How to Log In to Your Devices Without Passwords

How to Log In to Your Devices Without Passwords

Screenshot: Microsoft via David NieldWindows Hello is the name Microsoft gives you password-free access to your computer: It can include facial recognition via a webcam, fingerprint scanning via a sensor, and the use of a short PIN code.

Encryption Has Never Been More Essential—or Threatened

Encryption Has Never Been More Essential—or Threatened

Five years ago today, WhatsApp completed our roll out of end-to-end encryption, which provides people all over the world with the ability to communicate privately and securely.

Homecoming Queen (and Her Mom) Arrested for Alleged Vote Hacking

Homecoming Queen (and Her Mom) Arrested for Alleged Vote Hacking

This week saw new revelations of election interference, both big and small: On one end of the spectrum, an alleged mother-daughter conspiracy to digitally rig a Florida high school's vote for homecoming queen.

Bitcoin’s Greatest Feature Is Also Its Existential Threat

Bitcoin’s Greatest Feature Is Also Its Existential Threat

Now the content-delivery network Akamai has reported on a new method: a botnet that uses the Bitcoin blockchain ledger.To be fair, not absolutely everyone who uses a blockchain holds a copy of the entire ledger.

Apple Offers Its Closest Look Yet at iOS and MacOS Security

Apple Offers Its Closest Look Yet at iOS and MacOS Security

This year's edition contains significantly expanded information about hardware like M1, new details about the secure enclave, and an accounting of a host of software features.Strafach wants to know more about how M1 chips securely handle booting other operating systems, always a question for jailbreakers when Apple releases new processors.

Apple Fixes One of the iPhone's Most Pressing Security Risks

Apple Fixes One of the iPhone's Most Pressing Security Risks

In response to Citizen Lab's research, Apple said in December that “iOS 14 is a major leap forward in security and delivered new protections against these kinds of attacks.”.

The Best VPNs to Protect Yourself Online

The Best VPNs to Protect Yourself Online

As long as WebRTC is enabled (and it is by default in most browsers), websites can view your actual IP address even when you use a VPN.Mullvad offers apps for every major platform (the Android app is in beta), as well as routers.

Fleeing WhatsApp for Better Privacy? Don't Turn to Telegram

Fleeing WhatsApp for Better Privacy? Don't Turn to Telegram

Mimoun, the founder of the digital security nonprofit Horizontal, asked the participants to list messaging platforms that they'd heard of or used, and they quickly rattled off Facebook Messenger , WhatsApp , Signal , and Telegram .

The SolarWinds Hackers Used Tactics Other Groups Will Copy

The SolarWinds Hackers Used Tactics Other Groups Will Copy

Once an attacker has the network privileges to manipulate this authentication scheme, they can generate legitimate tokens to access any of the organization's Microsoft 365 and Azure accounts, no passwords or multifactor authentication required.

Ex-CISA Head Chris Krebs: ‘Impeachment Is the Right Mechanism’

Ex-CISA Head Chris Krebs: ‘Impeachment Is the Right Mechanism’

As the director of the US Cybersecurity and Infrastructure Security Agency, Krebs oversaw the country's election preparedness , grappling not only with potential foreign hacking threats but a firehose of disinformation from President Donald Trump and his associates.

The SolarWinds Investigation Ramps Up

The SolarWinds Investigation Ramps Up

Now, after a federal career that many credited with helping to secure the 2020 presidential election from foreign interference, Krebs is venturing into the other massive cybersecurity story of the last year: the Russian hacker intrusion into SolarWinds , a Texas-based company whose software was hijacked and used to penetrate the networks of at least half a dozen federal agencies.

The DC Insurrection Lays Bare the Fiction of America

The DC Insurrection Lays Bare the Fiction of America

That fiction was on grand display Wednesday when a mob of President Trump’s supporters stormed the US Capitol as lawmakers were voting to confirm the presidential election results.It was photographed by Saul Loeb and depicts three rioters in repose.

The NSA Warns That Russia Is Attacking Remote Work Platforms

The NSA Warns That Russia Is Attacking Remote Work Platforms

In an advisory today, the National Security Agency said that Russian state-sponsored groups have been actively attacking a vulnerability in multiple enterprise remote-work platforms developed by VMware.

A Broken Piece of Internet Backbone Might Finally Get Fixed

A Broken Piece of Internet Backbone Might Finally Get Fixed

Today the group known as Mutually Agreed Norms for Routing Security is announcing a task force specifically dedicated to helping "content delivery networks" and other cloud services adopt the filters and cryptographic checks needed to harden BGP.

7 Simple Ways to Make Your Android Phone More Secure

7 Simple Ways to Make Your Android Phone More Secure

There are times when you will want to hand your unlocked phone to the people around you—showing photos to friends, for instance, or giving it to your kids to play on—and you may want to consider putting some extra locks on the apps you want to be more secure.

