Blogroll | Communications of the ACM

From Schneier on Security

UK Threatens End-to-End Encryption

In an open letter, seven secure messaging apps—including Signal and WhatsApp—point out that the UK’s Online Safety Bill could destroy end-to-end encryption: As... Bruce Schneier
From Schneier on Security | April 24, 2023 at 06:39 AM

From Schneier on Security

Friday Squid Blogging: More on Squid Fishing

The squid you eat most likely comes from unregulated waters. As usual, you can also use this squid post to talk about the security stories in the news that I haven... Bruce Schneier
From Schneier on Security | April 21, 2023 at 05:04 PM

From Schneier on Security

Hacking Pickleball

My latest book, A Hacker’s Mind, has a lot of sports stories. Sports are filled with hacks, as players look for every possible advantage that doesn’t explicitly... Bruce Schneier
From Schneier on Security | April 21, 2023 at 02:11 PM

From Schneier on Security

Using the iPhone Recovery Key to Lock Owners Out of Their iPhones

This a good example of a security feature that can sometimes harm security: Apple introduced the optional recovery key in 2020 to protect users from online hackers... Bruce Schneier
From Schneier on Security | April 21, 2023 at 10:19 AM

From Schneier on Security

New Zero-Click Exploits Against iOS

CitizenLab has identified three zero-click exploits against iOS 15 and 16. These were used by NSO Group’s Pegasus spyware in 2022, and deployed by Mexico against... Bruce Schneier
From Schneier on Security | April 20, 2023 at 06:47 AM

From Schneier on Security

EFF on the UN Cybercrime Treaty

EFF has a good explainer on the problems with the new UN Cybercrime Treaty, currently being negotiated in Vienna. The draft treaty has the potential to rewrite... Bruce Schneier
From Schneier on Security | April 19, 2023 at 06:07 AM

From Schneier on Security

Using LLMs to Create Bioweapons

I’m not sure there are good ways to build guardrails to prevent this sort of thing: There is growing concern regarding the potential misuse of molecular machine... Bruce Schneier
From Schneier on Security | April 18, 2023 at 07:19 AM

From Schneier on Security

Swatting as a Service

Motherboard is reporting on AI-generated voices being used for “swatting”: In fact, Motherboard has found, this synthesized call and another against Hempstead High... Bruce Schneier
From Schneier on Security | April 17, 2023 at 07:15 AM

From Schneier on Security

Friday Squid Blogging: Colossal Squid

Interesting article on the colossal squid, which is larger than the giant squid. The article answers a vexing question: So why do we always hear about the giant... Bruce Schneier
From Schneier on Security | April 14, 2023 at 05:14 PM

From Schneier on Security

Hacking Suicide

Here’s a religious hack: You want to commit suicide, but it’s a mortal sin: your soul goes straight to hell, forever. So what you do is murder someone. That will... Bruce Schneier
From Schneier on Security | April 14, 2023 at 03:06 PM

From Schneier on Security

Gaining an Advantage in Roulette

You can beat the game without a computer: On a perfect [roulette] wheel, the ball would always fall in a random way. But over time, wheels develop flaws, which... Bruce Schneier
From Schneier on Security | April 14, 2023 at 07:02 AM

From Schneier on Security

Bypassing a Theft Threat Model

Thieves cut through the wall of a coffee shop to get to an Apple store, bypassing the alarms in the process. I wrote about this kind of thing in 2000, in Secrets... Bruce Schneier
From Schneier on Security | April 13, 2023 at 07:22 AM

From Schneier on Security

FBI Advising People to Avoid Public Charging Stations

The FBI is warning people against using public phone-charging stations, worrying that the combination power-data port can be used to inject malware onto the devices... Bruce Schneier
From Schneier on Security | April 12, 2023 at 07:11 AM

From Schneier on Security

Car Thieves Hacking the CAN Bus

Car thieves are injecting malicious software into a car’s network through wires in the headlights (or taillights) that fool the car into believing that the electronic... Bruce Schneier
From Schneier on Security | April 11, 2023 at 07:22 AM

From Schneier on Security

LLMs and Phishing

Here’s an experiment being run by undergraduate computer science students everywhere: Ask ChatGPT to generate phishing emails, and test whether these are better... Bruce Schneier
From Schneier on Security | April 10, 2023 at 07:23 AM

From Schneier on Security

Friday Squid Blogging: Squid Food Poisoning

University of Connecticut basketball player Jordan Hawkins claims to have suffered food poisoning from calamari the night before his NCAA finals game. The restaurant... Bruce Schneier
From Schneier on Security | April 7, 2023 at 05:04 PM

From Schneier on Security

Research on AI in Adversarial Settings

New research: “Achilles Heels for AGI/ASI via Decision Theoretic Adversaries“: As progress in AI continues to advance, it is important to know how advanced systems... Bruce Schneier
From Schneier on Security | April 6, 2023 at 06:59 AM

From Schneier on Security

FBI (and Others) Shut Down Genesis Market

Genesis Market is shut down: Active since 2018, Genesis Market’s slogan was, “Our store sells bots with logs, cookies, and their real fingerprints.” Customers... Bruce Schneier
From Schneier on Security | April 5, 2023 at 11:55 AM

From Schneier on Security

North Korea Hacking Cryptocurrency Sites with 3CX Exploit

News: Researchers at Russian cybersecurity firm Kaspersky today revealed that they identified a small number of cryptocurrency-focused firms as at least some of... Bruce Schneier
From Schneier on Security | April 4, 2023 at 10:10 AM

From Schneier on Security

UK Runs Fake DDoS-for-Hire Sites

Brian Krebs is reporting that the UK’s National Crime Agency is setting up fake DDoS-for-hire sites as part of a sting operation: The NCA says all of its fake... Bruce Schneier
From Schneier on Security | April 3, 2023 at 07:05 AM