Ars Technica » Risk Assessment - RSS Feed

The Art of Technology

Latest articles

What the newly released Checkra1n jailbreak means for iDevice security

Enlarge (credit: @Checkra1n) It has been a week since the release of Checkra1n, the world’s first jailbreak for devices running Apple’s iOS 13. Because jailbreaks are so powerful and by definition disable a host of protections built into the OS, many people have rightly been eyeing Checkra1n—and the Checkm8 exploit it relies on—cautiously. What follows...

Republicans storm ultra-secure “SCIF,” some with cell phones blazing [Update]

Enlarge / The US House of Representatives. (credit: Wally Gobetz / Flickr) On Wednesday, Republican lawmakers committed a major breach of security guidelines when they carried cell phones as they tried to force their way into a secure room where a closed-door impeachment hearing with a Defense Department official was taking place. At least one House...

Why big ISPs aren’t happy about Google’s plans for encrypted DNS

Enlarge (credit: Thomas Trutschel/Photothek via Getty Images) When you visit a new website, your computer probably submits a request to the domain name system (DNS) to translate the domain name (like arstechnica.com) to an IP address. Currently, most DNS queries are unencrypted, which raises privacy and security concerns. Google and Mozilla are trying...

New clues show how Russia’s grid hackers aimed for physical destruction

Enlarge (credit: Joshua Lott/Bloomberg via Getty Images) For nearly three years, the December 2016 cyberattack on the Ukrainian power grid has presented a menacing puzzle. Two days before Christmas that year, Russian hackers planted a unique specimen of malware in the network of Ukraine's national grid operator, Ukrenergo. Just before midnight, they...

600,000 GPS trackers for people and pets are using 123456 as a password

Enlarge (credit: Shenzhen i365 Tech) An estimated 600,000 GPS trackers for monitoring the location of kids, seniors, and pets contain vulnerabilities that open users up to a host of creepy attacks, researchers from security firm Avast have found. The $25 to $50 devices are small enough to wear on a necklace or stash in a pocket or car dash compartment....

Google Play app with 100 million downloads executed secret payloads

Enlarge (credit: NurPhoto | Getty Images) The perils of Google Play are once again on display with the discovery of an app with 100 million downloads that contained a malicious component that downloaded secret payloads onto infected Android devices. Throughout most of its life, CamScanner was a legitimate app that provided useful functions for scanning...

Self-driving car service open sources new tool for securing firmware

Enlarge (credit: Collin Mulliner) Developing and maintaining secure firmware for tablets, cars, and IoT devices is hard. Often, the firmware is initially developed by a third party rather than in-house. And it can be tough as projects move from inception and prototyping to full-force engineering and finally to deployment and production. Now, an...

Judge allows suit against AT&T after $24 million cryptocurrency theft

Enlarge / An AT&T store in New Jersey. (credit: Michael Brochstein/SOPA Images/LightRocket via Getty Images) When Michael Terpin's smartphone suddenly stopped working in June 2017, he knew it wasn't a good sign. He called his cellular provider, AT&T, and learned that a hacker had gained control of his phone number. The stakes were high because...

Tech firms “can and must” put backdoors in encryption, AG Barr says

Enlarge / Graffiti urging people to use Signal, a highly encrypted messaging app, is spray-painted on a wall during a protest on February 1, 2017 in Berkeley, California. (credit: Elijah Nouvelage | Getty Images) US Attorney General William Barr today launched a new front in the feds' ongoing fight against consumer encryption, railing against the...

Silent Mac update nukes dangerous webserver installed by Zoom

Enlarge (credit: Kena Betancur/Getty Images) Apple said it has pushed a silent macOS update that removes the undocumented webserver that was installed by the Zoom conferencing app for Mac. The webserver accepts connections from any device connected to the same local network, a security researcher disclosed on Monday. The server continues to run...

Discover, share and read the best on the web

Subscribe to RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters! Get unfiltered news feeds or filter them to your liking.

Get Inoreader
Inoreader - Subscribe to RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters!