Security News This Week: A Coachella Smartphone Thief Forgot About 'Find My iPhone'

Each weekend we round up the news stories that we didn’t break or cover in depth but that still deserve your attention.
2017 Coachella Valley Music And Arts Festival  Weekend 1  Day 2
Christopher Polk/Getty Images

Another week, another round of exploits and intrigue. The good news? North Korea didn't do a nuclear test, as had been feared, and the missile launch it attempted went about as poorly as one could hope. The bad news is the continued brinksmanship that could spark armed regional conflict that quickly dominoes across the globe. But still!

In non-NK news, the US reportedly wants to charge Julian Assange, which would have pretty serious First Amendment implications for journalists. And on another legal front, courts are using AI for sentencing, which rings alarm bells for civil liberties advocates.

A sneaky new phishing attack could make fake websites appear not just legit but secure. We took a look at why encrypted phone calls haven't quite taken off yet the way chat has. And Facebook rolled out a handy new feature in beta that will let you use your Facebook account to get back into other services you forgot your password for.

Also,we've got SecureDrop now. Please use it to send us info securely and anonymously!

And there’s more. Each Saturday we round up the news stories that we didn’t break or cover in depth but that still deserve your attention. As always, click on the headlines to read the full story in each link posted. And stay safe out there.

Some people spend their time at Coachella enjoying the music. Others find love in unexpected places. And one, apparently walked around grabbing iPhones and stuffing over 100 of them into his backpack. Because technology contains wonders beyond all reasonable expectation, many of the victims immediately activated the “Find My iPhone” feature, allowing them not only to locate the alleged perp but literally follow him around the venue until security finally nabbed him. A nice reminder that crime doesn’t pay, especially dumb crime.

Bose manufactures some terrific noise-canceling headphones. That’s good! The accompanying app that Bose encourages its customers to download allegedly tracks listening habits, and sells that information to data warehouses. That’s… less good. The allegation comes in a lawsuit filed this week in Chicago, which seeks “millions of dollars” for affected Bose owners. The act of collecting consumer data and selling it to third-party advertisers and such shouldn’t surprise; that funds most of the web at this point. The lawsuit makes the distinction, though, that the Bose privacy agreement doesn’t mention data collection, and even if it did, consumers don’t see it after downloading the app.

A hefty percentage of cybersecurity efforts focus on software solutions, which makes sense given how most of the problems are structured. But Darpa, the government’s tech-brain battalion, wants hardware to get a little more love. The agency says it can prevent up to 40 percent of current cyberattacks with more secure hardware. The ultimate goal? Processors that are smart enough to stave off software attacks without having to wait for a patch. There’s been some work in this area already—Intel bought McAfee a few years ago to help secure its processors, then sold off its majority stake last fall—but hopefully a nudge from Darpa will prompt some much-needed progress.

Surveillance: It’s not just for professionals! Motherboard this week ran an illuminating series on consumer-level snooping enabled by apps like FlexiSpy, and their disturbing implications. Go ahead and read them all if you have time, but especially the one that kicks the series off.