Blogroll | Communications of the ACM

From Schneier on Security

Apple Copies Your Files Without Your Knowledge or Consent

The latest version of Apple's OS automatically syncs your files to iCloud Drive, even files you choose to store locally. Apple encrypts your data, both in transit... Bruce Schneier
From Schneier on Security | October 28, 2014 at 07:59 AM

From Schneier on Security

US Intelligence "Second Leaker" Identified

There's a report that the FBI has identified a second leaker: The case in question involves an Aug. 5 story published by The Intercept, an investigative website... Bruce Schneier
From Schneier on Security | October 27, 2014 at 05:32 PM

From Schneier on Security

Authentication Attack Against Credit Card Verification

Here's a physical attack against a credit card verification system. Basically, the attack disrupts the communications between the retail terminal and the system... Bruce Schneier
From Schneier on Security | October 27, 2014 at 03:50 PM

From Schneier on Security

Spritz: A New RC4-Like Stream Cipher

Last week, Ron Rivest gave a talk at MIT about Spritz, a new stream cipher by him and Jacob Schuldt. It's basically a redesign of RC4, given current cryptographic... Bruce Schneier
From Schneier on Security | October 27, 2014 at 11:55 AM

From Schneier on Security

Friday Squid Blogging: Humboldt Squids Attack Submarine

A pair of Humboldt squids attacked a Greenpeace submarine. There's video. As usual, you can also use this squid post to talk about the security stories in the news... Bruce Schneier
From Schneier on Security | October 24, 2014 at 05:37 PM

From Schneier on Security

The Ineffectiveness of Sealing the Border Against Ebola (and Other Viruses)

Good analysis.... Bruce Schneier
From Schneier on Security | October 24, 2014 at 01:31 PM

From Schneier on Security

Analysis of Printer Watermarking Techniques

Interesting paper: Maya Embar, Louis M. McHough IV, and William R. Wesselman, "Printer watermark obfuscation," Proceeding RIIT '14: Proceedings of the 3rd annual... Bruce Schneier
From Schneier on Security | October 24, 2014 at 09:57 AM

From Schneier on Security

The NSA's Role in Commercial Cybersecurity

Susan Landau has a new paper on the NSA's increasing role in commercial cybersecurity. She argues that the NSA is the wrong organization to do this, and we need... Bruce Schneier
From Schneier on Security | October 23, 2014 at 09:52 AM

From Schneier on Security

Jumping Air Gaps with All-in-One Printers

Last week, Adi Shamir gave a presentation at Black Hat Europe on using all-in-one printers to control computers on the other side of air gaps. There's no paper... Bruce Schneier
From Schneier on Security | October 22, 2014 at 03:51 PM

From Schneier on Security

Deanonymizing Taxi Passenger and Fare Data

Interesting essay on the sorts of things you can learn from anonymized taxi passenger and fare data.... Bruce Schneier
From Schneier on Security | October 22, 2014 at 06:54 AM

From Schneier on Security

Whisper Tracks Users

The Guardian has reported that the app Whisper tracks users, and then published a second article explaining what it knows after Whisper denied the story. Here's... Bruce Schneier
From Schneier on Security | October 21, 2014 at 01:07 PM

From Schneier on Security

More Crypto Wars II

FBI Director James Comey again called for an end to secure encryption by putting in a backdoor. Here's his speech: There is a misconception that building a lawful... Bruce Schneier
From Schneier on Security | October 21, 2014 at 10:58 AM

From Schneier on Security

How Did the Feds Identity Dread Pirate Roberts?

Last month, I wrote that the FBI identified Ross W. Ulbricht as the Silk Road's Dread Pirate Roberts through a leaky CAPTCHA. Seems that story doesn't hold water... Bruce Schneier
From Schneier on Security | October 20, 2014 at 07:19 AM

From Schneier on Security

Friday Squid Blogging: 1,057 Squid T-Shirts

That's a lot. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. And commenting was broken for a... Bruce Schneier
From Schneier on Security | October 17, 2014 at 06:17 PM

From Schneier on Security

Hacking a Video Poker Machine

Kevin Poulsen has written an interesting story about two people who successfully exploited a bug in a popular video poker machine.... Bruce Schneier
From Schneier on Security | October 17, 2014 at 07:35 AM

From Schneier on Security

NSA Classification ECI = Exceptionally Controlled Information

ECI is a classification above Top Secret. It's for things that are so sensitive they're basically not written down, like the names of companies whose cryptography... Bruce Schneier
From Schneier on Security | October 16, 2014 at 07:22 AM

From Schneier on Security

DEA Sets Up Fake Facebook Page in Woman's Name

This is a creepy story. A woman has her phone seized by the Drug Enforcement Agency and gives them permission to look at her phone. Without her knowledge or consent... Bruce Schneier
From Schneier on Security | October 15, 2014 at 08:06 AM

From Schneier on Security

FOXACID Operations Manual

A few days ago, I saw this tweet: "Just a reminder that it is now *a full year* since Schneier cited it, and the FOXACID ops manual remains unpublished." It's true... Bruce Schneier
From Schneier on Security | October 15, 2014 at 07:29 AM

From Schneier on Security

Surveillance in Schools

This essay, "Grooming students for a lifetime of surveillance," talks about the general trends in student surveillance. Related: essay on the need for student privacy... Bruce Schneier
From Schneier on Security | October 14, 2014 at 06:59 AM

From Schneier on Security

How James Bamford Came to Write The Puzzle Palace

Interesting essay about James Bamford and his efforts to publish The Puzzle Palace over the NSA's objections. Required reading for those who think the NSA's excesses... Bruce Schneier
From Schneier on Security | October 13, 2014 at 07:55 AM