acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Analyzing Reshipping Mule Scams
From Schneier on Security

Analyzing Reshipping Mule Scams

Interesting paper: "Drops for Stuff: An Analysis of Reshipping Mule Scams. From a blog post: A cybercriminal (called operator) recruits unsuspecting citizens with...

$1M Bounty for iPhone Hack
From Schneier on Security

$1M Bounty for iPhone Hack

I don't know whether to believe this story. Supposedly the startup Zerodium paid someone $1M for an iOS 9.1 and 9.2b hack. Bekrar and Zerodium, as well as its predecessor...

Australia Is Testing Virtual Passports
From Schneier on Security

Australia Is Testing Virtual Passports

Australia is going to be the first country to have virtual passports. Presumably, the passport data will be in the cloud somewhere, and you'll access it with an...

The Rise of Political Doxing
From Schneier on Security

The Rise of Political Doxing

Last week, CIA director John O. Brennan became the latest victim of what's become a popular way to embarrass and harass people on the Internet. A hacker allegedly...

Friday Squid Blogging: Baby Giant Squid Found
From Schneier on Security

Friday Squid Blogging: Baby Giant Squid Found

First ever examples of a baby giant squid have been found. As usual, you can also use this squid post to talk about the security stories in the news that I haven't...

The Onion on the State of IT Security
From Schneier on Security

The Onion on the State of IT Security

"China Unable To Recruit Hackers Fast Enough To Keep Up With Vulnerabilities In U.S. Security Systems." It's only funny because it's true....

Weaknesses in the PLAID Protocol
From Schneier on Security

Weaknesses in the PLAID Protocol

In 2009, the Australian government released the Protocol for Lightweight Authentication of Identity (PLAID) protocol. It was recently analyzed (original paper is...

Flash Drive Lock
From Schneier on Security

Flash Drive Lock

This device is clever: it's a three-digit combination lock that prevents a USB drive from being read. It's not going to keep out anyone serious, but is a great...

Tracking Connected Vehicles
From Schneier on Security

Tracking Connected Vehicles

Researchers have shown that it is both easy and cheap to surveil connected vehicles. The second link talks about various anonymization techniques, none of which...

Why Is the NSA Moving Away from Elliptic Curve Cryptography?
From Schneier on Security

Why Is the NSA Moving Away from Elliptic Curve Cryptography?

In August, I wrote about the NSA's plans to move to quantum-resistant algorithms for its own cryptographic needs. Cryptographers Neal Koblitz and Alfred Menezes...

The Doxing Trend
From Schneier on Security

The Doxing Trend

If the director of the CIA can't keep his e-mail secure, what hope do the rest of us have -- for our e-mail or any of our digital information? None, and that's...

The Need for Transparency in Surveillance
From Schneier on Security

The Need for Transparency in Surveillance

In Data and Goliath, I talk about the need for transparency, oversight, and accountability as the mechanism to allow surveillance when it is necessary, while preserving...

Ravens Can Identify Cheaters
From Schneier on Security

Ravens Can Identify Cheaters

Ravens have been shown to identify and remember cheaters among their unkindness....

Microsoft's Brad Smith on the Collapse of Safe Harbor
From Schneier on Security

Microsoft's Brad Smith on the Collapse of Safe Harbor

Microsoft's President Brad Smith has a blog post discussing what to do now that the US-EU safe-harbor agreement has collapsed. He outlines four steps: First, we...

Friday Squid Blogging: Squid Bed Sheets
From Schneier on Security

Friday Squid Blogging: Squid Bed Sheets

Some nice options....

Forensic Analysis of Smart Card Fraud
From Schneier on Security

Forensic Analysis of Smart Card Fraud

This paper describes what is almost certainly the most sophisticated chip-and-pin credit card fraud to date. News article. BoingBoing post....

Hacking Fitbit
From Schneier on Security

Hacking Fitbit

This is impressive: "An attacker sends an infected packet to a fitness tracker nearby at bluetooth distance then the rest of the attack occurs by itself, without...

Police Want Genetic Data from Corporate Repositories
From Schneier on Security

Police Want Genetic Data from Corporate Repositories

Both the FBI and local law enforcement are trying to get the genetic data stored at companies like 23andMe. No surprise, really. As NYU law professor Erin Murphy...

Forgotten Passwords
From Schneier on Security

Forgotten Passwords

Funny monologue....

Security Risks of Unpatched Android Software
From Schneier on Security

Security Risks of Unpatched Android Software

A lot has been written about the security vulnerability resulting from outdated and unpatched Android software. The basic problem is that while Google regularly...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account