acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

I've Joined Co3 Systems
From Schneier on Security

I've Joined Co3 Systems

For decades, I've said that good security is a combination of protection, detection, and response. In 1999, when I formed Counterpane Internet Security, I focused...

Friday Squid Blogging: Squid-Shaped Dog Toy
From Schneier on Security

Friday Squid Blogging: Squid-Shaped Dog Toy

Just the thing.

NSA Documents from the <i>Spiegel</i> Story
From Schneier on Security

NSA Documents from the Spiegel Story

There are more source documents from the recent Spiegel story on the NSA than I realized. Here is what I think is the complete list: "Tailored Access Operations...

NSA Exploit of the Day: IRONCHEF
From Schneier on Security

NSA Exploit of the Day: IRONCHEF

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog is IRONCHEF: IRONCHEF (TS//SI//REL) IRONCHEF provides access persistence to...

Cost/Benefit Analysis of NSA's 215 Metadata Collection Program
From Schneier on Security

Cost/Benefit Analysis of NSA's 215 Metadata Collection Program

It has amazed me that the NSA doesn't seem to do any cost/benefit analyses on any of its surveillance programs. This seems particularly important for bulk surveillance...

NSA Exploit of the Day: DEITYBOUNCE
From Schneier on Security

NSA Exploit of the Day: DEITYBOUNCE

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog is DEITYBOUNCE: DEITYBOUNCE (TS//SI//REL) DEITYBOUNCE provides software application...

"Military Style" Raid on California Power Station
From Schneier on Security

"Military Style" Raid on California Power Station

I don't know what to think about this: Around 1:00 AM on April 16, at least one individual (possibly two) entered two different manholes at the PG&E Metcalf power...

More about the NSA's Tailored Access Operations Unit
From Schneier on Security

More about the NSA's Tailored Access Operations Unit

Der Spiegel has a good article on the NSA's Tailored Access Operations unit: basically, its hackers. The article also has more details on how QUANTUM -- particularly...

Joseph Stiglitz on Trust
From Schneier on Security

Joseph Stiglitz on Trust

Joseph Stiglitz has an excellent essay on the value of trust, and the lack of it in today's society. Trust is what makes contracts, plans and everyday transactions...

Friday Squid Blogging: Kim Jong Un Tours Frozen Squid Factory
From Schneier on Security

Friday Squid Blogging: Kim Jong Un Tours Frozen Squid Factory

Frozen squid makes him happy. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Operation Vula
From Schneier on Security

Operation Vula

"Talking to Vula" is the story of a 1980s secret communications channel between black South African leaders and others living in exile in the UK. The system used...

Christmas Comic
From Schneier on Security

Christmas Comic

Amusing.

Report on Syrian Malware
From Schneier on Security

Report on Syrian Malware

Fascinating report from Citizen Lab on the use of malware in the current Syrian conflict (EFF summary and Wired article).

NSA Spying: Who Do You Believe?
From Schneier on Security

NSA Spying: Who Do You Believe?

On Friday, Reuters reported that RSA entered a secret contract to make DUAL_EC_PRNG the default random number generator in the BSAFE toolkit. DUA_EC_PRNG is now...

Friday Squid Blogging: "What Does the Squid Say?"
From Schneier on Security

Friday Squid Blogging: "What Does the Squid Say?"

Minecraft parody. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Yes, I'm Leaving BT
From Schneier on Security

Yes, I'm Leaving BT

The Register reported that I am leaving BT at the end of the year. It quoted BT as saying: We hired Bruce because of his thought leadership in security and as...

Eben Moglen and I Talk about the NSA
From Schneier on Security

Eben Moglen and I Talk about the NSA

Last week, Eben Moglen and I had a conversation about NSA surveillance. Audio and video are online.

Acoustic Cryptanalysis
From Schneier on Security

Acoustic Cryptanalysis

This is neat: Here, we describe a new acoustic cryptanalysis key extraction attack, applicable to GnuPG's current implementation of RSA. The attack can extract...

Tor User Identified by FBI
From Schneier on Security

Tor User Identified by FBI

Eldo Kim sent an e-mail bomb threat to Harvard so he could skip a final exam. (It's just a coincidence that I was on the Harvard campus that day.) Even though...

Security Vulnerabilities of Legacy Code
From Schneier on Security

Security Vulnerabilities of Legacy Code

An interesting research paper documents a "honeymoon effect" when it comes to software and vulnerabilities: attackers are more likely to find vulnerabilities in...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account