Blogroll | Communications of the ACM

From Schneier on Security

UAE Hack and Leak Operations

Interesting paper on recent hack-and-leak operations attributed to the UAE: Abstract: Four hack-and-leak operations in U.S. politics between 2016 and 2019, publicly... Bruce Schneier
From Schneier on Security | August 13, 2020 at 10:28 AM

From Schneier on Security

Cryptanalysis of an Old Zip Encryption Algorithm

Mike Stay broke an old zipfile encryption algorithm to recover $300,000 in bitcoin. DefCon talk here.... Bruce Schneier
From Schneier on Security | August 12, 2020 at 07:08 AM

From Schneier on Security

Collecting and Selling Mobile Phone Location Data

The Wall Street Journal has an article about a company called Anomaly Six LLC that has an SDK that's used by "more than 500 mobile applications." Through that SDK... Bruce Schneier
From Schneier on Security | August 11, 2020 at 07:00 AM

From Schneier on Security

Smart Lock Vulnerability

Yet another Internet-connected door lock is insecure: Sold by retailers including Amazon, Walmart, and Home Depot, U-Tec's $139.99 UltraLoq is marketed as a "secure... Bruce Schneier
From Schneier on Security | August 10, 2020 at 07:23 AM

From Schneier on Security

Friday Squid Blogging: New SQUID

There's a new SQUID: A new device that relies on flowing clouds of ultracold atoms promises potential tests of the intersection between the weirdness of the quantum... Bruce Schneier
From Schneier on Security | August 7, 2020 at 05:08 PM

From Schneier on Security

The NSA on the Risks of Exposing Location Data

The NSA has issued an advisory on the risks of location data. Mitigations reduce, but do not eliminate, location tracking risks in mobile devices. Most users rely... Bruce Schneier
From Schneier on Security | August 6, 2020 at 01:15 PM

From Schneier on Security

Cybercrime in the Age of COVID-19

The Cambridge Cybercrime Centre has a series of papers on cybercrime during the coronavirus pandemic.... Bruce Schneier
From Schneier on Security | August 4, 2020 at 07:02 AM

From Schneier on Security

BlackBerry Phone Cracked

Australia is reporting that a BlackBerry device has been cracked after five years: An encrypted BlackBerry device that was cracked five years after it was first... Bruce Schneier
From Schneier on Security | August 3, 2020 at 12:54 PM

From Schneier on Security

Twitter Hacker Arrested

A 17-year-old Florida boy was arrested and charged with last week's Twitter hack. News articles. Boing Boing post. Florida state attorney press release. This is... Bruce Schneier
From Schneier on Security | July 31, 2020 at 05:03 PM

From Schneier on Security

Friday Squid Blogging: Squid Proteins for a Better Face Mask

Researchers are synthesizing squid proteins to create a face mask that better survives cleaning. (And you thought there was no connection between squid and COVID... Bruce Schneier
From Schneier on Security | July 31, 2020 at 05:00 PM

From Schneier on Security

Data and Goliath Book Placement

Notice the copy of Data and Goliath just behind the head of Maine Senator Angus King. This demonstrates the importance of a vibrant color and a large font.... Bruce Schneier
From Schneier on Security | July 31, 2020 at 03:04 PM

From Schneier on Security

Fake Stories in Real News Sites

Fireeye is reporting that a hacking group called Ghostwriter broke into the content management systems of Eastern European news sites to plant fake stories. From... Bruce Schneier
From Schneier on Security | July 30, 2020 at 03:56 PM

From Schneier on Security

Survey of Supply Chain Attacks

The Atlantic Council has a released a report that looks at the history of computer supply chain attacks. Key trends from their summary: Deep Impact from State Actors... Bruce Schneier
From Schneier on Security | July 28, 2020 at 07:40 AM

From Schneier on Security

Images in Eye Reflections

In Japan, a cyberstalker located his victim by enhancing the reflections in her eye, and using that information to establish a location. Reminds me of the image... Bruce Schneier
From Schneier on Security | July 27, 2020 at 10:46 AM

From Schneier on Security

Friday Squid Blogging: Introducing the Seattle Kraken

The Kraken is the name of Seattle's new NFL franchise. I have always really liked collective nouns as sports team names (like the Utah Jazz or the Minnesota Wild)... Bruce Schneier
From Schneier on Security | July 24, 2020 at 05:07 PM

From Schneier on Security

Update on NIST's Post-Quantum Cryptography Program

NIST has posted an update on their post-quantum cryptography program: After spending more than three years examining new approaches to encryption and data protection... Bruce Schneier
From Schneier on Security | July 24, 2020 at 07:36 AM

From Schneier on Security

Adversarial Machine Learning and the CFAA

I just co-authored a paper on the legal risks of doing machine learning research, given the current state of the Computer Fraud and Abuse Act: Abstract: Adversarial... Bruce Schneier
From Schneier on Security | July 23, 2020 at 07:03 AM

From Schneier on Security

Fawkes: Digital Image Cloaking

Fawkes is a system for manipulating digital images so that they aren't recognized by facial recognition systems. At a high level, Fawkes takes your personal images... Bruce Schneier
From Schneier on Security | July 22, 2020 at 10:12 AM

From Schneier on Security

Hacking a Power Supply

This hack targets the firmware on modern power supplies. (Yes, power supplies are also computers.) Normally, when a phone is connected to a power brick with support... Bruce Schneier
From Schneier on Security | July 21, 2020 at 07:09 AM

From Schneier on Security

On the Twitter Hack

Twitter was hacked this week. Not a few people's Twitter accounts, but all of Twitter. Someone compromised the entire Twitter network, probably by stealing the... Bruce Schneier
From Schneier on Security | July 20, 2020 at 09:49 AM