Wired Security Spoken Edition

The Mueller report has been sitting in the Justice Department for nearly two weeks. Attorney general William Barr told Congress Wednesday he’s hoping the public will finally get a look at the 300-plus page document sometime within the next week, ending a bizarre period of dissembling and fumbling by Barr that has left America with more questions than answers about the seriousness of what Mueller uncovered. Learn about your ad choices: dovetail.prx.org/ad-choices

It was another busy week in the security world, and perhaps the biggest story was the arrest of Julian Assange in London on Thursday. The WikiLeaks founder is facing criminal charges in the US over allegations that he conspired to help Chelsea Manning hack into Pentagon computer networks nine years ago. It’s hardly an open-and-shut case, which Andy Greenberg broke down shortly after the indictment was unsealed. Learn about your ad choices: dovetail.prx.org/ad-choices

Tech news you can use, in two minutes or less: Julian Assange charged with computer hacking. WikiLeaks founder Julian Assange was arrested today in London and faces hacking charges from the US government. The indictment, which was unsealed today, centers around an allegation that Assange promised to help then Army-private Chelsea Manning gain access to classified materials. Learn about your ad choices: dovetail.prx.org/ad-choices

If you use a smart speaker, you know all of the conveniences and delights that make it more than just a glorified paper weight. But, admit it, you've probably given it some privacy side-eye from time to time. After all, it is a microphone that just sits in your house waiting for a wake word to start recording what you say. Here's how to tighten the reins on what Alexa, Google Assistant, and Siri can hear, when, and how it gets used. It's a good time to take stock. Learn about your ad choices: dovetail.prx.org/ad-choices

For the first time since 2012, WikiLeaks founder Julian Assange no longer has the legal protections of the Ecuadorean Embassy in London. He now faces the criminal charges he's always suspected and feared—although it's now clear that he's accused of criminal behavior not as a journalist, or even a spy, but a hacker. On Thursday, London's metropolitan police physically dragged Assange out of his residence at the embassy and into a police van. Learn about your ad choices: dovetail.prx.org/ad-choices

Over the past few years, scammers have increasingly siphoned cash off of digital payment networks, stealing hundreds of millions of dollars so far. Not only is the problem hard to contain; new findings show that it's evolving and maturing, with new types of ATM malware on the rise. Researchers at the Kaspersky Security Analyst Summit in Singapore are presenting findings on Wednesday about a new wave of payment system scams. Learn about your ad choices: dovetail.prx.org/ad-choices

Private companies around the world have evolved a gray industry supplying digital surveillance and hacking tools to governments and local law enforcement. As the once little-known practice has grown, so too has the resulting malware. Researchers have now found that one of these spyware products, which had previously been found on the Google Play Store, also targeted iOS. Learn about your ad choices: dovetail.prx.org/ad-choices

When the malware known both as Triton and Trisis came to light in late 2017, it quickly gained a reputation as perhaps the world's most dangerous piece of code: the first ever designed to disable the safety systems that protect industrial facilities from potentially lethal physical accidents. But Triton hackers still have to engage in a far more common forms of hacking to plant that code, in some cases spending close to a year digging their way through IT networks before they reach their targets. Learn about your ad choices: dovetail.prx.org/ad-choices

In March 2017, the Android security team was feeling pleased with itself. The group had detected, analyzed, and neutralized a sophisticated botnet built on tainted apps that all worked together to power ad and SMS fraud. Dubbed "Chamois," the malware family had already cropped up in 2016, and was being distributed both through Google Play and third-party app stores. So the Android team started aggressively flagging and helping to uninstall Chamois until they were sure it was dead. Learn about your ad choices: dovetail.prx.org/ad-choices

Tech news you can use, in two minutes or less: Hackers found their way into Apple's ecosystem, and possibly your phone Cyber criminals have been directing users to download something called Exodus, an app that was actually malware. It allowed access to photos, videos, device IDs, audio recordings, and contacts, potentially tracking a victim's location and listening to their conversations through the microphone. Learn about your ad choices: dovetail.prx.org/ad-choices

