As has become an unwelcome tradition, as Friday wound down and the weekend was so close we could nearly taste it, breaking news hit. The biggest Friday night bombshell came in the form of an indictment of a Russian national engaged in a massive conspiracy to influence the upcoming midterm elections. With millions of dollars at her disposal, she and her co-conspirators have allegedly been engaging in a coordinated effort to use Americans’ weaknesses and divisions against us, to amp up racial discord, and generally sow chaos and discontent.
Of course, it wasn’t like the week had been drama free up until that point. The fun, if you can call it that, began last Saturday, when Robert Mueller expert Garrett Graff explained what he expected to see next from the investigation into Russia’s attack on the 2016 election. (Hint: A lot, and soon.) A startup called Helm came out of stealth mode on Tuesday to try to help you reclaim possession of your own data. A years-old Chinese malware made a mysterious return to the scene. And Facebook announced it wasn’t nation-state hackers who stole the data of 33 millions users; it was just spammers. We laid out all the terrible things spammers could do with that data. Earlier in the week, after facing criticism for its new video-chatting Portal’s spying potential, Facebook also showed off its War Room, from which it intends to protect the midterm elections from hackers. We hope those inside the War Room were reading Friday’s indictment with keen interest.
That’s not all. As always, we’ve rounded up all the news we didn’t break or cover in depth this week. Click on the headlines to read the full stories. And stay safe out there.
[Donald Daters Got Donald-Data-Leaked] (https://techcrunch.com/2018/10/15/donald-daters-a-dating-app-for-trump-supporters-leaked-its-users-data/)
It’s hard to find love nowadays, what with all the ideological divisions separating us and the many confusing apps we have to navigate to get a date. That’s where Donald Daters was supposed to come in. It’s a dating app specifically for Donald Trump supporters to find each other. If you’re a Trump supporter and you don’t want to risk falling in love with with a cute Bernie Bro or Hillary Hawk (I just made that “hawk” thing up, but it’s kind of cute, so you’re welcome, future Hillary campaign staff), the app offers a safe space. Its tagline: “Make America Date Again.” Before it even launched, 1,600 users signed up.
Unfortunately for those lovelorn enlistees, when the app did launch on Monday, it leaked all of their data. According to ZDNet, a French security researcher was able to find and download the complete list of Donald Daters from the app, including their names, private messages, and an access token with which he could take over their entire accounts. In response, the app took the private messaging feature offline. Word to the wise, Donald Daters: It’s not enough for an app to ensure you a certain level of political homogeneity. It needs to ensure some data protection, too.
The cyrptocurrency market might look like it’s imploding, but experts told WIRED this weekend that it’s just beginning to grow into its potential. That’s great news for people who want to get rich by stealing other people’s bitcoins. Case in point: The North Korean crew who allegedly stole more than $571 million in cryptocurrency in just five hacks. The crew, known as “Lazarus,” is responsible for more than half of the cryptocurrency stolen since 2017, according to a new report.
An employee of the Houston Astros was caught filing the dugout of the Cleveland Indians during a post-season game. The Indians filed a complaint, saying the Astros were trying to cheat by spying on their competitors. The Astros contended that rather than spying, they were conducting surveillance to monitor the Indians to make sure they weren’t breaking rules. Not to nitpick, but … is surveillance not spying? The line between monitoring and spying and surveillance seems murky, if it exists at all. Security experts might scratch their heads, but the MLB sided with the Astros.
The New York Attorney General is taking a closer look at those fake comments left on the FCC’s website pretending to be from people who opposed net neutrality. According to The Wall Street Journal, a dozen or more advocacy groups and lobbying firms have been subpoenaed in connection to the millions of false statements, which made it look erroneously like there was popular support for repealing net neutrality laws when, in fact, the overwhelming majority of the public supported net neutrality. One of the groups being investigated is supported by AT&T, a company with a vested monetary interest in repealing net neutrality.
Nothing to see here, folks. Tumblr on Wednesday said it patched a vulnerability that would have allowed hackers to access user information, including email and IP addresses, self-reported locations, and passwords. Tumblr emphasized in a blog post that it had found no evidence that anyone had ever taken advantage of the vulnerability, or that any of the data had ever actually been exposed.
Better late than never. You can already download your Facebook and Google data, but as of Wednesday Apple is allowing you to do the same–just in time to comply with Europe’s General Data Protections Rule. Apple users in Europe have been able to access their data since May, when the GDPR first went into effect. You can access your data via Apple’s Data and Privacy page, after signing in with your Apple ID.