Security News This Week: The Government Wants to Listen In on Your Smart Home

THIS WEEK WAS jam-packed with security news. A new worldwide survey of crypto products shows that encryption is international, so a ban makes no sense. Researchers found a way to hack power grids by remotely manipulating air conditioners. Obama covered the basics in a new cybersecurity plan, perhaps in an attempt to secure his legacy. FBI and DHS employees got hacked. Googleannounced the phasing out of Flash in banner ads. India banned Facebook’s Basics app to support net neutrality. Wecelebrated the 20-year anniversary of John Perry Barlow’s “Declaration of Independence of Cyberspace” manifesto, and looked at how you can donate your old USB drive to fight North Korean brainwashing. A new Malware Museumwas born. And someone finally wrote a good encryption billto preempt states from trying to implement their own anti-crypto policies at a state level.

But that’s not all. Each Saturday we round up the news stories that we didn’t break or cover in depth at WIRED, but which deserve your attention nonetheless. As always, click on the headlines to read the full story in each link posted. And stay safe out there!

US Intelligence Chief James Clapper: The Government Could Use the Internet of Things to Spy on You

US Director of National Intelligence James Clapper said in a congressional testimony that intelligence services could use the increasingly interconnected smart household devices for surveillance. “In the future, intelligence services might use the [internet of things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials,” he said.

More Than A Third of Leaked Police Contracts Contain Guarantees To Keep Disciplinary Records Secret, Destroy Civilian Complaint Records

How’s this for accountability? Leaked police contracts contain guarantees blocking public access to disciplinary records, formal complaints against officers, and internal investigation documents. Some contracts even had clauses allowing for complaints and disciplinary records to be destroyed after a negotiated amount of time. The documents became publicly accessible when hackers breached the Fraternal Order of Police website and posted its files online.

Hacked Toy Company Updates Terms of Service to Shunt Responsibility for Future Hacks

VTech, the toy company that reopened last week after a data breach exposed the personal data of more than 6 million children, is now back online. The bad news is that its terms and conditions include a new statement requiring users to acknowledge that any information they send or receive while using the site could be insecure or at risk of unauthorized interception. Although the clause may not be valid legally, it could be an attempt by the site to restrict liability for future hacks.

NYPD Has Used Stingrays More Than 1,000 Times Since 2008

In response to a public records request submitted by the NYCLU, the NYPD has disclosed that it not only owns and operates Stingrays, but that it’s done so more than a thousand times between May 2008 and May 2015. Further, it does so without any sort of written policy, and primarily through the use of pen register, a lower standard than an actual warrant, which would require probable cause. Last year, the Department of Justice began using warrants rather than pen registers for using the cell site simulators barring exceptional/emergency circumstances.

http://www.wired.com/2016/02/security-news-this-week-the-government-wants-to-listen-in-on-your-smart-home/