Communications of the ACM
Refine your search:
How the “Frontier” Became the Slogan of Uncontrolled AI
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration …
From Schneier on Security
Insider Attack on Home Surveillance Systems
No one who reads this blog regularly will be surprised: A former employee of prominent home security company ADT has admitted that he hacked into the surveillance...
From Schneier on Security
SVR Attacks on Microsoft 365
FireEye is reporting the current known tactics that the SVR used to compromise Microsoft 365 cloud data as part of its SolarWinds operation: Mandiant has observed...
From Schneier on Security
Sophisticated Watering Hole Attack
Google’s Project Zero has exposed a sophisticated watering-hole attack targeting both Windows and Android: Some of the exploits were zero-days, meaning they targeted...
From Schneier on Security
Injecting a Backdoor into SolarWinds Orion
Crowdstrike is reporting on a sophisticated piece of malware that was able to inject malware into the SolarWinds build process: Key Points SUNSPOT is StellarParticle...
From Schneier on Security
Click Here to Kill Everybody Sale
For a limited time, I am selling signed copies of Click Here to Kill Everybody in hardcover for just $6, plus shipping. Note that I have had occasional problems...
From Schneier on Security
Cell Phone Location Privacy
We all know that our cell phones constantly give our location away to our mobile network operators; that’s how they work. A group of researchers has figured out...
From Schneier on Security
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking (online) as part of Western Washington University’s Internet Studies Lecture Series...
From Schneier on Security
Finding the Location of Telegram Users
Security researcher Ahmed Hassan has shown that spoofing the Android’s “People Nearby” feature allows him to pinpoint the physical location of Telegram users: Using...
From Schneier on Security
On US Capitol Security — By Someone Who Manages Arena-Rock-Concert Security
Smart commentary: …I was floored on Wednesday when, glued to my television, I saw police in some areas of the U.S. Capitol using little more than those same mobile...
From Schneier on Security
Cloning Google Titan 2FA keys
This is a clever side-channel attack: The cloning works by using a hot air gun and a scalpel to remove the plastic key casing and expose the NXP A700X chip, which...
From Schneier on Security
Friday Squid Blogging: Squids Don’t Like Pile-Driving Noises
New research: Pile driving occurs during construction of marine platforms, including offshore windfarms, producing intense sounds that can adversely affect marine...
From Schneier on Security
Changes in WhatsApp’s Privacy Policy
If you’re a WhatsApp user, pay attention to the changes in the privacy policy that you’re being forced to agree with. In 2016, WhatsApp gave users a one-time ability...
From Schneier on Security
Russia’s SolarWinds Attack and Software Security
The information that is emerging about Russia’s extensive cyberintelligence operation against the United States and other countries should be increasingly alarming...
From Schneier on Security
APT Horoscope
This delightful essay matches APT hacker groups up with astrological signs. This is me: Capricorn is renowned for its discipline, skilled navigation, and steadfastness...
From Schneier on Security
Extracting Personal Information from Large Language Models Like GPT-2
Researchers have been able to find all sorts of personal information within GPT-2. This information was part of the training data, and can be extracted with the...
From Schneier on Security
Backdoor in Zyxel Firewalls and Gateways
This is bad: More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers...
From Schneier on Security
Latest on the SVR’s SolarWinds Hack
The New York Times has an in-depth article on the latest information about the SolarWinds hack (not a great name, since it’s much more far-reaching than that). ...
From Schneier on Security
Friday Squid Blogging: Vegan Chili Squid
The restaurant chain Wagamama is selling a vegan version of its Chilli Squid side dish made from king oyster mushrooms. As usual, you can also use this squid post...
From Schneier on Security
Friday Squid Blogging: China Launches Six New Squid Jigging Vessels
From Pingtan Marine Enterprise: The 6 large-scale squid jigging vessels are normally operating vessels that returned to China earlier this year from the waters...
From Schneier on Security