Security News This Week: A Whole New Way to Confuse Self-Driving Cars – WIRED
August is supposed to be a slow news month. People plan summer beach vacations on this presumption. Hackers, though, apparently hate sun and sand because this past week has been incredibly active on the security news front.
WIRED broke the scoop of leaked audio from Jared Kushner’s welcome conversation with west wing interns, which revealed he has a less than nuanced grasp of the details of the Palestinian-Israeli conflict–a global problem he’s been taxed with fixing. Making the nightmares of Amazon Echo owners everywhere come true, hackers turned one of those devices into a wiretap. So…that’s worrisome! Apple bowed to China’s censorship pressure, which is completely unsurprising but nevertheless disappointing. HBO got hacked! And unlike when Netflix got hacked and people were like, “uh, who cares,” this time people were upset, because Game of Thrones. In much more serious news, every single voting machine at the annual hacker conference DefCon got hacked, which is pretty alarming considering there’s actually municipal elections taking place in states around the country in just over 14 weeks. Yeah. You can completely mess with the internet of things by using a $10 hardware tool–yet another unsurprising but still upsetting thing to come out this week. China and Russia are cracking down on VPNs that people use to get around the strict censorship rules there, and in one extreme case the Chinese government is even forcing residents to install government spyware on their devices. And in a very surprising turn of events, the hero hacker who stopped the WannaCry malware from destroying the world was arrested in Las Vegas and no one knows why.
In better news, there’s now a website up and running devoted to tracking attacks against journalists, including everything from arrests to pressure to reveal sources. However the need for such a site underscores the dangerous environment for press freedom in America, which isn’t great news, so, you know what? We take back that whole “bright side” thing.
Of course, there’s more, which is why we’ve rounded up all the news we didn’t break or cover in depth this week. As usual, click on the headlines to read the full stories.
Car and Driver reports that security researchers at the University of Washington confused autonomous cars into misidentifying road signs, and they did it with simple stickers they made a home computer. The researchers put stickers on road signs and managed to convince the car’s image-detecting alogorithms that they were seeing, say, a speed limit sign instead of a stop sign. Such misidentification could be disastrous in a real-world driving environment.
As we’ve reported, https://www.wired.com/2015/04/want-see-domestic-spyings-future-follow-drug-war/ if you want to know about the future of the surveillance state, look at how cops are fighting the drug war. Buzzfeed this week reported that federal agents are now using secret spy planes to hunt for cartel leaders in Mexico. Looking at flight tracking data, Buzzfeed concluded a US Marshalls plane was in the vicinity of Eldorado, Sinoloa, near the time of a major roundup of cartel members in the area. It was likely helping to track the cellphones of suspects. The point here is that US federal agents are taking a more active role in fighting drug crime in Mexico than has ever been reported.
We and the entire security journalism community as well as security researchers and do-gooder hackers have been crowing for a while now about how ridiculously insecure the internet of things is. You can hack baby monitors and refrigerators, fire detectors and light switches largely because the underlying software of some of these devices is left completely unprotected. Seems lawmakers finally got the message, because security researcher Brian Krebs this week reported that a bipartisan coalition of senators introduced a bill that would require baseline security protections for any IOT device. Hurrah! Of course, it still needs to pass, but look, this is encouraging news. With that, let us wish you a happy weekend. (And please disconnect your baby’s monitor from the internet in the meantime, because, yikes.)