acm-header
Sign In

Communications of the ACM

Blogroll


Refine your search:
dateMore Than a Year Ago
authorBruce Schneier
bg-corner

Commentary on US Election Security
From Schneier on Security

Commentary on US Election Security

Good commentaries from Ed Felten and Matt Blaze. Both make a point that I have also been saying: hacks can undermine the legitimacy of an election, even if there...

GoldenEye Malware
From Schneier on Security

GoldenEye Malware

I don't have anything to say -- mostly because I'm otherwise busy -- about the malware known as GoldenEye, NotPetya, or ExPetr. But I wanted a post to park links...

A Man-in-the-Middle Attack against a Password Reset System
From Schneier on Security

A Man-in-the-Middle Attack against a Password Reset System

This is nice work: "The Password Reset MitM Attack," by Nethanel Gelerntor, Senia Kalma, Bar Magnezi, and Hen Porcilan: Abstract: We present the password reset...

Food Supplier Passes Squid Off as Octopus
From Schneier on Security

Food Supplier Passes Squid Off as Octopus

According to a lawsuit (main article behind paywall), "a Miami-based food vendor and its supplier have been misrepresenting their squid as octopus in an effort...

Details from the 2017 Workshop on Economics and Information Security
From Schneier on Security

Details from the 2017 Workshop on Economics and Information Security

The 16th Workshop on Economics and Information Security was this week. Ross Anderson liveblogged the talks....

Good Article About Google's Project Zero
From Schneier on Security

Good Article About Google's Project Zero

Fortune magazine just published a good article about Google's Project Zero, which finds and publishes exploits in other companies' software products. I have mixed...

The Women of Bletchley Park
From Schneier on Security

The Women of Bletchley Park

Really good article about the women who worked at Bletchley Park during World War II, breaking German Enigma-encrypted messages....

Websites Grabbing User-Form Data Before It's Submitted
From Schneier on Security

Websites Grabbing User-Form Data Before It's Submitted

Websites are sending information prematurely: ...we discovered NaviStone's code on sites run by Acurian, Quicken Loans, a continuing education center, a clothing...

Girl Scouts to Offer Merit Badges in Cybersecurity
From Schneier on Security

Girl Scouts to Offer Merit Badges in Cybersecurity

The Girl Scouts are going to be offering 18 merit badges in cybersecurity, to scouts as young as five years old....

CIA Exploits Against Wireless Routers
From Schneier on Security

CIA Exploits Against Wireless Routers

WikiLeaks has published CherryBlossom, the CIA's program to hack into wireless routers. The program is about a decade old. Four good news articles. Five. And a...

Article on the DAO Ethereum Hack
From Schneier on Security

Article on the DAO Ethereum Hack

This is good....

Fighting Leakers at Apple
From Schneier on Security

Fighting Leakers at Apple

Apple is fighting its own battle against leakers, using people and tactics from the NSA. According to the hour-long presentation, Apple's Global Security team employs...

Separating the Paranoid from the Hacked
From Schneier on Security

Separating the Paranoid from the Hacked

Sad story of someone whose computer became owned by a griefer: The trouble began last year when he noticed strange things happening: files went missing from his...

The FAA Is Arguing for Security by Obscurity
From Schneier on Security

The FAA Is Arguing for Security by Obscurity

In a proposed rule by the FAA, it argues that software in an Embraer S.A. Model ERJ 190-300 airplane is secure because it's proprietary: In addition, the operating...

Friday Squid Blogging: Injured Giant Squid Video
From Schneier on Security

Friday Squid Blogging: Injured Giant Squid Video

A paddleboarder had a run-in with an injured giant squid. Video. Here's the real story. As usual, you can also use this squid post to talk about the security stories...

The Secret Code of Beatrix Potter
From Schneier on Security

The Secret Code of Beatrix Potter

Interesting: As codes go, Potter's wasn't inordinately complicated. As Wiltshire explains, it was a "mono-alphabetic substitution cipher code," in which each letter...

Amazon Patents Measures to Prevent In-Store Comparison Shopping
From Schneier on Security

Amazon Patents Measures to Prevent In-Store Comparison Shopping

Amazon has been issued a patent on security measures that prevents people from comparison shopping while in the store. It's not a particularly sophisticated patent...

NSA Insider Security Post-Snowden
From Schneier on Security

NSA Insider Security Post-Snowden

According to a recently declassified report obtained under FOIA, the NSA's attempts to protect itself against insider attacks aren't going very well: The N.S.A....

Is Continuing to Patch Windows XP a Mistake?
From Schneier on Security

Is Continuing to Patch Windows XP a Mistake?

Last week, Microsoft issued a security patch for Windows XP, a 16-year-old operating system that Microsoft officially no longer supports. Last month, Microsoft...

The Dangers of Secret Law
From Schneier on Security

The Dangers of Secret Law

Last week, the Department of Justice released 18 new FISC opinions related to Section 702 as part of an EFF FOIA lawsuit. (Of course, they don't mention EFF or...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account