acm-header
Sign In

Communications of the ACM

Blogroll


Refine your search:
datePast Year
authorschneier
bg-corner

On IoT Devices and Software Liability
From Schneier on Security

On IoT Devices and Software Liability

New law journal article: Smart Device Manufacturer Liability and Redress for Third-Party Cyberattack Victims Abstract: Smart devices are used to facilitate cyberattacks...

Pharmacies Giving Patient Records to Police without Warrants
From Schneier on Security

Pharmacies Giving Patient Records to Police without Warrants

Add pharmacies to the list of industries that are giving private data to the police without a warrant.

Facial Scanning by Burger King in Brazil
From Schneier on Security

Facial Scanning by Burger King in Brazil

In 2000, I wrote: “If McDonald’s offered three free Big Macs for a DNA sample, there would be lines around the block.” Burger King in Brazil is almost there, offering...

PIN-Stealing Android Malware
From Schneier on Security

PIN-Stealing Android Malware

This is an old piece of malware—the Chameleon Android banking Trojan—that now disables biometric authentication in order to steal the PIN: The second notable new...

Second Interdisciplinary Workshop on Reimagining Democracy
From Schneier on Security

Second Interdisciplinary Workshop on Reimagining Democracy

Last month, I convened the Second Interdisciplinary Workshop on Reimagining Democracy (IWORD 2023) at the Harvard Kennedy School Ash Center. As with IWORD 2022,...

Friday Squid Blogging—18th Anniversary Post: New Species of Pygmy Squid Discovered
From Schneier on Security

Friday Squid Blogging—18th Anniversary Post: New Species of Pygmy Squid Discovered

They’re Ryukyuan pygmy squid (Idiosepius kijimuna) and Hannan’s pygmy squid (Kodama jujutsu). The second one represents an entire new genus. As usual, you can also...

New iPhone Exploit Uses Four Zero-Days
From Schneier on Security

New iPhone Exploit Uses Four Zero-Days

Kaspersky researchers are detailing “an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow...

Facial Recognition Systems in the US
From Schneier on Security

Facial Recognition Systems in the US

A helpful summary of which US retail stores are using facial recognition, thinking about using it, or currently not planning on using it. (This, of course, canI...

TikTok Editorial Analysis
From Schneier on Security

TikTok Editorial Analysis

TikTok seems to be skewing things in the interests of the Chinese Communist Party. (This is a serious analysis, and the methodology looks sound.) Conclusion: Substantial...

AI Is Scarily Good at Guessing the Location of Random Photos
From Schneier on Security

AI Is Scarily Good at Guessing the Location of Random Photos

Wow: To test PIGEON’s performance, I gave it five personal photos from a trip I took across America years ago, none of which have been published online. Some photos...

Friday Squid Blogging: Sqids
From Schneier on Security

Friday Squid Blogging: Sqids

They’re short unique strings: Sqids (pronounced “squids”) is an open-source library that lets you generate YouTube-looking IDs from numbers. These IDs are short...

AI and Lossy Bottlenecks
From Schneier on Security

AI and Lossy Bottlenecks

Artificial intelligence is poised to upend much of society, removing human limitations inherent in many systems. One such limitation is information and logistical...

New iPhone Security Features to Protect Stolen Devices
From Schneier on Security

New iPhone Security Features to Protect Stolen Devices

Apple is rolling out a new “Stolen Device Protection” feature that seems well thought out: When Stolen Device Protection is turned on, Face ID or Touch ID authentication...

Google Stops Collecting Location Data from Maps
From Schneier on Security

Google Stops Collecting Location Data from Maps

Google Maps now stores location data locally on your device, meaning that Google no longer has that data to turn over to the police.

Friday Squid Blogging: Squid Parts into Fertilizer
From Schneier on Security

Friday Squid Blogging: Squid Parts into Fertilizer

It’s squid parts from college dissections, so it’s not a volume operation. As usual, you can also use this squid post to talk about the security stories in thehere...

Data Exfiltration Using Indirect Prompt Injection
From Schneier on Security

Data Exfiltration Using Indirect Prompt Injection

Interesting attack on a LLM: In Writer, users can enter a ChatGPT-like session to edit or create their documents. In this chat session, the LLM can retrieve information...

GCHQ Christmas Codebreaking Challenge
From Schneier on Security

GCHQ Christmas Codebreaking Challenge

Looks like fun. Details here.

OpenAI Is Not Training on Your Dropbox Documents—Today
From Schneier on Security

OpenAI Is Not Training on Your Dropbox Documents—Today

There’s a rumor flying around the Internet that OpenAI is training foundation models on your Dropbox documents. Here’s CNBC. Here’s Boing Boing. Some articles are...

Police Get Medical Records without a Warrant
From Schneier on Security

Police Get Medical Records without a Warrant

More unconstrained surveillance: Lawmakers noted the pharmacies’ policies for releasing medical records in a letter dated Tuesday to the Department of Health and...

Friday Squid Blogging: Underwater Sculptures Use Squid Ink for Coloring
From Schneier on Security

Friday Squid Blogging: Underwater Sculptures Use Squid Ink for Coloring

The Molinière Underwater Sculpture Park has pieces that are colored in part with squid ink. As usual, you can also use this squid post to talk about the security...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account