Darktrace CEO Nicole Eagan's presentation to last week's WSJ CEO Council Conference in London included an anaecdote about an unnamed casino for whom her firm had done work; they uncovered a data-breach in which an insecure Internet of Things thermometer in the casino's lobby was used to gain access to the internal network, from which vantage the attackers were able to extract and steal a database of high rollers. Read the rest

Wolf Richter's dental insurer sent his family a free "smart" toothbrush that records how often and how well you brush, using a set of proprietary consumables to clean your teeth. Read the rest

Alexander Kott is chief of the Network Science Division at the Army Research Laboratory; in a new paper, he rounds up several years' worth of papers that he wrote or co-authored, along with some essays and articles by others, on what an "Internet of Battle Things" will look like. Read the rest

Myfitnesspal was a startup that offered Internet of Shit-based fitness and diet tracking; they were purchased by Under Armour for $475,000,000 in 2015; three years later, Under Armour has admitted that hackers stole the personal data of 150,000,000 Myfitnesspal users. Read the rest

People who buy sex toys generally want "high-quality, ergonomically designed toys that are intuitive to use," but Silicon Valley keeps delivering "innovative" and commercially unsuccessful sex toys whose selling-points are their "flashy apps and connectivity." Read the rest

Consumer Reports dragged a bunch of its top-rated smart TVs back into its labs to re-evaluate them, this time checking them for hard-to-evaluate information security risks and defects, which are not normally factored into its ratings. Read the rest

The amazing and frightening thing about the Mirai botnet's reign of terror wasn't that it was a super-sophisticated cyberweapon: rather, it was a clumsy, amateurish fuggly hack that turned out to have been produced by a couple of dum-dums with a Minecraft racket. Read the rest

When the £5m Autosafe Skypark opened in Edinburgh, it was heralded as the UK's most technologically advanced car park, but in 2003, the owners went bankrupt and turned off the computers that controlled the lifts that raised and lowered cars into their bays. Read the rest

Vtech is the Taiwanese kids' crapgadget vendor that breached sensitive data on 6.3 million children and their families, lied about it and covered it up, then added a dirty EULA to its products that made us promise not to sue them if they did it again. Read the rest

Armstrong Zoom, a northeastern US ISP with about a million subscribers, has sent its customers warnings that they have been accused of copyright infringement, and that subsequent accusations would lead to having their network connections slowed to the point of uselessness, which could impair their ability to control their internet-connected thermostats. Read the rest

One by one, the New York Times warns of the dangers of every hot smart toy your kids are begging for this Xmas: Furbies, Cayla, kids' smart watches, the ubiquitous Vtech toys (they omit the catastrophic Cloudpets, presumably because that company is out of business now). Read the rest

In a new white paper, Consumers Union (publishers of Consumer Reports) looks at the "consumer stake in the encryption debate": they note that governments want to ban working cryptography so that cops can spy on crooks, but the reprt does an excellent job enumerating all the applications for crypto beyond mere person to person communications privacy. Read the rest

Designers use metrics and a/b splitting experiments to maximize engagement with their products, seeking out the phrases that trigger emotional responses in users -- like a smart scale that congratulates you on losing weight -- but these systems are context-blind, so they are unable to distinguish between people who might be traumatized by their messages (say, a woman who's just miscarried late in her pregnancy, being congratulated on her "weight loss"). Read the rest

Last year, the Mirai botnet harnessed a legion of badly secured internet of things devices and turned them into a denial of service superweapon that brought down critical pieces of internet infrastructure (and even a country), and now its creators have entered guilty pleas to a Computer Fraud and Abuse Act federal case, and explained that they created the whole thing to knock down Minecraft servers that competed with their nascent Minecraft hosting business. Read the rest

The Casa Jasmina project (previously) is an automated smart house designed to be made of open source hardware, with the needs of the people who live there -- not the corporations who extract rent from them -- in mind. Read the rest

EFF's long, hard-fought campaign at the World Wide Web Consortium over its plan to standardize a universal DRM for the web was always a longshot, but we got farther than anyone dared hope before we lost the web to corporate interests and cynical indifference in September. Read the rest

When Context Labs teamed up with UK consumer group Which? to produce an outstanding report on the surveillance, privacy and security risks of kids' "connected toys," it undertook the reverse-engineering of Hasbro's new Furby Connect, a device that works with a mobile app to listen and watch the people around it and interact with them. Read the rest