acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Friday Squid Blogging: Searching for Giant Squid by Collecting Environmental DNA
From Schneier on Security

Friday Squid Blogging: Searching for Giant Squid by Collecting Environmental DNA

The idea is to collect and analyze random DNA floating around the ocean, and using that to figure out where the giant squid are. No one is sure if this will actually...

Military Cryptanalytics, Part III
From Schneier on Security

Military Cryptanalytics, Part III

The NSA has just declassified and released a redacted version of Military Cryptanalytics, Part III, by Lambros D. Callimahos, October 1977. Parts I and II, by Lambros...

Amazon Has Trucks Filled with Hard Drives and an Armed Guard
From Schneier on Security

Amazon Has Trucks Filled with Hard Drives and an Armed Guard

From an interview with an Amazon Web Services security engineer: So when you use AWS, part of what you’re paying for is security. Right; it’s part of what we sell...

Brexit Deal Mandates Old Insecure Crypto Algorithms
From Schneier on Security

Brexit Deal Mandates Old Insecure Crypto Algorithms

In what is surely an unthinking cut-and-paste issue, page 921 of the Brexit deal mandates the use of SHA-1 and 1024-bit RSA: The open standard s/MIME as extension...

On the Evolution of Ransomware
From Schneier on Security

On the Evolution of Ransomware

Good article on the evolution of ransomware: Though some researchers say that the scale and severity of ransomware attacks crossed a bright line in 2020, others...

Russia’s SolarWinds Attack
From Schneier on Security

Russia’s SolarWinds Attack

Recent news articles have all been talking about the massive Russian cyberattack against the United States, but that’s wrong on two accounts. It wasn’t a cyberattack...

How China Uses Stolen US Personnel Data
From Schneier on Security

How China Uses Stolen US Personnel Data

Interesting analysis of China’s efforts to identify US spies: By about 2010, two former CIA officials recalled, the Chinese security services had instituted a sophisticated...

Friday Squid Blogging: Linguine allo Scoglio Recipe
From Schneier on Security

Friday Squid Blogging: Linguine allo Scoglio Recipe

Delicious seafood pasta dish — includes squid — from America’s Test Kitchen. As usual, you can also use this squid post to talk about the security stories in the...

Friday Squid Blogging: Small Giant Squid Washes Ashore in Japan
From Schneier on Security

Friday Squid Blogging: Small Giant Squid Washes Ashore in Japan

A ten-foot giant squid has washed ashore on the Western coast of Japan. As usual, you can also use this squid post to talk about the security stories in the news...

Investigating the Navalny Poisoning
From Schneier on Security

Investigating the Navalny Poisoning

Bellingcat has investigated the near-fatal poisoning of Alexey Navalny by the Russian GRU back in August. The details display some impressive traffic analysis.confession...

Eavesdropping on Phone Taps from Voice Assistants
From Schneier on Security

Eavesdropping on Phone Taps from Voice Assistants

The microphones on voice assistants are very sensitive, and can snoop on all sorts of data: In Hey Alexa what did I just type? we show that when sitting up to half...

Friday Squid Blogging: Christmas Squid Memories
From Schneier on Security

Friday Squid Blogging: Christmas Squid Memories

Stuffed squid for Christmas Eve. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my bloghere...

NSA on Authentication Hacks (Related to SolarWinds Breach)
From Schneier on Security

NSA on Authentication Hacks (Related to SolarWinds Breach)

The NSA has published an advisory outlining how “malicious cyber actors” are “are manipulating trust in federated authentication environments to access protected...

More on the SolarWinds Breach
From Schneier on Security

More on the SolarWinds Breach

The New York Times has more details. About 18,000 private and government users downloaded a Russian tainted software update –­ a Trojan horse of sorts ­– that...

Cellebrite Can Break Signal
From Schneier on Security

Cellebrite Can Break Signal

Cellebrite announced that it can break Signal. (Note that the company has heavily edited its blog post, but the original — with lots of technical details — wasarticle...

How the SolarWinds Hackers Bypassed Duo’s Multi-Factor Authentication
From Schneier on Security

How the SolarWinds Hackers Bypassed Duo’s Multi-Factor Authentication

This is interesting: Toward the end of the second incident that Volexity worked involving Dark Halo, the actor was observed accessing the e-mail account of a user...

US Schools Are Buying Cell Phone Unlocking Systems
From Schneier on Security

US Schools Are Buying Cell Phone Unlocking Systems

Gizmodo is reporting that schools in the US are buying equipment to unlock cell phones from companies like Cellebrite: Gizmodo has reviewed similar accounting documents...

Mexican Drug Cartels with High-Tech Spyware
From Schneier on Security

Mexican Drug Cartels with High-Tech Spyware

Sophisticated spyware, sold by surveillance tech companies to Mexican government agencies, are ending up in the hands of drug cartels: As many as 25 private companies...

Zodiac Killer Cipher Solved
From Schneier on Security

Zodiac Killer Cipher Solved

The SF Chronicle is reporting (more details here), and the FBI is confirming, that a Melbourne mathematician and team has decrypted the 1969 message sent by the...

Another Massive Russian Hack of US Government Networks
From Schneier on Security

Another Massive Russian Hack of US Government Networks

The press is reporting a massive hack of US government networks by sophisticated Russian hackers. Officials said a hunt was on to determine if other parts of the...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account