimalware that nukes badly secured Internet of Shit gadgets

The Mirai Worm is a seemingly unstoppable piece of malware that targets the garbage-security Internet of Things gadgets that have proliferated through the world; these gadgets then used to deliver equally unstoppable floods of traffic that endanger whole countries. Read the rest

Creepy, sketchy stalkerware vendor get hacked, announced bug-bounty program

Flexispy (previously) is the creepy, sketchy stalkerware company that makes tools that allow jealous, abusive spouses track their partners, and then hides their profits in offshore money-laundries. Read the rest

DEA bought zero-day exploits from disgraced cyber-arms dealer Hacking Team

A Freedom of Information Act request reveals that the DEA spent $575,000 buying access to weaponized zero-day exploits sold by Hacking Team, the hacked and disgraced Italian cyber-arms dealer who outfitted despots, dictators, the FBI, and America's local police departments. Read the rest

Blockers will win the ad-blocking arms race

Ad-blockers begat ad-blocker-blockers, which begat ad-blocker-blocker-blockers, with no end in sight. Read the rest

The latest NSA dump from the Shadow Brokers tells you how to break into banks

The mysterious tragicomic hacking group The Shadow Brokers continues to dump incredibly compromising cyberweapons and internal information looted from the NSA, accompanied by Borat-compliant gibberish that reads like someone trying to make you guess whether there's a false flag in play, and if so, who is waving it. Read the rest

Masterprints: synthetic fingerprints that unlock up to 65% of phones (in theory)

When the touch-sensors on phones capture your fingerprint, they're really only taking a low-resolution, partial snapshot and loosely matching it to a stored image -- which is how a research team from MSU and NYU were able to synthesize their Masterprints ("a fingerprint that serendipitously matches a certain proportion of the fingerprint population"), which drastically reduce the space of possible "guesses" that an attacker has to make to unlock a phone or other device. Read the rest

Aga added networking to their super-high-end cookers, integrating them into the Internet of Shit

Aga is an iconic European over-maker famous for a longstanding, ostentatious design that required the owner to burn fuel around the clock to maintain temperature across the cooker's titanic thermal mass, so much so that owners of British country homes integrated them into their household heating systems. Read the rest

Securing driverless taxis is going to be really, really hard

Charlie Miller made headlines in 2015 as part of the team that showed it was possible to remote-drive a Jeep Cherokee over the internet, triggering a 1.4 million vehicle recall; now, he's just quit a job at Uber where he was working on security for future self-driving taxis, and he's not optimistic about the future of this important task. Read the rest

Human rights coalition from the global south to W3C: don't put DRM in web standards!

The Just Net Coalition -- whose membership roll includes leading human rights organisations from across the global south -- have written urgently to the World Wide Web Coalition and its founder, Tim Berners-Lee, calling on him to intervene to stop the Consortium from publishing its first-ever DRM standard, a system for restricting video streams called Encrypted Media Extensions. Read the rest

Floods of WordPress attacks traced to easily hackable, ISP-supplied routers

Wordfence, a security research company, discovered that the reason Algeria is the country most often seen in attacks on WordPress blogs is that the country's largest ISP distributes home routers that are locked in an insecure state, with an open port that lets attackers seize control of them and use them to stage attacks on higher-value targets. Read the rest

The Internet of Things will host devastating, unstoppable botnets

Bruce Schneier takes to the pages of Technology Review to remind us all that while botnets have been around for a long time, the Internet of Things is supercharging them, thanks to insecurity by design. Read the rest

Cyber-arms dealers offer to sell surveillance weapons to undercover Al Jazeera reporters posing as reps of South Sudan and Iran

Companies in the EU and China have been caught offering to commit fraud to launder sales of mass surveillance weapons to Al Jazeera reporters posing as representatives of autocratic regimes under sanction for gross human rights abuses; these weapons would allow their users to target and round up political dissidents for arbitrary detention, torture and murder. Read the rest

Britons! Ask the W3C to protect disabled access, security research, archiving and innovation from DRM

With two days to go until the close of the World Wide Web Consortium members' poll on finalising DRM and publishing it as an official web standard, the UK Open Rights Group is asking Britons to write to the Consortium and its founder, Tim Berners-Lee, to advocate for a much-needed, modest compromise that would protect the open web from the world's bizarre, awful, overreaching DRM laws. Read the rest

Dallas's 156 tornado sirens hacked and repeatedly set off in the middle of Saturday night

If you've ever witnessed an emergency siren test, you know how terrifying these things are: engineered to be bowel-looseningly urgent, to pierce through any sense that it's probably just a misfire, to motivate you to drop everything and rush for the emergency shelters, equally useful for tornadoes and incoming ICBMs. Read the rest

More posts