Communications of the ACM
Refine your search:
How the “Frontier” Became the Slogan of Uncontrolled AI
Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration …
From Schneier on Security
Backdoor in Zyxel Firewalls and Gateways
This is bad: More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account that can grant attackers...
From Schneier on Security
Latest on the SVR’s SolarWinds Hack
The New York Times has an in-depth article on the latest information about the SolarWinds hack (not a great name, since it’s much more far-reaching than that). ...
From Schneier on Security
Friday Squid Blogging: Vegan Chili Squid
The restaurant chain Wagamama is selling a vegan version of its Chilli Squid side dish made from king oyster mushrooms. As usual, you can also use this squid post...
From Schneier on Security
Friday Squid Blogging: China Launches Six New Squid Jigging Vessels
From Pingtan Marine Enterprise: The 6 large-scale squid jigging vessels are normally operating vessels that returned to China earlier this year from the waters...
From Schneier on Security
Friday Squid Blogging: Searching for Giant Squid by Collecting Environmental DNA
The idea is to collect and analyze random DNA floating around the ocean, and using that to figure out where the giant squid are. No one is sure if this will actually...
From Schneier on Security
Military Cryptanalytics, Part III
The NSA has just declassified and released a redacted version of Military Cryptanalytics, Part III, by Lambros D. Callimahos, October 1977. Parts I and II, by Lambros...
From Schneier on Security
Amazon Has Trucks Filled with Hard Drives and an Armed Guard
From an interview with an Amazon Web Services security engineer: So when you use AWS, part of what you’re paying for is security. Right; it’s part of what we sell...
From Schneier on Security
Brexit Deal Mandates Old Insecure Crypto Algorithms
In what is surely an unthinking cut-and-paste issue, page 921 of the Brexit deal mandates the use of SHA-1 and 1024-bit RSA: The open standard s/MIME as extension...
From Schneier on Security
On the Evolution of Ransomware
Good article on the evolution of ransomware: Though some researchers say that the scale and severity of ransomware attacks crossed a bright line in 2020, others...
From Schneier on Security
Russia’s SolarWinds Attack
Recent news articles have all been talking about the massive Russian cyberattack against the United States, but that’s wrong on two accounts. It wasn’t a cyberattack...
From Schneier on Security
How China Uses Stolen US Personnel Data
Interesting analysis of China’s efforts to identify US spies: By about 2010, two former CIA officials recalled, the Chinese security services had instituted a sophisticated...
From Schneier on Security
Friday Squid Blogging: Linguine allo Scoglio Recipe
Delicious seafood pasta dish — includes squid — from America’s Test Kitchen. As usual, you can also use this squid post to talk about the security stories in the...
From Schneier on Security
Friday Squid Blogging: Small Giant Squid Washes Ashore in Japan
A ten-foot giant squid has washed ashore on the Western coast of Japan. As usual, you can also use this squid post to talk about the security stories in the news...
From Schneier on Security
Investigating the Navalny Poisoning
Bellingcat has investigated the near-fatal poisoning of Alexey Navalny by the Russian GRU back in August. The details display some impressive traffic analysis.confession...
From Schneier on Security
Eavesdropping on Phone Taps from Voice Assistants
The microphones on voice assistants are very sensitive, and can snoop on all sorts of data: In Hey Alexa what did I just type? we show that when sitting up to half...
From Schneier on Security
Friday Squid Blogging: Christmas Squid Memories
Stuffed squid for Christmas Eve. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my bloghere...
From Schneier on Security
NSA on Authentication Hacks (Related to SolarWinds Breach)
The NSA has published an advisory outlining how “malicious cyber actors” are “are manipulating trust in federated authentication environments to access protected...
From Schneier on Security
More on the SolarWinds Breach
The New York Times has more details. About 18,000 private and government users downloaded a Russian tainted software update – a Trojan horse of sorts – that...
From Schneier on Security
Cellebrite Can Break Signal
Cellebrite announced that it can break Signal. (Note that the company has heavily edited its blog post, but the original — with lots of technical details — wasarticle...
From Schneier on Security