Communications of the ACM
Refine your search:
How the “Frontier” Became the Slogan of Uncontrolled AI
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration …
From Schneier on Security
Hacking Pickleball
My latest book, A Hacker’s Mind, has a lot of sports stories. Sports are filled with hacks, as players look for every possible advantage that doesn’t explicitly...
From Schneier on Security
Using the iPhone Recovery Key to Lock Owners Out of Their iPhones
This a good example of a security feature that can sometimes harm security: Apple introduced the optional recovery key in 2020 to protect users from online hackers...
From Schneier on Security
New Zero-Click Exploits Against iOS
CitizenLab has identified three zero-click exploits against iOS 15 and 16. These were used by NSO Group’s Pegasus spyware in 2022, and deployed by Mexico against...
From Schneier on Security
EFF on the UN Cybercrime Treaty
EFF has a good explainer on the problems with the new UN Cybercrime Treaty, currently being negotiated in Vienna. The draft treaty has the potential to rewrite...
From Schneier on Security
Using LLMs to Create Bioweapons
I’m not sure there are good ways to build guardrails to prevent this sort of thing: There is growing concern regarding the potential misuse of molecular machine...
From Schneier on Security
Swatting as a Service
Motherboard is reporting on AI-generated voices being used for “swatting”: In fact, Motherboard has found, this synthesized call and another against Hempstead High...
From Schneier on Security
Friday Squid Blogging: Colossal Squid
Interesting article on the colossal squid, which is larger than the giant squid. The article answers a vexing question: So why do we always hear about the giant...
From Schneier on Security
Hacking Suicide
Here’s a religious hack: You want to commit suicide, but it’s a mortal sin: your soul goes straight to hell, forever. So what you do is murder someone. That will...
From Schneier on Security
Gaining an Advantage in Roulette
You can beat the game without a computer: On a perfect [roulette] wheel, the ball would always fall in a random way. But over time, wheels develop flaws, which...
From Schneier on Security
Bypassing a Theft Threat Model
Thieves cut through the wall of a coffee shop to get to an Apple store, bypassing the alarms in the process. I wrote about this kind of thing in 2000, in Secrets...
From Schneier on Security
FBI Advising People to Avoid Public Charging Stations
The FBI is warning people against using public phone-charging stations, worrying that the combination power-data port can be used to inject malware onto the devices...
From Schneier on Security
Car Thieves Hacking the CAN Bus
Car thieves are injecting malicious software into a car’s network through wires in the headlights (or taillights) that fool the car into believing that the electronic...
From Schneier on Security
LLMs and Phishing
Here’s an experiment being run by undergraduate computer science students everywhere: Ask ChatGPT to generate phishing emails, and test whether these are better...
From Schneier on Security
Friday Squid Blogging: Squid Food Poisoning
University of Connecticut basketball player Jordan Hawkins claims to have suffered food poisoning from calamari the night before his NCAA finals game. The restaurant...
From Schneier on Security
Research on AI in Adversarial Settings
New research: “Achilles Heels for AGI/ASI via Decision Theoretic Adversaries“: As progress in AI continues to advance, it is important to know how advanced systems...
From Schneier on Security
FBI (and Others) Shut Down Genesis Market
Genesis Market is shut down: Active since 2018, Genesis Market’s slogan was, “Our store sells bots with logs, cookies, and their real fingerprints.” Customers...
From Schneier on Security
North Korea Hacking Cryptocurrency Sites with 3CX Exploit
News: Researchers at Russian cybersecurity firm Kaspersky today revealed that they identified a small number of cryptocurrency-focused firms as at least some of...
From Schneier on Security
UK Runs Fake DDoS-for-Hire Sites
Brian Krebs is reporting that the UK’s National Crime Agency is setting up fake DDoS-for-hire sites as part of a sting operation: The NCA says all of its fake...
From Schneier on Security
Friday Squid Blogging: Giant Squid vs. Blue Marlin
Epic matchup. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines ...
From Schneier on Security