Blogroll | Communications of the ACM

From Schneier on Security

NotPetya

Wired has a long article on NotPetya.... Bruce Schneier
From Schneier on Security | September 9, 2019 at 07:29 AM

From Schneier on Security

Friday Squid Blogging: Squid Perfume

It's not perfume for squids. Nor is it perfume made from squids. It's a perfume called Squid, "inspired by life in the sea." As usual, you can also use this squid... Bruce Schneier
From Schneier on Security | September 6, 2019 at 05:24 PM

From Schneier on Security

Default Password for GPS Trackers

Many GPS trackers are shipped with the default password 123456. Many users don't change them. We just need to eliminate default passwords. This is an easy win..... Bruce Schneier
From Schneier on Security | September 6, 2019 at 07:10 AM

From Schneier on Security

The Doghouse: Crown Sterling

A decade ago, the Doghouse was a regular feature in both my email newsletter Crypto-Gram and my blog. In it, I would call out particularly egregious -- and amusing... Bruce Schneier
From Schneier on Security | September 5, 2019 at 06:58 AM

From Schneier on Security

Credit Card Privacy

Good article in the Washington Post on all the surveillance associated with credit card use.... Bruce Schneier
From Schneier on Security | September 4, 2019 at 07:22 AM

From Schneier on Security

Massive iPhone Hack Targets Uyghurs

China is being blamed for a massive surveillance operation that targeted Uyghur Muslims. This story broke in waves, the first wave being about the iPhone. Earlier... Bruce Schneier
From Schneier on Security | September 3, 2019 at 07:09 AM

From Schneier on Security

Friday Squid Blogging: Why Mexican Jumbo Squid Populations Have Declined

A group of scientists conclude that it's shifting weather patterns and ocean conditions. As usual, you can also use this squid post to talk about the security stories... Bruce Schneier
From Schneier on Security | August 30, 2019 at 05:09 PM

From Schneier on Security

Attacking the Intel Secure Enclave

Interesting paper by Michael Schwarz, Samuel Weiser, Daniel Gruss. The upshot is that both Intel and AMD have assumed that trusted enclaves will run only trustworthy... Bruce Schneier
From Schneier on Security | August 30, 2019 at 07:18 AM

From Schneier on Security

AI Emotion-Detection Arms Race

Voice systems are increasingly using AI techniques to determine emotion. A new paper describes an AI-based countermeasure to mask emotion in spoken words. Their... Bruce Schneier
From Schneier on Security | August 29, 2019 at 07:17 AM

From Schneier on Security

The Myth of Consumer-Grade Security

The Department of Justice wants access to encrypted consumer devices but promises not to infiltrate business products or affect critical infrastructure. Yet that's... Bruce Schneier
From Schneier on Security | August 28, 2019 at 07:14 AM

From Schneier on Security

The Threat of Fake Academic Research

Interesting analysis of the possibility, feasibility, and efficacy of deliberately fake scientific research, something I had previously speculated about.... Bruce Schneier
From Schneier on Security | August 27, 2019 at 06:14 AM

From Schneier on Security

Detecting Credit Card Skimmers

Modern credit card skimmers hidden in self-service gas pumps communicate via Bluetooth. There's now an app that can detect them: The team from the University of... Bruce Schneier
From Schneier on Security | August 26, 2019 at 07:41 AM

From Schneier on Security

Friday Squid Blogging: Vulnerabilities in Squid Server

It's always nice when I can combine squid and security: Multiple versions of the Squid web proxy cache server built with Basic Authentication features are currently... Bruce Schneier
From Schneier on Security | August 23, 2019 at 07:19 PM

From Schneier on Security

License Plate "NULL"

There was a DefCon talk by someone with the vanity plate "NULL." The California system assigned him every ticket with no license plate: $12,000. Although the initial... Bruce Schneier
From Schneier on Security | August 23, 2019 at 07:19 AM

From Schneier on Security

Modifying a Tesla to Become a Surveillance Platform

From DefCon: At the Defcon hacker conference today, security researcher Truman Kain debuted what he calls the Surveillance Detection Scout. The DIY computer fits... Bruce Schneier
From Schneier on Security | August 22, 2019 at 06:21 AM

From Schneier on Security

Google Finds 20-Year-Old Microsoft Windows Vulnerability

There's no indication that this vulnerability was ever used in the wild, but the code it was discovered in -- Microsoft's Text Services Framework -- has been around... Bruce Schneier
From Schneier on Security | August 21, 2019 at 07:46 AM

From Schneier on Security

Surveillance as a Condition for Humanitarian Aid

Excellent op-ed on the growing trend to tie humanitarian aid to surveillance. Despite the best intentions, the decision to deploy technology like biometrics is... Bruce Schneier
From Schneier on Security | August 20, 2019 at 07:45 AM

From Schneier on Security

Influence Operations Kill Chain

Influence operations are elusive to define. The Rand Corp.'s definition is as good as any: "the collection of tactical information about an adversary as well as... Bruce Schneier
From Schneier on Security | August 19, 2019 at 07:14 AM

From Schneier on Security

Friday Squid Blogging: Robot Squid Propulsion

Interesting research: The squid robot is powered primarily by compressed air, which it stores in a cylinder in its nose (do squids have noses?). The fins and arms... Bruce Schneier
From Schneier on Security | August 16, 2019 at 05:05 PM

From Schneier on Security

Software Vulnerabilities in the Boeing 787

Boeing left its software unprotected, and researchers have analyzed it for vulnerabilities: At the Black Hat security conference today in Las Vegas, Santamarta,... Bruce Schneier
From Schneier on Security | August 16, 2019 at 07:12 AM