At 1030 on April 27, 2019, four unidentified individuals attempted to rob a Brinks armored truck parked outside of Michaels, an art supply and home decor store at the Point Loomis Shopping Center in Milwaukee, Wisconsin. To find out who they are, local authorities plan to ask Google. According to an affidavit [PDF] filed by …

ColumnOn New Year's Eve 2019, the good ship Travelex struck the iceberg of ransomware. That's not a good metaphor, to be honest: when the SS Titanic hit its frozen nemesis, it had the good taste to unambiguously sink in two hours and 40 minutes. Not so Travelex. At the time of writing, more than two weeks after the lights went out, …

AnalysisIn a massive win for privacy rights, the advocate general advising the European Court of Justice (ECJ) has said that national security concerns should not override citizens’ data privacy. Thus, ISPs should not be forced to hand over personal information without clear justification. That doesn't mean that the intelligence and …

AnalysisApple has responded to a demand from the United States' Attorney General William Barr that it grant the FBI access to two iPhones used in a recent shooting by carefully calling bullshit on his claims. Barr held a press conference on Monday in which he accused Apple of not having given the FBI “any substantive assistance” in …

Programmers are complaining that Google's Chrome Web Store still looks more like an ill-tended shack than a legitimate store. Developers are continuing to complain about dubious extensions with fake users, extension copying, and long waits for extension approval, among other gripes. Over the weekend, an individual writing …

Britain's cyber-plod have warned people not to use Windows 7 machines for online banking, nor emails, nor any other services that contain sensitive information – which rules out pretty much everything except reading The Register. Support for the Microsoft operating system officially ends on Tuesday January 14, give or take …

Four Princeton University eggheads have published a report showing that the five major US mobile carriers implement weak authentication techniques, leaving customers vulnerable to SIM-swapping attacks that transfer victims' phone numbers to devices controlled by scammers. Such attacks have been a problem for years, but have …

UpdatedOn Wednesday, more than 50 advocacy groups accused Google of exploiting poor people by failing to police misbehaving Android apps on cheap phones. The advocacy groups, including the American Civil Liberties Union, Amnesty International, the Electronic Frontier Foundation, and Privacy International, to name a few, published an …

SHA-1 stands for Secure Hash Algorithm but version 1, developed in 1995, isn't secure at all. It has been vulnerable in theory since 2004 though it took until 2017 for researchers at CWI Amsterdam and Google to demonstrate a practical if somewhat costly collision attack. Last year, crypto-boffins Gaëtan Leurent, from Inria in …

Patting itself on its back for motivating software makers to fix 97.7 per cent of the vulnerabilities it identifies within its 90-day disclosure deadline, Google's bug-hunting unit Project Zero has decided to ease up on those racing to patch their flawed products. This month, Project Zero revised its Disclosure Policy so that …

Cloudflare CEO Matthew Prince, like his colleagues, has come to hate his company's virtual private network, used to connect securely to corporate servers from afar. "I'd be traveling to god knows where and have to get on the Cisco VPN client to San Francisco," he explained in a phone interview with The Register in December. " …

RoundupHere's a catch-up of security news beyond everything else we've covered. Nearly 300 million Facebook profiles scraped, dumped online Once again a huge number of Facebook users have had their details lifted from their profiles, a fact that came to light when security researchers were scanning for open databases online. …

When Andreas Gal, CEO of Silk Labs and a US citizen, returned to the US from a business trip in Europe last year, he was detained by US Customs and Border Patrol (CBP) for secondary screening. He claims he was threatened with unwarranted charges, denied access to an attorney, and told he had to unlock his electronic devices …

The clock is ticking for businesses using what Google defines as a "less secure app" (LSA) to access services like its G Suite mail, calendar and contacts. New accounts will be blocked from using LSAs from June 15 2020, and all access will be disabled on February 15 2021. Google's latest announcement is specific to G Suite, …

Boeing said on Monday that it plans to temporarily suspend the production of its 737 Max jets next month to focus on clearing out the 400 or so aircraft currently grounded in storage. The jets have been gathering dust since March 13, 2019, when America's Federal Aviation Administration (FAA) issued an emergency order grounding …

On Wednesday, NPM, Inc, the California-based biz that has taken it upon itself to organize the world's JavaScript packages into the npm registry, warned that its command line tool, the npm CLI, has a rather serious security vulnerability. Version 6.13.4 has been rushed out with a fix. The flaw – also present in less-than- …

How does Microsoft mitigate the risk of speculative-execution bugs on its Azure platform? The US goliath is unwilling to comment, despite running a session at its Ignite conference last month on exactly this subject. The Ignite session itself was titled "Spectre/Meltdown: An Azure retrospective" and talked about "how the …

In its latest attempt to come up with a digital encryption scheme that's both secure and not, the US Senate Judiciary Committee on Tuesday heard conflicting testimony from industry, academics, and law enforcement about whether encryption can simultaneously protect information and also reveal it on demand. Committee Chairman …