Someone left 1.2 billion records exposed in a server online , including personal information and social media accounts. Websites are taking more permissions than they should when you visit . Thieves really are using Bluetooth scanners to decide which cars to steal from. DuckDuckGo has a new tool that automatically sends you to the encrypted version of millions of pages around the web. And take a minute this weekend to control what health and fitness data your phone or wearable collects , and what they do with it.
Finally, while Facebook has recently touted its anti-revenge porn tools, Katie Hill's ongoing ordeal shows just how far it still has to go.
And there's more. Every Saturday we round up the security and privacy stories that we didn’t break or report on in-depth but which we think you should know about nonetheless. Click on the headlines to read them, and stay safe out there.You Can Finally Use Two-Factor on Twitter Without a Phone NumberTwitter was relatively slow to offer its users two-factor authentication, and even when it did, it required you to hand over your phone number in order to use it. Security experts have warned for literally years about the dangers of linking 2FA with SMS messaging, chiefly because it exposes you to so-called SIM swap attacks , where hackers divert your phone number to a different device and use it to take over your accounts. Finally Twitter has relented, allowing you to get started with two-factor authentication straight from an authenticator app or Yubikey , no phone number required. To do so, go to Twitter on the web, and click Settings & Privacy > Account > Security > Two-Factor Authentication. And for more on why you should, head here .
New Russian Law Requires Russian Gadgets Have Russian SoftwareAs of July 2020, all smartphones, computers, and smart TVs sold in Russia must have Russia-made software preinstalled. They can also have non-Russian apps and programs, but the requirement still raises concerns over surveillance, and speaks to Russia's continuing attempts to lock down the technology its citizens have access too .Notorious Hacker Offers $100,000 Reward for Big HacksMany large companies have so-called bug bounties, in which they pay outside security experts who discreetly share flaws in their software. Well-known hacker Phineas Fisher has turned that idea on its head, offering up to a six-figure payout for hackers who successfully target companies and share whatever documents they find with the public. It's an effort to spark a new wave of hacktivism , albeit an explicitly illegal one.
“I can see why the platforms would be hesitant,” says Ben Nimmo, a senior fellow of the Atlantic Council’s Digital Forensic Research Lab. People who followed IRA or other state-sponsored accounts may have been manipulated, but they weren’t breaking the law or even violating Twitter’s terms of service.
The Military Just Wants to Repair Its GearRight to repair issues affect everyone from Apple customers to farmers . But as US Marine Corp logistics officer Elle Ekman wrote in The New York Times this week, it impacts the military as well. She recounts how Marines often aren't allowed to repair their own equipment, having to send it back the manufacturer instead. That deprives them of valuable experience that they may someday need on the battlefield. The process of fixing things is broken, even for those whose lives can depend on the ability to do so.
- For N. K. Jemisin, world-building is a lesson in oppression
- Drawing with drones over the salt flats of Bolivia
- 16 gift ideas for frequent travelers
- Andrew Yang is not full of shit
- Inside Olympic Destroyer, the most deceptive hack in history
- 👁 A safer way to protect your data ; plus, the latest news on AI
- 🎧 Things not sounding right? Check out our favorite wireless headphones , soundbars , and Bluetooth speakers