Windows 10 EULA: Microsoft can killswitch your unauthorized hardware and pirate games

When you click through the Windows 10 "agreement," you agree to let Microsoft subject your games and hardware to authenticity tests and to shut down anything it doesn't like the looks of. Read the rest

Insurance monitoring dashboard devices used by Uber let hackers "cut your brakes" over wireless

UCSD computer scientist Stefan Savage and colleagues will present their work at Usenix Security: they were able to disable the brakes on a 2013 Corvette by breaking into a Mobile Devices/Metromile Pulse dongle, used by insurance companies to monitor driving in exchange for discounts on coverage. Read the rest

Self-aiming sniper rifle can be pwned over the Internet

The $13,000 Trackingpoint sniper rifle is vulnerable to wifi-based attacks that allow your adversary to redirect bullets to new targets of their choosing. Read the rest

Chrysler has to recall its cars due to security vulnerabilities

Chrysler, whose Jeep Cherokees were demonstrated to be vulnerable to Internet-based attacks on their steering and brakes (as well as radios, air conditioning and other systems) has recalled 1.4M cars due to software vulnerabilities. Read the rest

Hackers can pwn a Jeep Cherokee from the brakes and steering to the AC and radio

A zero-day exploit for Jeep Cherokees allows hackers to control everything from the engine to the air-conditioning over the Internet, overriding the driver at the dashboard. Read the rest

UK schools' "anti-radicalisation" software lets hackers spy on kids

The spyware that Impero supplies to UK schools -- which searches kids' Internet use for "jihadi" terms -- uses "password" as its default password, and the company has threatened brutal legal reprisals against the researcher who repeatedly demonstrated their total security negligence. Read the rest

Computer scientists on the excruciating stupidity of banning crypto

A paper from some of the most important names in crypto/security history scorchingly condemns plans by the US and UK governments to ban "strong" (e.g. "working") crypto. Read the rest

Chrome update turns browsers into covert listening tools

The default behavior of hotword, a new, black-box module in Chrome (and its free/open cousin, Chromium) causes it to silently switch on your computer's microphone and send whatever it hears to Google. Read the rest

GCHQ hacking squad worried about getting sued for copyright violation

The British spy-agency targeted anti-virus software and other common applications in reverse-engineering projects aimed at discovering and weaponizing defects in the code. Read the rest

Navy openly solicits for 0-day bugs to weaponize

A solicitation on FedBizOpps from the Navy asks security researchers to sell them their "vulnerability intelligence, exploit reports and operational exploit binaries affecting widely used and relied upon commercial software." Read the rest

Internet-connected hospital drug pumps vulnerable to remote lethal-dose attacks

Researcher Billy Rios (previously) has extended his work on vulnerabilities in hospital drug pumps, discovering a means by which their firmware can be remotely overwritten with new code that can result in lethal overdoses for patients. Read the rest

If you want a picture of the future, imagine a Roomba leaking pix of your home, forever

The game-plan for future Roombas may fit them with cameras that send images of your home to a remote service that identifies obstacles and lets the little robots clean around them -- what could possibly go wrong? Read the rest

Blizzard bans 100,000 Warcraft players

They were all running mods that let them automate away the tedious grinding that is so integral to the way that MMOs incentivize players to devote thousands of hours to their products. Read the rest

Apex: final Nexus book merges the drug war with transhumanism

Ramez Naam's Nexus trilogy has concluded with a huge, thrilling, globe-spanning book called Apex that nailed it.

Computer scientist/Congressman: crypto backdoors are "technologically stupid," DA is "offensive"

Rep Ted Lieu (D-CA) is a USAF reserve colonel, former member of the Judge Advocate General Corps and holds a computer science degree -- he's one of the four members of Congress with any formal computer science qualifications. Read the rest

Telescreen watch: Vizio adds spyware to its TVs

If you own a Vizio TV that's updated recently, beware: its firmware adds "Smart Interactivity," a cute name for spyware that records your viewing choices and inserts additional "bonus features" (ads) into your viewing. Read the rest

NSA declares war on general purpose computers

NSA director Michael S Rogers says his agency wants "front doors" to all cryptography used in the USA, so that no one can have secrets it can't spy on -- but what he really means is that he wants to be in charge of which software can run on any general purpose computer. Read the rest

More posts