acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Friday Squid Blogging: Injured Giant Squid and Paddleboarder
From Schneier on Security

Friday Squid Blogging: Injured Giant Squid and Paddleboarder

Here’s a video—I don’t know where it’s from—of an injured juvenile male giant squid grabbing on to a paddleboard. As usual, you can also use this squid post tohere...

Hacking the JFK Airport Taxi Dispatch System
From Schneier on Security

Hacking the JFK Airport Taxi Dispatch System

Two men have been convicted of hacking the taxi dispatch system at the JFK airport. This enabled them to reorder the taxis on the list; they charged taxi drivers...

Critical Microsoft Code-Execution Vulnerability
From Schneier on Security

Critical Microsoft Code-Execution Vulnerability

A critical code-execution vulnerability in Microsoft Windows was patched in September. It seems that researchers just realized how serious it was (and is): Like...

Trojaned Windows Installer Targets Ukraine
From Schneier on Security

Trojaned Windows Installer Targets Ukraine

Mandiant is reporting on a trojaned Windows installer that targets Ukrainian users. The installer was left on various torrent sites, presumably ensnaring people...

How to Surrender to a Drone
From Schneier on Security

How to Surrender to a Drone

The Ukrainian army has released an instructional video explaining how Russian soldiers should surrender to a drone: “Seeing the drone in the field of view, make...

Friday Squid Blogging: Squid in Concert
From Schneier on Security

Friday Squid Blogging: Squid in Concert

Squid is performing a concert in London in February. If you don’t know what their music is like, try this or this or this. As usual, you can also use this squid...

Apple Patches iPhone Zero-Day
From Schneier on Security

Apple Patches iPhone Zero-Day

The most recent iPhone update—to version 16.1.2—patches a zero-day vulnerability that “may have been actively exploited against versions of iOS released beforeNews...

A Security Vulnerability in the KmsdBot Botnet
From Schneier on Security

A Security Vulnerability in the KmsdBot Botnet

Security researchers found a software bug in the KmsdBot cryptomining botnet: With no error-checking built in, sending KmsdBot a malformed command­—like its controllers...

Reimagining Democracy
From Schneier on Security

Reimagining Democracy

Last week, I hosted a two-day workshop on reimagining democracy. The idea was to bring together people from a variety of disciplines who are all thinking about...

Hacking Boston’s CharlieCard
From Schneier on Security

Hacking Boston’s CharlieCard

Interesting discussion of vulnerabilities and exploits against Boston’s CharlieCard.

Obligatory ChatGPT Post
From Schneier on Security

Obligatory ChatGPT Post

Seems like absolutely everyone everywhere is playing with Chat GPT. So I did, too…. Write an essay in the style of Bruce Schneier on how ChatGPT will affect cybersecurity...

Apple Is Finally Encrypting iCloud Backups
From Schneier on Security

Apple Is Finally Encrypting iCloud Backups

After way too many years, Apple is finally encrypting iCloud backups: Based on a screenshot from Apple, these categories are covered when you flip on Advanced Data...

Friday Squid Blogging: China Bans Taiwanese Squid Imports
From Schneier on Security

Friday Squid Blogging: China Bans Taiwanese Squid Imports

Today I have some squid geopolitical news. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read...

Hacking Trespass Law
From Schneier on Security

Hacking Trespass Law

This article talks about public land in the US that is completely surrounded by private land, which in some cases makes it inaccessible to the public. But there...

Security Vulnerabilities in Eufy Cameras
From Schneier on Security

Security Vulnerabilities in Eufy Cameras

Eufy cameras claim to be local only, but upload data to the cloud. The company is basically lying to reporters, despite being shown evidence to the contrary. The...

Leaked Signing Keys Are Being Used to Sign Malware
From Schneier on Security

Leaked Signing Keys Are Being Used to Sign Malware

A bunch of Android OEM signing keys have been leaked or stolen, and they are actively being used to sign malware. Łukasz Siewierski, a member of Google’s Android...

The Decoupling Principle
From Schneier on Security

The Decoupling Principle

This is a really interesting paper that discusses what the authors call the Decoupling Principle: The idea is simple, yet previously not clearly articulated: to...

CryWiper Data Wiper Targeting Russian Sites
From Schneier on Security

CryWiper Data Wiper Targeting Russian Sites

Kaspersky is reporting on a data wiper masquerading as ransomware that is targeting local Russian government networks. The Trojan corrupts any data that’s not...

CAPTCHA
From Schneier on Security

CAPTCHA

This is an actual CAPTCHA I was shown when trying to log into PayPal. As an actual human and not a bot, I had no idea how to answer. Is this a joke? (Seems not...

Friday Squid Blogging: Legend of the Indiana Oil-Pit Squid
From Schneier on Security

Friday Squid Blogging: Legend of the Indiana Oil-Pit Squid

At a GMC plant. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account