![](\"https:\/\/media.wired.com\/photos\/5d03f9f46874e023c3efb715\/master\/pass\/Security-HongKongProtests-AP_19164322233009.jpg\"\/)
<\/p>\n<\/p>\n
Credit to Author: Emily Dreyfuss| Date: Sat, 15 Jun 2019 13:00:00 +0000<\/strong><\/p>\n It\u2019s mid June, <\/span>and according to tradition, the news cycle is supposed to be lethargic, cooling off in a hammock somewhere and taking it easy. Not so much this week.<\/p>\n It started off well enough: On Sunday we explained how to actually, finally stop all those robocalls<\/a>\u2014or at least slow them down.<\/p>\n But then Monday hit, and the US government confirmed<\/a> that hackers had stolen a border agency database full of traveler photos. The incident proves that as the government has rushed to embrace biometrics, it hasn\u2019t bothered to worry enough about securing that sensitive data.<\/p>\n Things didn\u2019t slow down from there. Tuesday, a much more fun cache of data leaked online: 18 hours of previously unreleased music from Radiohead. And who leaked it? None other than Radiohead themselves, who did it to undercut someone trying to extort the band for $150,000 to keep the songs offline. Hail to the thief, indeed.<\/p>\n Google continues to swear it is not trying to kill ad blockers, despite what ad blockers say, Lily Hay Newman reported<\/a> Wednesday. And Symantec VP Darren Shou explained<\/a> why the next big hurdle for AI is teaching it to forget.<\/p>\n Thursday we brought you three big stories: we went inside Cloudflare\u2019s five-year project<\/a> to protect nonprofits; reported that Google is actually trying to close the major loophole<\/a> in web encryption; and had the exclusive\u2014and insane!\u2014story of how Alphabet-owned Jigsaw bought a disinformation campaign<\/a> in Russia for the low, low price of $250.<\/p>\n Wanting to end the week on a terrifying note, Andy Greenberg reported on Friday that the dangerous hacking group known as Triton has been probing the US power grid<\/a>. Oh, and then that Cellebrite, an Israeli data extraction company that contracts with the US government, says<\/a> it now has a tool that can unlock any iPhone.<\/p>\n Of course, there was more. Every Saturday we round up the security and privacy stories we didn\u2019t break or report on in depth, but which we think you should know about nonetheless. Click on the headlines to read them, and stay safe out there.<\/p>\n As protests erupted in the streets of Hong Kong this week, over a proposed law that would allow criminal suspects to be extradited to mainland China, the secure messaging app Telegram was hit with a massive DDoS attack. The company tweeted on Wednesday that it was under attack. Then the app\u2019s founder and CEO Pavel Durov followed up<\/a> and suggested the culprits were Chinese state actors. He tweeted that the IP addresses for the attackers were coming from China. \u201cHistorically, all state actor-sized DDoS (200-400 Gb\/s of junk) we experienced coincided in time with protests in Hong Kong (coordinated on @telegram<\/a>). This case was not an exception,\u201d he added. As Reuters notes, Telegram was DDoSed during protests in China in 2015, as well. Hong Kong does not face the strict internet censorship that exists in mainland China, although activists have expressed concern<\/a> about increased pressure from Beijing on the region.<\/p>\n After years of criticism that its voting machines contained flawed and insecure software, major voting machine supplier Election System and Software announced this week that it will stop selling machines that have no paper ballot\u2014as the primary machines in any given jurisdiction, at least. Voting security experts have long warned about ES&S\u2019s<\/a> machines in particular, and advised that paper ballots are always more secure because they provide an auditable backup. Ars Technica explains the move comes after 18 months of increased scrutiny from lawmakers and outside experts, and a wave of states embracing paper ballots ahead of the 2020 presidential election.<\/p>\n