Blogroll | Communications of the ACM

From Schneier on Security

Wondermark on Security

Another comic.... Bruce Schneier
From Schneier on Security | October 20, 2017 at 03:46 PM

From Schneier on Security

Denuvo DRM Cracked within a Day of Release

Denuvo is probably the best digital-rights management system, used to protect computer games. It's regularly cracked within a day. If Denuvo can no longer provide... Bruce Schneier
From Schneier on Security | October 20, 2017 at 10:17 AM

From Schneier on Security

Security Flaws in Children's Smart Watches

The Norwegian Security Council has published a report detailing a series of security and privacy flaws in smart watches marketed to children. Press release. News... Bruce Schneier
From Schneier on Security | October 19, 2017 at 10:18 AM

From Schneier on Security

IoT Cybersecurity: What's Plan B?

In August, four US Senators introduced a bill designed to improve Internet of Things (IoT) security. The IoT Cybersecurity Improvement Act of 2017 is a modest piece... Bruce Schneier
From Schneier on Security | October 18, 2017 at 10:58 AM

From Schneier on Security

Security Flaw in Infineon Smart Cards and TPMs

A security flaw in Infineon smart cards and TPMs allows an attacker to recover private keys from the public keys. Basically, the key generation algorithm sometimes... Bruce Schneier
From Schneier on Security | October 17, 2017 at 10:24 AM

From Schneier on Security

New KRACK Attack Against Wi-Fi Encryption

Mathy Vanhoef has just published a devastating attack against WPA2, the 14-year-old encryption protocol used by pretty much all wi-fi systems. Its an interesting... Bruce Schneier
From Schneier on Security | October 16, 2017 at 09:39 AM

From Schneier on Security

Friday Squid Blogging: International Squid Awareness Day

It's International Cephalopod Awareness Days this week, and Tuesday was Squid Day. I can't believe I missed it. As usual, you can also use this squid post to talk... Bruce Schneier
From Schneier on Security | October 13, 2017 at 05:26 PM

From Schneier on Security

My Blogging

Blog regulars will notice that I haven't been posting as much lately as I have in the past. There are two reasons. One, it feels harder to find things to write... Bruce Schneier
From Schneier on Security | October 13, 2017 at 03:13 PM

From Schneier on Security

Technology to Out Sex Workers

Two related stories: PornHub is using machine learning algorithms to identify actors in different videos, so as to better index them. People are worried that it... Bruce Schneier
From Schneier on Security | October 13, 2017 at 07:57 AM

From Schneier on Security

Impersonating iOS Password Prompts

This is an interesting security vulnerability: because it is so easy to impersonate iOS password prompts, a malicious app can steal your password just by asking... Bruce Schneier
From Schneier on Security | October 12, 2017 at 07:43 AM

From Schneier on Security

More on Kaspersky and the Stolen NSA Attack Tools

Both the New York Times and the Washington Post are reporting that Israel has penetrated Kaspersky's network and detected the Russian operation. From the New York... Bruce Schneier
From Schneier on Security | October 11, 2017 at 03:54 PM

From Schneier on Security

Changes in Password Best Practices

NIST recently published their four-volume SP800-63-3 Digital Identity Guidelines. Among other things, they make three important suggestions when it comes to passwords... Bruce Schneier
From Schneier on Security | October 10, 2017 at 07:19 AM

From Schneier on Security

White House Chief of Staff John Kelly's Cell Phone was Tapped

Politico reports that White House Chief of Staff John Kelly's cell phone was compromised back in December. I know this is news because of who he is, but I hope... Bruce Schneier
From Schneier on Security | October 9, 2017 at 07:10 AM

From Schneier on Security

Friday Squid Blogging: Baby Ichthyosaurus Fed on Squid

New discovery: paper and article. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog... Bruce Schneier
From Schneier on Security | October 6, 2017 at 05:21 PM

From Schneier on Security

Yet Another Russian Hack of the NSA -- This Time with Kaspersky's Help

The Wall Street Journal has a bombshell of a story. Yet another NSA contractor took classified documents home with him. Yet another Russian intelligence operation... Bruce Schneier
From Schneier on Security | October 6, 2017 at 09:06 AM

From Schneier on Security

Replacing Social Security Numbers

In the wake of the Equifax break, I've heard calls to replace Social Security numbers. Steve Bellovin explains why this is hard.... Bruce Schneier
From Schneier on Security | October 5, 2017 at 04:22 PM

From Schneier on Security

HP Shared ArcSight Source Code with Russians

Reuters is reporting that HP Enterprise gave the Russians a copy of the ArcSight source code. The article highlights that ArcSight is used by the Pentagon to protect... Bruce Schneier
From Schneier on Security | October 4, 2017 at 09:08 AM

From Schneier on Security

E-Mail Tracking

Interesting survey paper: on the privacy implications of e-mail tracking: Abstract: We show that the simple act of viewing emails contains privacy pitfalls for... Bruce Schneier
From Schneier on Security | October 3, 2017 at 07:45 AM

From Schneier on Security

Remote Malware Attacks on ATMs

This report discusses the new trend of remote malware attacks against ATMs.... Bruce Schneier
From Schneier on Security | October 2, 2017 at 06:38 AM

From Schneier on Security

Friday Squid Blogging: Squid Empire Is a New Book

Regularly I receive mail from people wanting to advertise on, write for, or sponsor posts on my blog. My rule is that I say no to everyone. There is no amount of... Bruce Schneier
From Schneier on Security | September 29, 2017 at 05:27 PM