acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Wi-Fi Devices as Physical Object Sensors
From Schneier on Security

Wi-Fi Devices as Physical Object Sensors

The new 802.11bf standard will turn Wi-Fi devices into object sensors: In three years or so, the Wi-Fi specification is scheduled to get an upgrade that will turn...

Friday Squid Blogging: 500-Million-Year-Old Cephalopod
From Schneier on Security

Friday Squid Blogging: 500-Million-Year-Old Cephalopod

The oldest known cephalopod — the ancestor of all modern octopuses, squid, cuttlefish and nautiluses — is 500 million years old. As usual, you can also use this...

Malware Hidden in Call of Duty Cheating Software
From Schneier on Security

Malware Hidden in Call of Duty Cheating Software

News article: Most troublingly, Activision says that the “cheat” tool has been advertised multiple times on a popular cheating forum under the title “new COD hack...

Fugitive Identified on YouTube By His Distinctive Tattoos
From Schneier on Security

Fugitive Identified on YouTube By His Distinctive Tattoos

A mafia fugitive hiding out in the Dominican Republic was arrested when investigators found his YouTube cooking channel and identified him by his distinctive arm...

System Update: New Android Malware
From Schneier on Security

System Update: New Android Malware

Researchers have discovered a new Android app called “System Update” that is a sophisticated Remote-Access Trojan (RAT). From a news article: The broad range of...

Friday Squid Blogging: Squid Potato Masher
From Schneier on Security

Friday Squid Blogging: Squid Potato Masher

A squid potato masher for only $11.50. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my...

Hacking Weapons Systems
From Schneier on Security

Hacking Weapons Systems

Lukasz Olejnik has a good essay on hacking weapons systems. Basically, there is no reason to believe that software in weapons systems is any more vulnerability...

Determining Key Shape from Sound
From Schneier on Security

Determining Key Shape from Sound

It’s not yet very accurate or practical, but under ideal conditions it is possible to figure out the shape of a house key by listening to it being used. Listen...

Accellion Supply Chain Hack
From Schneier on Security

Accellion Supply Chain Hack

A vulnerability in the Accellion file-transfer program is being used by criminal groups to hack networks worldwide. There’s much in the article about when Accellion...

Details of a Computer Banking Scam
From Schneier on Security

Details of a Computer Banking Scam

This is a longish video that describes a profitable computer banking scam that’s run out of call centers in places like India. There’s a lot of fluff about glitterbombs...

Easy SMS Hijacking
From Schneier on Security

Easy SMS Hijacking

Vice is reporting on a cell phone vulnerability caused by commercial SMS services. One of the things these services permit is text message forwarding. It turns...

Exploiting Spectre Over the Internet
From Schneier on Security

Exploiting Spectre Over the Internet

Google has demonstrated exploiting the Spectre CPU attack remotely over the web: Today, we’re sharing proof-of-concept (PoC) code that confirms the practicality...

Illegal Content and the Blockchain
From Schneier on Security

Illegal Content and the Blockchain

Security researchers have recently discovered a botnet with a novel defense against takedowns. Normally, authorities can disable a botnet by taking over its command...

More on the Chinese Zero-Day Microsoft Exchange Hack
From Schneier on Security

More on the Chinese Zero-Day Microsoft Exchange Hack

Nick Weaver has an excellent post on the Microsoft Exchange hack: The investigative journalist Brian Krebs has produced a handy timeline of events and a few things...

On the Insecurity of ES&S Voting Machines’ Hash Code
From Schneier on Security

On the Insecurity of ES&S Voting Machines’ Hash Code

Andrew Appel and Susan Greenhalgh have a blog post on the insecurity of ES&S’s software authentication system: It turns out that ES&S has bugs in their hash-code...

Security Analysis of Apple’s “Find My…” Protocol
From Schneier on Security

Security Analysis of Apple’s “Find My…” Protocol

Interesting research: “Who Can Find My Devices? Security and Privacy of Apple’s Crowd-Sourced Bluetooth Location Tracking System“: Abstract: Overnight, Apple has...

Metadata Left in Security Agency PDFs
From Schneier on Security

Metadata Left in Security Agency PDFs

Really interesting research: “Exploitation and Sanitization of Hidden Data in PDF Files” Abstract: Organizations publish and share more and more electronic documents...

Fast Random Bit Generation
From Schneier on Security

Fast Random Bit Generation

Science has a paper (and commentary) on generating 250 random terabits per second with a laser. I don’t know how cryptographically secure they are, but that can...

On Not Fixing Old Vulnerabilities
From Schneier on Security

On Not Fixing Old Vulnerabilities

How is this even possible? …26% of companies Positive Technologies tested were vulnerable to WannaCry, which was a threat years ago, and some even vulnerable to...

Friday Squid Blogging: Squid Cartoon
From Schneier on Security

Friday Squid Blogging: Squid Cartoon

Squid ink. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account