Blogroll | Communications of the ACM

From Schneier on Security

Hacking McDonald's for Free Food

This hack was possible because the McDonald's app didn't authenticate the server, and just did whatever the server told it to do: McDonald's receipts in Germany... Bruce Schneier
From Schneier on Security | February 18, 2020 at 07:09 AM

From Schneier on Security

Voatz Internet Voting App Is Insecure

This paper describes the flaws in the Voatz Internet voting app: "The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting... Bruce Schneier
From Schneier on Security | February 17, 2020 at 07:35 AM

From Schneier on Security

Friday Squid Blogging: Squids Are as Intelligent as Dogs

More news based on the squid brain MRI scan: the complexity of their brains are comparable to dogs. As usual, you can also use this squid post to talk about the... Bruce Schneier
From Schneier on Security | February 14, 2020 at 05:11 PM

From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'll be at RSA Conference 2020 in San Francisco. On Wednesday, February 26, at 2:50 PM, I'll be... Bruce Schneier
From Schneier on Security | February 14, 2020 at 02:03 PM

From Schneier on Security

DNSSEC Keysigning Ceremony Postponed Because of Locked Safe

Interesting collision of real-world and Internet security: The ceremony sees several trusted internet engineers (a minimum of three and up to seven) from across... Bruce Schneier
From Schneier on Security | February 14, 2020 at 07:07 AM

From Schneier on Security

A US Data Protection Agency

The United States is one of the few democracies without some formal data protection agency, and we need one. Senator Gillibrand just proposed creating one.... Bruce Schneier
From Schneier on Security | February 13, 2020 at 10:20 AM

From Schneier on Security

Companies that Scrape Your Email

Motherboard has a long article on apps -- Edison, Slice, and Cleanfox -- that spy on your email by scraping your screen, and then sell that information to others... Bruce Schneier
From Schneier on Security | February 12, 2020 at 11:26 AM

From Schneier on Security

Crypto AG Was Owned by the CIA

The Swiss cryptography firm Crypto AG sold equipment to governments and militaries around the world for decades after World War II. They were owned by the CIA:... Bruce Schneier
From Schneier on Security | February 11, 2020 at 11:42 AM

From Schneier on Security

Apple's Tracking-Prevention Feature in Safari has a Privacy Bug

Last month, engineers at Google published a very curious privacy bug in Apple's Safari web browser. Apple's Intelligent Tracking Prevention, a feature designed... Bruce Schneier
From Schneier on Security | February 10, 2020 at 07:06 AM

From Schneier on Security

Friday Squid Blogging: An MRI Scan of a Squid's Brain

This paper is filled with brain science that I do not understand (news article), but fails to answer what I consider to be the important question: how do you keep... Bruce Schneier
From Schneier on Security | February 7, 2020 at 05:11 PM

From Schneier on Security

Security in 2020: Revisited

Ten years ago, I wrote an essay: "Security in 2020." Well, it's finally 2020. I think I did pretty well. Here's what I said back then: There's really no such thing... Bruce Schneier
From Schneier on Security | February 7, 2020 at 01:50 PM

From Schneier on Security

New Ransomware Targets Industrial Control Systems

EKANS is a new ransomware that targets industrial control systems: But EKANS also uses another trick to ratchet up the pain: It's designed to terminate 64 different... Bruce Schneier
From Schneier on Security | February 7, 2020 at 10:42 AM

From Schneier on Security

A New Clue for the Kryptos Sculpture

Jim Sanborn, who designed the Kryptos sculpture in a CIA courtyard, has released another clue to the still-unsolved part 4. I think he's getting tired of waiting... Bruce Schneier
From Schneier on Security | February 6, 2020 at 07:14 AM

From Schneier on Security

Tree Code

Artist Katie Holten has developed a tree code (basically, a font in trees), and New York City is using it to plant secret messages in parks.... Bruce Schneier
From Schneier on Security | February 5, 2020 at 07:10 AM

From Schneier on Security

New Research on the Adtech Industry

The Norwegian Consumer Council has published an extensive report about how the adtech industry violates consumer privacy. At the same time, it is filing three legal... Bruce Schneier
From Schneier on Security | February 4, 2020 at 07:21 AM

From Schneier on Security

Attacking Driverless Cars with Projected Images

Interesting research -- "Phantom Attacks Against Advanced Driving Assistance Systems": Abstract: The absence of deployed vehicular communication systems, which... Bruce Schneier
From Schneier on Security | February 3, 2020 at 07:24 AM

From Schneier on Security

Friday Squid Blogging: The Pterosaur Ate Squid

New research: "Pterosaurs ate soft-bodied cephalopods (Coleiodea)." News article. As usual, you can also use this squid post to talk about the security stories... Bruce Schneier
From Schneier on Security | January 31, 2020 at 04:58 PM

From Schneier on Security

NSA Security Awareness Posters

From a FOIA request, over a hundred old NSA security awareness posters. Here are the BBC's favorites. Here are Motherboard's favorites. I have a related personal... Bruce Schneier
From Schneier on Security | January 31, 2020 at 02:36 PM

From Schneier on Security

U.S. Department of Interior Grounding All Drones

The Department of Interior is grounding all non-emergency drones due to security concerns: The order comes amid a spate of warnings and bans at multiple government... Bruce Schneier
From Schneier on Security | January 31, 2020 at 07:46 AM

From Schneier on Security

Collating Hacked Data Sets

Two Harvard undergraduates completed a project where they went out on the Dark Web and found a bunch of stolen datasets. Then they correlated all the information... Bruce Schneier
From Schneier on Security | January 30, 2020 at 09:39 AM