THIS WEEK IN SECURITY NEWS A long time ago, when I used to work as a systems analyst in an IT department, I ran into users who would complain that a tool wasn’t secure or that they had been hacked, which was usually a cover for their own poor internet hygiene. This week, we saw that in Congress, when outgoing Nebraska Republican Don Bacon claimed that Signal, the encrypted messaging app, was “insecure,” when the truth is that he got spear-phished by Russian hackers and is blaming Signal for his mistake. After all, anyone who’s worked in security knows that humans are the weakest link in the security chain.
To the company’s credit, Signal has been warning users for months about this aggressive wave of phishing attempts, especially targeting high-profile individuals and their accounts. And just to be completely clear: No, Signal and its end-to-end encryption technology have not been hacked.
Moving on but staying in the halls of government, this week we reported that the Supreme Court ruled that the Fourth Amendment (you know, the one about your basic right to privacy) does indeed apply to your phone’s location data. That means law enforcement and other government agencies are legally obligated to specify the data they’re seeking when they request it from a service provider, to provide probable cause, and to present a warrant. It also protects your location data from unreasonable search and seizure. |