Security, Spoken

Devin Nunes, the top Republican on the House Intelligence Committee, said Thursday that the impeachment inquiry had “poisoned the minds of fanatics,” and he was absolutely right—but not quite in the way that he meant. His comments, aimed at Democrats, instead came across in the hearing as projection, a sad summation of the intellectual rot that has spread through his own party during the Trump age. Learn about your ad choices: dovetail.prx.org/ad-choices

In the Harry Potter universe, there’s a handy spell for when you need to stop someone from spilling your secret plans or shit-talking during a duel. It’s called Mimblewimble, otherwise known as the tongue-tying curse. It’s also the name of a privacy technology designed for cryptocurrencies—because, well, somebody’s gotta keep crypto weird. The first coins to use Mimblewimble—distinct efforts called Grin and Beam—both launched in January. Learn about your ad choices: dovetail.prx.org/ad-choices

Black Friday attracts crowds, and crowds attract scammers, and that means you need to take extra care when shopping online over the Black Friday and Cyber Monday weekend. There'll be people out there keen to relieve you of more money than you'll save on a TV set or a gaming console. The following precautions apply whatever the time of year, but it's worth reminding yourself of them every time a serious holiday season comes around. Learn about your ad choices: dovetail.prx.org/ad-choices

Learn about your ad choices: dovetail.prx.org/ad-choices

Users increasingly encounter moments when a website asks for permission to gather some personal data or access to their device hardware: "Can we access your GPS position? Your microphone or camera? Your Bluetooth? Can we send you push notifications about breaking news or premium chocolate subscription offers?" Permissions, as these asks are known, give the web exciting powers. Learn about your ad choices: dovetail.prx.org/ad-choices

Iranian hackers have carried out some of the most disruptive acts of digital sabotage of the last decade, wiping entire computer networks in waves of cyberattacks across the Middle East and occasionally even the US. But now one of Iran's most active hacker groups appears to have shifted focus. Rather than just standard IT networks, they're targeting the physical control systems used in electric utilities, manufacturing, and oil refineries. Learn about your ad choices: dovetail.prx.org/ad-choices

The reports came just a few days after Disney+ launched: Thousands of the streaming service accounts were already up for sale on various hacking forums, at bargain basement prices. As of Wednesday, new victims were still taking to Twitter and other venues to express their frustration that their accounts had been taken over. What’s happening almost certainly isn’t a hack in the way you’d normally think of it. Learn about your ad choices: dovetail.prx.org/ad-choices

Back in 2012, the US Supreme Court ruled that it's illegal for the police to attach a GPS tracking device to someone's car without a warrant. But what if you find a GPS tracking device on your car? Can you remove it? ARS TECHNICA This story originally appeared on Ars Technica, a trusted source for technology news, tech policy analysis, reviews, and more. Ars is owned by WIRED's parent company, Condé Nast. Learn about your ad choices: dovetail.prx.org/ad-choices

It's increasingly common for the data that passes between your browser and a website's server to be encrypted with HTTPS, which makes it impossible for outside snoops to read. But you don't get that protection if the URL drops that crucial "S" after HTTP. And while some mechanisms do redirect you to an encrypted version of a site, they often do so only after exposing that initial request. The makers of the privacy-focused search engine DuckDuckGo think there's a better way. Learn about your ad choices: dovetail.prx.org/ad-choices

Android users are groaning and websites are moaning, but first: a cartoon about what to do with a broken laptop. Here's the news you need to know, in two minutes or less. Want to receive this two-minute roundup as an email every weekday? Sign up here! Today’s News 146 new vulnerabilities all come preinstalled on Android phones Security firm Kryptowire discovered 146 vulnerabilities—across 29 Android smartphone makers—that exist before the phones are even taken out of the box. Learn about your ad choices: dovetail.prx.org/ad-choices