Blogroll | Communications of the ACM

From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm speaking at A New Initiative for Poland in Warsaw, January 16-17, 2019. I'm speaking at the... Bruce Schneier
From Schneier on Security | January 14, 2019 at 05:21 PM

From Schneier on Security

Why Internet Security Is So Bad

I recently read two different essays that make the point that while Internet security is terrible, it really doesn't affect people enough to make it an issue. This... Bruce Schneier
From Schneier on Security | January 14, 2019 at 12:13 PM

From Schneier on Security

Friday Squid Blogging: New Giant Squid Video

This is a fantastic video of a young giant squid named Heck swimming around Toyama Bay near Tokyo. As usual, you can also use this squid post to talk about the... Bruce Schneier
From Schneier on Security | January 11, 2019 at 03:48 PM

From Schneier on Security

Using a Fake Hand to Defeat Hand-Vein Biometrics

Nice work: One attraction of a vein based system over, say, a more traditional fingerprint system is that it may be typically harder for an attacker to learn how... Bruce Schneier
From Schneier on Security | January 11, 2019 at 07:38 AM

From Schneier on Security

Security Vulnerabilities in Cell Phone Systems

Good essay on the inherent vulnerabilities in the cell phone standards and the market barriers to fixing them. So far, industry and policymakers have largely dragged... Bruce Schneier
From Schneier on Security | January 10, 2019 at 06:52 AM

From Schneier on Security

EU Offering Bug Bounties on Critical Open-Source Software

The EU is offering "bug bounties on Free Software projects that the EU institutions rely on." Slashdot thread.... Bruce Schneier
From Schneier on Security | January 9, 2019 at 08:05 AM

From Schneier on Security

Machine Learning to Detect Software Vulnerabilities

No one doubts that artificial intelligence (AI) and machine learning (ML) will transform cybersecurity. We just don't know how, or when. While the literature generally... Bruce Schneier
From Schneier on Security | January 8, 2019 at 07:13 AM

From Schneier on Security

New Attack Against Electrum Bitcoin Wallets

This is clever: How the attack works: Attacker added tens of malicious servers to the Electrum wallet network. Users of legitimate Electrum wallets initiate a Bitcoin... Bruce Schneier
From Schneier on Security | January 7, 2019 at 07:13 AM

From Schneier on Security

Friday Squid Blogging: The Future of the Squid Market

It's growing. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines... Bruce Schneier
From Schneier on Security | January 4, 2019 at 05:16 PM

From Schneier on Security

Podcast Interview with Eva Gaperon

Nice interview with the EFF's director of cybersecurity, Eva Gaperon.... Bruce Schneier
From Schneier on Security | January 3, 2019 at 10:09 AM

From Schneier on Security

Long-Range Familial Searching Forensics

Good article on using long-range familial searching -- basically, DNA matching of distant relatives -- as a police forensics tool.... Bruce Schneier
From Schneier on Security | January 2, 2019 at 10:29 AM

From Schneier on Security

China's APT10

Wired has an excellent article on China's APT10 hacking group. Specifically, on how they hacked managed service providers in order to get to their customers' networks... Bruce Schneier
From Schneier on Security | December 31, 2018 at 06:57 AM

From Schneier on Security

Friday Squid Blogging: Squid-Focused Menus in Croatia

This is almost over: From 1 December 2018 -- 6 January 2019, Days of Adriatic squid will take place at restaurants all over north-west Istria. Restaurants will... Bruce Schneier
From Schneier on Security | December 28, 2018 at 05:04 PM

From Schneier on Security

Click Here to Kill Everybody Available as an Audiobook

Click Here to Kill Everybody is finally available on Audible.com. I have ten download codes. Not having anything better to do with them, here they are: HADQSSFC98WCQ... Bruce Schneier
From Schneier on Security | December 28, 2018 at 01:11 PM

From Schneier on Security

Massive Ad Fraud Scheme Relied on BGP Hijacking

This is a really interesting story of an ad fraud scheme that relied on hijacking the Border Gateway Protocol: Members of 3ve (pronounced "eve") used their large... Bruce Schneier
From Schneier on Security | December 28, 2018 at 07:43 AM

From Schneier on Security

Stealing Nativity Displays

The New York Times is reporting on the security measures people are using to protect nativity displays.... Bruce Schneier
From Schneier on Security | December 27, 2018 at 07:25 AM

From Schneier on Security

Human Rights by Design

Good essay: "Advancing Human-Rights-By-Design In The Dual-Use Technology Industry," by Jonathon Penney, Sarah McKune, Lex Gill, and Ronald J. Deibert: But businesses... Bruce Schneier
From Schneier on Security | December 26, 2018 at 07:27 AM

From Schneier on Security

Glitter Bomb against Package Thieves

Stealing packages from unattended porches is a rapidly rising crime, as more of us order more things by mail. One person hid a glitter bomb and a video recorder... Bruce Schneier
From Schneier on Security | December 25, 2018 at 07:13 AM

From Schneier on Security

MD5 and SHA-1 Still Used in 2018

Last week, the Scientific Working Group on Digital Evidence published a draft document -- "SWGDE Position on the Use of MD5 and SHA1 Hash Algorithms in Digital... Bruce Schneier
From Schneier on Security | December 24, 2018 at 07:25 AM

From Schneier on Security

Friday Squid Blogging: Illegal North Korean Squid Fishing

North Korea is engaged in even more illegal squid fishing than previously. As usual, you can also use this squid post to talk about the security stories in the... Bruce Schneier
From Schneier on Security | December 21, 2018 at 05:14 PM