This week we're hoping to recruit William Shatner, who decided to boldly go into software reviews, evaluating Facebook Pages on his new Tumblr. In other news, Apple's next OS is now in public beta, Microsoft wants one Windows to rule them all, and everyone's talking Tor. To get the latest reviews and features from our editors in your inbox, subscribe to our weekly newsletters.

Security and privacy

Tor Project

Black Hat and Def Con are a little over a week away, so it's not surprising that Tor is on the minds of many. This week a Black Hat talk on how to de-anonymize Tor was canceled because the Carnegie Mellon presenters didn't have a go-ahead from their legal team. Another group, Exodus Intelligence, was able to exploit a vulnerability to de-anonymize Tor's Tails OS, pointing to the danger of considering any software totally secure. And Pando Daily points out that while Tor is seen as a toolset for avoiding government surveillance, it was in fact developed for and originally by US military and intelligence agencies before the Navy handed it off to the Electronic Frontier Foundation, which still gets government funding for the project.

Do you use Adblock Plus or a similar antitracking app? It's no help against a new type of online tracking, canvas fingerprinting, which according to Pro Publica builds a profile of you based on where you go and affects 5 percent of the top 100,000 websites. WhiteHouse.gov is one of those sites.

Speaking of tracking, Professor Owen Mundy doesn't need to say "here, kitty kitty"; he can simply find your cat through your photos. His project, I Know Where Your Cat Lives, maps cats using the metadata captured in photo apps like Flickr and Instagram. Lesson: Turn off geotagging if you don't want your cat, your kid, or yourself to get cyberstalked.

A possible solution: Store your own personal data rather than letting apps track you through location services and metadata. MIT Media Lab has proposed OpenPDS and Safe Answers to control the information flow and protect your privacy.

Who got hacked this week? The Wall Street Journal, StubHub, and the European Central Bank.

Last week four WordPress plug-ins proved vulnerable; this week it's MailPoet's turn. As many as 50,000 WordPress sites may have been hit by malware as a result.

Want to check your open-source code, like those WordPress plug-ins? The Department of Homeland Security now offers a code-checking service called Software Assurance Marketplace (SWAMP). That acronym may be more congenial to ogres than programmers.

Apple

Apple

The next Mac OS, Yosemite, is now in the hands of public beta testers, though some have had problems with the download. ZDNet has a preview, and CNET is digging through the new features, starting with Spotlight search. Developers are looking at another build of Yosemite, and Gizmodo has a sneak peek at the new iTunes. Rumor has it the final release of Yosemite will come in late October. Happy Halloween from Apple.

On the iOS front, Apple was accused of building security holes in iOS code, or "diagnostic back doors," depending on who you ask. Last weekend an iOS jailbreaker said that iPhones have undocumented back doors that let paired computers grab unencrypted user data, an opening that could be used or abused by law enforcement. Apple says that these are merely "diagnostic functions" that work only with the user's consent, and the company does not build back doors for government agencies of any country. A day later, Apple provided more detail about what these diagnostic back doors do.

Everyone's building a fitness app and an e-wallet, and indeed it appears that Apple is developing a mobile payment service for the fall. Amazon also released Amazon Wallet as an Android beta this week.

Microsoft

Windows logo

CEO Satya Nadella's mission memos point to a Microsoft future that's not just about PCs. One goal: merging the current versions of Windows into a single platform. But as Mary Jo Foley explains, "one Windows" doesn't really mean you'll run the same OS on phone, PC, tablet, and Xbox.

In the nearer future, Windows 8.1 Update 2 is reportedly coming on August 12. And if you missed the leaked screenshots allegedly showing Windows 9/Threshold, have a gander.

And in the present past, Windows XP no longer has Microsoft support, but AV-Test has evaluated 23 antivirus products on the OS. Top marks went to Bitdefender Internet Security, Kaspersky Internet Security, and Panda Cloud Antivirus Free.

OneNote is also embracing a "one to rule them all" philosophy, opening the API to make the app more versatile. OneNote's team, meanwhile, is opening the costume closet to promote OneNote on Surface with a cover of LMFAO's "Sexy and I Know It." Guys, beware the infinite loop of party.

In the bad news column, a Bromium Labs browser study found that Internet Explorer had the most security flaws.

Other news

Twitch logo

Google is not buying Spotify, contrary to rumors early in the week. But VentureBeat says that the deal to buy game-livestreaming service Twitch for $1 billion is on like Donkey Kong.

Facebook has launched a Save feature to make a list of all the stories, music, movies, and places that pop up in your timeline so that you can check them out later.

Reddit launched a liveblogging platform.

Twitter is beefing up direct-messaging to better compete with messaging apps. The latest improvement lets you see your entire DM history in the Twitter mobile apps.

How to...

Wi-Fi

There's an app for that? Srsly?

Yelling at cloud

When next you fear for the future, remember that 42,892 people (as of this writing) have downloaded a Chrome extension that replaces "cloud" with "butt" in your browser. It's called Cloud to Butt Plus, and it probably makes enterprise tech stories more fun, but I'm holding out for an app that inserts a yelling man at every instance of "cloud."

Drunk Post Translator is a Web app that turns your sober, perfectly spelled messages into drunk texts. You can choose the level of inebriation.

The Internet of things now includes Comfy, an app for controlling the office thermostat. The app learns from people's preferences, and you can see your colleagues' usage, which theoretically preempts temperature wars. (Private note to Stacy: Get a sweater. Nobody wants to work in an office hot enough for bikram yoga.)

Julie is managing editor of Download.com and has been cooking up tech editorial since 1996.