Blogroll | Communications of the ACM

From Schneier on Security

Disclosing vs Hoarding Vulnerabilities

There's a debate going on about whether the U.S. government -- specifically, the NSA and United States Cyber Comman -- should stockpile Internet vulnerabilities... Bruce Schneier
From Schneier on Security | May 22, 2014 at 07:15 AM

From Schneier on Security

The NSA is Not Made of Magic

I am regularly asked what is the most surprising thing about the Snowden NSA documents. It's this: the NSA is not made of magic. Its tools are no different from... Bruce Schneier
From Schneier on Security | May 21, 2014 at 04:52 PM

From Schneier on Security

Government Policy on Cell Phone Interception Technology

New paper: "Your Secret Stingray's No Secret Anymore: The Vanishing Government Monopoly Over Cell Phone Surveillance and its Impact on National Security and Consumer... Bruce Schneier
From Schneier on Security | May 21, 2014 at 10:51 AM

From Schneier on Security

Preplay Attack on Chip and PIN

Interesting research paper on a bank card chip-and-PIN vulnerability. From the blog post: Our new paper shows that it is possible to create clone chip cards which... Bruce Schneier
From Schneier on Security | May 20, 2014 at 03:04 PM

From Schneier on Security

Advances in Solving the Discrete Log Problem

At Eurocrypt this year, researchers presented a paper that completely breaks the discrete log problem in any field with a small characteristic. It's nice work,... Bruce Schneier
From Schneier on Security | May 20, 2014 at 07:13 AM

From Schneier on Security

Pervasive Monitoring as Network Attack

New IETF RFC: "RFC 7258: Pervasive Monitoring Is an Attack" that designers must mitigate. Slashdot thread.... Bruce Schneier
From Schneier on Security | May 19, 2014 at 02:44 PM

From Schneier on Security

Abusing Power to Shut Down a Twitter Parody Account

This is a pretty horrible story of a small-town mayor abusing his authority -- warrants where there is no crime, police raids, incidental marijuana bust -- to identify... Bruce Schneier
From Schneier on Security | May 19, 2014 at 08:07 AM

From Schneier on Security

Friday Squid Blogging: Fossil Squid

Rare fossilized cephalopods. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.... Bruce Schneier
From Schneier on Security | May 16, 2014 at 05:42 PM

From Schneier on Security

How to Stop an Insider from Stealing All Your Secrets

This article from Communications of the ACM outlines some of the security measures the NSA could, and should, have had in place to stop someone like Snowden. Mostly... Bruce Schneier
From Schneier on Security | May 16, 2014 at 01:34 PM

From Schneier on Security

Forged SSL Certificates Pervasive on the Internet

About 0.2% of all SSL certificates are forged. This is the first time I've ever seen a number based on real data. News article: Of 3.45 million real-world connections... Bruce Schneier
From Schneier on Security | May 16, 2014 at 07:43 AM

From Schneier on Security

Is Antivirus Dead?

Symantec declared anti-virus dead, and Brian Krebs writes a good response. He's right: antivirus won't protect you from the ever-increasing percentage of malware... Bruce Schneier
From Schneier on Security | May 15, 2014 at 02:58 PM

From Schneier on Security

Seventh Movie-Plot Threat Contest Semifinalists

On April 1, I announced the Seventh Movie Plot Threat Contest: The NSA has won, but how did it do it? How did it use its ability to conduct ubiquitous surveillance... Bruce Schneier
From Schneier on Security | May 15, 2014 at 07:08 AM

From Schneier on Security

Espionage vs. Surveillance

According to NSA documents published in Glenn Greenwald's new book No Place to Hide, we now know that the NSA spies on embassies and missions all over the world... Bruce Schneier
From Schneier on Security | May 14, 2014 at 01:53 PM

From Schneier on Security

New Al Qaeda Encryption Software

The Web intelligence company Recorded Future is reporting -- picked up by the Wall Street Journal -- that al Qaeda is using new encryption software in the wake... Bruce Schneier
From Schneier on Security | May 14, 2014 at 07:58 AM

From Schneier on Security

Computer Forensics in Fiction

New television show -- CSI: Cyber. I hope they have some good technical advisers, but I doubt they do.... Bruce Schneier
From Schneier on Security | May 13, 2014 at 01:59 PM

From Schneier on Security

New NSA Snowden Documents

Glenn Greenwald's book, No Place to Hide, has been published today. There are about 100 pages of NSA documents on the book's website. I haven't gone through them... Bruce Schneier
From Schneier on Security | May 13, 2014 at 07:40 AM

From Schneier on Security

Steganography in Tweets

Clever, but make sure to heed the caveats in the final two paragraphs.... Bruce Schneier
From Schneier on Security | May 12, 2014 at 05:40 PM

From Schneier on Security

Internet Subversion

In addition to turning the Internet into a worldwide surveillance platform, the NSA has surreptitiously weakened the products, protocols, and standards we all use... Bruce Schneier
From Schneier on Security | May 12, 2014 at 07:26 AM

From Schneier on Security

Friday Squid Blogging: The Evolutionary Purpose of Pain

A new study shows that Doryteuthis pealei in pain -- or whatever passes for pain in that species -- has heightened sensory sensitivity and heightened reactions.... Bruce Schneier
From Schneier on Security | May 9, 2014 at 05:44 PM

From Schneier on Security

Putin Requires Russian Bloggers to Register with the Government

This is not good news. Widely known as the "bloggers law," the new Russian measure specifies that any site with more than 3,000 visitors daily will be considered... Bruce Schneier
From Schneier on Security | May 8, 2014 at 06:57 PM