WIRED

How to Share Files Securely Online

WIRED

Illustration: Elena Lacey

If you need to share documents and files with other people over the internet, you want to be able to do it quickly, securely, and with as little friction as possible. Thankfully, plenty of apps and services meet those three criteria.

Whether it’s tapping into the tools included with the cloud storage app you already use, or simply dragging files into an open browser window, you’ve got several options to weigh up.

All these services encrypt files in transit and when stored, stopping hackers and third parties from getting at them. However, only Firefox Send uses end-to-end encryption, which means not even Firefox can see the files. The others retain the right to access your data if compelled by law enforcement, or if it’s needed to manage the cloud services themselves. It’s also important to make sure the sharing links you generate are closely guarded, as these act as decryption keys giving access to your files.

Full article

WIRED

Watch Out for Coronavirus Phishing Scams

WIRED

Photographer: Tyrone Siu/Reuters

As coronavirus infections spread this week, the World Health Organization classified the outbreak as a global emergency on Thursday. On Friday, United States officials placed 195 people in a two-week federal quarantine at a California military base after evacuating them from Wuhan, China. Amidst international efforts to contain transmission of the virus, online scammers have already begun exploiting the uncertainty and fear.

A sample phishing email from Tuesday, detected by security firm Mimecast, shows attackers disseminating malicious links and PDFs that claim to contain information on how to protect yourself from the spread of the disease. “Go through the attached document on safety measures regarding the spreading of corona virus,” reads message, which purports to come from a virologist. “This little measure can save you.”

Full article

WIRED

Everything We Know About the Jeff Bezos Phone Hack

WIRED

Photograph: Andrew Harrer/Bloomberg/Getty Images

On November 8, 2018, Amazon CEO Jeff Bezos received an unexpected text message over WhatsApp from Saudi Arabian leader Mohammed bin Salman. The two had exchanged numbers several months prior, in April, at a small dinner in Los Angeles, but weren’t in regular contact; Bezos had previously received only a video file from the crown prince in May that reportedly extolled Saudi Arabia’s economy. The November text had an attachment as well: an image of a woman who looked like Lauren Sanchez, with whom Bezos had been having an unreported affair.

That message appears to have been a taunt; American Media Inc., publisher of The National Inquirer, would several months later make details of the affair public. But it’s the initial contact, in May, that has set off another firestorm with MBS at the center. That video file was likely loaded with malware, investigators now say. The crown prince’s own account had been used to hack Bezos’ phone.

Such brazen targeting of a private citizen—the richest man in the world, no less—is alarming to say the least. It underscores the dangers of an unchecked private market for digital surveillance, and raises serious questions about other prominent US figures who have known relationships with the crown prince, like White House adviser Jared Kushner and President Donald Trump himself.

Full article

WIRED

This Apple-FBI Fight Is Different From the Last One

WIRED

Photograph: Tom Brenner/Reuters

This all might sound familiar: After a mass shooting, the Federal Bureau of Investigation wants Apple to build a tool that can unlock the attacker’s iPhones. But don’t expect round two of Apple versus the FBI to necessarily play out like the first. The broad outlines are the same, but the details have shifted precariously.

For all the FBI’s posturing, its attempt to force Apple to unlock the phone of one of the San Bernardino terrorists ultimately ended in a draw in 2016. The FBI dropped its lawsuit after the agency found a third-party firm to crack it for them. Now, the FBI claims that only Apple can circumvent the encryption protections on the two recovered iPhones of Mohammed Saeed Alshamrani, who killed three people and wounded eight in December at a naval air station in Pensacola, Florida. As it did four years ago, Apple has declined.

Apple’s central argument against helping the FBI in this way remains the same: creating a backdoor for the government also creates one for hackers and bad actors. It makes all iPhones less safe, full stop. Since the last Apple-FBI showdown, though, technological capabilities on both sides, the US political landscape, and global pressures have all substantially evolved.

Full article

WIRED

Russia Takes a Big Step Toward Internet Isolation

WIRED

Photograph: Alexander Nemenov/Getty Images

Over the holidays, the Russian government said it had completed a multi-day test of a national, internal internet known as RuNet, a bid to show that the country’s online infrastructure could survive even if disconnected from the rest of the world. Though Russia claims the initiative relates to cybersecurity, researchers and human rights advocates inside Russia and around the world argue that the test underscores Russia’s broader campaign to control and censor access to digital information within its borders.

….

The government is also investing 2 billion rubles — about $32 million — in a Russian Wikipedia alternative.

Full article

Our conclusion

This is a very tedious and disturbing development, especially for the Russian people!

WIRED

Think Twice Before Giving Gifts With a Microphone or Camera

WIRED

Photograph: Getty Images

As we draw ever closer to Black Friday, Cyber Monday, and all the shopping days in between, you’ll have no shortage of cheap, flashy, internet-connected gadgets to choose from for holiday gifts. But in the frenzy, don’t forget that the widgets you buy will live at recipients’ houses—or on their wrists—for months or years to come. With that in mind, it’s worth considering the security and privacy risks involved, so you know what you’re getting people into before they unwrap the box.

