Blogroll | Communications of the ACM

From Schneier on Security

Security and Privacy Implications of Zoom

Over the past few weeks, Zoom's use has exploded since it became the video conferencing platform of choice in today's COVID-19 world. (My own university, Harvard... Bruce Schneier
From Schneier on Security | April 3, 2020 at 11:10 AM

From Schneier on Security

Bug Bounty Programs Are Being Used to Buy Silence

Investigative report on how commercial bug-bounty programs like HackerOne, Bugcrowd, and SynAck are being used to silence researchers: Used properly, bug bounty... Bruce Schneier
From Schneier on Security | April 3, 2020 at 07:21 AM

From Schneier on Security

Marriott Was Hacked -- Again

Marriott announced another data breach, this one affecting 5.2 million people: At this point, we believe that the following information may have been involved,... Bruce Schneier
From Schneier on Security | April 2, 2020 at 12:33 PM

From Schneier on Security

Dark Web Hosting Provider Hacked

Daniel's Hosting, which hosts about 7,600 dark web portals for free, has been hacked and is down. It's unclear when, or if, it will be back up.... Bruce Schneier
From Schneier on Security | April 1, 2020 at 07:53 AM

From Schneier on Security

Clarifying the Computer Fraud and Abuse Act

A federal court has ruled that violating a website's tems of service is not "hacking" under the Computer Fraud and Abuse Act. The plaintiffs wanted to investigate... Bruce Schneier
From Schneier on Security | March 31, 2020 at 08:51 AM

From Schneier on Security

Privacy vs. Surveillance in the Age of COVID-19

The trade-offs are changing: As countries around the world race to contain the pandemic, many are deploying digital surveillance tools as a means to exert social... Bruce Schneier
From Schneier on Security | March 30, 2020 at 07:32 AM

From Schneier on Security

Friday Squid Blogging: Squid Can Edit Their Own Genome

Amazing: Revealing yet another super-power in the skillful squid, scientists have discovered that squid massively edit their own genetic instructions not only within... Bruce Schneier
From Schneier on Security | March 27, 2020 at 05:28 PM

From Schneier on Security

Story of Gus Weiss

This is a long and fascinating article about Gus Weiss, who masterminded a long campaign to feed technical disinformation to the Soviet Union, which may or may... Bruce Schneier
From Schneier on Security | March 27, 2020 at 07:03 AM

From Schneier on Security

On Cyber Warranties

Interesting article discussing cyber-warranties, and whether they are an effective way to transfer risk (as envisioned by Ackerlof's "market for lemons") or a marketing... Bruce Schneier
From Schneier on Security | March 26, 2020 at 07:27 AM

From Schneier on Security

Facial Recognition for People Wearing Masks

The Chinese facial recognition company Hanwang claims it can recognize people wearing masks: The company now says its masked facial recognition program has reached... Bruce Schneier
From Schneier on Security | March 25, 2020 at 07:33 AM

From Schneier on Security

Internet Voting in Puerto Rico

Puerto Rico is considered allowing for Internet voting. I have joined a group of security experts in a letter opposing the bill. Cybersecurity experts agree that... Bruce Schneier
From Schneier on Security | March 24, 2020 at 07:01 AM

From Schneier on Security

Hacking Voice Assistants with Ultrasonic Waves

I previously wrote about hacking voice assistants with lasers. Turns you can do much the same thing with ultrasonic waves: Voice assistants -- the demo targeted... Bruce Schneier
From Schneier on Security | March 23, 2020 at 07:19 AM

From Schneier on Security

Friday Squid Blogging: Squid Orders Down in Italy

COVID-19 is depressing the demand for squid in Italy. The article is a week old, and already seems almost comically quaint. As usual, you can also use this squid... Bruce Schneier
From Schneier on Security | March 20, 2020 at 05:18 PM

From Schneier on Security

Emergency Surveillance During COVID-19 Crisis

Israel is using emergency surveillance powers to track people who may have COVID-19, joining China and Iran in using mass surveillance in this way. I believe pressure... Bruce Schneier
From Schneier on Security | March 20, 2020 at 07:25 AM

From Schneier on Security

Work-from-Home Security Advice

SANS has made freely available its "Work-from-Home Awareness Kit." When I think about how COVID-19's security measures are affecting organizational networks, I... Bruce Schneier
From Schneier on Security | March 19, 2020 at 07:49 AM

From Schneier on Security

The Insecurity of WordPress and Apache Struts

Interesting data: A study that analyzed all the vulnerability disclosures between 2010 and 2019 found that around 55% of all the security bugs that have been weaponized... Bruce Schneier
From Schneier on Security | March 18, 2020 at 08:45 AM

From Schneier on Security

TSA Admits Liquid Ban Is Security Theater

The TSA is allowing people to bring larger bottles of hand sanitizer with them on airplanes: Passengers will now be allowed to travel with containers of liquid... Bruce Schneier
From Schneier on Security | March 16, 2020 at 10:31 AM

From Schneier on Security

Friday Squid Blogging: New Report on Squid Markets

This report costs $2,000. (Please don't buy it for me.) As usual, you can also use this squid post to talk about the security stories in the news that I haven't... Bruce Schneier
From Schneier on Security | March 13, 2020 at 05:02 PM

From Schneier on Security

The EARN-IT Act

Prepare for another attack on encryption in the U.S. The EARN-IT Act purports to be about protecting children from predation, but it's really about forcing the... Bruce Schneier
From Schneier on Security | March 13, 2020 at 07:20 AM

From Schneier on Security

The Whisper Secret-Sharing App Exposed Locations

This is a big deal: Whisper, the secret-sharing app that called itself the "safest place on the Internet," left years of users' most intimate confessions exposed... Bruce Schneier
From Schneier on Security | March 12, 2020 at 07:30 AM