The terrible events of Charlottesville, VA, last weekend caused several parties to reevaluate. The so-called alt-right attempted to disown the rally online despite promoting it heavily in advance. Tech companies finally used some of the tools at their disposal to tamp down white supremacy. Historically neutral internet services company Cloudflare pulled the plug on a client—white supremacist site The Daily Stormer—for the first time. And President Trump, well, watched Fox News, and then repeated the things he saw there.
Elsewhere in the world of security, Verizon took a somewhat surprising stand for your privacy. Stingray-detector apps turned out to be not so hot at detecting stingray devices. A new car vulnerability looks very hard to detect, and even harder to patch. And we took a closer look at HBO’s very bad two weeks, hack-wise.
If all that’s not enough to keep you up at night, please do get cozy with our in-depth look at Russia’s playbook, and how it’s playing out in the US and elsewhere to disrupt democracy around the globe.
Of course, there’s more, which is why we’ve rounded up all the news we didn’t break or cover in depth this week. As usual, click on the headlines to read the full stories.
iOS 11 Lets You Disable Touch ID Quickly in Case of Cops
Touch ID excels at keeping crooks out of your phone, but arguably lets cops in too easily. Getting a suspect’s finger on a home button takes a lot less work than guessing a passcode, or getting them to volunteer one. It appears Apple has taken this sticky civil liberties situation into account in iOS 11, which features a new setting where tapping the power button five times brings up the option to make an emergency call, and disables Touch ID until the user enters their password. Discreet! And another potential front in the ongoing disputes between Apple and law enforcement, though we’ll have to wait at least until iOS 11’s official release this fall to see the full legal ramifications.
Maersk Lost $200-$300 Million To NotPetya Plague
The malware known as NotPetya made headlines largely for how widely it affected networks across the world, hitting Ukraine and then spreading quickly across the internet, mostly to Europe and Asia. But now that two months have passed, it’s becoming clear just how devastating that epidemic was for some of its largest victims. For shipping firm Maersk, it led to as much as $300 million in damages, one of the worst-ever effects of a cyberattack on a company’s balance sheet. In a statement from the company’s CEO Soren Skou on Tuesday, Maersk said it expects to see those nine figures of lost revenue on its third quarter earnings reports. The company’s statement said that was able to start receiving new bookings from customers two days after the attack. But earlier reports on Maersk’s malware debacle found that the company had shut down at least one entire facility in New Jersey and had to switch to manually tracking its loading and unloading of cargo, keeping offline and even handwritten records of its business in branches from India to New Zealand to Alabama.
Update Gone Awry Bricks 500 “Smart” Locks
The internet of things promises many utopian conveniences and magical, cloud-controlled features. It also promises a lot more problems like the one faced this week by the Colorado company LockState, which paralyzed 500 of its customers’ locks by sending out a botched software update. The update for the devices, which are designed to let users remotely set their locks combinations, was for the wrong version. That meant it bricked earlier versions’ electronic functions and prevented any further over-the-air updates that could have fixed the problem. The locks do also offer a manual, traditional keyhole that continued to work as a failsafe. But anyone without a key found themselves locked out of their homes. And since LockState partners with AirBnB, keyless renters who depend on their host setting a temporary code were locked out, too. LockState has offered to replace the locks or update the software for anyone who sends them the bricked devices. But the replacement process could take between days and weeks, LockState says. Nothing like an IoT meltdown to make old-fashioned mechanical pin-and-tumbler locks seem like relative marvels of engineering.
Thieves Steal a Smart Doorbell That Recorded Them the Whole Time
A big week for door-based technology! Not much to say here beyond the headline, but do enjoy the video below of very dumb crooks.