From Schneier on Security
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration
…
B. Schneier| February 29, 2024
A security flaw in Infineon smart cards and TPMs allows an attacker to recover private keys from the public keys. Basically, the key generation algorithm sometimes...Bruce Schneier From Schneier on Security | October 17, 2017 at 10:24 AM
Mathy Vanhoef has just published a devastating attack against WPA2, the 14-year-old encryption protocol used by pretty much all wi-fi systems. Its an interesting...Bruce Schneier From Schneier on Security | October 16, 2017 at 09:39 AM
It's International Cephalopod Awareness Days this week, and Tuesday was Squid Day. I can't believe I missed it. As usual, you can also use this squid post to talk...Bruce Schneier From Schneier on Security | October 13, 2017 at 05:26 PM
Blog regulars will notice that I haven't been posting as much lately as I have in the past. There are two reasons. One, it feels harder to find things to write...Bruce Schneier From Schneier on Security | October 13, 2017 at 03:13 PM
Two related stories: PornHub is using machine learning algorithms to identify actors in different videos, so as to better index them. People are worried that it...Bruce Schneier From Schneier on Security | October 13, 2017 at 07:57 AM
This is an interesting security vulnerability: because it is so easy to impersonate iOS password prompts, a malicious app can steal your password just by asking...Bruce Schneier From Schneier on Security | October 12, 2017 at 07:43 AM
Both the New York Times and the Washington Post are reporting that Israel has penetrated Kaspersky's network and detected the Russian operation. From the New York...Bruce Schneier From Schneier on Security | October 11, 2017 at 03:54 PM
NIST recently published their four-volume SP800-63-3 Digital Identity Guidelines. Among other things, they make three important suggestions when it comes to passwords...Bruce Schneier From Schneier on Security | October 10, 2017 at 07:19 AM
Politico reports that White House Chief of Staff John Kelly's cell phone was compromised back in December. I know this is news because of who he is, but I hope...Bruce Schneier From Schneier on Security | October 9, 2017 at 07:10 AM
New discovery: paper and article. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog...Bruce Schneier From Schneier on Security | October 6, 2017 at 05:21 PM
The Wall Street Journal has a bombshell of a story. Yet another NSA contractor took classified documents home with him. Yet another Russian intelligence operation...Bruce Schneier From Schneier on Security | October 6, 2017 at 09:06 AM
In the wake of the Equifax break, I've heard calls to replace Social Security numbers. Steve Bellovin explains why this is hard....Bruce Schneier From Schneier on Security | October 5, 2017 at 04:22 PM
Reuters is reporting that HP Enterprise gave the Russians a copy of the ArcSight source code. The article highlights that ArcSight is used by the Pentagon to protect...Bruce Schneier From Schneier on Security | October 4, 2017 at 09:08 AM
Interesting survey paper: on the privacy implications of e-mail tracking: Abstract: We show that the simple act of viewing emails contains privacy pitfalls for...Bruce Schneier From Schneier on Security | October 3, 2017 at 07:45 AM
Regularly I receive mail from people wanting to advertise on, write for, or sponsor posts on my blog. My rule is that I say no to everyone. There is no amount of...Bruce Schneier From Schneier on Security | September 29, 2017 at 05:27 PM
The large accountancy firm Deloitte was hacked, losing client e-mails and files. The hackers had access inside the company's networks for months. Deloitte is doing...Bruce Schneier From Schneier on Security | September 29, 2017 at 07:13 AM
There's a newly discovered bug in Internet Explorer that allows any currently visited website to learn the contents of the address bar when the user hits enter....Bruce Schneier From Schneier on Security | September 28, 2017 at 03:21 PM
New rules give the DHS permission to collect "social media handles, aliases, associated identifiable information, and search results" as part of people's immigration...Bruce Schneier From Schneier on Security | September 28, 2017 at 08:43 AM
Under European law, service providers like Tinder are required to show users what information they have on them when requested. This author requested, and this...Bruce Schneier From Schneier on Security | September 26, 2017 at 08:57 AM