Security, Spoken

Amazon touts its Rekognition facial recognition system as “simple and easy to use,” encouraging customers to “detect, analyze, and compare faces for a wide variety of user verification, people counting, and public safety use cases.” And yet, in a study released Thursday by the American Civil Liberties Union, the technology managed to confuse photos of 28 members of Congress with publicly available mug shots. Learn about your ad choices: dovetail.prx.org/ad-choices

Several weeks ago, my friend Jeff signed up for an online Twitter application that promised to delete his old tweets. It was advertised merely as a simple way to clear your online presence, but after Jeff used it, he noticed that his account began retweeting spam. Out of an abundance of caution, he deleted his Twitter account entirely. On Tuesday, Twitter announced steps it was taking to curb this exact sort of abuse. Learn about your ad choices: dovetail.prx.org/ad-choices

A year ago this week, the credit bureau Equifax saw signs of a problem on its network of a problem. A really big problem. Hackers had entered the company’s network, stealing the personal and financial data of more than 147 million people in the United States, including Social Security numbers, dates of birth, home addresses, and some driver's license numbers and credit card numbers. Learn about your ad choices: dovetail.prx.org/ad-choices

Nearly two years ago, Google made a pledge: It would name and shame websites with unencrypted connections, a strategy designed to spur web developers to embrace HTTPS encryption. On Tuesday, it finally follows through. With the launch of Chrome 68, Google will now call out sites with unencrypted connections as “Not Secure” in the URL bar. The move flips the convention of how Chrome displays the security of sites on its head. Learn about your ad choices: dovetail.prx.org/ad-choices

On Saturday, in response to Freedom of Information Act lawsuits filed by several news outlets and conservative group Judicial Watch, the Justice Department took the unprecedented step of releasing the (heavily redacted) application to wiretap former Trump campaign advisor Carter Page. In a series of eight tweets fired off over the next two days, Trump reveled in the document, declaring it evidence of “an illegal scam,” and further proof of the “witch hunt” against him. Learn about your ad choices: dovetail.prx.org/ad-choices

This week started with a controversial, widely derided meeting between President Trump and Russian leader Vladimir Putin, and ended with… an invite for round two! And yes, all manner of craziness managed to happen in between. That includes yet more denials on Trump’s part that Russia interfered—and continues to—with US democracy, a stance that has serious repercussions, however many times he walks it back. Learn about your ad choices: dovetail.prx.org/ad-choices

Hopefully by now you’ve heeded the repeated warnings from your friends and loved ones (and friendly, beloved internet writers) to use two-factor authentication to secure your digital accounts. That’s where access to Facebook or Twitter or your online bank—anything that supports it, really—requires not just a password but also a special code. Not all two-factor is created equal, however. For better protection, you’re going to want an authenticator app. Learn about your ad choices: dovetail.prx.org/ad-choices

With primaries underway and less than four months to go until this year's midterm elections, early signs of attack have already arrived—just as the US intelligence community warned. And yet Congress has still not done everything in its power to defend against them. Learn about your ad choices: dovetail.prx.org/ad-choices

On Wednesday, President Donald Trump appeared to downplay Russia’s efforts to interfere with US democracy for a third time this week. The first had come during a joint press conference with Russian president Vladimir Putin in Helsinki, a 45-minute exercise in kowtowing to a hostile foreign leader. Learn about your ad choices: dovetail.prx.org/ad-choices

Perhaps one of the most surprising parts of Monday's jaw-dropping joint press conference between United States President Donald Trump and Russian President Vladimir Putin is that it compelled a Democratic and a Republican member of Congress to admit, in front of a room full of press and international lawmakers, that they actually agree with each other. Learn about your ad choices: dovetail.prx.org/ad-choices

Amazon Web Services is the world's biggest cloud provider. As a result, its security directly influences that of countless websites and online services. And those concerns aren't just theoretical; dangerous lapses happen all the time. Customers store all sorts of datasets and raw information in AWS repositories, which then become part of their own infrastructure. Learn about your ad choices: dovetail.prx.org/ad-choices

Over the course of a roughly 45-minute press conference Monday, President Donald Trump stood beside Russian leader Vladimir Putin both physically and metaphorically. He repeatedly, pointedly declined to acknowledge that Russia interfered in the 2016 election, contrary to the assessment of every relevant US intelligence agency and a fistful of detailed indictments from special counsel Robert Mueller. Learn about your ad choices: dovetail.prx.org/ad-choices

When we met in early March, Jonathan Albright was still shrugging off a sleepless weekend. It was a few weeks after the massacre at Marjory Stoneman Douglas High School had killed 17 people, most of them teenagers, and promptly turned the internet into a cesspool of finger pointing and conspiracy slinging. Learn about your ad choices: dovetail.prx.org/ad-choices

