Blogroll | Communications of the ACM

From Schneier on Security

Edward Snowden Wins EPIC "Champion of Freedom" Award

On Monday I had the honor of presenting Edward Snowden with a "Champion of Freedom" award at the EPIC dinner. Snowden couldn't be there in person -- his father... Bruce Schneier
From Schneier on Security | June 4, 2014 at 04:41 PM

From Schneier on Security

The Human Side of Heartbleed

The announcement on April 7 was alarming. A new Internet vulnerability called Heartbleed could allow hackers to steal your logins and passwords. It affected a piece... Bruce Schneier
From Schneier on Security | June 4, 2014 at 07:46 AM

From Schneier on Security

Chinese Hacking of the US

Chinese hacking of American computer networks is old news. For years we've known about their attacks against U.S. government and corporate targets. We've seen detailed... Bruce Schneier
From Schneier on Security | June 2, 2014 at 07:37 AM

From Schneier on Security

Friday Squid Blogging: Squid-Shaped Pancakes

Here are pictures of squid-shaped pancakes. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.... Bruce Schneier
From Schneier on Security | May 30, 2014 at 05:51 PM

From Schneier on Security

Vulnerabilities Found in Law Enforcement Surveillance System

SEC Consult has published an advisory warning people not to use a government eavesdropping product called Recording eXpress, sold by the Israeli company Nice Systems... Bruce Schneier
From Schneier on Security | May 29, 2014 at 03:52 PM

From Schneier on Security

TrueCrypt WTF

I have no idea what's going on with TrueCrypt. Good summary of story is a ArsTechnica, and SlashDot, Hacker News, and Reddit all have long comment threads. See... Bruce Schneier
From Schneier on Security | May 29, 2014 at 09:11 AM

From Schneier on Security

Eben Moglen on Snowden and Surveillance

This is well worth reading. It's based on a series of talks he gave last fall.... Bruce Schneier
From Schneier on Security | May 28, 2014 at 04:56 PM

From Schneier on Security

The Economics of Bulk Surveillance

Ross Anderson has an important new paper on the economics that drive government-on-population bulk surveillance: My first big point is that all the three factors... Bruce Schneier
From Schneier on Security | May 27, 2014 at 11:41 AM

From Schneier on Security

Friday Squid Blogging: Squid Ink Cocktail

Del Campo, a restaurant in Washington DC, has a Bloody Mary made with squid ink. As usual, you can also use this squid post to talk about the security stories in... Bruce Schneier
From Schneier on Security | May 23, 2014 at 05:53 PM

From Schneier on Security

Alan Watts on the Harms of Surveillance

Biologist Alan Watts makes some good points: Mammals don’t respond well to surveillance. We consider it a threat. It makes us paranoid, and aggressive and vengeful... Bruce Schneier
From Schneier on Security | May 23, 2014 at 07:42 AM

From Schneier on Security

Disclosing vs Hoarding Vulnerabilities

There's a debate going on about whether the U.S. government -- specifically, the NSA and United States Cyber Comman -- should stockpile Internet vulnerabilities... Bruce Schneier
From Schneier on Security | May 22, 2014 at 07:15 AM

From Schneier on Security

The NSA is Not Made of Magic

I am regularly asked what is the most surprising thing about the Snowden NSA documents. It's this: the NSA is not made of magic. Its tools are no different from... Bruce Schneier
From Schneier on Security | May 21, 2014 at 04:52 PM

From Schneier on Security

Government Policy on Cell Phone Interception Technology

New paper: "Your Secret Stingray's No Secret Anymore: The Vanishing Government Monopoly Over Cell Phone Surveillance and its Impact on National Security and Consumer... Bruce Schneier
From Schneier on Security | May 21, 2014 at 10:51 AM

From Schneier on Security

Preplay Attack on Chip and PIN

Interesting research paper on a bank card chip-and-PIN vulnerability. From the blog post: Our new paper shows that it is possible to create clone chip cards which... Bruce Schneier
From Schneier on Security | May 20, 2014 at 03:04 PM

From Schneier on Security

Advances in Solving the Discrete Log Problem

At Eurocrypt this year, researchers presented a paper that completely breaks the discrete log problem in any field with a small characteristic. It's nice work,... Bruce Schneier
From Schneier on Security | May 20, 2014 at 07:13 AM

From Schneier on Security

Pervasive Monitoring as Network Attack

New IETF RFC: "RFC 7258: Pervasive Monitoring Is an Attack" that designers must mitigate. Slashdot thread.... Bruce Schneier
From Schneier on Security | May 19, 2014 at 02:44 PM

From Schneier on Security

Abusing Power to Shut Down a Twitter Parody Account

This is a pretty horrible story of a small-town mayor abusing his authority -- warrants where there is no crime, police raids, incidental marijuana bust -- to identify... Bruce Schneier
From Schneier on Security | May 19, 2014 at 08:07 AM

From Schneier on Security

Friday Squid Blogging: Fossil Squid

Rare fossilized cephalopods. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.... Bruce Schneier
From Schneier on Security | May 16, 2014 at 05:42 PM

From Schneier on Security

How to Stop an Insider from Stealing All Your Secrets

This article from Communications of the ACM outlines some of the security measures the NSA could, and should, have had in place to stop someone like Snowden. Mostly... Bruce Schneier
From Schneier on Security | May 16, 2014 at 01:34 PM

From Schneier on Security

Forged SSL Certificates Pervasive on the Internet

About 0.2% of all SSL certificates are forged. This is the first time I've ever seen a number based on real data. News article: Of 3.45 million real-world connections... Bruce Schneier
From Schneier on Security | May 16, 2014 at 07:43 AM