Communications of the ACM
Refine your search:
How the “Frontier” Became the Slogan of Uncontrolled AI
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration …
From Schneier on Security
Hiding Secret Messages in Fingerprints
This is a fun steganographic application: hiding a message in a fingerprint image. Can't see any real use for it, but that's okay....
From Schneier on Security
Friday Squid Blogging: Australian Fisherman Gets Inked
Pretty good video. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines...
From Schneier on Security
The Pentagon is Publishing Foreign Nation-State Malware
This is a new thing: The Pentagon has suddenly started uploading malware samples from APTs and other nation-state sources to the website VirusTotal, which is essentially...
From Schneier on Security
Privacy and Security of Data at Universities
Interesting paper: "Open Data, Grey Data, and Stewardship: Universities at the Privacy Frontier," by Christine Borgman: Abstract: As universities recognize the...
From Schneier on Security
iOS 12.1 Vulnerability
This is really just to point out that computer security is really hard: Almost as soon as Apple released iOS 12.1 on Tuesday, a Spanish security researcher discovered...
From Schneier on Security
Consumer Reports Reviews Wireless Home-Security Cameras
Consumer Reports is starting to evaluate the security of IoT devices. As part of that, it's reviewing wireless home-security cameras. It found significant security...
From Schneier on Security
Security of Solid-State-Drive Encryption
Interesting research: "Self-encrypting deception: weaknesses in the encryption of solid state drives (SSDs)": Abstract: We have analyzed the hardware full-disk...
From Schneier on Security
Troy Hunt on Passwords
Troy Hunt has a good essay about why passwords are here to stay, despite all their security problems: This is why passwords aren't going anywhere in the foreseeable...
From Schneier on Security
Friday Squid Blogging: Eating More Squid
This research paper concludes that we'll be eating more squid in the future. As usual, you can also use this squid post to talk about the security stories in the...
From Schneier on Security
How to Punish Cybercriminals
Interesting policy paper by Third Way: "To Catch a Hacker: Toward a comprehensive strategy to identify, pursue, and punish malicious cyber actors": In this paper...
From Schneier on Security
Buying Used Voting Machines on eBay
This is not surprising: This year, I bought two more machines to see if security had improved. To my dismay, I discovered that the newer model machines -- those...
From Schneier on Security
Was the Triton Malware Attack Russian in Origin?
The conventional story is that Iran targeted Saudi Arabia with Triton in 2017. New research from FireEye indicates that it might have been Russia. I don't know....
From Schneier on Security
ID Systems Throughout the 50 States
Jim Harper at CATO has a good survey of state ID systems in the US....
From Schneier on Security
Cell Phone Security and Heads of State
Earlier this week, the New York Times reported that the Russians and the Chinese were eavesdropping on President Donald Trump's personal cell phone and using the...
From Schneier on Security
More on the Supermicro Spying Story
I've blogged twice about the Bloomberg story that China bugged Supermicro networking equipment destined to the US. We still don't know if the story is true, although...
From Schneier on Security
Security Vulnerability in Internet-Connected Construction Cranes
This seems bad: The F25 software was found to contain a capture replay vulnerability -- basically an attacker would be able to eavesdrop on radio transmissions...
From Schneier on Security
Friday Squid Blogging: Squid Falsely Labeled as Octopus
Two New Yorkers have been charged with importing squid from Peru and then reselling it as octopus. Yet another problem that a blockchain-enabled supply-chain system...
From Schneier on Security
Detecting Deep Fakes
This story nicely illustrates the arms race between technologies to create fake videos and technologies to detect fake videos: These fakes, while convincing if...
From Schneier on Security
Android Ad-Fraud Scheme
BuzzFeed is reporting on a scheme where fraudsters buy legitimate Android apps, track users' behavior in order to mimic it in a way that evades bot detectors, and...
From Schneier on Security