![](\"https:\/\/media.wired.com\/photos\/5b52311409b702757fc5f771\/master\/pass\/venmo_pub_priv.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Brian Barrett| Date: Sat, 21 Jul 2018 13:01:00 +0000<\/strong><\/p>\n This week started <\/span>with a controversial, widely derided meeting between President Trump and Russian leader Vladimir Putin<\/a>, and ended with\u2026 an invite for round two! And yes, all manner of craziness managed to happen in between.<\/p>\n That includes yet more denials on Trump\u2019s part that Russia interfered\u2014and continues to\u2014with US democracy, a stance that has serious repercussions<\/a>, however many times he walks it back. The Putin press conference performance also prompted concern across the aisle, as senators Marco Rubio and Mark Warner cast it as a major setback in efforts to safeguard the election<\/a>. For what it\u2019s worth, here\u2019s what special counsel Robert Mueller\u2019s been up to lately<\/a>, and where he\u2019ll likely go next.<\/p>\n The week wasn't a total Trumpapalooza. RealNetworks offered a new facial recognition tool to schools for free, introducing a host of privacy-related concerns<\/a>. And a company called Elucd is helping police better gauge how their precincts feel<\/a> about them by pushing surveys out through apps.<\/p>\n Good news could be found as well! We talked to the Google engineers who built Secure Browsing<\/a>, a suite of technologies that underpin security for a huge amount of the modern web. We profiled Jonathan Albright<\/a>, the academic who has shined the brightest spotlight on Russian influence campaigns in the 2016 election and beyond. And we took a look at two tools Amazon has tested that could help its leaky cloud problem<\/a>.<\/p>\n There's more! As always, we\u2019ve rounded up all the news we didn\u2019t break or cover in depth this week. Click on the headlines to read the full stories. And stay safe out there.<\/p>\n Privacy advocate and designer Hang Do Thi Duc this week brought attention to payment app Venmo\u2019s lack of built-in privacy. Her site, Public by Default, taps into Venmo\u2019s API to show the latest transactions taking place on the platform. In fact, the nearly 208 million public Venmo transactions that took place in 2017 can all be viewed at this URL<\/a>. But while Public by Default explores the inherent privacy issues with Venmo\u2019s opt-in privacy in largely anonymized fashion, a bot emerged Thursday that tweets<\/a> the usernames and photos of any users that appear to be buying drugs. Not ideal!<\/p>\n Ideally, Venmo would go ahead and make transactions private by default. But because it\u2019s structured as something of a social network\u2014peeping other people\u2019s emoji transaction descriptions is part of the appeal\u2014that\u2019s unfortunately unlikely. Instead, to better protect yourself, open the app, tap the hamburger menu in the upper left corner, tap Privacy<\/strong>, and select Private<\/strong>. You\u2019re welcome!<\/p>\n In a departure from current policy, deputy attorney general Rod Rosenstein Thursday said that the government will let American groups and individuals know when they are the subject of an effort to subvert US democracy. The Obama administration notably didn\u2019t do so in 2016, fearing that going public with Russia\u2019s actions would appear politically motivated. It\u2019s unclear exactly how the new policy will play out in practice, given that those sorts of disclosures will require a \u201chigh confidence\u201d in attribution\u2014tricky, especially in the digital sphere\u2014and that the DOJ presumably won\u2019t make any disclosures that would threaten ongoing investigations. Still, it would at least presumably prevent the current administration from trying to downplay or cover up any intrusions in the 2018 midterms and 2020 presidential campaigns.<\/p>\n A pair of high-profile attacks hit sensitive health care targets this week. Ontario-based CarePartners got hit with ransomware<\/a> that locked out medical histories and contact info for as many as tens of thousands of patients, and apparently credit card numbers and other sensitive information as well. And the same SamSam malware that hobbled<\/a> Atlanta struck LabCorp, a major lab services provider. Hackers apparently demanded $52,500 to free up the affected machines, but LabCorp appears inclined to simply replace them instead. Either way, it\u2019s a good reminder that ransomware targets hospitals and other health care targets disproportionally<\/a>, precisely because the stakes are so much higher.<\/p>\n As if the scourge of robocalls weren\u2019t bad enough already, a company called Robocent left hundreds of thousands of voter records, spread across 2,600 files, exposed on the open web. The data appears to have comprised mostly addresses and demographic information, but if nothing else it\u2019s a reminder that the cloud needs better tools<\/a> to keep this sort of thing from happening basically every week.<\/p>\n