Like many parents in the United States, Rob Glaser has been thinking a lot lately about how to keep his kids from getting shot in school. Specifically, he’s been thinking of what he can do that doesn’t involve getting into a nasty and endless battle over what he calls “the g-word.” It’s not that Glaser opposes gun control. Learn about your ad choices: dovetail.prx.org/ad-choices

After four months of relative quiet from the special counsel's office, Robert Mueller Friday indicted a dozen Russians for their role in hacking the DNC, DCCC, and the presidential campaign of Hillary Clinton. It's unlikely they'll ever actually get arrested, but it's safe to say we know a lot more about Russian intelligence than we did last week. And speaking of Russian intelligence, this week it also became apparent that Facebook gave Russian internet giant Mail. Learn about your ad choices: dovetail.prx.org/ad-choices

Three weeks into his new job as commanding officer of Manhattan’s 20th precinct, Captain Timothy J. Malin stared at a map on his computer screen, puzzled. It showed his jurisdiction carved up by streets and parks, with the southern edge encased in an ominous shade of red. For decades, the New York Police Department has used real-time statistics to chart spikes in violence and calibrate police activity across the city. Learn about your ad choices: dovetail.prx.org/ad-choices

In some ways, special counsel Robert Mueller’s indictment of 12 Russian intelligence officers for their hacking and attack on the 2016 presidential election is Mueller’s least surprising move yet—but it might also be his single most significant. Learn about your ad choices: dovetail.prx.org/ad-choices

In 2010, a suspected cocaine smuggler named John Krokos bought encrypted BlackBerry devices from an undercover Drug Enforcement Administration agent. That sort of federal subterfuge is par for the course. But in this case, the DEA held onto the encryption keys—meaning that when the government moved on Krokos and his alleged collaborators a few years later, they could read the emails and messages that passed to and from the phone. Learn about your ad choices: dovetail.prx.org/ad-choices

A Wednesday Congressional hearing on the Meltdown and Spectre chip vulnerabilities had all the technobabble and painful misunderstanding you might expect. But the Committee on Commerce, Science and Transportation also raised an important practical concern: No one informed the US government about the flaws until they were publicly disclosed at the beginning of January. Learn about your ad choices: dovetail.prx.org/ad-choices

Since March, when news broke that the political consulting firm Cambridge Analytica used a Facebook app to amass data on as many as 87 million people without their consent, the social networking giant has been forced to repeatedly answer for how it has given away user data and who it's given that data to. Learn about your ad choices: dovetail.prx.org/ad-choices

Last April, while security researcher Patrick Wardle was attending the RSA security conference in San Francisco, a Taiwanese friend who lived in the city asked to meet for coffee, and for his help with what she described as a serious problem: China, she said, was hacking her iPhone. Wardle, a former NSA staffer and a prominent Apple-focused hacker who founded Digita Security, had heard that request from paranoid friends and acquaintances plenty of times before, making him naturally skeptical. Learn about your ad choices: dovetail.prx.org/ad-choices

Looking back at the first six months of 2018, there haven't been as many government leaks and global ransomware attacks as there were by this time last year, but that's pretty much where the good news ends. Corporate security isn't getting better fast enough, critical infrastructure security hangs in the balance, and state-backed hackers from around the world are getting bolder and more sophisticated. Learn about your ad choices: dovetail.prx.org/ad-choices

It was a holiday week for July Fourth, but there was still plenty going on in the security world. WIRED took a deep look at a budding partnership between the Army's Cyber Command and the Pentagon's Defense Digital Service group. DDS brings private-sector tech expertise to the government, and this new collaboration adds Army technologists to the mix to work on difficult development challenges for the Department of Defense. Learn about your ad choices: dovetail.prx.org/ad-choices

The annual iOS refresh is on the way—Apple has previewed it, beta testers have installed it, and the rest of us should get iOS 12 when iPhones arrive in September. While features such as winking 3-D emoji and screen-time limits for your apps might take much of the attention when the software arrives, iOS 12 is a major step forward in one other crucial area: smartphone security. Learn about your ad choices: dovetail.prx.org/ad-choices

You probably spend a lot of your day inside apps: catching up on the news, playing music and movies, keeping in touch with friends, racing cartoon characters around a track, and so on. Every once in a while though, it's worth running an audit on these apps to make sure they're not overreaching and going beyond their remit—collecting more data about you and controlling more of your devices than you'd like. Learn about your ad choices: dovetail.prx.org/ad-choices

