acm-header
Sign In

Communications of the ACM

Blogroll


Refine your search:
dateMore Than a Year Ago
authorSchneier
bg-corner

PROPagate Code Injection Seen in the Wild
From Schneier on Security

PROPagate Code Injection Seen in the Wild

Last year, researchers wrote about a new Windows code injection technique called PROPagate. Last week, it was first seen in malware: This technique abuses the SetWindowsSubclass...

Friday Squid Blogging: Squid Unexpectedly Playing a Part in US/China Trade War
From Schneier on Security

Friday Squid Blogging: Squid Unexpectedly Playing a Part in US/China Trade War

Chinese buyers are canceling orders to buy US squid in advance of an expected 25% tariff. As usual, you can also use this squid post to talk about the security...

The NSA's Domestic Surveillance Centers
From Schneier on Security

The NSA's Domestic Surveillance Centers

The Intercept has a long story about the NSA's domestic interception points. Includes some new Snowden documents....

Beating Facial Recognition Software with Face Makeup
From Schneier on Security

Beating Facial Recognition Software with Face Makeup

At least right now, facial recognition algorithms don't work with Juggalo makeup....

California Passes New Privacy Law
From Schneier on Security

California Passes New Privacy Law

The California legislature unanimously passed the strongest data privacy law in the nation. This is great news, but I have a lot of reservations. The Internet tech...

Traffic Analysis of the LTE Mobile Standard
From Schneier on Security

Traffic Analysis of the LTE Mobile Standard

Interesting research in using traffic analysis to learn things about encrypted traffic. It's hard to know how critical these vulnerabilities are. They're very hard...

Friday Squid Blogging: Fried Squid with Turmeric
From Schneier on Security

Friday Squid Blogging: Fried Squid with Turmeric

Good-looking recipe. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines...

Conservation of Threat
From Schneier on Security

Conservation of Threat

Here's some interesting research about how we perceive threats. Basically, as the environment becomes safer we basically manufacture new threats. From an essay...

Manipulative Social Media Practices
From Schneier on Security

Manipulative Social Media Practices

The Norwegian Consumer Council just published an excellent report on the deceptive practices tech companies use to trick people into giving up their privacy. From...

IEEE Statement on Strong Encryption vs. Backdoors
From Schneier on Security

IEEE Statement on Strong Encryption vs. Backdoors

The IEEE came out in favor of strong encryption: IEEE supports the use of unfettered strong encryption to protect confidentiality and integrity of data and communications...

Bypassing Passcodes in iOS
From Schneier on Security

Bypassing Passcodes in iOS

Last week, a story was going around explaining how to brute-force an iOS password. Basically, the trick was to plug the phone into an external keyboard and trying...

Secure Speculative Execution
From Schneier on Security

Secure Speculative Execution

We're starting to see research into designing speculative execution systems that avoid Spectre- and Meltdown-like security problems. Here's one. I don't know if...

Friday Squid Blogging: Capturing the Giant Squid on Video
From Schneier on Security

Friday Squid Blogging: Capturing the Giant Squid on Video

In this 2013 TED talk, oceanographer Edith Widder explains how her team captured the giant squid on video. As usual, you can also use this squid post to talk about...

The Effects of Iran's Telegram Ban
From Schneier on Security

The Effects of Iran's Telegram Ban

The Center for Human Rights in Iran has released a report outlining the effect's of that country's ban on Telegram, a secure messaging app used by about half of...

Domain Name Stealing at Gunpoint
From Schneier on Security

Domain Name Stealing at Gunpoint

I missed this story when it came around last year: someone tried to steal a domain name at gunpoint. He was just sentenced to 20 years in jail....

Algeria Shut Down the Internet to Prevent Students from Cheating on Exams
From Schneier on Security

Algeria Shut Down the Internet to Prevent Students from Cheating on Exams

Algeria shut the Internet down nationwide to prevent high-school students from cheating on their exams. The solution in New South Wales, Australia was to ban smartphones...

Perverse Vulnerability from Interaction between 2-Factor Authentication and iOS AutoFill
From Schneier on Security

Perverse Vulnerability from Interaction between 2-Factor Authentication and iOS AutoFill

Apple is rolling out an iOS security usability feature called Security code AutoFill. The basic idea is that the OS scans incoming SMS messages for security codes...

Free Societies are at a Disadvantage in National Cybersecurity
From Schneier on Security

Free Societies are at a Disadvantage in National Cybersecurity

Jack Goldsmith and Stuart Russell just published an interesting paper, making the case that free and democratic nations are at a structural disadvantage in nation...

Ridiculously Insecure Smart Lock
From Schneier on Security

Ridiculously Insecure Smart Lock

Tapplock sells an "unbreakable" Internet-connected lock that you can open with your fingerprint. It turns out that: The lock broadcasts its Bluetooth MAC address...

Friday Squid Blogging: Cephalopod Week on Science Friday
From Schneier on Security

Friday Squid Blogging: Cephalopod Week on Science Friday

It's Cephalopod Week! "Three hearts, eight arms, can't lose." As usual, you can also use this squid post to talk about the security stories in the news that I haven't...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account