Security News This Week: A Bug in Popular Android Smartphones Gives Hackers Full Control


The theme of this week is by now a familiar one: “Things keep getting worse.” Starting with the security of countless so-called real-time operating systems that all share some variation on the same decades-old code. That makes them all vulnerable to the set of Urgent/11 vulnerabilities we reported on just the other week. And as is so often the case with these sorts of devices and ancient code, there’s really no good way to fix them. And that was just the start of the week.

As a bookend, the US attorney general William Barr sent a sternly worded letter to Facebook on Friday, encouraging the company not to go forward with its plans for cross-platform end-to-end encryption, in the process reigniting the decades-old encryption debate. But while Barr had his counterparts from the UK and Australia backing up his push, it’s unclear what if any actual authority he would have to weaken encryption without laws on the books forcing it. (Also, it would be a truly terrible idea.)

In slightly brighter social media news, we looked at how adversarial examples could help protect your Facebook data from the next Cambridge Analytica. And we explained how the new Incognito Mode for Google Maps helps cover your tracks—and, more important, all the ways it doesn’t. Speaking of covering tracks, we took a look at how the Ukraine whistle-blower did everything meticulously by the book and the potential dangers in the Trump administration’s repeated insistence that they did not. We also talked to two past whistle-blowers for some perspective on what the current one must be going through. The consensus: their life will be forever changed.

The Trump campaign, meanwhile, appears to have been the target of Iranian hackers, although Microsoft says the phishing attempts it spotted were unsuccessful. Lastly, if you’re thinking about side-loading Google apps onto a Huawei device … don’t! You’re welcome.

And there’s more! Every Saturday we round up the security and privacy stories that we didn’t break or report on in-depth but which we think you should know about nonetheless. Click on the headlines to read them, and stay safe out there.

Leave a Reply

Your email address will not be published. Required fields are marked *

km en_US