National Security Is in Trump's Hands

National Security Is in Trump's Hands

I think it’s super dangerous for us and the world,” Chris Murphy, the Democratic senator from Connecticut, told reporters at the Capitol earlier this week, right as news broke—via a presidential tweet—that John Bolton was no longer national security advisor.

Wouldn’t It Be Great If People Could Vote on the Blockchain?

Wouldn’t It Be Great If People Could Vote on the Blockchain?

Mobile voting could indeed increase voter participation, but it’s plagued by security issues in search of a solution.But it depends on people, with all their flaws, and on connections to older, not totally secure technologies, like the internet.

Alleged 'Snake Oil' Crypto Firm Sues Over Boos at Black Hat

Alleged 'Snake Oil' Crypto Firm Sues Over Boos at Black Hat

In addition to legally targeting the conference, Crown Sterling has also filed suit against 10 "Doe" defendants, who it claims orchestrated a disruption of the company's sponsored talk at Black Hat. Grant's presentation, entitled "Discovery of Quasi-Prime Numbers: What Does this Mean for Encryption," was based on a paper called "Accurate and Infinite Prime Prediction from a Novel Quasi-PrimeAnalytical Methodology."

This Teen Hacker Found Bugs in School Software That Exposed Millions of Records

This Teen Hacker Found Bugs in School Software That Exposed Millions of Records

In Follett's software, Demirkapi says he found bugs that would have given a hacker access to student data like grade point average, special education status, number of suspensions, and passwords.

How Safecrackers Can Unlock an ATM in Minutes—Without Leaving a Trace

How Safecrackers Can Unlock an ATM in Minutes—Without Leaving a Trace

Over the last two and a half years, Davis has found techniques to crack three different types of the Kaba Mas high-security electronic combination locks the company has sold for securing ATM safes, pharmacy drug cabinets, and even Department of Defense facilities, representing millions of locks around the world.

An Operating System Bug Exposes 200 Million Critical Devices

An Operating System Bug Exposes 200 Million Critical Devices

But the Armis researchers, who first disclosed their findings to Wind River in March, say that the patching process will be long and difficult, as is often the case with IoT and critical infrastructure updates .

Could Feds Force Companies to Support Your Right to Repair?

Could Feds Force Companies to Support Your Right to Repair?

Manufacturers can’t void the warranty on product just because the consumer went and repaired it themselves, swapped parts, or had it fixed by a third party.

Browser Extensions Scraped Data From Millions of People

Browser Extensions Scraped Data From Millions of People

Ars Technica reporter Dan Goodin brings the news of a major new privacy failure recently unearthed by security researchers: widely used Chrome and Firefox browser extensions scraped and sold the data of more than 4.1 million people, until the researcher alerted Google and Mozilla.

Hackers Made an App That Kills to Prove a Point

Hackers Made an App That Kills to Prove a Point

Two years ago, researchers Billy Rios and Jonathan Butts discovered disturbing vulnerabilities in Medtronic's popular MiniMed and MiniMed Paradigm insulin pump lines. Both Medtronic and regulators acknowledge that there is no way to patch the flaws on the affected insulin pump models, or to completely disable the remote feature.

Palantir Manual Shows How Law Enforcement Tracks Families

Palantir Manual Shows How Law Enforcement Tracks Families

Security News this Week: Palantir Manual Shows How Law Enforcement Tracks Families. If you happened to buy the Blue Smart hair straightener from Glamorizer—perhaps not even realizing it had Bluetooth capability, because why would it?—then TechCrunch is sorry to report but hackers could totally seize your device, and well, change the temperature of the hot iron remotely, if they wanted to.

Surprise! Huawei Can Actually Innovate—and Win Fans

Surprise! Huawei Can Actually Innovate—and Win Fans

In the US, the Chinese telecom giant is best-known for the government’s national security concerns—and allegations that it stole intellectual property from companies like Cisco and Motorola. "#Huawei is using the tactics of patent trolls to attack U.S. companies in retaliation for Trump administration national security actions against them," Rubio tweeted.

A Plan to Stop Breaches With Dead Simple Database Encryption

A Plan to Stop Breaches With Dead Simple Database Encryption

That means MongoDB itself and cloud providers won't be able to access customer data, and a database's administrators or remote managers don't need to have access to everything either.

App Makers Are Mixed on ‘Sign In With Apple’

App Makers Are Mixed on ‘Sign In With Apple’

That’s the message Apple tried to get across when it announced its new feature this month at WWDC.During the keynote address at Apple’s annual developer conference, the company flashed onto the screen the standard login buttons from Facebook and Google—the same buttons you can use to sign into apps or websites today.

Security News This Week: Telegram Says China Is Behind DDoS

Security News This Week: Telegram Says China Is Behind DDoS

The secure messaging app Telegram was hit with a massive DDoS attack as protests erupted in Hong Kong this week. As protests erupted in the streets of Hong Kong this week, over a proposed law that would allow criminal suspects to be extradited to mainland China, the secure messaging app Telegram was hit with a massive DDoS attack.

