This week started with a bang and kept going. In the early hours of Saturday night, TikTok has cut off access to users in the United States before Deadline is Sunday Which forced Apple and Google to remove the video sharing app from their app stores. While TikTok was dark, American users jumped on board Getting around the TikTok ban while Many other unexpected applications They also saw their access to Americans cut off. But by midday Sunday, Access to TikTok is already back In the United States. By Monday night, new US President Donald Trump had been inaugurated Signed an executive order delaying the TikTok ban By 75 days.
Tuesday Trump Make good on His promise To release Ross Ulbricht, the game’s imprisoned creator Silk Road Dark Web MarketWhere users sell drugs, weapons and worse. Ulbricht spent more than 11 years behind bars after being The FBI arrested him in 2013 And then He was sentenced to life imprisonment. Trump’s decision to pardon Ulbricht is largely seen as tied to the support he received from the libertarian cryptocurrency community, which has long viewed the Silk Road creator as a martyr.
As the world enters the second Trump era, WIRED sat down with Jane Easterlywho recently left her position as Director of the Cybersecurity and Infrastructure Security Agency to discuss the cyber threats facing the United States and the uncertain future of CISA as a front-line watchdog against nation-state hackers and other digital security threats facing the United States.
Finally, we detail new research that reveals just how dangerous trivial errors can be Subaru unveiled a system to track the locations of its customers’ cars. The researchers found that they had access to an online portal for Subaru employees that allowed them to pinpoint the vehicle’s location for up to a year, down to the parking spaces they used. The flaws have now been patched, but Subaru employees can still access sensitive driver location data.
That’s not all. Every week we round up security and privacy news that we haven’t covered in depth ourselves. Click on the titles to read the full stories. And stay safe out there.
A US judge in New York this week found that the FBI’s practice of searching for data on US persons under Section 702 of the Foreign Intelligence Surveillance Act without obtaining a warrant is unconstitutional. The Foreign Intelligence Surveillance Act (FISA) gives the US government the authority to collect foreign entities’ communications through Internet service providers and companies like Apple and Google. Once this data is collected, the FBI can conduct “background searches” to obtain information on U.S. citizens or residents who have come into contact with aliens, and it has done so without first obtaining a warrant. Judge D’Arcy Hall found that such searches required a warrant. “To do otherwise would effectively allow law enforcement to amass a repository of Section 702 communications — including those of U.S. persons — that can later be searched upon request without restriction,” the judge wrote.
An “issue” in the core functionality of Internet infrastructure company Cloudflare’s content delivery network, or CDN, could reveal the approximate location of people using apps, including apps designed to protect privacy, according to findings by an independent security researcher. Cloudflare has servers in hundreds of cities and over 100 countries around the world. Its CDN works by caching people’s Internet traffic through its servers and then delivering that data from the server closest to the person’s location. The security researcher, who he calls Daniel, found a way to send an image to a target, collect the URL, and then use a specially designed tool to query Cloudflare to find out which data center delivered the image — and thus the state or perhaps the city in which the target is located. Fortunately, Cloudflare told 404 Media that it fixed the issue after Daniel reported it.
In one of its first moves after Trump took office on Monday, the Department of Homeland Security let all members of the agency’s advisory committees out. This includes the Cyber Safety Review Board, which was investigating the matter Large-scale attacks on the American communications system By the Chinese-backed hacker group Salt Typhoon. US authorities revealed in mid-November that the Salt Typhoon had integrated itself into at least nine US telecommunications companies for espionage purposes, potentially exposing anyone using unencrypted calls and text messages to surveillance by Beijing. While the CSRB’s future remains uncertain, Sources say Reporter Eric Geller That their investigation into the Salt Typhoon attacks was effectively “dead.”
