Security, Spoken

An Android app has two choices for where to put its data on a device: internal storage, where it’s safe and snug, isolated by the operating system’s sandbox, and external storage, where data can move between apps but isn't as protected. Most of the time, that setup works just fine. But when developers use the latter incorrectly, they could give hackers a crucial foothold. Learn about your ad choices: dovetail.prx.org/ad-choices

It’s Black Hat and DefCon conference time again, when the world’s top security researchers descend on the den of iniquity that is Las Vegas in August and try to scare the bejeezus out of people with new research into ominous hacks. Hooray! WIRED’s been there for a few days already. Lily Hay Newman discovered that several mobile credit card readers are rife with bugs, potentially leaving you exposed. Learn about your ad choices: dovetail.prx.org/ad-choices

Security meltdowns on your smartphone are often self-inflicted: You clicked the wrong link, or installed the wrong app. But for millions of Android devices, the vulnerabilities have been baked in ahead of time, deep in the firmware, just waiting to be exploited. Who put them there? Some combination of the manufacturer that made it, and the carrier that sold it to you. Learn about your ad choices: dovetail.prx.org/ad-choices

The tiny, portable credit card readers you use to pay at farmer's markets, bake sales, and smoothie shops are convenient for consumers and merchants alike. But while more and more transactions are passing through them, devices from four of the leading companies in the space—Square, SumUp, iZettle, and PayPal—turn out to have a variety of concerning security flaws. Learn about your ad choices: dovetail.prx.org/ad-choices

Apple's supply chain is one of the most closely monitored and analyzed in the world, both because of the control the company exerts and keen interest from third parties. But there's still never a guarantee that a mass-produced product will come out of the box totally pristine. In fact, it's possible to remotely compromise a brand new Mac the first time it connects to Wi-Fi. Learn about your ad choices: dovetail.prx.org/ad-choices

At this point, it seems like every so-called consumer smart device—from routers and baby monitors to connected thermostats and garage door openers—has been shown to have vulnerabilities. But that same security crisis has also played out on a macro scale, exposing municipal works and public safety sensors to manipulation that could destabilize traffic lights, undermine radiation sensors, or even create a calamity like causing a dam to overflow because of tainted water level data. Learn about your ad choices: dovetail.prx.org/ad-choices

It’s never been easier to trade stocks; just a few taps or clicks will do the trick. But most of the platforms that millions of market participants rely on to move their money suffer from cybersecurity shortcomings, new research warns. As if stocks weren’t risky enough already. A new report from Alejandro Hernández, a security consultant at IOActive, found that nearly all of the 40 major online trading platforms he investigated had at least some form of vulnerability. Learn about your ad choices: dovetail.prx.org/ad-choices

On Saturday, as Venezuelan President Nicolas Maduro gave a speech in Caracas before a large military assemblage, drones carrying explosives approached, detonating near the stage. While Maduro was unharmed, Venezuelan information minister Jorge Rodriguez said that the attack injured seven soldiers. It's a method of assault that only a few years ago felt unthinkable, but has quickly become inevitable. Learn about your ad choices: dovetail.prx.org/ad-choices

Ankle monitors are trending these days: Movie mogul Harvey Weinstein and former Donald Trump campaign chair Paul Manafort are under the electronic tether, and last month, in the wake of outrage over immigration officials separating families at the border, US Immigration and Customs Enforcement began monitoring migrant parents electronically rather than keeping them incarcerated in detention centers. More than 35,000 immigrants have been assigned an ankle monitor GPS unit. Learn about your ad choices: dovetail.prx.org/ad-choices

You might not be shocked that this week began with big news about a coordinated misinformation campaign on Facebook. But in a twist on the usual narrative, Facebook welcomed the media reports, calling a press conference to reveal that it had removed 35 fake accounts. The rare proactive step was a clear attempt to show the media and Congress that Facebook is tackling misinformation head in the runup to the midterm elections. Learn about your ad choices: dovetail.prx.org/ad-choices