Blogroll | Communications of the ACM

From Schneier on Security

SOMBERKNAVE: NSA Exploit of the Day

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: SOMBERKNAVE (TS//SI//REL) SOMBERKNAVE is Windows XP wireless software implant... schneier
From Schneier on Security | February 5, 2014 at 03:04 PM

From Schneier on Security

1971 Social Engineering Attack

From Betty Medsger's book on the 1971 FBI burglary (page 22): As burglars, they used some unusual techniques, ones Davidon enjoyed recalling years later, such... schneier
From Schneier on Security | February 5, 2014 at 07:02 AM

From Schneier on Security

MAESTRO-II: NSA Exploit of the Day

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: MAESTRO-II (TS//SI//REL) MAESTRO-II is a miniaturized digital core packaged... schneier
From Schneier on Security | February 4, 2014 at 03:09 PM

From Schneier on Security

Hacking Airline Lounges for Free Meals

I think this is a great hack: A man bought a first-class ticket and used it to have free meals and drinks at the airport's VIP lounge almost every day for nearly... schneier
From Schneier on Security | February 4, 2014 at 07:45 AM

From Schneier on Security

JUNIORMINT: NSA Exploit of the Day

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: JUNIORMINT (TS//SI//REL) JUNIORMINT is a digital core packaged in both a mini... schneier
From Schneier on Security | February 3, 2014 at 03:09 PM

From Schneier on Security

CSEC Surveillance Analysis of IP and User Data

The most recent story from the Snowden documents is from Canada: it claims the CSEC (Communications Security Establishment Canada) used airport Wi-Fi information... schneier
From Schneier on Security | February 3, 2014 at 06:09 AM

From Schneier on Security

Friday Squid Blogging: Squid T-Shirt

A T-shirt with a drawing of a squid reading. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. schneier
From Schneier on Security | January 31, 2014 at 05:41 PM

From Schneier on Security

IRATEMONK: NSA Exploit of the Day

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: IRATEMONK (TS//SI//REL) IRATEMONK provides software application persistence... schneier
From Schneier on Security | January 31, 2014 at 03:17 PM

From Schneier on Security

Another Credit-Card-as-Authentication Hack

This is a pretty impressive social engineering story: an attacker compromised someone's GoDaddy domain registration in order to change his e-mail address and steal... schneier
From Schneier on Security | January 31, 2014 at 07:16 AM

From Schneier on Security

HOWLERMONKEY: NSA Exploit of the Day

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: HOWLERMONKEY (TS//SI//REL) HOWLERMONKEY is a custom Short to Medium rangehere... schneier
From Schneier on Security | January 30, 2014 at 09:38 PM

From Schneier on Security

Side-Channel Attacks on Frog Calls

The male túngara frog Physalaemus pustulosus uses calls to attract females. But croaking also causes ripples in the water, which are eavesdropped on -- both by... schneier
From Schneier on Security | January 30, 2014 at 01:08 PM

From Schneier on Security

Catalog of Snowden Revelations

This looks to be very good. Add that to these three indexes of NSA source material, and these two summaries. This excellent parody website has a good collection... schneier
From Schneier on Security | January 30, 2014 at 07:52 AM

From Schneier on Security

GINSU: NSA Exploit of the Day

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: GINSU (TS//SI//REL) GINSU provides software application persistence for the... schneier
From Schneier on Security | January 29, 2014 at 03:28 PM

From Schneier on Security

Trying to Value Online Privacy

Interesting paper: "The value of Online Privacy," by Scott Savage and Donald M. Waldman. Abstract: We estimate the value of online privacy with a differentiated... schneier
From Schneier on Security | January 29, 2014 at 01:26 PM

From Schneier on Security

The Politics of Fear

This is very good: ...one might suppose that modern democratic states, with the lessons of history at hand, would seek to minimize fear or at least minimizeThey... schneier
From Schneier on Security | January 29, 2014 at 07:24 AM

From Schneier on Security

TAWDRYYARD: NSA Exploit of the Day

Back in December, Der Spiegel published a lot of information about the NSA's Tailored Access Operations (TAO) group, including a 2008 catalog of hardware and software... schneier
From Schneier on Security | January 28, 2014 at 03:13 PM

From Schneier on Security

US Privacy and Civil Liberties Oversight Board (PCLOB) Condems NSA Mass Surveillance

Now we know why the president gave his speech on NSA surveillance last week; he wanted to get ahead of the Privacy and Civil Liberties Oversight Board. Last week... schneier
From Schneier on Security | January 28, 2014 at 01:39 PM

From Schneier on Security

EU Might Raise Fines for Data Breaches

This makes a lot of sense. Viviane Reding dismissed recent fines for Google as "pocket money" and said the firm would have had to pay $1bn under her plans for... schneier
From Schneier on Security | January 28, 2014 at 07:47 AM

From Schneier on Security

SPARROW II: NSA Exploit of the Day

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: SPARROW II (TS//SI//REL) An embedded computer system running BLINDDATE tools... schneier
From Schneier on Security | January 27, 2014 at 09:06 PM

From Schneier on Security

New Security Risks for Windows XP Systems

Microsoft is trying to stop supporting Windows XP. The problem is that a majority of ATMs still use that OS. And once Microsoft stops issuing security updates... schneier
From Schneier on Security | January 27, 2014 at 07:32 AM