acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Existential Risk and the Fermi Paradox
From Schneier on Security

Existential Risk and the Fermi Paradox

We know that complexity is the worst enemy of security, because it makes attack easier and defense harder. This becomes catastrophic as the effects of that attack...

LastPass Security Breach
From Schneier on Security

LastPass Security Breach

The company was hacked, and customer information accessed. No passwords were compromised.

Sirius XM Software Vulnerability
From Schneier on Security

Sirius XM Software Vulnerability

This is new: Newly revealed research shows that a number of major car brands, including Honda, Nissan, Infiniti, and Acura, were affected by a previously undisclosed...

Facebook Fined $276M under GDPR
From Schneier on Security

Facebook Fined $276M under GDPR

Facebook—Meta—was just fined $276 million (USD) for a data leak that included full names, birth dates, phone numbers, and location. Meta’s total fine by the Data...

Charles V of Spain Secret Code Cracked
From Schneier on Security

Charles V of Spain Secret Code Cracked

Diplomatic code cracked after 500 years: In painstaking work backed by computers, Pierrot found “distinct families” of about 120 symbols used by Charles V. “Whole...

Computer Repair Technicians Are Stealing Your Data
From Schneier on Security

Computer Repair Technicians Are Stealing Your Data

Laptop technicians routinely violate the privacy of the people whose computers they repair: Researchers at University of Guelph in Ontario, Canada, recovered logs...

The US Has a Shortage of Bomb-Sniffing Dogs
From Schneier on Security

The US Has a Shortage of Bomb-Sniffing Dogs

Nothing beats a dog’s nose for detecting explosives. Unfortunately, there aren’t enough dogs: Last month, the US Government Accountability Office (GAO) released...

Apple’s Device Analytics Can Identify iCloud Users
From Schneier on Security

Apple’s Device Analytics Can Identify iCloud Users

Researchers claim that supposedly anonymous device analytics information can identify users: On Twitter, security researchers Tommy Mysk and Talal Haj Bakry have...

Breaking the Zeppelin Ransomware Encryption Scheme
From Schneier on Security

Breaking the Zeppelin Ransomware Encryption Scheme

Brian Krebs writes about how the Zeppelin ransomware encryption scheme was broken: The researchers said their break came when they understood that while Zeppelin...

Friday Squid Blogging: Squid Brains
From Schneier on Security

Friday Squid Blogging: Squid Brains

Researchers have new evidence of how squid brains develop: Researchers from the FAS Center for Systems Biology describe how they used a new live-imaging technique...

First Review of A Hacker’s Mind
From Schneier on Security

First Review of A Hacker’s Mind

Kirkus reviews A Hacker’s Mind: A cybersecurity expert examines how the powerful game whatever system is put before them, leaving it to others to cover the cost...

Successful Hack of Time-Triggered Ethernet
From Schneier on Security

Successful Hack of Time-Triggered Ethernet

Time-triggered Ethernet (TTE) is used in spacecraft, basically to use the same hardware to process traffic with different timing and criticality. Researchers have...

Failures in Twitter’s Two-Factor Authentication System
From Schneier on Security

Failures in Twitter’s Two-Factor Authentication System

Twitter is having intermittent problems with its two-factor authentication system: Not all users are having problems receiving SMS authentication codes, and those...

Russian Software Company Pretending to Be American
From Schneier on Security

Russian Software Company Pretending to Be American

Computer code developed by a company called Pushwoosh is in about 8,000 Apple and Google smartphone apps. The company pretends to be American when it is actually...

Another Event-Related Spyware App
From Schneier on Security

Another Event-Related Spyware App

Last month, we were warned not to install Qatar’s World Cup app because it was spyware. This month, it’s Egypt’s COP27 Summit app: The app is being promoted as...

A Digital Red Cross
From Schneier on Security

A Digital Red Cross

The International Committee of the Red Cross wants some digital equivalent to the iconic red cross, to alert would-be hackers that they are accessing a medical...

Friday Squid Blogging: Squid Purse
From Schneier on Security

Friday Squid Blogging: Squid Purse

Perfect for an evening out. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting...

New Book: A Hacker’s Mind
From Schneier on Security

New Book: A Hacker’s Mind

I have a new book coming out in February. It’s about hacking. A Hacker’s Mind: How the Powerful Bend Society’s Rules, and How to Bend them Back isn’t about hacking...

NSA Over-surveillance
From Schneier on Security

NSA Over-surveillance

Here in 2022, we have a newly declassified 2016 Inspector General report—”Misuse of Sigint Systems”—about a 2013 NSA program that resulted in the unauthorized (that...

An Untrustworthy TLS Certificate in Browsers
From Schneier on Security

An Untrustworthy TLS Certificate in Browsers

The major browsers natively trust a whole bunch of certificate authorities, and some of them are really sketchy: Google’s Chrome, Apple’s Safari, nonprofit Firefox...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account