Blogroll | Communications of the ACM

From Schneier on Security

Criminals are Now Exploiting SS7 Flaws to Hack Smartphone Two-Factor Authentication Systems

I've previously written about the serious vulnerabilities in the SS7 phone routing system. Basically, the system doesn't authenticate messages. Now, criminals are... Bruce Schneier
From Schneier on Security | May 10, 2017 at 07:50 AM

From Schneier on Security

Facebook's Observations on Information Operations and the 2016 US Election

Facebook published paper on the information operations it has seen, as well as some observations regarding the recent US election. It's interesting reading.... Bruce Schneier
From Schneier on Security | May 9, 2017 at 07:36 AM

From Schneier on Security

Using Ultrasonic Beacons to Track Users

I've previously written about ad networks using ultrasonic communications to jump from one device to another. The idea is for devices like televisions to play ultrasonic... Bruce Schneier
From Schneier on Security | May 8, 2017 at 10:16 AM

From Schneier on Security

Friday Squid Blogging: Squid Communications

In the oval squid Sepioteuthis lessoniana, males use body patterns to communicate with both females and other males: To gain insight into the visual communication... Bruce Schneier
From Schneier on Security | May 5, 2017 at 05:05 PM

From Schneier on Security

Why is the TSA Scanning Paper?

I've been reading a bunch of anectotal reports that the TSA is starting to scan paper separately: A passenger going through security at Kansas City International... Bruce Schneier
From Schneier on Security | May 5, 2017 at 08:35 AM

From Schneier on Security

Forging Voice

LyreBird is a system that can accurately reproduce the voice of someone, given a large amount of sample inputs. It's pretty good -- listen to the demo here -- and... Bruce Schneier
From Schneier on Security | May 4, 2017 at 11:31 AM

From Schneier on Security

Security of St. Jude Pacemakers

This is a good summary article about the horrible security of St. Jude pacemakers, and the history of the company not doing anything about it.... Bruce Schneier
From Schneier on Security | May 3, 2017 at 11:25 AM

From Schneier on Security

Fitbit Evidence Used in Murder Investigation

Fitbit evidence is cited in an arrest warrant, stating that the device monitored steps by the victim after the suspect claimed she died.... Bruce Schneier
From Schneier on Security | May 2, 2017 at 07:13 AM

From Schneier on Security

Who is Publishing NSA and CIA Secrets, and Why?

There's something going on inside the intelligence communities in at least two countries, and we have no idea what it is. Consider these three data points. One:... Bruce Schneier
From Schneier on Security | May 1, 2017 at 07:32 AM

From Schneier on Security

Friday Squid Blogging: Live Squid Washes up on North Carolina Beach

A "mysterious squid" -- big and red -- washed up on a beach in Carteret County, North Carolina. Someone found it, still alive, and set it back in the water after... Bruce Schneier
From Schneier on Security | April 28, 2017 at 05:37 PM

From Schneier on Security

Jumping Airgaps with a Laser and a Scanner

Researchers have configured two computers to talk to each other using a laser and a scanner. Scanners work by detecting reflected light on their glass pane. The... Bruce Schneier
From Schneier on Security | April 28, 2017 at 01:48 PM

From Schneier on Security

Stealing Browsing History Using Your Phone's Ambient Light Sensor

There has been a flurry of research into using the various sensors on your phone to steal data in surprising ways. Here's another: using the phone's ambient light... Bruce Schneier
From Schneier on Security | April 28, 2017 at 07:17 AM

From Schneier on Security

Reading Analytics and Privacy

Interesting paper: "The rise of reading analytics and the emerging calculus of reading privacy in the digital world," by Clifford Lynch: Abstract: This paper studies... Bruce Schneier
From Schneier on Security | April 27, 2017 at 07:20 AM

From Schneier on Security

Analyzing Cyber Insurance Policies

There's a really interesting new paper analyzing over 100 different cyber insurance policies. From the abstract: In this research paper, we seek to answer fundamental... Bruce Schneier
From Schneier on Security | April 26, 2017 at 07:14 AM

From Schneier on Security

Advances in Ad Blocking

Ad blockers represent the largest consumer boycott in human history. They're also an arms race between the blockers and the blocker blockers. This article discusses... Bruce Schneier
From Schneier on Security | April 25, 2017 at 01:07 PM

From Schneier on Security

Faking Domain Names with Unicode Characters

It's things like this that make phishing attacks easier. News article.... Bruce Schneier
From Schneier on Security | April 25, 2017 at 06:25 AM

From Schneier on Security

Friday Squid Blogging: Video of Squid Attacking Another Squid

Wow, is this cool. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines... Bruce Schneier
From Schneier on Security | April 21, 2017 at 06:04 PM

From Schneier on Security

Tracing Spam from E-mail Headers

Interesting article from Brian Krebs.... Bruce Schneier
From Schneier on Security | April 21, 2017 at 07:22 AM

From Schneier on Security

The DEA Is Buying Cyberweapons from Hacking Team

The US Drug Enforcement Agency has purchased zero-day exploits from the cyberweapons arms manufacturer Hacking Team. BoingBoing post.... Bruce Schneier
From Schneier on Security | April 20, 2017 at 03:21 PM

From Schneier on Security

Smart TV Hack via the Broadcast Signal

This is impressive: The proof-of-concept exploit uses a low-cost transmitter to embed malicious commands into a rogue TV signal. That signal is then broadcast to... Bruce Schneier
From Schneier on Security | April 20, 2017 at 08:41 AM