Blogroll | Communications of the ACM

From Schneier on Security

New Destructive Malware Bricks IoT Devices

There's a new malware called BrickerBot that permanently disables vulnerable IoT devices by corrupting their storage capability and reconfiguring kernel parameters... Bruce Schneier
From Schneier on Security | April 11, 2017 at 09:22 AM

From Schneier on Security

Fourth WikiLeaks CIA Attack Tool Dump

WikiLeaks is obviously playing their Top Secret CIA data cache for as much press as they can, leaking the documents a little at a time. On Friday they published... Bruce Schneier
From Schneier on Security | April 10, 2017 at 03:16 PM

From Schneier on Security

Shadow Brokers Releases the Rest of their NSA Hacking Tools

Last August, an unknown group called the Shadow Brokers released a bunch of NSA tools to the public. The common guesses were that the tools were discovered on an... Bruce Schneier
From Schneier on Security | April 10, 2017 at 06:51 AM

From Schneier on Security

Friday Squid Blogging: Squid Can Edit Their Own RNA

This is just plain weird: Rosenthal, a neurobiologist at the Marine Biological Laboratory, was a grad student studying a specific protein in squid when he got an... Bruce Schneier
From Schneier on Security | April 7, 2017 at 05:16 PM

From Schneier on Security

Incident Response as "Hand-to-Hand Combat"

NSA Deputy Director Richard Ledgett described a 2014 Russian cyber attack against the U.S. State Department as "hand-to-hand" combat: "It was hand-to-hand combat... Bruce Schneier
From Schneier on Security | April 7, 2017 at 09:06 AM

From Schneier on Security

Hacking a Brazilian Bank

A detailed account.... Bruce Schneier
From Schneier on Security | April 6, 2017 at 03:16 PM

From Schneier on Security

Many Android Phones Vulnerable to Attacks Over Malicious Wi-Fi Networks

There's ablog post from Google's Project Zero detailing an attack against Android phones over Wi-Fi. From Ars Technica: The vulnerability resides in a widely used... Bruce Schneier
From Schneier on Security | April 6, 2017 at 08:52 AM

From Schneier on Security

APT10 and Cloud Hopper

There's a new report of a nation-state attack, presumed to be from China, on a series of managed ISPs. From the executive summary: Since late 2016, PwC UK and BAE... Bruce Schneier
From Schneier on Security | April 5, 2017 at 11:42 AM

From Schneier on Security

Clever Physical ATM Attack

This is an interesting combination of computer and physical attack: Researchers from the Russian security firm Kaspersky on Monday detailed a new ATM-emptying attack... Bruce Schneier
From Schneier on Security | April 5, 2017 at 07:29 AM

From Schneier on Security

Encryption Policy and Freedom of the Press

Interesting law journal article: "Encryption and the Press Clause," by D. Victoria Barantetsky. Abstract: Almost twenty years ago, a hostile debate over whether... Bruce Schneier
From Schneier on Security | April 4, 2017 at 03:14 PM

From Schneier on Security

Acoustic Attack Against Accelerometers

Interesting acoustic attack against the MEMS accelerometers in devices like FitBits. Millions of accelerometers reside inside smartphones, automobiles, medical... Bruce Schneier
From Schneier on Security | April 4, 2017 at 07:23 AM

From Schneier on Security

Soon You'll Be Able to Hijack Weaponized Police Drones in Connecticut

Not content with having a fleet of insecure surveillance drones, the state of Connecticut wants a fleet of insecure weaponized drones. What could possibly go wrong... Bruce Schneier
From Schneier on Security | April 3, 2017 at 07:30 AM

From Schneier on Security

Friday Squid Blogging: 1887 Animal-Combat Print with Giant Squid

Great Victorian animal-combat scene featuring a giant squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't... Bruce Schneier
From Schneier on Security | March 31, 2017 at 05:29 PM

From Schneier on Security

Finding FBI Director James Comey's Twitter Account

An interesting story of uncovering an anonymous Internet social media account.... Bruce Schneier
From Schneier on Security | March 31, 2017 at 03:16 PM

From Schneier on Security

Congress Removes FCC Privacy Protections on Your Internet Usage

Think about all of the websites you visit every day. Now imagine if the likes of Time Warner, AT&T, and Verizon collected all of your browsing history and sold... Bruce Schneier
From Schneier on Security | March 31, 2017 at 01:07 PM

From Schneier on Security

Security Orchestration and Incident Response

Last month at the RSA Conference, I saw a lot of companies selling security incident response automation. Their promise was to replace people with computers --... Bruce Schneier
From Schneier on Security | March 29, 2017 at 07:16 AM

From Schneier on Security

Kalyna Block Cipher

Kalyna is a block cipher that became a Ukrainian national standard in 2015. It supports block and key sizes of 128, 256, and 512 bits. Its structure looks like... Bruce Schneier
From Schneier on Security | March 28, 2017 at 07:26 AM

From Schneier on Security

The TSA's Selective Laptop Ban

Last Monday, the TSA announced a peculiar new security measure to take effect within 96 hours. Passengers flying into the US on foreign airlines from eight Muslim... Bruce Schneier
From Schneier on Security | March 27, 2017 at 07:28 AM

From Schneier on Security

Friday Squid Blogging: Squid from Utensils

Available on eBay. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.... Bruce Schneier
From Schneier on Security | March 24, 2017 at 05:06 PM

From Schneier on Security

Commenting Policy for This Blog

Over the past few months, I have been watching my blog comments decline in civility. I blame it in part on the contentious US election and its aftermath. It's also... Bruce Schneier
From Schneier on Security | March 24, 2017 at 03:20 PM