At this week's B-Sides Manchester security conference, James Williams gave a talk called "Next-gen AV vs my shitty code," in which he systematically revealed the dramatic shortcomings of anti-virus products that people pay good money for and trust to keep them safe -- making a strong case that these companies were selling defective goods. Read the rest

When you die, your relatives will be sad and (depending on the circumstances of your death) possibly left scrambling to make arrangements for your remains, effects, and estate. Read the rest

In secret court proceedings, the U.S. government is trying to force Facebook to help wiretap Messenger. Facebook has declined, so the Justice Department is asking a judge for an order of contempt. Read the rest

Twenty years ago, the US Patent and Trademark Office granted patent number 6,368,268: "Method and device for interactive virtual control of sexual aids using digital computer networks," a minor classic of a majorly fucked-up genre, the bullshit tech patent that simply adds "with a computer" to some absolutely obvious and existing technology or technique. Read the rest

Who Left Open the Cookie Jar? A Comprehensive Evaluation of Third-Party Cookie Policies won the Distinguished Paper prize at this year's Usenix Security Conference; its authors, researchers at Belgium's Catholic University in Leuven, revealed a host of devastating, never-seen tracking techniques for identifying web-users who were using privacy tools supplied by browser-vendors and third-party tracking-blocking tools. Read the rest

After a week of blockbuster security revelations from Defcon it's important to take a step back and address the ongoing battle by companies to seize a veto over who can reveal defects in their products. Read the rest

Douglas McKee of McAffee presented his research into the security of medical diagnostic equipment at last week's Defcon conference in Las Vegas. Read the rest

At Defcon, Tencent's Wu HuiYu and Qian Wenxiang presented Breaking Smart Speakers: We are Listening to You, detailing their work in successfully exploiting an Amazon Alexa speaker, albeit in a very difficult-to-achieve fashion. Read the rest

Josh Mitchell's Defcon presentation analyzes the security of five popular brands of police bodycams (Vievu, Patrol Eyes, Fire Cam, Digital Ally, and CeeSc) and reveals that they are universally terrible, though the Digital Ally models are the least bad of the batch, as Wired's Lily Hay Newman reports. Read the rest

Adam Guerbuez is a cryptocurrency evangelist whose Youtube channel is full of videos promoting cryptocurrency trading; when he got a Twitter message from a scammer promising to send him free Ethereum coins, he asked the scammer if they could talk about the scam. Read the rest

This week, I sat down for an hour-long interview with the Yale Privacy Lab's Sean O'Brien (MP3); Sean is a frequent Boing Boing contributor and I was honored that he invited me to be his guest on the very first episode of the Lab's new podcast. Read the rest

A presentation today at Defcon from Drexel computer science prof Rachel Greenstadt and GWU computer sicence prof Aylin Caliskan builds on the pair's earlier work in identifying the authors of software and shows that they can, with a high degree of accuracy, identify the anonymous author of software, whether in source-code or binary form. Read the rest

It's been ten years since the first warnings about the security defects in pacemakers, which made them vulnerable to lethal attacks over their wireless links, and since then the news has only gotten worse: one researcher found a way to make wireless pacemaker viruses that spread from patient to patient in cardiac care centers, and the medical device makers responded to all this risk by doubling down on secrecy and the use of proprietary code. Read the rest

Comcast Xfininty's login page had an easily found bug that allowed anyone to gain access to the partial Social Security Numbers and partial home addresses of over 26.5 million customers. Read the rest

A federal lawsuit brought by voting security activists against the State of Georgia has revealed breathtaking defects in the state's notoriously terrible voting machines -- and, coincidentally, the machines in question were wiped and repeatedly degaussed by the state before they could be forensically examined as evidence of their unsuitability for continued use. Read the rest

Zuckerberg -- who says privacy isn't a value that's important to most people any more -- owns the four houses on either side of his Silicon Valley house so that no one can use them as a perch to spy on him; he bought 100 acres around his Hawai'ain beach house, suing native Hawai'ians to force them to sell to him, so that he could have a buffer between him and the world. Read the rest

Consumer Reports is arguably America's most trusted source of product reviews -- published by Consumers Union, a venerable nonprofit with a deserved reputation for scrupulous care and neutrality -- and for years it has been wrestling with how to address privacy and cybersecurity in modern products (disclosure: I have advised them some on this). Read the rest