Communications of the ACM
Refine your search:
How the “Frontier” Became the Slogan of Uncontrolled AI
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration …
From Schneier on Security
Details of the Recent T-Mobile Breach
Seems that 47 million customers were affected. Surprising no one, T-Mobile had awful security. I’ve lost count of how many times T-Mobile has been hacked.
From Schneier on Security
Friday Squid Blogging: Squid Communication
Interesting article on squid communication. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read...
From Schneier on Security
Friday Squid Blogging: Tentacle Doorknob
It’s pretty. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
From Schneier on Security
Interesting Privilege Escalation Vulnerability
If you plug a Razer peripheral (mouse or keyboard, I think) into a Windows 10 or 11 machine, you can use a vulnerability in the Razer Synapse software — which automatically...
From Schneier on Security
Surveillance of the Internet Backbone
Vice has an article about how data brokers sell access to the Internet backbone. This is netflow data. It’s useful for cybersecurity forensics, but can also be...
From Schneier on Security
Friday Squid Blogging: On Squid Brains
Interesting National Geographic article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Readhere...
From Schneier on Security
More on Apple’s iPhone Backdoor
In this post, I’ll collect links on Apple’s iPhone backdoor for scanning CSAM images. Previous links are here and here. Apple says that hash collisions in its CSAM...
From Schneier on Security
T-Mobile Data Breach
It’s a big one: As first reported by Motherboard on Sunday, someone on the dark web claims to have obtained the data of 100 million from T-Mobile’s servers andalso...
From Schneier on Security
Apple’s NeuralHash Algorithm Has Been Reverse-Engineered
Apple’s NeuralHash algorithm — the one it’s using for client-side scanning on the iPhone — has been reverse-engineered. Turns out it was already in iOS 14.3, and...
From Schneier on Security
Tetris: Chinese Espionage Tool
I’m starting to see writings about a Chinese espionage tool that exploits website vulnerabilities to try and identify Chinese dissidents.
From Schneier on Security
Friday Squid Blogging: A Good Year for Squid?
Improved ocean conditions are leading to optimism about this year’s squid catch. As usual, you can also use this squid post to talk about the security stories in...
From Schneier on Security
Using AI to Scale Spear Phishing
The problem with spear phishing it that it takes time and creativity to create individualized enticing phishing emails. Researchers are using GPT-3 to attempt to...
From Schneier on Security
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking (via Internet) at SHIFT Business Festival in Finland, August 25-26, 2021. I’ll be...
From Schneier on Security
Cobolt Strike Vulnerability Affects Botnet Servers
Cobolt Strike is a security tool, used by penetration testers to simulate network attackers. But it’s also used by attackers — from criminals to governments — to...
From Schneier on Security
Apple Adds a Backdoor to iMesssage and iCloud Storage
Apple’s announcement that it’s going to start scanning photos for child abuse material is a big deal. I have been following the details, and discussing it in several...
From Schneier on Security
Defeating Microsoft’s Trusted Platform Module
This is a really interesting story explaining how to defeat Microsoft’s TPM in 30 minutes — without having to solder anything to the motherboard. Researchers at...
From Schneier on Security
Squid Dog Toy
It’s sold out, but the pictures are cute. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read...
From Schneier on Security
Using “Master Faces” to Bypass Face-Recognition Authenticating Systems
Fascinating research: “Generating Master Faces for Dictionary Attacks with a Network-Assisted Latent Space Evolution.” Abstract: A master face is a face image that...
From Schneier on Security
Zoom Lied about End-to-End Encryption
The facts aren’t news, but Zoom will pay $85M — to the class-action attorneys, and to users — for lying to users about end-to-end encryption, and for giving user...
From Schneier on Security