Blogroll | Communications of the ACM

From Schneier on Security

Perverse Vulnerability from Interaction between 2-Factor Authentication and iOS AutoFill

Apple is rolling out an iOS security usability feature called Security code AutoFill. The basic idea is that the OS scans incoming SMS messages for security codes... Bruce Schneier
From Schneier on Security | June 20, 2018 at 07:51 AM

From Schneier on Security

Free Societies are at a Disadvantage in National Cybersecurity

Jack Goldsmith and Stuart Russell just published an interesting paper, making the case that free and democratic nations are at a structural disadvantage in nation... Bruce Schneier
From Schneier on Security | June 19, 2018 at 07:54 AM

From Schneier on Security

Ridiculously Insecure Smart Lock

Tapplock sells an "unbreakable" Internet-connected lock that you can open with your fingerprint. It turns out that: The lock broadcasts its Bluetooth MAC address... Bruce Schneier
From Schneier on Security | June 18, 2018 at 07:19 AM

From Schneier on Security

Friday Squid Blogging: Cephalopod Week on Science Friday

It's Cephalopod Week! "Three hearts, eight arms, can't lose." As usual, you can also use this squid post to talk about the security stories in the news that I haven't... Bruce Schneier
From Schneier on Security | June 15, 2018 at 05:12 PM

From Schneier on Security

Thomas Dullien on Complexity and Security

For many years, I have said that complexity is the worst enemy of security. At CyCon earlier this month, Thomas Dullien gave an excellent talk on the subject with... Bruce Schneier
From Schneier on Security | June 14, 2018 at 07:28 AM

From Schneier on Security

Russian Censorship of Telegram

Internet censors have a new strategy in their bid to block applications and websites: pressuring the large cloud providers that host them. These providers have... Bruce Schneier
From Schneier on Security | June 13, 2018 at 07:55 AM

From Schneier on Security

New iPhone OS May Include Device-Unlocking Security

iOS 12, the next release of Apple's iPhone operating system, may include features to prevent someone from unlocking your phone without your permission: The feature... Bruce Schneier
From Schneier on Security | June 12, 2018 at 07:23 AM

From Schneier on Security

Router Vulnerability and the VPNFilter Botnet

On May 25, the FBI asked us all to reboot our routers. The story behind this request is one of sophisticated malware and unsophisticated home-network security,... Bruce Schneier
From Schneier on Security | June 11, 2018 at 07:19 AM

From Schneier on Security

Friday Squid Blogging: Extinct Relatives of Squid

Interesting fossils. Note that a poster is available. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered... Bruce Schneier
From Schneier on Security | June 8, 2018 at 05:04 PM

From Schneier on Security

New Data Privacy Regulations

When Marc Zuckerberg testified before both the House and the Senate last month, it became immediately obvious that few US lawmakers had any appetite to regulate... Bruce Schneier
From Schneier on Security | June 8, 2018 at 07:48 AM

From Schneier on Security

An Example of Deterrence in Cyberspace

In 2016, the US was successfully deterred from attacking Russia in cyberspace because of fears of Russian capabilities against the US. I have two citations for... Bruce Schneier
From Schneier on Security | June 7, 2018 at 06:56 AM

From Schneier on Security

The Habituation of Security Warnings

We all know that it happens: when we see a security warning too often -- and without effect -- we start tuning it out. A new paper uses fMRI, eye tracking, and... Bruce Schneier
From Schneier on Security | June 6, 2018 at 07:21 AM

From Schneier on Security

Regulating Bitcoin

Ross Anderson has a new paper on cryptocurrency exchanges. From his blog: Bitcoin Redux explains what's going wrong in the world of cryptocurrencies. The bitcoin... Bruce Schneier
From Schneier on Security | June 5, 2018 at 07:32 AM

From Schneier on Security

E-Mail Vulnerabilities and Disclosure

Last week, researchers disclosed vulnerabilities in a large number of encrypted email clients: specifically, those that use OpenPGP and S/MIME, including Thunderbird... Bruce Schneier
From Schneier on Security | June 4, 2018 at 07:33 AM

From Schneier on Security

Friday Squid Blogging: Do Cephalopods Contain Alien DNA?

Maybe not DNA, but biological somethings. "Cause of Cambrian explosion -- Terrestrial or Cosmic?": Abstract: We review the salient evidence consistent with or predicted... Bruce Schneier
From Schneier on Security | June 1, 2018 at 05:24 PM

From Schneier on Security

Damaging Hard Drives with an Ultrasonic Attack

Playing a sound over the speakers can cause computers to crash and possibly even physically damage the hard drive. Academic paper.... Bruce Schneier
From Schneier on Security | June 1, 2018 at 12:14 PM

From Schneier on Security

1834: The First Cyberattack

Tom Standage has a great story of the first cyberattack against a telegraph network. The Blanc brothers traded government bonds at the exchange in the city of Bordeaux... Bruce Schneier
From Schneier on Security | May 31, 2018 at 02:23 PM

From Schneier on Security

Numbers Stations

On numbers stations.... Bruce Schneier
From Schneier on Security | May 30, 2018 at 07:04 AM

From Schneier on Security

Kidnapping Fraud

Fake kidnapping fraud: "Most commonly we have unsolicited calls to potential victims in Australia, purporting to represent the people in authority in China and... Bruce Schneier
From Schneier on Security | May 29, 2018 at 10:31 AM

From Schneier on Security

Friday Squid Blogging: Squid Comic

It's not very good, but it has a squid in it. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.... Bruce Schneier
From Schneier on Security | May 25, 2018 at 05:18 PM