Blogroll | Communications of the ACM

From Schneier on Security

Should Elections Be Classified as "Critical Infrastructure"?

I am co-author on a paper discussing whether elections be classified as "critical infrastructure" in the US, based on experiences in other countries: Abstract:... Bruce Schneier
From Schneier on Security | January 10, 2017 at 07:02 AM

From Schneier on Security

FDA Recommendations on Medical-Device Cybersecurity

The FDA has issued a report giving medical devices guidance on computer and network security. There's nothing particularly new or interesting; it reads like standard... Bruce Schneier
From Schneier on Security | January 10, 2017 at 06:06 AM

From Schneier on Security

Attributing the DNC Hacks to Russia

President Barack Obama's public accusation of Russia as the source of the hacks in the US presidential election and the leaking of sensitive e-mails through WikiLeaks... Bruce Schneier
From Schneier on Security | January 9, 2017 at 06:53 AM

From Schneier on Security

Friday Squid Blogging: Simple Grilled Squid Recipe

Easy recipe from America's Test Kitchen. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.... Bruce Schneier
From Schneier on Security | January 6, 2017 at 05:29 PM

From Schneier on Security

The Effect of Real Names on Online Behavior

Good article debunking the myth that requiring people to use their real names on the Internet makes them behave better.... Bruce Schneier
From Schneier on Security | January 6, 2017 at 10:44 AM

From Schneier on Security

Cryptographic Capabilities of the Barbie Typewriter

They're not much, but they do exist.... Bruce Schneier
From Schneier on Security | January 5, 2017 at 06:58 AM

From Schneier on Security

An SQL Injection Attack Is a Legal Company Name in the UK

Someone just registered their company name as ; DROP TABLE "COMPANIES";-- LTD. Reddit thread. Obligatory xkcd comic.... Bruce Schneier
From Schneier on Security | January 4, 2017 at 04:17 PM

From Schneier on Security

Are We Becoming More Moral Faster Than We're Becoming More Dangerous?

In The Better Angels of Our Nature, Steven Pinker convincingly makes the point that by pretty much every measure you can think of, violence has declined on our... Bruce Schneier
From Schneier on Security | January 4, 2017 at 08:42 AM

From Schneier on Security

Class Breaks

There's a concept from computer security known as a class break. It's a particular security vulnerability that breaks not just one system, but an entire class of... Bruce Schneier
From Schneier on Security | January 3, 2017 at 07:50 AM

From Schneier on Security

Photocopier Security

A modern photocopier is basically a computer with a scanner and printer attached. This computer has a hard drive, and scans of images are regularly stored on that... Bruce Schneier
From Schneier on Security | January 2, 2017 at 07:12 AM

From Schneier on Security

Friday Squid Blogging: Will Fish and Chips Become Squid and Chips?

BBC.com reports that squid are proliferating around the North Sea, and speculates that they will become an increasingly common British dinner. As usual, you can... Bruce Schneier
From Schneier on Security | December 30, 2016 at 05:06 PM

From Schneier on Security

Effects of the 2011 DigiNotar Attack

Nice article on the 2011 DigiNotar attack and how it changed security practices in the CA industry.... Bruce Schneier
From Schneier on Security | December 29, 2016 at 07:50 AM

From Schneier on Security

How Signal Is Evading Censorship

Signal, the encrypted messaging app I prefer, is being blocked in both Egypt and the UAE. Recently, the Signal team developed a workaround: domain fronting. Signal's... Bruce Schneier
From Schneier on Security | December 28, 2016 at 07:20 AM

From Schneier on Security

Security Risks of TSA PreCheck

Former TSA Administrator Kip Hawley wrote an op-ed pointing out the security vulnerabilities in the TSA's PreCheck program: The first vulnerability in the system... Bruce Schneier
From Schneier on Security | December 27, 2016 at 07:11 AM

From Schneier on Security

Friday Squid Blogging: Squidmas Cards

Merry Squidmas. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.... Bruce Schneier
From Schneier on Security | December 23, 2016 at 05:55 PM

From Schneier on Security

Russian Military Using Smart Phones to Track Troop Movements

Crowdstrike has an interesting blog post about how the Russian military is tracking Ukranian field artillery units by compromising soldiers' smart phones and tracking... Bruce Schneier
From Schneier on Security | December 23, 2016 at 09:46 AM

From Schneier on Security

NIST is Continuing to Work on Post-Quantum-Computing Cryptography Standards

NIST is accepting proposals for public-key algorithms immune to quantum computing techniques. Details here. Deadline is the end of November 2017. I applaud NIST... Bruce Schneier
From Schneier on Security | December 23, 2016 at 07:39 AM

From Schneier on Security

The Future of Faking Audio and Video

This Verge article isn't great, but we are certainly moving into a future where audio and video will be easy to fake, and easier to fake undetectably. This is going... Bruce Schneier
From Schneier on Security | December 22, 2016 at 04:35 PM

From Schneier on Security

The Pro-PGP Position

A few days ago I blogged an excellent essay by Filippo Valsorda on why he's giving up on PGP. Neal Walkfield wrote a good rebuttal. I am on Valsorda's side. I don't... Bruce Schneier
From Schneier on Security | December 22, 2016 at 08:59 AM

From Schneier on Security

Encryption Working Group Annual Report from the US House of Representatives

The Encryption Working Group of the House Judiciary Committee and the House Energy and Commerce Committee has released its annual report. Observation #1: Any measure... Bruce Schneier
From Schneier on Security | December 21, 2016 at 10:25 AM