Communications of the ACM
Refine your search:
How the “Frontier” Became the Slogan of Uncontrolled AI
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration …
From Schneier on Security
Analyzing IoT Security Best Practices
New research: "Best Practices for IoT Security: What Does That Even Mean?" by Christopher Bellman and Paul C. van Oorschot: Abstract: Best practices for Internet...
From Schneier on Security
COVID-19 Risks of Flying
I fly a lot. Over the past five years, my average speed has been 32 miles an hour. That all changed mid-March. It's been 105 days since I've been on an airplane...
From Schneier on Security
Cryptocurrency Pump and Dump Scams
Really interesting research: "An examination of the cryptocurrency pump and dump ecosystem": Abstract: The surge of interest in cryptocurrencies has been accompanied...
From Schneier on Security
Nation-State Espionage Campaigns against Middle East Defense Contractors
Report on espionage attacks using LinkedIn as a vector for malware, with details and screenshots. They talk about "several hints suggesting a possible link" to...
From Schneier on Security
Identifying a Person Based on a Photo, LinkedIn and Etsy Profiles, and Other Internet Bread Crumbs
Interesting story of how the police can identify someone by following the evidence chain from website to website. According to filings in Blumenthal's case, FBI...
From Schneier on Security
Friday Squid Blogging: Giant Squid Washes Up on South African Beach
Fourteen feet long and 450 pounds. It was dead before it washed up. As usual, you can also use this squid post to talk about the security stories in the news that...
From Schneier on Security
Security and Human Behavior (SHB) 2020
Today is the second day of the thirteenth Workshop on Security and Human Behavior. It's being hosted by the University of Cambridge, which in today's world means...
From Schneier on Security
New Hacking-for-Hire Company in India
Citizen Lab has a new report on Dark Basin, a large hacking-for-hire company in India. Key Findings: Dark Basin is a hack-for-hire group that has targeted thousands...
From Schneier on Security
Theft of CIA's "Vault Seven" Hacking Tools Due to Its Own Lousy Security
The Washington Post is reporting on an internal CIA report about its "Vault 7" security breach: The breach -- allegedly committed by a CIA employee -- was discovered...
From Schneier on Security
Zoom Will Be End-to-End Encrypted for All Users
Zoom is doing the right thing: it's making end-to-end encryption available to all users, paid and unpaid. (This is a change; I wrote about the initial decision...
From Schneier on Security
Bank Card "Master Key" Stolen
South Africa's Postbank experienced a catastrophic security failure. The bank's master PIN key was stolen, forcing it to cancel and replace 12 million bank cards...
From Schneier on Security
Eavesdropping on Sound Using Variations in Light Bulbs
New research is able to recover sound waves in a room by observing minute changes in the room's light bulbs. This technique works from a distance, even from a building...
From Schneier on Security
Examining the US Cyber Budget
Jason Healey takes a detailed look at the US federal cybersecurity budget and reaches an important conclusion: the US keeps saying that we need to prioritize defense...
From Schneier on Security
Friday Squid Blogging: Human Cells with Squid-Like Transparency
I think we need more human organs with squid-like features. As usual, you can also use this squid post to talk about the security stories in the news that I haven't...
From Schneier on Security
Facebook Helped Develop a Tails Exploit
This is a weird story: Hernandez was able to evade capture for so long because he used Tails, a version of Linux designed for users at high risk of surveillance...
From Schneier on Security
Another Intel Speculative Execution Vulnerability
Remember Spectre and Meltdown? Back in early 2018, I wrote: Spectre and Meltdown are pretty catastrophic vulnerabilities, but they only affect the confidentiality...
From Schneier on Security
Availability Attacks against Neural Networks
New research on using specially crafted inputs to slow down machine-learning neural network systems: Sponge Examples: Energy-Latency Attacks on Neural Networks...
From Schneier on Security
Security Analysis of the Democracy Live Online Voting System
New research: "Security Analysis of the Democracy Live Online Voting System": Abstract: Democracy Live's OmniBallot platform is a web-based system for blank ballot...
From Schneier on Security