acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

"Security for the High-Risk User"
From Schneier on Security

"Security for the High-Risk User"

Interesting paper. John Scott-Railton on securing the high-risk user....

Dumb Security Survey Questions
From Schneier on Security

Dumb Security Survey Questions

According to a Harris poll, 39% of Americans would give up sex for a year for perfect computer security: According to an online survey among over 2,000 U.S. adults...

Friday Squid Blogging: Peruvian Squid Fishermen Are Trying to Diversify
From Schneier on Security

Friday Squid Blogging: Peruvian Squid Fishermen Are Trying to Diversify

Squid catch is down, so fisherman are trying to sell more processed product. As usual, you can also use this squid post to talk about the security stories in the...

Smartphone Secretly Sends Private Data to China
From Schneier on Security

Smartphone Secretly Sends Private Data to China

This is pretty amazing: International customers and users of disposable or prepaid phones are the people most affected by the software. But the scope is unclear...

Using Wi-Fi to Detect Hand Motions and Steal Passwords
From Schneier on Security

Using Wi-Fi to Detect Hand Motions and Steal Passwords

This is impressive research: "When CSI Meets Public WiFi: Inferring Your Mobile Phone Password via WiFi Signals": Abstract: In this study, we present WindTalker...

Hacking Password-Protected Computers via the USB Port
From Schneier on Security

Hacking Password-Protected Computers via the USB Port

PoisonTap is an impressive hacking tool that can compromise computers via the USB port, even when they are password protected. What's interesting is the chain of...

Mass Spectrometry for Surveillance
From Schneier on Security

Mass Spectrometry for Surveillance

Yet another way to collect personal data on people without their knowledge or consent: "Lifestyle chemistries from phones for individual profiling": Abstract: Imagine...

Election Security
From Schneier on Security

Election Security

It's over. The voting went smoothly. As of the time of writing, there are no serious fraud allegations, nor credible evidence that anyone hacked the voting rolls...

Fake HP Printer That's Actually a Cellular Eavesdropping Device
From Schneier on Security

Fake HP Printer That's Actually a Cellular Eavesdropping Device

Julian Oliver has designed and built a cellular eavesdropping device that's disguised as an old HP printer. Masquerading as a regular cellular service provider,...

Fake Fingerprint Stickers for Gloves
From Schneier on Security

Fake Fingerprint Stickers for Gloves

There's a Kickstarter for a sticker that you can stick on a glove and then register with a biometric access system like an iPhone. It's an interesting security...

Friday Squid Blogging: 3D-Printed Underwater Autonomous "Squid"
From Schneier on Security

Friday Squid Blogging: 3D-Printed Underwater Autonomous "Squid"

Pretty neat. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Automatically Identifying Government Secrets
From Schneier on Security

Automatically Identifying Government Secrets

Interesting research: "Using Artificial Intelligence to Identify State Secrets," by Renato Rocha Souza, Flavio Codeco Coelho, Rohan Shah, and Matthew Connelly....

Fooling Facial Recognition Systems
From Schneier on Security

Fooling Facial Recognition Systems

This is some interesting research. You can fool facial recognition systems by wearing glasses printed with elements of other peoples' faces. Mahmood Sharif, Sruti...

Ultrasonic Hacking
From Schneier on Security

Ultrasonic Hacking

Ad networks are surreptitiously using ultrasonic communications to jump from device to device. It should come as no surprise that this communications channel can...

Regulation of the Internet of Things
From Schneier on Security

Regulation of the Internet of Things

Late last month, popular websites like Twitter, Pinterest, Reddit and PayPal went down for most of a day. The distributed denial-of-service attack that caused the...

Whistleblower Investigative Report on NSA Suite B Cryptography
From Schneier on Security

Whistleblower Investigative Report on NSA Suite B Cryptography

The NSA has been abandoning secret and proprietary cryptographic algorithms in favor of commercial public algorithms, generally known as "Suite B." In 2010, an...

Self-Propagating Smart Light Bulb Worm
From Schneier on Security

Self-Propagating Smart Light Bulb Worm

This is exactly the sort of Internet-of-Things attack that has me worried: "IoT Goes Nuclear: Creating a ZigBee Chain Reaction" by Eyal Ronen, Colin OFlynn, Adi...

Election-Day Humor
From Schneier on Security

Election-Day Humor

This was written in 2004, but still holds true today....

Lessons From the Dyn DDoS Attack
From Schneier on Security

Lessons From the Dyn DDoS Attack

A week ago Friday, someone took down numerous popular websites in a massive distributed denial-of-service (DDoS) attack against the domain name provider Dyn. DDoS...

Firefox Removing Battery Status API
From Schneier on Security

Firefox Removing Battery Status API

Firefox is removing the battery status API, citing privacy concerns. Here's the paper that described those concerns: Abstract. We highlight privacy risks associated...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account