Welcome to Codebook, the cybersecurity newsletter that doesn't understand all the settings on its iron. Tips? Comments? Please reply to this email.
Screenshot of Internet Research Agency Facebook post
Democrats on the House Intelligence Committee Thursday released a redacted set of all the Facebook ads placed by Russia's Internet Research Agency before and after the 2016 election.
What the ads show: The ads — all 3519 of them — appear to be aimed at polarizing the American public. Often, that means taking both sides of the same issue.
Be smart: We still don't know whether the Facebook campaign actually succeeded in achieving any of Russia's goals.
Whether or not it was successful, the social media campaign probably represented an adversarial government spending a fortune to break federal laws in order to try to toy with the American public. And that alone is more than a little alarming.
National security advisor John Bolton. Photo: Mark Wilson/Getty Images
Politico's Eric Geller reports new national security advisor John Bolton wants to eliminate the White House's top cybersecurity post, currently held by Rob Joyce (who resigned just after Bolton took office).
Why it matters: For a White House facing unprecedented cybersecurity threats, The Trump administration sure seems eager to cut back on cybersecurity personnel and devalue expertise on the issue.
Morale in natsec low: Geller describes morale at the National Security Council as low as Bolton shifts priorities on cyber and other issues.
What are we even doing here? It's probably no surprise that a cybersecurity newsletter is in the "Hey, maybe this is a thing" camp on this story. Still: This White House took office during a hacking scandal and has been on duty while a single act of cyberwarfare cost global companies more than $1 billion. That makes demoting cybersecurity a move that's hard to fathom.
Signal Messenger's self-destructing messages are saved by the Mac operating system's notification feature.
Why it matters: The end-to-end encrypted Signal is as close to a gold standard in secure chat as you will find among privacy-conscious users. But that was in part because the messages weren't stored beyond pre-designated time limits. Now, every old message is fair game for hackers again, provided it was sent to someone using a Mac version of Signal.
The details: The Mac notification system doesn't automatically delete old messages. Signal isn't coded to delete its own notifications, either. So even after it has deleted messages in its application, the system keeps a record of the notification of the message — even for users who have notifications turned off.
A federal appeals court ruled that border agents cannot do automated forensic search of cellphones without reason to assume their owners committed a crime — and possibly, not without a warrant.
Why it matters: Border agents have extremely broad authority to detain and search people coming into the country — so much so that agents have more or less taken free rein to search devices of anybody they choose.
The details: Though the court’s ruling limits government authority, the government won the case at hand.
If you've missed our coverage so far:
But, but, but: Though Iran has responded to U.S. actions with cyber attacks in the past, it may have some strategic reasons not to do that this time.
Codebook will return Tuesday. And why wouldn't it?