Privacy is a squishy concept, one that constantly evolves with the times—and with changing technologies. Advances in how we store and communicate information shift expectations around what we can keep to ourselves, and what the rest of the world is able to know. The disruption of established privacy norms is nothing new: People were concerned when the postcard came out, for example, because they believed mail should be private. Learn about your ad choices: dovetail.prx.org/ad-choices

Every day, companies like Google and Apple wage a constant battle to keep malicious apps out of their marketplaces and off people's phones. And while they do catch a lot of malware before it does any damage, there are always a few nasty infiltrators that manage to sneak by and end up getting downloaded by thousands of consumers. No one wants these mistakes to happen, but when you're a crucial app store for the Department of Defense, these mistakes can't happen. Learn about your ad choices: dovetail.prx.org/ad-choices

It has been, to be quite honest, a fairly bad week, as far as weeks go. But despite the sustained downbeat news, a few good things managed to happen as well. So we'll start with those. California has passed the strongest digital privacy law in the United States, for starters, which as of 2020 will give customers the right to know what data companies use, and to disallow those companies from selling it. Learn about your ad choices: dovetail.prx.org/ad-choices

Nicole Camarillo was touring the Army base at Fort Meade, Maryland in early 2017 when a young captain—I’ll call him Matt, due to the sensitivity of his position—crossed her path. I’ve got to talk to that kid, Camarillo remembers thinking. Just weeks before, she’d seen Matt deliver a presentation on a tool he was developing to counter enemy drone strikes in the Middle East. The technology, he explained, was being developed on a “shoestring budget. Learn about your ad choices: dovetail.prx.org/ad-choices

In March 2015, the American Civil Liberties Union filed a lawsuit challenging the constitutionality of a type of National Security Agency bulk monitoring known as "upstream" surveillance. More than three years after the ACLU originally filed the suit, the case is still mired in procedural and bureaucratic limbo. But on Friday, a hearing over one such roadblock in Maryland district court could bring long-awaited progress. Learn about your ad choices: dovetail.prx.org/ad-choices

California lawmakers unanimously passed a new privacy bill on Thursday that would give residents of the state more control over the information businesses collect on them and impose new penalties on businesses that don’t comply. It is the first law of its kind in the United States. Learn about your ad choices: dovetail.prx.org/ad-choices

Democrats on the House Energy and Commerce Committee want Matt Oczkowski, a former employee of the now defunct consulting firm Cambridge Analytica, to answer questions about how his new company, Data Propria, uses consumer data. Learn about your ad choices: dovetail.prx.org/ad-choices

Justice Anthony Kennedy, the current Supreme Court’s longest-serving member, announced his retirement Wednesday, paving the way for Trump to shape the future America’s highest court . Nominated by former President Ronald Reagan in 1987, the 81-year-old justice has served as the crucial swing vote in a number of landmark cases, including rulings that legalized same-sex marriage and preserved abortion rights. Learn about your ad choices: dovetail.prx.org/ad-choices

You've probably never heard of the marketing and data aggregation firm Exactis. But it may well have heard of you. And now there's also a good chance that whatever information the company may possess about you, it recently leaked onto the public internet, available to any hacker who simply knew where to look. Learn about your ad choices: dovetail.prx.org/ad-choices

On Monday, police in Florida abandoned a pilot program that had put Amazon’s facial recognition powers at their disposal. On Wednesday, representatives from the country’s most powerful technology companies will gather in San Francisco to take a hard look at the industry’s approach to privacy. And on Thursday, the California legislature will vote on a bill that would grant internet users more power over their data than ever before in the United States. Learn about your ad choices: dovetail.prx.org/ad-choices

There are more Wi-Fi devices in active use around the world—roughly 9 billion—than there are human beings. That ubiquity makes protecting Wi-Fi from hackers one of the most important tasks in cybersecurity. Which is why the arrival of next-generation wireless security protocol WPA3 deserves your attention: Not only is it going to keep Wi-Fi connections safer, but also it will help save you from your own security shortcomings. Learn about your ad choices: dovetail.prx.org/ad-choices

In a highly anticipated decision released Friday, the US Supreme Court updated Fourth Amendment protections for the digital era. In a 5-4 ruling, the court decided in Carpenter v. United States that the government generally needs a warrant in order to access cell site location information, which is automatically generated whenever a mobile phone connects to a cell tower and stored by wireless carriers for years. Learn about your ad choices: dovetail.prx.org/ad-choices

What's that? A week with nearly as much good news as bad in the world of privacy and security? It's true! Especially the privacy part. On Friday, the Supreme Court issued a hotly anticipated ruling in Carpenter v. United States, establishing that the government will need to get a warrant if it wants to track your location with cell sites. Learn about your ad choices: dovetail.prx.org/ad-choices

