Blogroll | Communications of the ACM

From Schneier on Security

Recovering Public Keys from Signatures

Interesting summary of various ways to derive the public key from digitally signed files. Normally, with a signature scheme, you have the public key and want to... Bruce Schneier
From Schneier on Security | June 20, 2024 at 07:10 AM

From Schneier on Security

New Blog Moderation Policy

There has been a lot of toxicity in the comments section of this blog. Recently, we’re having to delete more and more comments. Not just spam and off-topic comments... Bruce Schneier
From Schneier on Security | June 19, 2024 at 04:26 PM

From Schneier on Security

The Hacking of Culture and the Creation of Socio-Technical Debt

Culture is increasingly mediated through algorithms. These algorithms have splintered the organization of culture, a result of states and tech companies vying for... Bruce Schneier
From Schneier on Security | June 19, 2024 at 07:09 AM

From Schneier on Security

Rethinking Democracy for the Age of AI

There is a lot written about technology’s threats to democracy. Polarization. Artificial intelligence. The concentration of wealth and power. I have a more general... Bruce Schneier
From Schneier on Security | June 18, 2024 at 07:04 AM

From Schneier on Security

Using LLMs to Exploit Vulnerabilities

Interesting research: “Teams of LLM Agents can Exploit Zero-Day Vulnerabilities.” Abstract: LLM agents have become increasingly sophisticated, especially in the... Bruce Schneier
From Schneier on Security | June 17, 2024 at 07:08 AM

From Schneier on Security

Friday Squid Blogging: Squid Cartoon

Squid humor. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here... Bruce Schneier
From Schneier on Security | June 14, 2024 at 05:06 PM

From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m appearing on a panel on Society and Democracy at ACM Collective Intelligence in Boston, Massachusetts... Bruce Schneier
From Schneier on Security | June 14, 2024 at 11:59 AM

From Schneier on Security

Demo of AES GCM Misuse Problems

This is really neat demo of the security problems arising from reusing nonces with a symmetric cipher in GCM mode. Bruce Schneier
From Schneier on Security | June 14, 2024 at 07:05 AM

From Schneier on Security

AI and the Indian Election

As India concluded the world’s largest election on June 5, 2024, with over 640 million votes counted, observers could assess how the various parties and factions... Bruce Schneier
From Schneier on Security | June 13, 2024 at 07:02 AM

From Schneier on Security

Using AI for Political Polling

Public polling is a critical function of modern political campaigns and movements, but it isn’t what it once was. Recent US election cycles have produced copious... Bruce Schneier
From Schneier on Security | June 12, 2024 at 07:02 AM

From Schneier on Security

LLMs Acting Deceptively

New research: “Deception abilities emerged in large language models“: Abstract: Large language models (LLMs) are currently at the forefront of intertwining AI systems... Bruce Schneier
From Schneier on Security | June 11, 2024 at 07:02 AM

From Schneier on Security

Exploiting Mistyped URLs

Interesting research: “Hyperlink Hijacking: Exploiting Erroneous URL Links to Phantom Domains“: Abstract: Web users often follow hyperlinks hastily, expecting them... Bruce Schneier
From Schneier on Security | June 10, 2024 at 07:08 AM

From Schneier on Security

Friday Squid Blogging: Squid Catch Quotas in Peru

Peru has set a lower squid quota for 2024. The article says “giant squid,” but that seems wrong. We don’t eat those. As usual, you can also use this squid posthere... Bruce Schneier
From Schneier on Security | June 7, 2024 at 05:05 PM

From Schneier on Security

Security and Human Behavior (SHB) 2024

This week, I hosted the seventeenth Workshop on Security and Human Behavior at the Harvard Kennedy School. This is the first workshop since our co-founder, Ross... Bruce Schneier
From Schneier on Security | June 7, 2024 at 04:55 PM

From Schneier on Security

The Justice Department Took Down the 911 S5 Botnet

The US Justice Department has dismantled an enormous botnet: According to an indictment unsealed on May 24, from 2014 through July 2022, Wang and others are alleged... Bruce Schneier
From Schneier on Security | June 7, 2024 at 07:04 AM

From Schneier on Security

Espionage with a Drone

The US is using a World War II law that bans aircraft photography of military installations to charge someone with doing the same thing with a drone. Bruce Schneier
From Schneier on Security | June 6, 2024 at 11:51 AM

From Schneier on Security

Online Privacy and Overfishing

Microsoft recently caught state-backed hackers using its generative AI tools to help with their attacks. In the security community, the immediate questions weren... Bruce Schneier
From Schneier on Security | June 5, 2024 at 07:00 AM

From Schneier on Security

Breaking a Password Manager

Interesting story of breaking the security of the RoboForm password manager in order to recover a cryptocurrency wallet password. Grand and Bruno spent months reverse... Bruce Schneier
From Schneier on Security | June 4, 2024 at 07:08 AM

From Schneier on Security

Seeing Like a Data Structure

Technology was once simply a tool—and a small one at that—used to amplify human intent and capacity. That was the story of the industrial revolution: we could control... Bruce Schneier
From Schneier on Security | June 3, 2024 at 07:06 AM

From Schneier on Security

AI Will Increase the Quantity—and Quality—of Phishing Scams

A piece I coauthored with Fredrik Heiding and Arun Vishwanath in the Harvard Business Review: Summary. Gen AI tools are rapidly making these emails more advanced... Bruce Schneier
From Schneier on Security | June 3, 2024 at 07:04 AM