Communications of the ACM
Refine your search:
How the “Frontier” Became the Slogan of Uncontrolled AI
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration …
From Schneier on Security
On Security Tokens
Mark Risher of Google extols the virtues of security keys: I'll say it again for the people in the back: with Security Keys, instead of the *user* needing to verify...
From Schneier on Security
Defending Democracies Against Information Attacks
To better understand influence attacks, we proposed an approach that models democracy itself as an information system and explains how democracies are vulnerable...
From Schneier on Security
Stealing Ethereum by Guessing Weak Private Keys
Someone is stealing millions of dollars worth of Ethereum by guessing users' private keys. Normally this should be impossible, but lots of keys seem to be very...
From Schneier on Security
Friday Squid Blogging: Toraiz SQUID Digital Sequencer
Pioneer DJ has a new sequencer: the Toraiz SQUID: Sequencer Inspirational Device. The 16-track sequencer is designed around jamming and performance with a host...
From Schneier on Security
Interview of Me in Taiwan
Business Weekly in Taiwan interviewed me. (Here's a translation courtesy of Google.) It was a surprisingly intimate interview. I hope the Chinese reads better than...
From Schneier on Security
Towards an Information Operations Kill Chain
Cyberattacks don't magically happen; they involve a series of steps. And far from being helpless, defenders can disrupt the attack at any of those steps. This framing...
From Schneier on Security
Fooling Automated Surveillance Cameras with Patchwork Color Printout
Nice bit of adversarial machine learning. The image from this news article is most of what you need to know, but here's the research paper....
From Schneier on Security
Vulnerability in French Government Tchap Chat App
A researcher found a vulnerability in the French government WhatsApp replacement app: Tchap. The vulnerability allows anyone to surreptitiously join any conversation...
From Schneier on Security
G7 Comes Out in Favor of Encryption Backdoors
From a G7 meeting of interior ministers in Paris this month, an "outcome document": Encourage Internet companies to establish lawful access solutions for their...
From Schneier on Security
Excellent Analysis of the Boeing 737 MAX Software Problems
This is the best analysis of the software causes of the Boeing 737 MAX disasters that I have read. Technically this is safety and not security; there was no attacker...
From Schneier on Security
Friday Squid Blogging: New Squid Species off the New Zealand Coast
There's a new diversity of species. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog...
From Schneier on Security
Iranian Cyber-Espionage Tools Leaked Online
The source code of a set of Iranian cyber-espoinage tools was leaked online....
From Schneier on Security
New DNS Hijacking Attacks
DNS hijacking isn't new, but this seems to be an attack of uprecidented scale: Researchers at Cisco's Talos security division on Wednesday revealed that a hacker...
From Schneier on Security
A "Department of Cybersecurity"
Presidential candidate John Delaney has announced a plan to create a Department of Cybersecurity. I have long been in favor of a new federal agency to deal with...
From Schneier on Security
More on the Triton Malware
FireEye is releasing much more information about the Triton malware that attacks critical infrastructure. It has been discovered in more places. This is also a...
From Schneier on Security
Vulnerabilities in the WPA3 Wi-Fi Security Protocol
Researchers have found several vulnerabilities in the WPA3 Wi-Fi security protocol: The design flaws we discovered can be divided in two categories. The first category...
From Schneier on Security
China Spying on Undersea Internet Cables
Supply chain security is an insurmountably hard problem. The recent focus is on Chinese 5G equipment, but the problem is much broader. This opinion piece looks...
From Schneier on Security
Friday Squid Blogging: Detecting Illegal Squid Fishing with Satellite Imagery
Interesting. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...
From Schneier on Security
Maliciously Tampering with Medical Imagery
In what I am sure is only a first in many similar demonstrations, researchers are able to add or remove cancer signs from CT scans. The results easily fool radiologists...
From Schneier on Security