Communications of the ACM
Refine your search:
How the “Frontier” Became the Slogan of Uncontrolled AI
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration …
From Schneier on Security
Friday Squid Blogging: Transcriptome Analysis of the Indian Squid
Lots of details that are beyond me. Blog moderation policy.
From Schneier on Security
The Scale of Geoblocking by Nation
Interesting analysis: We introduce and explore a little-known threat to digital equality and freedomwebsites geoblocking users in response to political risks from...
From Schneier on Security
Why Italy Sells So Much Spyware
Interesting analysis: Although much attention is given to sophisticated, zero-click spyware developed by companies like Israel’s NSO Group, the Italian spyware...
From Schneier on Security
Friday Squid Blogging: Female Gonatus Onyx Squid Carrying Her Eggs
Fantastic video of a female Gonatus onyx squid swimming while carrying her egg sack. An earlier related post. Blog moderation policy.
From Schneier on Security
Good Essay on the History of Bad Password Policies
Stuart Schechter makes some good points on the history of bad password policies: Morris and Thompson’s work brought much-needed data to highlight a problem that...
From Schneier on Security
New iOS Security Feature Makes It Harder for Police to Unlock Seized Phones
Everybody is reporting about a new security iPhone security feature with iOS 18: if the phone hasn’t been used for a few days, it automatically goes into its “Before...
From Schneier on Security
Mapping License Plate Scanners in the US
DeFlock is a crowd-sourced project to map license plate scanners. It only records the fixed scanners, of course. The mobile scanners on cars are not mapped. The...
From Schneier on Security
Criminals Exploiting FBI Emergency Data Requests
I’ve been writing about the problem with lawful-access backdoors in encryption for decades now: that as soon as you create a mechanism for law enforcement to bypass...
From Schneier on Security
Friday Squid Blogging: Squid-A-Rama in Des Moines
Squid-A-Rama will be in Des Moines at the end of the month. Visitors will be able to dissect squid, explore fascinating facts about the species, and witness a live...
From Schneier on Security
AI Industry is Trying to Subvert the Definition of “Open Source AI”
The Open Source Initiative has published (news article here) its definition of “open source AI,” and it’s terrible. It allows for secret training data and mechanisms...
From Schneier on Security
Prompt Injection Defenses Against LLM Cyberattacks
Interesting research: “Hacking Back the AI-Hacker: Prompt Injection as a Defense Against LLM-driven Cyberattacks“: Large language models (LLMs) are increasingly...
From Schneier on Security
Subverting LLM Coders
Really interesting research: “An LLM-Assisted Easy-to-Trigger Backdoor Attack on Code Completion Models: Injecting Disguised Vulnerabilities against Strong Detection...
From Schneier on Security
IoT Devices in Password-Spraying Botnet
Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. Not sure about the “highly evasive” part...
From Schneier on Security
AIs Discovering Vulnerabilities
I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing...
From Schneier on Security
Sophos Versus the Chinese Hackers
Really interesting story of Sophos’s five-year war against Chinese hackers.
From Schneier on Security
Friday Squid Blogging: Squid Sculpture in Massachusetts Building
Great blow-up sculpture. Blog moderation policy.
From Schneier on Security
Roger Grimes on Prioritizing Cybersecurity Advice
This is a good point: Part of the problem is that we are constantly handed lists…list of required controls…list of things we are being asked to fix or improve…lists...
From Schneier on Security
Tracking World Leaders Using Strava
Way back in 2018, people noticed that you could find secret military bases using data published by the Strava fitness app. Soldiers and other military personalLe...
From Schneier on Security
Simpson Garfinkel on Spooky Cryptographic Action at a Distance
Excellent read. One example: Consider the case of basic public key cryptography, in which a person’s public and private key are created together in a single operation...
From Schneier on Security