privacy and security
Adrian Lamo, Hacker Behind Breaches of New York Times and Microsoft, Has Died

Adrian Lamo, a hacker known for his high-profile breaches of the New York Times, Microsoft, and Yahoo, has died, according to his family. He was 37 years old. Read More >>

Google Says It Spent Over £193,000 to Close Wage Gaps

Counter to preliminary findings in an ongoing US government investigation and claims made in a class action lawsuit brought by former employees, Google says it has no gender- or race-based wage gaps among its workers. Read More >>

Microsoft Upheld Less Than 1 Per Cent of Gender Discrimination Complaints by Female Employees, Court Documents Say

Over a six-year period, Microsoft upheld only one of the 118 gender discrimination complaints it received from female employees, according to court filings, Reuters reported on Tuesday. In total, the company received 238 complaints of discrimination or sexual harassment between 2010 and 2016, the court filings say. Read More >>

Ad Blocker Ghostery Is Going Open Source to Win Back Some Privacy Points

The ad blocker Ghostery is shaking up its business model and open-sourcing its code in a bid to earn more consumer trust. The company faced criticism last year over its business model, which involved selling anonymised user data to businesses—not the kind of behaviour you’d expect from a privacy tool. Read More >>

23,000 HTTPS Certificates Pulled After CEO Sends Private Keys in an Email

HTTPS certificates form the foundation of the encrypted web. Issued to website operators by trusted certificate authorities, certificates are necessary to form an encrypted connection between your browser and the website you’re visiting—and that encrypted connection protects sensitive data you might share with the website, like a password or credit card details. Each certificate has a public key, which it sends to your browser to initiate an encrypted connection, and a private key, which needs to stay private. Read More >>

‘Bro Culture’ Led to Repeated Sexual Harassment, Former Google Engineer’s Lawsuit Says

Loretta Lee, a software engineer who worked at Google for seven years before being fired in February 2016, is suing Google for sexual harassment, discrimination, retaliation, and wrongful termination she says she experienced at the company. Lee says in her lawsuit that the company’s “bro-culture” led to continuous harassment and that Google did nothing to intervene. Read More >>

Phone-Cracking Firm Cellebrite Claims It Can Unlock Latest iPhones

Cellebrite, a law enforcement vendor that helps officials get into locked and encrypted devices, has claimed that it can unlock Apple’s newest phones and operating system, Forbes reports. Read More >>

1Password Helps You Find Out if Your Password Is Pwned

If your password winds up in a mega-breach like the ones at Yahoo, Dropbox, or Tumblr, it can be easy for a hacker to take over your account—especially if you reuse the same password across multiple services. But it’s not always easy to tell if your password has been stolen, and companies can sometimes take years to notify users of a breach. Read More >>

Bug Made It Possible to Take Over Tinder Accounts with Just a Phone Number

Vulnerabilities in Tinder and in Facebook’s Account Kit tool could have allowed a hacker to take over a user’s Tinder account—gaining access to their private messages—using only the victim’s phone number. Read More >>

Google Fired and Disciplined Employees for Speaking Out About Diversity

Last August, James Damore circulated a memo internally at Google in which he argued women were biologically less inclined to succeed in engineering roles at the company and that Google’s diversity efforts were misguided. In doing so, he set off heated debate among his co-workers—debate that, according to current and former employees who spoke to Gizmodo, led Google to ramp up its moderation of internal conversations and crack down on employees who speak up about diversity. Read More >>

Facebook Admits Spam Texts to Two-Factor Authentication Users Were a Bug

Two-factor authentication, a security measure that requires a verification code as well as a password upon login, can help prevent phishing and account takeover. Read More >>

Facebook Privacy Settings Aren’t Enough to Hide Your Photos From Court

It doesn’t matter if you have your Facebook profile set to private—you can still be required to hand over your photos and messages during a lawsuit, a New York appeals court ruled today. Read More >>

Patent Troll’s Dumb Lawsuit Against Cloudflare Gets Thrown Out

The typical patent troll scheme goes like this: buy silly patent; find big company using tech similar to patent; sue big company; get nice payout from big company that doesn’t want to waste time fighting a dumb patent case; repeat. Read More >>

Facebook Turned Its Two-Factor Security ‘Feature’ Into the Worst Kind of Spam

Facebook is bleeding users, with external researchers estimating that the social network lost 2.8 million US users under 25 last year. Those losses have prompted Facebook to get more aggressive in its efforts to win users back—and the company has started using security prompts to encourage users to log into their accounts. Read More >>

Who Won and Who Got Totally Screwed in Waymo v. Uber

Halfway through a contentious trial, Waymo settled its high-profile lawsuit against Uber in a deal that gives Google’s parent company Alphabet $245 million (£177 million) in Uber equity—a slightly larger stake than Google already has—and allows Waymo to keep tabs on Uber’s self-driving car programme. Read More >>