A Top Voting-Machine Firm Calls for Paper Ballots

A Top Voting-Machine Firm Calls for Paper Ballots

Legislation called the Secure Elections Act, cosponsored by senators James Lankford (R-Oklahoma) and Amy Klobuchar (D-Minnesota) last year, aimed to shore up the nation's election security by providing states with new money to phase out paperless systems.

Choosing the Wrong Lane in the Race to 5G

Choosing the Wrong Lane in the Race to 5G

The United States, however, has made zero mid-band spectrum available at auction for the 5G economy. For the United States to have secure 5G service available to everyone, everywhere, we need to stop going at it alone with millimeter wave spectrum.

Cryptocurrency Company Hacks Itself Before Hackers Can Hack It

Cryptocurrency Company Hacks Itself Before Hackers Can Hack It

Security News This Week: Cryptocurrency Company Hacks Itself Before Hackers Can Hack It. Alyssa Walker. But Microsoft took the rare step this week of reversing course on some of its initiatives, deleting a database of 10 million images built from publicly available shots of 100,000 notable people.

Election Security Is Still Hurting at Every Level

Election Security Is Still Hurting at Every Level

The Russian meddling that rocked the 2016 United States presidential election gave the public a full view of something election officials and advocates have warned about for years: weak voting infrastructure and election systems around the US, and a lack of political will and funding to strengthen them.

Google Is Finally Making Chrome Extensions More Secure

Google Is Finally Making Chrome Extensions More Secure

After years of issues with rogue Chrome extensions , hijacks, and malware, Google announced a slew of new policies Thursday to ensure the little browser applets are secure. The changes announced Thursday will make it harder for Chrome extensions distributed through Google's Chrome Web Store to quietly grab user data.

885 Million First American Financial Records Exposed Online

885 Million First American Financial Records Exposed Online

On Friday, independent security journalist Brian Krebs revealed that the real estate and title insurance giant First American had 885 million sensitive customer financial records, going back to 2003, exposed on its website for anyone to access.

GitHub ‘Sponsors’ Now Lets Users Back Open Source Projects

GitHub ‘Sponsors’ Now Lets Users Back Open Source Projects

But even though you can technically host any type of file on GitHub, Friedman says the company probably won't allow people to use Sponsors for non-software projects for the time being.

Political Parties Still Have Cybersecurity Hygiene Problems

Political Parties Still Have Cybersecurity Hygiene Problems

Issie Lapowsky covers the intersection of tech, politics, and national affairs for WIRED.In the US, both the DNC and the RNC have worked to fortify their technical infrastructure since 2016, and, based on SecurityScorecard's findings from 2016, it shows, Casey says.

Bluetooth's Complexity Has Become a Security Risk

Bluetooth's Complexity Has Become a Security Risk

"One major reason Bluetooth is involved in so many cases is just how complex this protocol is," says Ben Seri, one of the researchers who discovered BlueBorne and vice president of research at the embedded device security firm Armis.

The False Promise of “Lawful Access” to Private Data

The False Promise of “Lawful Access” to Private Data

Terrorists should not feel free to upload terrible images of slaughter, but neither should they be empowered to empty people’s bank accounts or to tap the phones of presidents and prime ministers.“But,” people say, “What if only legitimate requests can get into the protected communications?” Weaknesses in computer systems are discovered by attackers all the time.

Microsoft’s First Windows XP Patch in Years Is a Very Bad Sign

Microsoft’s First Windows XP Patch in Years Is a Very Bad Sign

There’s maybe no better sign of a vulnerability’s severity; the last time Microsoft bothered to make a Windows XP fix publicly available was a little over two years ago, in the months before the WannaCry ransomware attack swept the globe .

How Hackers Broke WhatsApp With Just a Phone Call

How Hackers Broke WhatsApp With Just a Phone Call

But a new Financial Times report alleges that the notorious Israeli spy firm NSO Group developed a WhatsApp exploit that could inject malware onto targeted phones—and steal data from them—simply by calling them.

A Cisco Router Bug Has Massive Global Implications

A Cisco Router Bug Has Massive Global Implications

But the Red Balloon researchers found that the way the FPGA was implemented for Cisco’s Trust Anchor, they didn’t need to map the whole bitstream.

Limit How Long Google Keeps Your Data With This Overdue Setting

Limit How Long Google Keeps Your Data With This Overdue Setting

The feature allows users to set a time limit for Google to retain certain types of data, either three months or 18 months, after which the information is automatically deleted.

What Iraq and Syria Can Teach the US About Walls

What Iraq and Syria Can Teach the US About Walls

From this concrete tower on the border, you can almost see the Syrian city of Deir ez-Zor, where the Islamic State of Iraq and Syria has made its final stand.

Security Experts Unite Over the Right to Repair

Security Experts Unite Over the Right to Repair

Now, with right to repair legislation gaining traction across the country, a new nonprofit advocacy group called wants to push back against that kind of messaging, arguing instead that devices can be both easy to fix and secure.