This week started with a bang and just kept on going. Early Saturday night, TikTok closed access to users in the United States Ahead of sunday deadline Which forced Apple and Google to remove the video-sharing app from their app stores. While TikTok was dark, US users rushed get rid of tiktok ban Whereas Many other unexpected apps Their access to Americans also ended. However, by Sunday afternoon, TikTok access was already coming back In America. As of Monday night, newly elected US President Donald Trump was Signed an executive order to delay TikTok ban Up to 75 days.
Trump on Tuesday draw well But his promise To free the imprisoned creator Ross Ulbricht Silk Road dark-web marketplaceWhere users sold drugs, guns, and worse. Ulbricht spent more than 11 years behind bars after being jailed. Arrested by FBI in 2013 and later sentenced to life imprisonmentTrump's decision to pardon Ulbricht is largely linked to support he received from the liberal cryptocurrency community, which has long considered the Silk Road creator a martyr.
As the world enters the second Trump era, WIRED sat down with Jane Easterlywho recently met with the Cybersecurity and Infrastructure Security Agency to discuss the cyber threats facing America and the uncertain future of CISA as a frontline watchdog against nation-state hackers and other digital security threats facing America. Gave up his top position as director.
Finally, we detailed new research that revealed how many minor bugs Subaru's system for tracking the locations of its customers' vehicles exposedThe researchers found they could access a web portal for Subaru employees that allowed them to trace a car's year-round location – even down to the parking spots it used. The flaws have now been closed, but Subaru employees still have access to sensitive driver location data.
Not only this. Each week, we round up security and privacy news that we didn't cover in depth ourselves. Click on titles to read full stories. And stay safe there.
A US judge in New York this week found that the FBI's practice of searching data on US persons under Section 702 of the Foreign Intelligence Surveillance Act without obtaining a warrant is unconstitutional. FISA gives the US government the authority to collect communications of foreign entities through Internet providers and companies like Apple and Google. Once this data was collected, the FBI could conduct “backdoor searches” for information about US citizens or residents communicating with foreigners, and it did so without first obtaining a warrant. Judge DeArcy Hall found that these searches required a warrant. The judge wrote, “To hold otherwise would effectively allow law enforcement to collect a repository of communications under Section 702 – including those of US persons – that could then be searched on demand without limitation. Is.”
A “problem” with the basic functionality of internet infrastructure company Cloudflare's content delivery network, or CDN, could reveal the rough location of people using apps, including apps designed to protect privacy, according to the findings of an independent security researcher. Is. Cloudflare has servers in hundreds of cities and over 100 countries around the world. Its CDN works by caching people's Internet traffic on its servers and then delivering that data from the server closest to a person's location. The security researcher described by Daniel found a way to send an image to a target, collect the URL, then use a custom-built tool to interrogate Cloudflare to find out which data center delivered the image – and this Type state or possibly the city the target is in. Fortunately, Cloudflare told 404 Media that it fixed the issue after Daniel reported it.
On Monday, in its first move since Trump took office, the Department of Homeland Security let go of everyone on the agency's advisory committees. This also includes the Cyber Safety Review Board, which was investigating Extensive attacks on American telecommunications system By China-backed hacker group Salt Typhoon. US officials revealed in mid-November that Salt Typhoon had embedded itself into at least nine US telecoms for spying purposes, potentially making anyone using unencrypted calls and text messages subject to surveillance by Beijing. Could have been brought under surveillance. While the future of the CSRB remains uncertain, Sources say reporter Eric Geller Their investigation of the Salt Typhoon attacks is effectively “dead”.