It was quite a week for indictments. The Department of Justice charged former Donald Trump adviser Steve Bannon in connection with an allegedly fraudulent nonprofit that raised over $25 million to help build the border wall with Mexico. A former Uber executive faces up to eight years in prison for allegedly covering up a data breach, the first high-profile prosecution of its kind. And you really should read this tale of how four brothers allegedly fleeced Amazon out of $19 million by charging it exorbitant sums for products it never ordered—like 7,000 toothbrushes at $94 a pop.
But enough allegations! We also took a look at how the “phone spear phishing” technique that wreaked havoc at Twitter several weeks ago has hit dozens of other companies since. We rolled our DiceKeys, a new physical way to generate an uncrackable master password for all your cryptographic needs. And we looked at the clever new tricks ATM hackers have used to cash out.
Looking for a good password manager? These are our favorites, and here are the extra benefits some come with that you may not have considered. Looking for a more secure email provider than Gmail? Here are some viable options. Looking to use Signal encrypted messenger? Here are some tips. Want to boost your smartphone’s security and privacy? We’ve got apps for that. And if you’re interested in financial apps like Robinhood, know that many use so-called dark patterns to get you to play loose with your money.
And there’s more! Every Saturday we round up the security and privacy stories that we didn’t break or report on in depth but think you should know about. Click on the headlines to read them, and stay safe out there.
After too long letting the unfounded, unhinged conspiracy theory QAnon run relatively unfettered on its platform, Facebook this week took steps to limit its influence. While it isn’t banning all QAnon content outright, Facebook did ban around 900 related pages and groups and 1,500 ads. It specifically said it would remove any QAnon groups that discussed potential violence, while downranking other QAnon content on both Facebook and News Feed, as well as any posts relating to militias or anarchists. The company will also no longer feature those groups as recommendations. Which is also a reminder that until this week, Facebook was actively funneling users to a conspiracy theory whose central tenet is that the world is run by a cabal of celebrity pedophiles whom only Donald Trump can bring to justice.
Former Apple software engineer David Shayer wrote a rollicking tale this week about how he and a handful of other employees helped the US Department of Energy build a top-secret iPod. At least, that’s where they said they were from. The project lasted for a few months in 2005, and went so far as to hide a way to stop and start recording surreptitiously, deep down the menu path. Shayer suspects that the two were building a stealth Geiger counter, but it’s clearly more fun just to assume that it was spy stuff.
Speaking of spy stuff! There are few companies as controversial in cybersecurity as NSO Group, whose spyware has been tied to hacks of dissidents and other members of “civil society” that are generally supposed to be off-limits. (NSO Group has repeatedly denied those allegations.) In an interview with MIT Technology Review, NSO Group founder Shalev Hulio made the counterintuitive case that his industry needs to operate less in the shadows. The media offensive comes as the company faces an ongoing lawsuit brought by Facebook-owned WhatsApp, which alleges that NSO Group malware was used to target 1,400 of its users.
At the beginning of August, we wrote about how the Garmin hack was a harbinger of a coming wave of high-stakes ransomware attacks against major corporations. It’s here. Carnival disclosed this week that it was the latest victim, though the company said in a Securities and Exchange Commission filing that the fallout should be limited.
More Great WIRED Stories