The only thing worse than driving a car with defective brakes is unknowingly driving a car with defective brakes -- and learning about them the hard way. Read the rest

A Ninth Circuit Appellate Court has rejected Oracle's attempt to treat violating its website terms of service as a felony under the Computer Fraud and Abuse Act, Read the rest

Lucian Constantin's Motherboard guide to protecting your home router is full of excellent, nearly impossible-to-follow advice that you should follow, but probably won't. Read the rest

Last year, the Mirai botnet harnessed a legion of badly secured internet of things devices and turned them into a denial of service superweapon that brought down critical pieces of internet infrastructure (and even a country), and now its creators have entered guilty pleas to a Computer Fraud and Abuse Act federal case, and explained that they created the whole thing to knock down Minecraft servers that competed with their nascent Minecraft hosting business. Read the rest

It's been 15 years since Sony used the DMCA to shut down the community that had sprung up to extend the functionality of its Aibo robot dogs, threatening people with lawsuits and jailtime for modifying their dogs' operating systems. Read the rest

During the five weeks after hackers stole 143 million Americans' data from Equifax, and while its execs were selling off their stock by the millions, the company sprang into action, producing an insecure site for checking whether your own data was breached that produces the same output no matter what name and SSN you input. Read the rest

Tesla sells both 60kWh and 75kWh versions of its Model S and Model X cars; but these cars have identical batteries -- the 60kWh version runs software that simply misreports the capacity of the battery to the charging apparatus and the car's owner. Read the rest

The Federal Trade Commission has announced a settlement with Lenovo over the 2015 revelation that the company pre-installed malware called "Superfish" on its low-end models, which allowed the company to spy on its customers, and also left those customers vulnerable to attacks from third parties, who could exploit Superfish's weakened security. Read the rest

Washington and Lee law professor Joshua Fairfield is the author of a recent book called Owned: Property, Privacy, and the New Digital Serfdom, which takes up the argument that DRM and license agreements mean that we have no real property rights anymore, just a kind of feudal tenancy in which distant aristocrats (corporations) dictate how we may and may not use the things we "buy," backed by the power of the state to fine or jail us if we fail to arrange our affairs to the company's shareholders. Read the rest

Kids Pass is a service that offers discounts on family activities in the UK; their website makes several common -- and serious -- security problems that could allow hackers to capture their users' passwords, which endangers those users' data on other services where they have (unwisely) recycled those same passwords. Read the rest

Are you a security researcher planning to present at Black Hat, Defcon, B-Sides or any of this summer's security events? Are you worried a big corporation or the government might attack you for revealing true facts about the defects in the security systems we entrust with our safety, privacy and health? Read the rest

Louis Rossmann is an independent service technician in New York City who has repaired Apple products for years. Read the rest

R Martin bought a Garadget -- a device that lets you verify whether your garage door is closed using a mobile app -- and couldn't get it to work and left an intemperate 1-star Amazon review for the product. Read the rest

It’s an exciting and treacherous time to be a consumer. The benefits of new digital products and services are well documented, but the new risks they introduce are not. Basic security precautions are ignored to hasten time to market. Biased algorithms govern access to fair pricing. And four of the five most valuable companies in the world earn their revenue through products that mine vast quantities of consumer data, creating an unprecedented concentration of corporate power. A recent survey at Consumer Reports showed that 65% of Americans lack confidence their data is private or secure, with most consumers feeling powerless to do anything about it.

The healthcare industry is a well-known information security dumpster fire, from the entire hospitals hijacked by ransomware to the useless security on medical devices to the terrifying world of shitty state security for medical implants -- all made worse by the cack-handed security measures that hospital workers have to bypass to get on with saving our lives (and it's about to get worse, thanks to the Internet of Things). Read the rest

If you're one of the 60% of Pebble employees who didn't get a job offer from Fitbit, the company's new owner, you're probably not having a great Christmas season -- but that trepedation is shared by 100% of Pebble customers, who've just learned (via the fine print on an update on the Pebble Kickstarter page) that the company may soon "reduce functionality" on their watches. Read the rest

Mr Robot is the most successful example of a small but fast-growing genre of "techno-realist" media, where the focus is on realistic portrayals of hackers, information security, surveillance and privacy, and it represents a huge reversal on the usual portrayal of hackers and computers as convenient plot elements whose details can be finessed to meet the story's demands, without regard to reality. Read the rest