Blogroll | Communications of the ACM

From Schneier on Security

Mailbox Insecurity

It turns out that all cluster mailboxes in the Denver area have the same master key. So if someone robs a postal carrier, they can open any mailbox. I get that... Bruce Schneier
From Schneier on Security | December 19, 2024 at 10:24 AM

From Schneier on Security

New Advances in the Understanding of Prime Numbers

Really interesting research into the structure of prime numbers. Not immediately related to the cryptanalysis of prime-number-based public-key algorithms, but every... Bruce Schneier
From Schneier on Security | December 18, 2024 at 11:40 AM

From Schneier on Security

Hacking Digital License Plates

Not everything needs to be digital and “smart.” License plates, for example: Josep Rodriguez, a researcher at security firm IOActive, has revealed a technique to... Bruce Schneier
From Schneier on Security | December 17, 2024 at 12:04 PM

From Schneier on Security

Friday Squid Blogging: Biology and Ecology of the Colossal Squid

Good survey paper. Blog moderation policy. Bruce Schneier
From Schneier on Security | December 13, 2024 at 05:05 PM

From Schneier on Security

Ultralytics Supply-Chain Attack

Last week, we saw a supply-chain attack against the Ultralytics AI library on GitHub. A quick summary: On December 4, a malicious version 8.3.41 of the popularultralytics... Bruce Schneier
From Schneier on Security | December 13, 2024 at 11:33 AM

From Schneier on Security

Jailbreaking LLM-Controlled Robots

Surprising no one, it’s easy to trick an LLM-controlled robot into ignoring its safety instructions. Bruce Schneier
From Schneier on Security | December 11, 2024 at 07:02 AM

From Schneier on Security

Full-Face Masks to Frustrate Identification

This is going to be interesting. It’s a video of someone trying on a variety of printed full-face masks. They won’t fool anyone for long, but will survive casual... Bruce Schneier
From Schneier on Security | December 10, 2024 at 07:06 AM

From Schneier on Security

Trust Issues in AI

For a technology that seems startling in its modernity, AI sure has a long history. Google Translate, OpenAI chatbots, and Meta AI image generators are built on... Bruce Schneier
From Schneier on Security | December 9, 2024 at 07:01 AM

From Schneier on Security

Friday Squid Blogging: Safe Quick Undercarriage Immobilization Device

Fifteen years ago I blogged about a different SQUID. Here’s an update: Fleeing drivers are a common problem for law enforcement. They just won’t stop unless persuaded... Bruce Schneier
From Schneier on Security | December 6, 2024 at 05:05 PM

From Schneier on Security

Detecting Pegasus Infections

This tool seems to do a pretty good job. The company’s Mobile Threat Hunting feature uses a combination of malware signature-based detection, heuristics, and machine... Bruce Schneier
From Schneier on Security | December 6, 2024 at 07:09 AM

From Schneier on Security

Details about the iOS Inactivity Reboot Feature

I recently wrote about the new iOS feature that forces an iPhone to reboot after it’s been inactive for a longish period of time. Here are the technical details... Bruce Schneier
From Schneier on Security | December 2, 2024 at 07:08 AM

From Schneier on Security

Friday Squid Blogging: Squid-Inspired Needle Technology

Interesting research: Using jet propulsion inspired by squid, researchers demonstrate a microjet system that delivers medications directly into tissues, matching... Bruce Schneier
From Schneier on Security | November 29, 2024 at 05:03 PM

From Schneier on Security

Race Condition Attacks against LLMs

These are two attacks against the system components surrounding LLMs: We propose that LLM Flowbreaking, following jailbreaking and prompt injection, joins as the... Bruce Schneier
From Schneier on Security | November 29, 2024 at 07:01 AM

From Schneier on Security

NSO Group Spies on People on Behalf of Governments

The Israeli company NSO Group sells Pegasus spyware to countries around the world (including countries like Saudi Arabia, UAE, India, Mexico, Morocco and Rwanda)... Bruce Schneier
From Schneier on Security | November 27, 2024 at 07:05 AM

From Schneier on Security

Security Analysis of the MERGE Voting Protocol

Interesting analysis: An Internet Voting System Fatally Flawed in Creative New Ways. Abstract: The recently published “MERGE” protocol is designed to be used in... Bruce Schneier
From Schneier on Security | November 25, 2024 at 07:09 AM

From Schneier on Security

Friday Squid Blogging: Transcriptome Analysis of the Indian Squid

Lots of details that are beyond me. Blog moderation policy. Bruce Schneier
From Schneier on Security | November 22, 2024 at 05:01 PM

From Schneier on Security

The Scale of Geoblocking by Nation

Interesting analysis: We introduce and explore a little-known threat to digital equality and freedomwebsites geoblocking users in response to political risks from... Bruce Schneier
From Schneier on Security | November 22, 2024 at 07:06 AM

From Schneier on Security

Why Italy Sells So Much Spyware

Interesting analysis: Although much attention is given to sophisticated, zero-click spyware developed by companies like Israel’s NSO Group, the Italian spyware... Bruce Schneier
From Schneier on Security | November 19, 2024 at 07:05 AM

From Schneier on Security

Friday Squid Blogging: Female Gonatus Onyx Squid Carrying Her Eggs

Fantastic video of a female Gonatus onyx squid swimming while carrying her egg sack. An earlier related post. Blog moderation policy. Bruce Schneier
From Schneier on Security | November 15, 2024 at 05:07 PM

From Schneier on Security

Good Essay on the History of Bad Password Policies

Stuart Schechter makes some good points on the history of bad password policies: Morris and Thompson’s work brought much-needed data to highlight a problem that... Bruce Schneier
From Schneier on Security | November 15, 2024 at 07:05 AM