Blogroll | Communications of the ACM

From Schneier on Security

Friday Squid Blogging: Sqids

They’re short unique strings: Sqids (pronounced “squids”) is an open-source library that lets you generate YouTube-looking IDs from numbers. These IDs are short... Bruce Schneier
From Schneier on Security | December 29, 2023 at 05:08 AM

From Schneier on Security

AI and Lossy Bottlenecks

Artificial intelligence is poised to upend much of society, removing human limitations inherent in many systems. One such limitation is information and logistical... B. Schneier
From Schneier on Security | December 28, 2023 at 07:01 AM

From Schneier on Security

New iPhone Security Features to Protect Stolen Devices

Apple is rolling out a new “Stolen Device Protection” feature that seems well thought out: When Stolen Device Protection is turned on, Face ID or Touch ID authentication... Bruce Schneier
From Schneier on Security | December 27, 2023 at 07:01 AM

From Schneier on Security

Google Stops Collecting Location Data from Maps

Google Maps now stores location data locally on your device, meaning that Google no longer has that data to turn over to the police. Bruce Schneier
From Schneier on Security | December 26, 2023 at 07:03 AM

From Schneier on Security

Friday Squid Blogging: Squid Parts into Fertilizer

It’s squid parts from college dissections, so it’s not a volume operation. As usual, you can also use this squid post to talk about the security stories in thehere... Bruce Schneier
From Schneier on Security | December 22, 2023 at 05:08 PM

From Schneier on Security

Data Exfiltration Using Indirect Prompt Injection

Interesting attack on a LLM: In Writer, users can enter a ChatGPT-like session to edit or create their documents. In this chat session, the LLM can retrieve information... Bruce Schneier
From Schneier on Security | December 22, 2023 at 07:05 AM

From Schneier on Security

GCHQ Christmas Codebreaking Challenge

Looks like fun. Details here. Bruce Schneier
From Schneier on Security | December 20, 2023 at 07:05 AM

From Schneier on Security

OpenAI Is Not Training on Your Dropbox Documents—Today

There’s a rumor flying around the Internet that OpenAI is training foundation models on your Dropbox documents. Here’s CNBC. Here’s Boing Boing. Some articles are... Bruce Schneier
From Schneier on Security | December 19, 2023 at 07:09 AM

From Schneier on Security

Police Get Medical Records without a Warrant

More unconstrained surveillance: Lawmakers noted the pharmacies’ policies for releasing medical records in a letter dated Tuesday to the Department of Health and... Bruce Schneier
From Schneier on Security | December 18, 2023 at 10:37 AM

From Schneier on Security

Friday Squid Blogging: Underwater Sculptures Use Squid Ink for Coloring

The Molinière Underwater Sculpture Park has pieces that are colored in part with squid ink. As usual, you can also use this squid post to talk about the security... Bruce Schneier
From Schneier on Security | December 15, 2023 at 05:06 PM

From Schneier on Security

A Robot the Size of the World

In 2016, I wrote about an Internet that affected the world in a direct, physical manner. It was connected to your smartphone. It had sensors like cameras and thermostats... Bruce Schneier
From Schneier on Security | December 15, 2023 at 07:01 AM

From Schneier on Security

Surveillance Cameras Disguised as Clothes Hooks

This seems like a bad idea. And there are ongoing lawsuits against Amazon for selling them. Bruce Schneier
From Schneier on Security | December 14, 2023 at 11:23 AM

From Schneier on Security

Surveillance by the US Postal Service

This is not about mass surveillance of mail, this is about sorts of targeted surveillance the US Postal Inspection Service uses to catch mail thieves: To track... Bruce Schneier
From Schneier on Security | December 13, 2023 at 07:04 AM

From Schneier on Security

New Windows/Linux Firmware Attack

Interesting attack based on malicious pre-OS logo images: LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years,... Bruce Schneier
From Schneier on Security | December 12, 2023 at 07:01 AM

From Schneier on Security

Facebook Enables Messenger End-to-End Encryption by Default

It’s happened. Details here, and tech details here (for messages in transit) and here (for messages in storage) Rollout to everyone will take months, but it’s a... Bruce Schneier
From Schneier on Security | December 11, 2023 at 07:10 AM

From Schneier on Security

Friday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering Code

Another rare security + squid story: The woman—who has only been identified by her surname, Wang—was having a meal with friends at a hotpot restaurant in Kunming... Bruce Schneier
From Schneier on Security | December 8, 2023 at 05:03 PM

From Schneier on Security

New Bluetooth Attack

New attack breaks forward secrecy in Bluetooth. Three. news articles. The vulnerability has been around for at least a decade. Bruce Schneier
From Schneier on Security | December 8, 2023 at 07:05 AM

From Schneier on Security

Spying through Push Notifications

When you get a push notification on your Apple or Google phone, those notifications go through Apple and Google servers. Which means that those companies can spy... Bruce Schneier
From Schneier on Security | December 7, 2023 at 07:02 AM

From Schneier on Security

Security Analysis of a Thirteenth-Century Venetian Election Protocol

Interesting analysis: This paper discusses the protocol used for electing the Doge of Venice between 1268 and the end of the Republic in 1797. We will show that... Bruce Schneier
From Schneier on Security | December 6, 2023 at 01:18 PM

From Schneier on Security

The Internet Enabled Mass Surveillance. AI Will Enable Mass Spying

Spying and surveillance are different but related things. If I hired a private detective to spy on you, that detective could hide a bug in your home or car, tap... Bruce Schneier
From Schneier on Security | December 5, 2023 at 07:10 AM