This week started with a bang and just kept going. In the small hours of Saturday night, Tiktok cut access to users in the United States before the Sunday deadline that forced Apple and Google to remove the video part app from their app stores. While tapping was dark, US users rushed to reach the Tiktok ban, while several other unexpected programs also cut off their access to Americans. However, by noon on Sunday, Tiktok access had already returned in the US. By Monday night, newly inaugurated US President Donald Trump signed an executive order that delayed the Tiktok ban by 75 days.

Trump did well on Tuesday with his promise to free Ross Ulbricht, the captive creator of the Silk Road Dark web market, where users sold drugs, guns and worse. Ulbricht spent more than 11 years behind bars after being arrested by the FBI in 2013 and later sentenced life in prison. Trump’s decision to forgive Ulbricht is largely seen as linked to the support he received from the libertarian cryptocurrency community, which has long regarded the Silk Road creator as a martyr.

While the world entered the second Trump era, Wired sits down with Jen Easterly, who recently left her top position as director of the Cyber ​​Security and Infrastructure around the cyber threats the US and the uncertain future of the US face , to discuss as the leading watchdog against nation state hackers and other digital security threats facing the US.

Finally, our new research set out that revealed how trivial errors exposed Subaru’s system to locate the locations of its customers’ vehicles. The researchers found that they could access a web portal for Subaru employees who could determine them up to a year’s value of a car’s place – to the parking spaces they use. The defects are now being patched, but Subaru employees still have access to the manager’s sensitive data.

That’s not all. Every week we make the security and privacy news that we do not cover in depth ourselves. Click the headings to read the full stories. And stay safe out there.

An American judge in New York this week found that the FBI’s practice of seeking data on US persons under section 702 of the Foreign Intelligence Act without obtaining a warrant is unconstitutional. Fisa gives the US government the authority to raise the communication of foreign entities through Internet providers and businesses such as Apple and Google. After collecting this data, the FBI could perform “back door searches” for information on US citizens or residents who communicated with foreigners, and it did it without even getting a warrant. Judge Dearcy Hall found that these searches require a warrant. “To keep differently, the law enforcement would effectively allow a repository of communication under section 702 – including those of American persons – which can later be sought without restriction on demand,” the judge wrote.

According to the findings of an independent security researcher, a ‘problem’ with the basic functionality of Internet Internet Infrastructure Company Cloudflare’s content delivery network, or CDN, can reveal the rough location of people using apps, including those intended to protect privacy . Cloudflare has servers in hundreds of cities and more than 100 countries around the world. The CDN works by closing people’s internet traffic on its servers and then delivering the data from the server closest to a person’s location. The security researcher, who goes through Daniel, found a way to send an image to a target, collect the URL and then use a customized tool to question Cloudflare to find out which data center has delivered the image —and thus the state or possibly the city in which the target is. Fortunately, Cloudflare 404 media tells that this solved the problem after Daniel reported it.

In one of the first moves after Trump held office on Monday, the Department of Home Security abandoned everyone in the agency’s advisory committees. This includes the Cyber ​​Safety Review Board, which has investigated the widespread attacks on the US telecommunications system by China-backed hacker group Salt Typhoon. US authorities revealed in mid-November that Salt Typhoon has embedded itself in at least nine US telecommunications for spying purposes, possibly exposing someone who oversees unencrypted calls and text messages by Beijing. While the future of the CSRB remains uncertain, sources say to reporter Eric Geller that their investigation into Salt Typhoon’s attacks has been ‘dead’.