Searching for smart, safe news you can TRUST?

Support safe, smart, REAL journalism. Sign up for our Axios AM & PM newsletters and get smarter, faster.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Searching for smart, safe news you can TRUST?

Support safe, smart, REAL journalism. Sign up for our Axios AM & PM newsletters and get smarter, faster.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Minneapolis-St. Paul

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa-St. Petersburg news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa-St. Petersburg

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Photo: Olly Curtis/Future via Getty Images

A newly discovered variation of an old technique might make it easier for hackers to convince inattentive users of Google Voice and Alexa smart speakers to cough up their passwords.

The big picture: The security flaw was discovered by SRLabs and was first reported by ZDNet, but it has not been witnessed in use by actual hackers. Google has already announced closing the flaw.

What's happening: With smart speakers, it's tough to tell if an application is still open after it stops speaking. Researchers have, over the years, discovered several ways to force smart speakers to stop talking for a few minutes — making it appear as though an app has closed — before sending a message requesting a user to reenter their password. At this point, it seems like it's Google and not an app asking for the info.

  • In the SRLabs case, adding the "�" character to various commands allowed programmers to keep an app open much longer than it should be.
  • Smart speakers frequently have a light or other notification to show that an app is still running. That's useful if a user thinks to look for it and is nearby, but easy to overlook during a hectic day.

Go deeper

53 mins ago - Health

Ipsos poll: COVID trick-or-treat

Data: Axios/Ipsos poll; Note ±3.3% margin of error for the total sample size; Chart: Andrew Witherspoon/Axios

About half of Americans are worried that trick-or-treating will spread coronavirus in their communities, according to this week's installment of the Axios/Ipsos Coronavirus Index.

Why it matters: This may seem like more evidence that the pandemic is curbing our nation's cherished pastimes. But a closer look reveals something more nuanced about Americans' increased acceptance for risk around activities in which they want to participate.

Updated 9 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Health: The good and bad news about antibody therapies — Fauci: Hotspots have materialized across "the entire country."
  2. World: Belgium imposes lockdown, citing "health emergency" due to influx of cases.
  3. Economy: Conference Board predicts economy won’t fully recover until late 2021.
  4. Education: Surge threatens to shut classrooms down again.
  5. Technology: The pandemic isn't slowing tech.
  6. Travel: CDC replaces COVID-19 cruise ban with less restrictive "conditional sailing order."
  7. Sports: High school football's pandemic struggles.
  8. 🎧Podcast: The vaccine race turns toward nationalism.
Dan Primack, author of Pro Rata
Updated 10 hours ago - Economy & Business

Dunkin' Brands agrees to $11B Inspire Brands sale

Photo: Alexi Rosenfeld/Getty Images

Dunkin' Brands, operator of both Dunkin' Donuts and Baskin-Robbins, agreed on Friday to be taken private for nearly $11.3 billion, including debt, by Inspire Brands, a restaurant platform sponsored by private equity firm Roark Capital.

Why it matters: Buying Dunkin’ will more than double Inspire’s footprint, making it one of the biggest restaurant deals in the past 10 years. This could ultimately set up an IPO for Inspire, which already owns Arby's, Jimmy John's and Buffalo Wild Wings.