What a week for Facebook. The news blitz began over the weekend, as the company responded to multiple recent controversies, from livestreaming to disappearing blog posts. Then on Wednesday, security researchers at UpGuard found that two different third-party apps left more than 540 million Facebook records unprotected in the cloud. On Friday, we reported that Facebook had been letting cybercrime groups operate in plain sight. It never ends. Learn about your ad choices: dovetail.prx.org/ad-choices

Years into the robocalling frenzy, your phone probably still rings off the hook with "important information about your account," updates from the "Chinese embassy," and every bogus sweepstakes offer imaginable. That's despite promises from the telecom industry and the US government that solutions would be coming. Much like the firehose of spam that made email almost unusable in the late 1990s, robocalls have made people in the US wary of picking up their cell phones and landlines. Learn about your ad choices: dovetail.prx.org/ad-choices

Facebook's failure to moderate bad behavior on the sprawling online world it created, from political trolls to extremist content to livestreamed acts of horrific violence, has received a torrent of criticism. But one group of researchers found that the social media giant is also failing to police a far more basic and decades-old internet problem among its users: plain old cybercrime. Learn about your ad choices: dovetail.prx.org/ad-choices

“If it ain’t broke, don’t fix it,” the adage goes. But for the sunset of Patriot Act authorities later this year—including Section 215, a controversial provision that allows the National Security Agency to collect records, including those about Americans’ phone calls—the more applicable phrase may be “If it keeps breaking, throw it out. Learn about your ad choices: dovetail.prx.org/ad-choices

On Saturday afternoon, Yujing Zhang arrived at Mar-a-Lago and approached a Secret Service agent, seeking entry. She explained, according to court documents, that she was there to use the pool. What happened next illustrates just how hard it is to secure President Trump’s home away from the White House, and it joins a steadily growing number of concerning incidents. Learn about your ad choices: dovetail.prx.org/ad-choices

Tech news you can use, in two minutes or less: Facebook exposed your personal information ... again Researchers discovered hundreds of millions of Facebook users' data was left unprotected once again, this time on Amazon's servers. The information exposed was stuff like names, passwords, comments, interests, and likes. The tl;dr: Facebook doesn't seem to have much control over what third parties do with your data, basically ever, so you might want to lock down those privacy settings. Learn about your ad choices: dovetail.prx.org/ad-choices

Researchers at the cybersecurity firm Upguard have discovered two troves of unprotected Facebook user data sitting on Amazon’s servers, exposing hundreds of millions of records about users, including their names, passwords, comments, interests, and likes. The datasets had been uploaded to Amazon’s cloud system by two different Facebook app developers. Learn about your ad choices: dovetail.prx.org/ad-choices

In December, Mastercard announced that it was working to develop an international digital identity scheme which could be used as a flexible verifier for financial transactions, government interactions, or online services. The idea of a secure, decentralized, universal ID has become a sort of holy grail in the age of rapid digital interactions and rampant identity fraud. Mastercard's initial announcement was met with some skepticism from privacy-minded observers. Learn about your ad choices: dovetail.prx.org/ad-choices

A report on Thursday from a British government oversight group found that Chinese telecom-equipment maker Huawei has basic, but deeply problematic flaws in its product code that create security risks. The shortcomings, many of which Huawei had previously promised to improve, stem from issues with its software development processes, according to the report. Learn about your ad choices: dovetail.prx.org/ad-choices

"Right to repair just basically says, ‘Hey guys, you got to make the information and the parts available.’" U.S. Sen. Elizabeth Warren, appearing on All In with Chris Hayes, Wednesday March, 27. Our work to help people fix their stuff reached a milestone last week, when Massachusetts Senator Elizabeth Warren called for Right to Repair to support farmers struggling with growing antitrust issues in agriculture. Learn about your ad choices: dovetail.prx.org/ad-choices