acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Criminals are Now Exploiting SS7 Flaws to Hack Smartphone Two-Factor Authentication Systems
From Schneier on Security

Criminals are Now Exploiting SS7 Flaws to Hack Smartphone Two-Factor Authentication Systems

I've previously written about the serious vulnerabilities in the SS7 phone routing system. Basically, the system doesn't authenticate messages. Now, criminals are...

Facebook's Observations on Information Operations and the 2016 US Election
From Schneier on Security

Facebook's Observations on Information Operations and the 2016 US Election

Facebook published paper on the information operations it has seen, as well as some observations regarding the recent US election. It's interesting reading....

Using Ultrasonic Beacons to Track Users
From Schneier on Security

Using Ultrasonic Beacons to Track Users

I've previously written about ad networks using ultrasonic communications to jump from one device to another. The idea is for devices like televisions to play ultrasonic...

Friday Squid Blogging: Squid Communications
From Schneier on Security

Friday Squid Blogging: Squid Communications

In the oval squid Sepioteuthis lessoniana, males use body patterns to communicate with both females and other males: To gain insight into the visual communication...

Why is the TSA Scanning Paper?
From Schneier on Security

Why is the TSA Scanning Paper?

I've been reading a bunch of anectotal reports that the TSA is starting to scan paper separately: A passenger going through security at Kansas City International...

Forging Voice
From Schneier on Security

Forging Voice

LyreBird is a system that can accurately reproduce the voice of someone, given a large amount of sample inputs. It's pretty good -- listen to the demo here -- and...

Security of St. Jude Pacemakers
From Schneier on Security

Security of St. Jude Pacemakers

This is a good summary article about the horrible security of St. Jude pacemakers, and the history of the company not doing anything about it....

Fitbit Evidence Used in Murder Investigation
From Schneier on Security

Fitbit Evidence Used in Murder Investigation

Fitbit evidence is cited in an arrest warrant, stating that the device monitored steps by the victim after the suspect claimed she died....

Who is Publishing NSA and CIA Secrets, and Why?
From Schneier on Security

Who is Publishing NSA and CIA Secrets, and Why?

There's something going on inside the intelligence communities in at least two countries, and we have no idea what it is. Consider these three data points. One:...

Friday Squid Blogging: Live Squid Washes up on North Carolina Beach
From Schneier on Security

Friday Squid Blogging: Live Squid Washes up on North Carolina Beach

A "mysterious squid" -- big and red -- washed up on a beach in Carteret County, North Carolina. Someone found it, still alive, and set it back in the water after...

Jumping Airgaps with a Laser and a Scanner
From Schneier on Security

Jumping Airgaps with a Laser and a Scanner

Researchers have configured two computers to talk to each other using a laser and a scanner. Scanners work by detecting reflected light on their glass pane. The...

Stealing Browsing History Using Your Phone's Ambient Light Sensor
From Schneier on Security

Stealing Browsing History Using Your Phone's Ambient Light Sensor

There has been a flurry of research into using the various sensors on your phone to steal data in surprising ways. Here's another: using the phone's ambient light...

Reading Analytics and Privacy
From Schneier on Security

Reading Analytics and Privacy

Interesting paper: "The rise of reading analytics and the emerging calculus of reading privacy in the digital world," by Clifford Lynch: Abstract: This paper studies...

Analyzing Cyber Insurance Policies
From Schneier on Security

Analyzing Cyber Insurance Policies

There's a really interesting new paper analyzing over 100 different cyber insurance policies. From the abstract: In this research paper, we seek to answer fundamental...

Advances in Ad Blocking
From Schneier on Security

Advances in Ad Blocking

Ad blockers represent the largest consumer boycott in human history. They're also an arms race between the blockers and the blocker blockers. This article discusses...

Faking Domain Names with Unicode Characters
From Schneier on Security

Faking Domain Names with Unicode Characters

It's things like this that make phishing attacks easier. News article....

Friday Squid Blogging: Video of Squid Attacking Another Squid
From Schneier on Security

Friday Squid Blogging: Video of Squid Attacking Another Squid

Wow, is this cool. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines...

Tracing Spam from E-mail Headers
From Schneier on Security

Tracing Spam from E-mail Headers

Interesting article from Brian Krebs....

The DEA Is Buying Cyberweapons from Hacking Team
From Schneier on Security

The DEA Is Buying Cyberweapons from Hacking Team

The US Drug Enforcement Agency has purchased zero-day exploits from the cyberweapons arms manufacturer Hacking Team. BoingBoing post....

Smart TV Hack via the Broadcast Signal
From Schneier on Security

Smart TV Hack via the Broadcast Signal

This is impressive: The proof-of-concept exploit uses a low-cost transmitter to embed malicious commands into a rogue TV signal. That signal is then broadcast to...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account