Blogroll | Communications of the ACM

From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking (online) at Western Washington University on January 20, 2021. Details to come. I... Schneier.com Webmaster
From Schneier on Security | December 14, 2020 at 07:40 AM

From Schneier on Security

Authentication Failure

This is a weird story of a building owner commissioning an artist to paint a mural on the side of his building — except that he wasn’t actually the building’s owner... Bruce Schneier
From Schneier on Security | December 14, 2020 at 07:39 AM

From Schneier on Security

Friday Squid Blogging: Newly Identified Ichthyosaur Species Probably Ate Squid

This is a deep-diving species that “fed on small prey items such as squid.” Academic paper. As usual, you can also use this squid post to talk about the security... Bruce Schneier
From Schneier on Security | December 11, 2020 at 12:32 PM

From Schneier on Security

A Cybersecurity Policy Agenda

The Aspen Institute’s Aspen Cybersecurity Group — I’m a member — has released its cybersecurity policy agenda for the next four years. The next administration and... Bruce Schneier
From Schneier on Security | December 10, 2020 at 11:17 PM

From Schneier on Security

Finnish Data Theft and Extortion

The Finnish psychotherapy clinic Vastaamo was the victim of a data breach and theft. The criminals tried extorting money from the clinic. When that failed, they... Bruce Schneier
From Schneier on Security | December 10, 2020 at 02:48 PM

From Schneier on Security

FireEye Hacked

FireEye was hacked by — they believe — “a nation with top-tier offensive capabilities”: During our investigation to date, we have found that the attacker targeted... Bruce Schneier
From Schneier on Security | December 8, 2020 at 06:45 PM

From Schneier on Security

Oblivious DNS-over-HTTPS

This new protocol, called Oblivious DNS-over-HTTPS (ODoH), hides the websites you visit from your ISP. Here’s how it works: ODoH wraps a layer of encryption around... Bruce Schneier
From Schneier on Security | December 8, 2020 at 04:02 PM

From Schneier on Security

The 2020 Workshop on Economics and Information Security (WEIS)

The workshop on Economics and Information Security is always an interesting conference. This year, it will be online. Here’s the program. Registration is free. Bruce Schneier
From Schneier on Security | December 4, 2020 at 01:18 PM

From Schneier on Security

Hiding Malware in Social Media Buttons

Clever tactic: This new malware was discovered by researchers at Dutch cyber-security company Sansec that focuses on defending e-commerce websites from digital... Bruce Schneier
From Schneier on Security | December 4, 2020 at 10:34 AM

From Schneier on Security

Enigma Machine Recovered from the Baltic Sea

Neat story: German divers searching the Baltic Sea for discarded fishing nets have stumbled upon a rare Enigma cipher machine used by the Nazi military during... Bruce Schneier
From Schneier on Security | December 4, 2020 at 10:18 AM

From Schneier on Security

Open Source Does Not Equal Secure

Way back in 1999, I wrote about open-source software: First, simply publishing the code does not automatically mean that people will examine it for security flaws... Bruce Schneier
From Schneier on Security | December 3, 2020 at 12:21 PM

From Schneier on Security

Impressive iPhone Exploit

This is a scarily impressive vulnerability: Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bugbuffer... Bruce Schneier
From Schneier on Security | December 2, 2020 at 02:55 PM

From Schneier on Security

Manipulating Systems Using Remote Lasers

Many systems are vulnerable: Researchers at the time said that they were able to launch inaudible commands by shining lasers — from as far as 360 feet — at the... Bruce Schneier
From Schneier on Security | November 30, 2020 at 12:23 PM

From Schneier on Security

Check Washing

I can’t believe that check washing is still a thing: “Check washing” is a practice where thieves break into mailboxes (or otherwise steal mail), find envelopes... Bruce Schneier
From Schneier on Security | November 30, 2020 at 10:22 AM

From Schneier on Security

Undermining Democracy

Last Thursday, Rudy Giuliani, a Trump campaign lawyer, alleged a widespread voting conspiracy involving Venezuela, Cuba, and China. Another lawyer, Sidney Powell... Bruce Schneier
From Schneier on Security | November 25, 2020 at 10:54 AM

From Schneier on Security

Cyber Public Health

In a lecture, Adam Shostack makes the case for a discipline of cyber public health. It would relate to cybersecurity in a similar way that public health relates... Bruce Schneier
From Schneier on Security | November 24, 2020 at 02:57 PM

From Schneier on Security

On That Dusseldorf Hospital Ransomware Attack and the Resultant Death

Wired has a detailed story about the ransomware attack on a Dusseldorf hospital, the one that resulted in an ambulance being redirected to a more distant hospital... Bruce Schneier
From Schneier on Security | November 23, 2020 at 11:04 AM

From Schneier on Security

More on the Security of the 2020 US Election

Last week I signed on to two joint letters about the security of the 2020 election. The first was as one of 59 election security experts, basically saying that... Bruce Schneier
From Schneier on Security | November 22, 2020 at 02:20 PM

From Schneier on Security

Indistinguishability Obfuscation

Quanta magazine recently published a breathless article on indistinguishability obfuscation — calling it the “‘crown jewel’ of cryptography” — and saying that it... Bruce Schneier
From Schneier on Security | November 20, 2020 at 11:54 AM

From Schneier on Security

Symantec Reports on Cicada APT Attacks against Japan

Symantec is reporting on an APT group linked to China, named Cicada. They have been attacking organizations in Japan and elsewhere. Cicada has historically been... Bruce Schneier
From Schneier on Security | November 19, 2020 at 11:05 AM