Caption: Chip Somodevilla/Getty ImagesSkip Article Header. Skip to: Start of Article. Chip Somodevilla/Getty Images
The US government’s war on crypto took the spotlight again this week. Beyond the bureau’s ongoing standoff with Apple over the encrypted iPhone of San Bernadino shooter Syed Rizwan Farook, new documents were unsealed in the case of Lavabit, an email provider that stood up to the FBI’s decryption demands in 2013. Whatsapp also received its own wiretap order to hand over a user’s communications, which it denied, arguing that it didn’t possess the necessary decryption keys. In two out of three of those cases, the government made significant slip-ups. When Apple responded to the FBI in its latest brief, it hit the agency’s lawyers with an embarrassing fact-check that pointed out the feds’ technical errors and legal misinterpretations in their last brief. And a redaction error in the Lavabit documents confirmed for the first time the long-suspected target of the government investigation into the company: Edward Snowden.
FBI crypto showdowns aside, the FCC proposed strict new privacy rules for internet service providers. A Chinese piracy program used a new flaw in the iPhone’s security to install a rogue app on phones—and the media blew the threat way out of proportion. Google released disturbing statistics on the low adoption rate of HTTPS web encryption. And the FBI issued a new public service announcement about the risks of car hacking.
And there was more: Each Saturday we round up the news stories that we didn’t break or cover in depth at WIRED, but which deserve your attention nonetheless. As always, click on the headlines to read the full story in each link posted. And stay safe out there.
Since he became president, Barack Obama has carried a special “secure” BlackBerry, altered by the NSA to make it as difficult as possible for hackers to turn it into a remote spying device. Now it’s been revealed in emails obtained by the conservative legal advocacy group Judicial Watch that Secretary of State Hillary Clinton asked in 2009 for one of those uncrackable BlackBerries, too, and the NSA denied her request for unknown reasons. Conservative pundits have used the news to argue that Clinton knew her BlackBerry was insecure and yet still used it for sensitive emails. But even Obama’s BlackBerry wasn’t designed to be secure enough to send classified email, only to protect its microphone from being remotely hijacked by cyberspies. And there’s no evidence that Clinton carried her insecure BlackBerry into sensitive meetings where it could be abused as a spying tool.
As Apple fights the FBI’s demand that it write software designed to crack its own security protections, ZDNet reports that the US government has made an equally troubling demand of “numerous” tech firms: That they hand over their proprietary source code. Those demands, which ZDNet says were granted in most cases, were reportedly made with the authorization of the Foreign Intelligence Surveillance Court, the secretive judicial body serves as the overseer of American government surveillance efforts. ZDNet cited only a single anonymous source, and none of the dozen-plus tech firms that it asked about the requests would confirm that they’d faced such a demand.
The hacker collective anonymous has struck again—or at least they’re talking very loudly again about striking, something most of the information security community has learned to ignore after several years of empty threats. Hacktivists within the group released a collection of Donald Trump’s private information, including his cell phone and Social Security number. But a quick Google search reveals both numbers had already been made public months earlier. Anonymous has vowed to continue its hacking campaign, however, and the FBI and Secret Service are taking the promise seriously enough to tell Time that they’re investigating the matter.
Last weekend, hackers hijacked ad campaigns that ran across the web sites of the BBC, The New York Times, Newsweek, and other high-profile news domains, according to the security firm Malwarebytes, whose researchers first spotted the activity. As reported by The Guardian, the malware targeted US visitors and took advantage of numerous exploits to attempt to download itself on people’s computers, encrypt their hard-drives, and then demand bitcoin payment in order to decrypt their data. This episode combines two hot-button issues in online security right now: ransomware, the hostage-style hack that is on the rise, and malvertising, a hack that takes advantage of comprised ad networks and which is increasingly sited by privacy and security advocates as a reason to use controversial ad-blockers.Go Back to Top. Skip To: Start of Article.