acm-header
Sign In

Communications of the ACM

Blogroll


Refine your search:
dateMore Than a Year Ago
authorBruce Schneier
bg-corner

Security Analysis of the LIFX Smart Light Bulb
From Schneier on Security

Security Analysis of the LIFX Smart Light Bulb

The security is terrible: In a very short limited amount of time, three vulnerabilities have been discovered: Wifi credentials of the user have been recovered (stored...

iPhone FaceTime Vulnerability
From Schneier on Security

iPhone FaceTime Vulnerability

This is kind of a crazy iPhone vulnerability: it's possible to call someone on FaceTime and listen on their microphone -- and see from their camera -- before they...

Japanese Government Will Hack Citizens' IoT Devices
From Schneier on Security

Japanese Government Will Hack Citizens' IoT Devices

The Japanese government is going to run penetration tests against all the IoT devices in their country, in an effort to (1) figure out what's insecure, and (2)...

Friday Squid Blogging: Squids on the Tree of Life
From Schneier on Security

Friday Squid Blogging: Squids on the Tree of Life

Interesting. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...

Hacking the GCHQ Backdoor
From Schneier on Security

Hacking the GCHQ Backdoor

Last week, I evaluated the security of a recent GCHQ backdoor proposal for communications systems. Furthering the debate, Nate Cardozo and Seth Schoen of EFF explain...

Military Carrier Pigeons in the Era of Electronic Warfare
From Schneier on Security

Military Carrier Pigeons in the Era of Electronic Warfare

They have advantages: Pigeons are certainly no substitute for drones, but they provide a low-visibility option to relay information. Considering the storage capacity...

The Evolution of Darknets
From Schneier on Security

The Evolution of Darknets

This is interesting: To prevent the problems of customer binding, and losing business when darknet markets go down, merchants have begun to leave the specialized...

Hacking Construction Cranes
From Schneier on Security

Hacking Construction Cranes

Construction cranes are vulnerable to hacking: In our research and vulnerability discoveries, we found that weaknesses in the controllers can be (easily) taken...

Clever Smartphone Malware Concealment Technique
From Schneier on Security

Clever Smartphone Malware Concealment Technique

This is clever: Malicious apps hosted in the Google Play market are trying a clever trick to avoid detection -- they monitor the motion-sensor input of an infected...

Friday Squid Blogging: Squid Lollipops
From Schneier on Security

Friday Squid Blogging: Squid Lollipops

Two squid lollipops, handmade by Shinri Tezuka. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered...

Evaluating the GCHQ Exceptional Access Proposal
From Schneier on Security

Evaluating the GCHQ Exceptional Access Proposal

The so-called Crypto Wars have been going on for 25 years now. Basically, the FBI -- and some of their peer agencies in the U.K., Australia, and elsewhere -- argue...

Prices for Zero-Day Exploits Are Rising
From Schneier on Security

Prices for Zero-Day Exploits Are Rising

Companies are willing to pay ever-increasing amounts for good zero-day exploits against hard-to-break computers and applications: On Monday, market-leading exploit...

El Chapo's Encryption Defeated by Turning His IT Consultant
From Schneier on Security

El Chapo's Encryption Defeated by Turning His IT Consultant

Impressive police work: In a daring move that placed his life in danger, the I.T. consultant eventually gave the F.B.I. his system's secret encryption keys in 2011...

Alex Stamos on Content Moderation and Security
From Schneier on Security

Alex Stamos on Content Moderation and Security

Former Facebook CISO Alex Stamos argues that increasing political pressure on social media platforms to moderate content will give them a pretext to turn all end...

Upcoming Speaking Engagements
From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm speaking at A New Initiative for Poland in Warsaw, January 16-17, 2019. I'm speaking at the...

Why Internet Security Is So Bad
From Schneier on Security

Why Internet Security Is So Bad

I recently read two different essays that make the point that while Internet security is terrible, it really doesn't affect people enough to make it an issue. This...

Friday Squid Blogging: New Giant Squid Video
From Schneier on Security

Friday Squid Blogging: New Giant Squid Video

This is a fantastic video of a young giant squid named Heck swimming around Toyama Bay near Tokyo. As usual, you can also use this squid post to talk about the...

Using a Fake Hand to Defeat Hand-Vein Biometrics
From Schneier on Security

Using a Fake Hand to Defeat Hand-Vein Biometrics

Nice work: One attraction of a vein based system over, say, a more traditional fingerprint system is that it may be typically harder for an attacker to learn how...

Security Vulnerabilities in Cell Phone Systems
From Schneier on Security

Security Vulnerabilities in Cell Phone Systems

Good essay on the inherent vulnerabilities in the cell phone standards and the market barriers to fixing them. So far, industry and policymakers have largely dragged...

EU Offering Bug Bounties on Critical Open-Source Software
From Schneier on Security

EU Offering Bug Bounties on Critical Open-Source Software

The EU is offering "bug bounties on Free Software projects that the EU institutions rely on." Slashdot thread....
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account