Communications of the ACM
Refine your search:
How the “Frontier” Became the Slogan of Uncontrolled AI
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration …
From Schneier on Security
“Privacy Nutrition Labels” in Apple’s App Store
Apple will start requiring standardized privacy labels for apps in its app store, starting in December: Apple allows data disclosure to be optional if all of the...
From Schneier on Security
New Zealand Election Fraud
It seems that this election season has not gone without fraud. In New Zealand, a vote for “Bird of the Year” has been marred by fraudulent votes: More than 1,500...
From Schneier on Security
The Security Failures of Online Exam Proctoring
Proctoring an online exam is hard. It’s hard to be sure that the student isn’t cheating, maybe by having reference materials at hand, or maybe by substituting someone...
From Schneier on Security
2020 Was a Secure Election
Over at Lawfare: “2020 Is An Election Security Success Story (So Far).” What’s more, the voting itself was remarkably smooth. It was only a few months ago that...
From Schneier on Security
Detecting Phishing Emails
Research paper: Rick Wash, “How Experts Detect Phishing Scam Emails“: Abstract: Phishing scam emails are emails that pretend to be something they are not in order...
From Schneier on Security
California Proposition 24 Passes
California’s Proposition 24, aimed at improving the California Consumer Privacy Act, passed this week. Analyses are very mixed. I was very mixed on the proposition...
From Schneier on Security
Determining What Video Conference Participants Are Typing from Watching Shoulder Movements
Accuracy isn’t great, but that it can be done at all is impressive. Murtuza Jadiwala, a computer science professor heading the research project, said his team...
From Schneier on Security
New Windows Zero-Day
Google’s Project Zero has discovered and published a buffer overflow vulnerability in the Windows Kernel Cryptography Driver. The exploit doesn’t affect the cryptography...
From Schneier on Security
The Legal Risks of Security Research
Sunoo Park and Kendra Albert have published “A Researcher’s Guide to Some Legal Risks of Security Research.” From a summary: Such risk extends beyond anti-hacking...
From Schneier on Security
Friday Squid Blogging: Ram’s Horn Squid Video
This is the first video footage of a ram’s horn squid (Spirula spirula) . As usual, you can also use this squid post to talk about the security stories in the news...
From Schneier on Security
Tracking Users on Waze
A security researcher discovered a wulnerability in Waze that breaks the anonymity of users: I found out that I can visit Waze from any web browser at waze.com/livemap...
From Schneier on Security
Friday Squid Blogging: Underwater Robot Uses Squid-Like Propulsion
This is neat: By generating powerful streams of water, UCSD’s squid-like robot can swim untethered. The “squidbot” carries its own power source, and has the room...
From Schneier on Security
The NSA is Refusing to Disclose its Policy on Backdooring Commercial Products
Senator Ron Wyden asked, and the NSA didn’t answer: The NSA has long sought agreements with technology companies under which they would build special access for...
From Schneier on Security
Reverse-Engineering the Redactions in the Ghislaine Maxwell Deposition
Slate magazine was able to cleverly read the Ghislaine Maxwell deposition and reverse-engineer many of the redacted names. We’ve long known that redacting is hard...
From Schneier on Security
Friday Squid Blogging: Peru Defends Its Waters against Chinese Squid Fishing Boats
Squid geopolitics. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines...
From Schneier on Security
IMSI-Catchers from Canada
Gizmodo is reporting that Harris Corp. is no longer selling Stingray IMSI-catchers (and, presumably, its follow-on models Hailstorm and Crossbow) to local governments...
From Schneier on Security
New Report on Police Decryption Capabilities
There is a new report on police decryption capabilities: specifically, mobile device forensic tools (MDFTs). Short summary: it’s not just the FBI that can do it...
From Schneier on Security
NSA Advisory on Chinese Government Hacking
The NSA released an advisory listing the top twenty-five known vulnerabilities currently being exploited by Chinese nation-state attackers. This advisory provides...
From Schneier on Security
Friday Squid Blogging: Interview with a Squid Researcher
Interview with Mike Vecchione, Curator of Cephalopoda — now that’s a job title — at the Smithsonian Museum of National History. One reason they’re so interesting...
From Schneier on Security