acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Second WikiLeaks Dump of CIA Documents
From Schneier on Security

Second WikiLeaks Dump of CIA Documents

There are more CIA documents up on WikiLeaks. It seems to be mostly MacOS and iOS. News article....

Hackers Threaten to Erase Apple Customer Data
From Schneier on Security

Hackers Threaten to Erase Apple Customer Data

Turkish hackers are threatening to erase millions of iCloud user accounts unless Apple pays a ransom. This is a weird story, and I'm skeptical of some of the details...

NSA Best Scientific Cybersecurity Paper Competition
From Schneier on Security

NSA Best Scientific Cybersecurity Paper Competition

Every year, the NSA has a competition for the best cybersecurity paper. Winners get to go to the NSA to pick up the award. (Warning: you will almost certainly be...

New Paper on Encryption Workarounds
From Schneier on Security

New Paper on Encryption Workarounds

I have written a paper with Orin Kerr on encryption workarounds. Our goal wasn't to make any policy recommendations. (That was a good thing, since we probably don't...

NSA Documents from before 1930
From Schneier on Security

NSA Documents from before 1930

Here is a listing of all the documents that the NSA has in its archives that are dated earlier than 1930....

WikiLeaks Not Disclosing CIA-Hoarded Vulnerabilities to Companies
From Schneier on Security

WikiLeaks Not Disclosing CIA-Hoarded Vulnerabilities to Companies

WikiLeaks has started publishing a large collection of classified CIA documents, including information on several -- possibly many -- unpublished (i.e., zero-day)...

Friedman Comments on Yardley
From Schneier on Security

Friedman Comments on Yardley

This is William Friedman's highly annotated copy of Herbert Yardley's book, The American Black Chamber....

Security Vulnerabilities in Mobile MAC Randomization
From Schneier on Security

Security Vulnerabilities in Mobile MAC Randomization

Interesting research: "A Study of MAC Address Randomization in Mobile Devices When it Fails": Abstract: Media Access Control (MAC) address randomization is a privacy...

Friday Squid Blogging: Squid Catches Down in Argentina
From Schneier on Security

Friday Squid Blogging: Squid Catches Down in Argentina

News from the South Atlantic: While the outlook is good at present, it is too early to predict what the final balance of this season will be. The sector is totally...

New Gmail Phishing Scam
From Schneier on Security

New Gmail Phishing Scam

The article is right; this is frighteningly good....

History of US Information Warfare
From Schneier on Security

History of US Information Warfare

An interesting history....

Using Intel's SGX to Attack Itself
From Schneier on Security

Using Intel's SGX to Attack Itself

Researchers have demonstrated using Intel's Software Guard Extensions to hide malware and steal cryptographic keys from inside SGX's protected enclave: Malware...

IoT Teddy Bear Leaked Personal Audio Recordings
From Schneier on Security

IoT Teddy Bear Leaked Personal Audio Recordings

CloudPets are an Internet-connected stuffed animals that allow children and parents to send each other voice messages. Last week, we learned that Spiral Toys had...

France Abandons Plans for Internet Voting
From Schneier on Security

France Abandons Plans for Internet Voting

Some good election security news for a change: France is dropping its plans for remote Internet voting, because it's concerned about hacking....

Digital Security Exchange: Security for High-Risk Communities
From Schneier on Security

Digital Security Exchange: Security for High-Risk Communities

I am part of this very interesting project: For many users, blog posts on how to install Signal, massive guides to protecting your digital privacy, and broad statements...

Ransomware for Sale
From Schneier on Security

Ransomware for Sale

Brian Krebs posts a video advertisement for Philadelphia, a ransomware package that you can purchase....

The CIA's "Development Tradecraft DOs and DON'Ts"
From Schneier on Security

The CIA's "Development Tradecraft DOs and DON'Ts"

Useful best practices for malware writers, courtesy of the CIA. Seems like a lot of good advice. General: DO obfuscate or encrypt all strings and configuration...

FBI's Exploit Against Tor
From Schneier on Security

FBI's Exploit Against Tor

The Department of Justice is dropping all charges in a child-porn case rather than release the details of a hack against Tor....

Friday Squid Blogging: Squid Cooking Techniques
From Schneier on Security

Friday Squid Blogging: Squid Cooking Techniques

Here are some squid cooking tips. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Podcast Interview with Me
From Schneier on Security

Podcast Interview with Me

Here's a video interview I did at RSA on the Internet of Things and security....
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account