This Bluetooth Attack Can Steal a Tesla Model X in Minutes

This Bluetooth Attack Can Steal a Tesla Model X in Minutes

But one security researcher has shown how vulnerabilities in the Tesla Model X's keyless entry system allow a different sort of update: A hacker could rewrite the firmware of a key fob via Bluetooth connection, lift an unlock code from the fob, and use it to steal a Model X in just a matter of minutes.

Microsoft Is Making a Secure PC Chip—With Intel and AMD's Help

Microsoft Is Making a Secure PC Chip—With Intel and AMD's Help

For example, AMD says that its Security Processor will work alongside Pluton to act as the hardware root of trust for the silicon chips in a system and their firmware, while Pluton can provide the root of trust for Windows.

Computer Scientists Achieve the ‘Crown Jewel’ of Cryptography

Computer Scientists Achieve the ‘Crown Jewel’ of Cryptography

In 2018, Aayush Jain, a graduate student at the University of California, Los Angeles, traveled to Japan to give a talk about a powerful cryptographic tool he and his colleagues were developing.

At Least Election Day Didn't Melt Down

At Least Election Day Didn't Melt Down

"We are seeing historic levels of cooperation among federal agencies and state and local election officials to secure this election and to adapt to the Covid-19 pandemic," says Mark Lindeman, acting codirector of Verified Voting, a nonpartisan nonprofit that promotes election system integrity.

Did a Security Researcher Guess Trump’s Twitter Password?

Did a Security Researcher Guess Trump’s Twitter Password?

Earlier this week, Dutch security researcher Victor Gevers told De Volkskrant that he had recently accessed Donald Trump's Twitter account simply by guessing the password: maga2020!A few days later, he says, he saw that Trump's Twitter account had added two-factor authentication, freezing him out.

Apple's T2 Security Chip Has an Unfixable Flaw

Apple's T2 Security Chip Has an Unfixable Flaw

A recently released tool is letting anyone exploit an unusual Mac vulnerability to bypass Apple's trusted T2 security chip and gain deep system access.

The Android 11 Privacy and Security Features You Should Know

The Android 11 Privacy and Security Features You Should Know

When an app first asks for permission to track location, the option to enable this all the time (even when the app isn't running) isn't available: You need to visit the app's specific page in Android Settings to do this.

A Bluetooth Flaw Leaves Billions of Devices Vulnerable

A Bluetooth Flaw Leaves Billions of Devices Vulnerable

The October issue of WIRED took a close , in-depth look at the state of election security.

The Safest Ways to Log In to Your Computer

The Safest Ways to Log In to Your Computer

You should also set up two-factor authentication on your account, which you can do from here by clicking Security then More security options .One of the alternative login options you'll see is Windows Hello PIN .

The Future of American Industry Depends on Open Source Tech

The Future of American Industry Depends on Open Source Tech

Open source is a technology development and distribution methodology, where the codebase and all development—from setting a roadmap to building new features, fixing bugs, and writing documentation—is done in public.

How to Stop Butt Dialing Everyone with Your Smartphone

How to Stop Butt Dialing Everyone with Your Smartphone

You can disable this feature on the iPhone in Settings > Accessibility > Touch > Tape to Wake (it only appears on the home-button-less iPhones like the X and newer), and Android phones at Settings > Display > Lock Screen Display > Double-Tap to Check Phone .

9 Apps to Boost Your Phone's Security and Privacy

9 Apps to Boost Your Phone's Security and Privacy

Screenshot: David Nield via Access DotsiOS 14 adds a new feature to iPhones that shows an on-screen alert if an app is trying to use your device's camera or mic—just like the 'active' light that might be next to your laptop's webcam.

The NSA's Tips to Keep Your Phone From Tracking You

The NSA's Tips to Keep Your Phone From Tracking You

Every Saturday we round up the security and privacy stories that we didn’t break or report on in depth but think you should know about.How the NSA Keeps Phones Safe From TrackingThis week, the National Security Agency shared a three-page primer on how to limit your location data exposure.

Rite Aid Used Facial Recognition in Stores for Nearly a Decade

Rite Aid Used Facial Recognition in Stores for Nearly a Decade

There are still plenty of details outstanding about how they might have pulled it off, but court documents show how a trail of bitcoin and IP addresses led investigators to the alleged hackers .A Garmin ransomware hack disrupted more than just workouts during a days-long outage; security researchers see it as part of a troubling trend of "big game hunting" among ransomware groups .

The Anatomy of a Cisco Counterfeit Shows Its Dangerous Potential

The Anatomy of a Cisco Counterfeit Shows Its Dangerous Potential

The units F-Secure analyzed posed as Cisco Catalyst 2960-X Series switches—trusted devices that connect computers on an internal network to route data between them.In their analysis, the F-Secure researchers found subtle cosmetic differences between the counterfeit devices and a genuine Cisco 2960-X Series switch used for reference.