Lawmakers in California have introduced a sweeping privacy bill to the state legislature that would give Californians unprecedented control over their data and reign in the power of their Silicon Valley neighbors. Introduced by state assemblyman Ed Chau and state senator Robert Hertzberg, the bill would allow California residents to find out what information businesses and data brokers collect about them, where that information comes from, and how it's shared. Learn about your ad choices: dovetail.prx.org/ad-choices

In 2015, the United States and China agreed to a digital truce that banned hacking private companies to steal trade secrets. And though the agreement has been touted as a success, it hasn't stopped Chinese state-sponsored hackers from pushing the envelope of acceptable behavior. Moreover, it certainly hasn't slowed types of hacking that fall outside the purview of the accord. Lately, it seems, that means defense intelligence gathering. Learn about your ad choices: dovetail.prx.org/ad-choices

Seven weeks after Iran's conservative-led judiciary banned the secure communications app Telegram inside the country, Iranians are still reeling from the change. Though Telegram has critics in the security community, it has become wildly popular in Iran over the last few years as a way of communicating, sharing photos and documents, and even doing business. Learn about your ad choices: dovetail.prx.org/ad-choices

This past winter, malware ripped through the Pyeongchang Olympics, disrupting Wi-Fi, shutting down the Olympics website, and causing generalized digital havoc. The so-called [Olympic Destroyer attack](https://www.wired.com/story/olympic-destroyer-malware-pyeongchang-opening-ceremony/] gained infamy, too, for using a number of false flags to muddy attribution. Learn about your ad choices: dovetail.prx.org/ad-choices

In March, artist and programmer Brannon Dorsey became interested in a retro web attack called DNS rebinding, teaching himself how to illicitly access controls and data by exploiting known browser weaknesses. It's a vulnerability that researchers have poked at on and off for years—which is one reason Dorsey couldn't believe what he found. Learn about your ad choices: dovetail.prx.org/ad-choices

In a highly anticipated report released Thursday, the Department of Justice's Office of the Inspector General found that political bias within the Federal Bureau of Investigation didn't influence the outcome of its 2016 probe into Hillary Clinton's private email server. As part of their investigation, inspector general Michael Horowitz and his team reviewed 1. Learn about your ad choices: dovetail.prx.org/ad-choices

A Portland woman recently told a local news outlet that her Amazon Echo device had gone rogue, sending a recording of a private conversation to a random person in her contact list. On Thursday, two senators tasked with investigating consumer privacy sent a letter to Amazon CEO Jeff Bezos demanding answers. Learn about your ad choices: dovetail.prx.org/ad-choices

Apple has spent much of its promotional push behind iOS 12 so far focused on features that range from silently useful, like Safari’s new privacy powers, to off-puttingly quirky, like animoji tongue-tracking. But on Monday the company detailed an upcoming iPhone upgrade with real-world consequences: It will communicate your exact location to 911 operators when you call, saving valuable time when every second matters. Learn about your ad choices: dovetail.prx.org/ad-choices

Days after President Donald Trump met with North Korean dictator Kim Jong Un in Singapore, the president touted the strength of the two leaders' relationship. "I can now call him," he told reporters at the White House on Friday. "I gave him a very direct number. He can now call me if he has any difficulty. We have communication. Learn about your ad choices: dovetail.prx.org/ad-choices

Did you hear? There was a summit this week! A good ol’ fashioned meeting of world powers, in which North Korea promised to denuclearize for at least the seventh time in the last 30 years. In the process, President Donald Trump says he gave North Korean dictator Kim Jong Un his direct phone number, which if true was a terrible idea. Oh, and even if North Korea does actually go through with ditching its nukes this time, it’s going to be almost impossible to hold them accountable. Learn about your ad choices: dovetail.prx.org/ad-choices

It's been nearly five years since the FBI surrounded Ross Ulbricht in the science fiction section of a San Francisco library, arrested him, and grabbed the laptop from which he had run the dark web drug bazaar known as the Silk Road. Ulbricht went on trial in a New York courtroom, and is currently serving a life sentence without parole. Learn about your ad choices: dovetail.prx.org/ad-choices

Encrypted communication used to be too complicated for mainstream use, but approachable apps like WhatsApp and Signal have become a no-brainer for digital privacy. With all of their security-minded features, like disappearing messages and identity-confirming safety numbers, secure chat apps can rightfully give you peace of mind. You should absolutely use them. As the adage goes, though, there's no such thing as perfect security. And feeling invincible could get you in trouble. Learn about your ad choices: dovetail.prx.org/ad-choices