Full article

WIRED

How the Iranian Government Shut Off the Internet

WIRED

Photograph: AFP/Getty Images

Amid widespread demonstrations over rising gasoline prices, Iranians began experiencing internet slowdowns over the last few days that became a near-total internet and mobile data blackout on Saturday. The government is apparently seeing to silence protestors and quell unrest. So how does a country like Iran switch off internet to a population of more than 80 million? It’s not an easy thing to do.

Though some countries, namely China, architected their internet infrastructure from the start with government control in mind, most don’t have a central set of levers they can pull to influence country-wide access to content or connectivity. But regimes around the world, including those in Russia and Iran, have increasingly been retrofitting traditional private and decentralized networks with cooperation agreements, technical implants, or a combination to give officials more influence. In countries like Ethiopia, Venezuela, and Iraq, along with disputed regions like Kashmir, government-led social media blocking and more extensive outages have become the norm.

“This is the most wide-scale internet shutdown that we’ve seen in Iran,” says Adrian Shahbaz, research director at the pro-democracy group Freedom House, which tracks internet censorship and restriction worldwide. “It’s surprising to see the Iranian authorities block all internet connections rather than only international internet connections, because the latter is a tactic that they’ve used in the past. It could mean they are more fearful of their own people and worry that they cannot control the information space amidst these economic protests.”

The process to block an entire country’s internet connectivity depends on the set-up. Places like Ethiopia that have relatively limited internet proliferation typically have just one government-controlled internet service provider, perhaps alongside some smaller private ISPs. But all usually gain access from a single undersea cable or international network node, creating “upstream” choke points that officials can use to essentially block a country’s connectivity at its source.

Full article

WIRED

Security News This Week: Government Officials Hacked Via WhatsApp

WIRED

This week saw the cybersecurity world taking big strides against some of the world’s most aggressive hackers. In a dramatic and potentially precedent-setting move, WhatsApp, the Facebook-owned messaging platform, sued the Israeli surveillance contractor NSO Group for allegedly targeting 1,400 of WhatsApp’s users with malicious phone calls crafted to infect devices with data-grabbing malware. Meanwhile, over in United States Congress, lawmakers are still struggling to deal with increasingly ubiquitous ransomware attacks that often target vulnerable organizations like local governments and hospitals.

Microsoft reported findings that the Russian hacking group Fancy Bear (also called APT28 or Strontium) has targeted at least 16 antidoping agencies around the world in the lead-up to the 2020 Tokyo Olympics. Russian hackers have barraged the Olympics for three years now, including a particularly stealthy and insidious digital attack on the Pyeongchang Winter Games in 2018.

Full article

WIRED

TikTok, Under Scrutiny, Distances Itself From China

WIRED

TikTok, the app that revolves around sharing short video clips, is in a unique position. It’s arguably the first international social media platform to have built a massive audience in the United States, where it’s been downloaded more than 110 million times since its founding in 2017. TikTok has offices in California near competitors like Snapchat, Instagram, and YouTube, but it’s owned by ByteDance, a Chinese tech giant. As tensions between the US and China continue to escalate, that fact has become a headache for TikTok. Now the company is taking steps to distance itself publicly from its counterparts in Beijing.

This week, Senators Chuck Schumer (D-New York) and Tom Cotton (R-Arkansas) sent a letter to US intelligence officials asking them to investigate whether TikTok poses “national security risks.” In their letter, sent to Joseph Maguire, the acting director of national intelligence, the senators expressed concern about the data TikTok collects on US users and whether that information could potentially be shared with the Chinese Communist Party. They also questioned whether Tiktok censors content on its platform and said the app is a “potential counterintelligence threat we cannot ignore.”

It wasn’t the first time this month that lawmakers have questioned the security and content moderation practices of TikTok. Two weeks ago, Senator Marco Rubio (R-Florida) called for the Committee on Foreign Investment to investigate ByteDance’s 2017 acquisition of Musical.ly, a lip-syncing app popular in the US that was later merged with TikTok. On Twitter, Rubio said he was concerned TikTok is “censoring content in line with #China’s communist government directives.”

Full article

WIRED

Flock Safety Says Its License Plate Readers Reduce Crime. It’s Not That Simple

WIRED

On the surface, it appears as though a simple fix—installing relatively discrete license-plate readers—had an enormous positive impact. That’s the narrative Flock Safety has put forward. The company proudly touted the results of the Cobb County pilot in a press release it sent to WIRED this week, and advertises on its website that it solves “up to five crimes an hour.”

But experts say it’s not that simple, and that establishing a causal relationship between any given variable and fluctuating crime rates is no easy task. “I am not saying that the readers did not have an effect on crime—it is just that we cannot attribute any reduction in crime to the readers themselves,” says Alex Piquero, a professor of criminology at the University of Texas, Dallas.

Even police agree. “To make it very clear, we are not 100 percent positive that Flock cameras were the difference,” notes VanHoozer. “What we did see, though, is an incredible decrease in crime, starting when we put these cameras down there.”

Full article