Blogroll | Communications of the ACM

From Schneier on Security

The Story of Colossus

Nice video of a talk by Chris Shore on the history of Colossus. Bruce Schneier
From Schneier on Security | May 5, 2021 at 12:15 PM

From Schneier on Security

Friday Squid Blogging: Picking up Squid on the Beach

Make sure they’re dead. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines... Bruce Schneier
From Schneier on Security | May 5, 2021 at 12:09 PM

From Schneier on Security

Friday Squid Blogging: Underwater Cameras for Observing Squid

Interesting research paper. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting... Bruce Schneier
From Schneier on Security | May 5, 2021 at 12:08 PM

From Schneier on Security

New Spectre-Like Attacks

There’s new research that demonstrates security vulnerabilities in all of the AMD and Intel chips with micro-op caches, including the ones that were specifically... Bruce Schneier
From Schneier on Security | May 5, 2021 at 11:35 AM

From Schneier on Security

Tesla Remotely Hacked from a Drone

This is an impressive hack: Security researchers Ralf-Philipp Weinmann of Kunnamon, Inc. and Benedikt Schmotzle of Comsecuris GmbH have found remote zero-click... Bruce Schneier
From Schneier on Security | May 4, 2021 at 10:42 AM

From Schneier on Security

Identifying the Person Behind Bitcoin Fog

The person behind the Bitcoin Fog was identified and arrested. Bitcoin Fog was an anonymization service: for a fee, it mixed a bunch of people’s bitcoins up so... Bruce Schneier
From Schneier on Security | May 3, 2021 at 10:36 AM

From Schneier on Security

Serious MacOS Vulnerability Patched

Apple just patched a MacOS vulnerability that bypassed malware checks. The flaw is akin to a front entrance that’s barred and bolted effectively, but with a cat... Bruce Schneier
From Schneier on Security | April 29, 2021 at 09:53 PM

From Schneier on Security

Friday Squid Blogging: On Squid Coloration

Nice excerpt from Martin Wallin’s book Squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read... Bruce Schneier
From Schneier on Security | April 28, 2021 at 04:15 PM

From Schneier on Security

Identifying People Through Lack of Cell Phone Use

In this entertaining story of French serial criminal Rédoine Faïd and his jailbreaking ways, there’s this bit about cell phone surveillance: After Faïd’s helicopter... Bruce Schneier
From Schneier on Security | April 28, 2021 at 04:11 PM

From Schneier on Security

Second Click Here to Kill Everybody Sale

For a limited time, I am selling signed copies of Click Here to Kill Everybody in hardcover for just $6, plus shipping. I have 600 copies of the book available.... Bruce Schneier
From Schneier on Security | April 27, 2021 at 09:22 PM

From Schneier on Security

Security Vulnerabilities in Cellebrite

Moxie Marlinspike has an intriguing blog post about Cellebrite, a tool used by police and others to break into smartphones. Moxie got his hands on one of the devices... Bruce Schneier
From Schneier on Security | April 27, 2021 at 12:04 AM

From Schneier on Security

On North Korea’s Cyberattack Capabilities

Excellent New Yorker article on North Korea’s offensive cyber capabilities. Bruce Schneier
From Schneier on Security | April 21, 2021 at 12:18 PM

From Schneier on Security

Backdoor Found in Codecov Bash Uploader

Developers have discovered a backdoor in the Codecov bash uploader. It’s been there for four months. We don’t know who put it there. Codecov said the breach allowed... Bruce Schneier
From Schneier on Security | April 21, 2021 at 12:12 PM

From Schneier on Security

When AIs Start Hacking

If you don’t have enough to worry about already, consider a world where AIs are hackers. Hacking is as old as humanity. We are creative problem solvers. We exploit... Bruce Schneier
From Schneier on Security | April 20, 2021 at 01:59 PM

From Schneier on Security

Biden Administration Imposes Sanctions on Russia for SolarWinds

On April 15, the Biden administration both formally attributed the SolarWinds espionage campaign to the Russian Foreign Intelligence Service (SVR), and imposedNew... Bruce Schneier
From Schneier on Security | April 19, 2021 at 04:52 PM

From Schneier on Security

Details on the Unlocking of the San Bernardino Terrorist’s iPhone

The Washington Post has published a long story on the unlocking of the San Bernardino Terrorist’s iPhone 5C in 2016. We all thought it was an Israeli company called... Bruce Schneier
From Schneier on Security | April 16, 2021 at 03:04 PM

From Schneier on Security

NSA Discloses Vulnerabilities in Microsoft Exchange

Amongst the 100+ vulnerabilities patch in this month’s Patch Tuesday, there are four in Microsoft Exchange that were disclosed by the NSA. Bruce Schneier
From Schneier on Security | April 15, 2021 at 10:25 PM

From Schneier on Security

DNI’s Annual Threat Assessment

The office of the Director of National Intelligence released its “Annual Threat Assessment of the U.S. Intelligence Community.” Cybersecurity is covered on pages... Bruce Schneier
From Schneier on Security | April 14, 2021 at 10:47 PM

From Schneier on Security

The FBI Is Now Securing Networks Without Their Owners’ Permission

In January, we learned about a Chinese espionage campaign that exploited four zero-days in Microsoft Exchange. One of the characteristics of the campaign, in the... Bruce Schneier
From Schneier on Security | April 14, 2021 at 10:56 AM

From Schneier on Security

Cybersecurity Experts to Follow on Twitter

Security Boulevard recently listed the “Top-21 Cybersecurity Experts You Must Follow on Twitter in 2021.” I came in at #7. I thought that was pretty good, especially... Bruce Schneier
From Schneier on Security | April 13, 2021 at 10:17 AM