Blogroll | Communications of the ACM

From Schneier on Security

How Browsers Store Passwords

Good information on how Internet Explorer, Chrome, and Firefox store user passwords.... Bruce Schneier
From Schneier on Security | January 8, 2015 at 06:50 PM

From Schneier on Security

Hacking Attack Causes Physical Damage at German Steel Mill

This sort of thing is still very rare, but I fear it will become more common: ...hackers had struck an unnamed steel mill in Germany. They did so by manipulating... Bruce Schneier
From Schneier on Security | January 8, 2015 at 04:16 PM

From Schneier on Security

Attack Attribution in Cyberspace

When you're attacked by a missile, you can follow its trajectory back to where it was launched from. When you're attacked in cyberspace, figuring out who did it... Bruce Schneier
From Schneier on Security | January 8, 2015 at 07:34 AM

From Schneier on Security

Attributing the Sony Attack

No one has admitted taking down North Korea's Internet. It could have been an act of retaliation by the US government, but it could just as well have been an ordinary... Bruce Schneier
From Schneier on Security | January 7, 2015 at 12:49 PM

From Schneier on Security

Fidgeting as Lie Detection

Sophie Van Der Zee and colleagues have a new paper on using body movement as a lie detector: Abstract: We present a new robust signal for detecting deception: full... Bruce Schneier
From Schneier on Security | January 6, 2015 at 03:48 PM

From Schneier on Security

Attributing Cyberattacks

New paper: "Attributing Cyber Attacks," by Thomas Rid and Ben Buchanan: Abstract: Who did it? Attribution is fundamental. Human lives and the security of the state... Bruce Schneier
From Schneier on Security | January 6, 2015 at 07:50 AM

From Schneier on Security

Loitering as a Security System

In Kyoto, taxi drivers are encouraged to loiter around convenience stores late at night. Their presence reduces crime. In Kyoto about half of the convenience stores... Bruce Schneier
From Schneier on Security | January 5, 2015 at 08:35 AM

From Schneier on Security

Friday Squid Blogging: Easy Squid Recipes

Stewed squid with tomatoes, sauteed squid with parsley and garlic, and braised squid with garlic and herbs. As usual, you can also use this squid post to talk about... Bruce Schneier
From Schneier on Security | January 2, 2015 at 05:53 PM

From Schneier on Security

Doxing as an Attack

Those of you unfamiliar with hacker culture might need an explanation of "doxing." The word refers to the practice of publishing personal information about people... Bruce Schneier
From Schneier on Security | January 2, 2015 at 09:00 AM

From Schneier on Security

More Data on Attributing the Sony Attack

An analysis of the timestamps on some of the leaked documents shows that they were downloaded at USB 2.0 speeds -- which implies an insider. Our Gotnews.com investigation... Bruce Schneier
From Schneier on Security | December 31, 2014 at 08:56 AM

From Schneier on Security

Leaked CIA Documents

I haven't seen much press mention about the leaked CIA documents that have appeared on Wikileaks this month. There are three: The CIA review of high-value target... Bruce Schneier
From Schneier on Security | December 29, 2014 at 07:46 AM

From Schneier on Security

New Documents on NSA's Crypanalysis Capabilities

Spiegel published a long article today on the NSA's analysis capabilities against encrypted systems, with a lot of new documents from the Snowden archive. I'm not... Bruce Schneier
From Schneier on Security | December 28, 2014 at 06:32 PM

From Schneier on Security

Friday Squid Blogging: Mummers Play Featuring Giant Squid

"St. George, the Dragon, and the Squid: A Preservation Mumming," by the American Folklife Center. As usual, you can also use this squid post to talk about the security... Bruce Schneier
From Schneier on Security | December 26, 2014 at 05:32 PM

From Schneier on Security

Merry Christmas from the NSA

On Christmas eve the NSA relesed a bunch of audit reports on illegal spying using EO 12333 from 2001 to 2013. Bloomberg article. The heavily-redacted reports include... Bruce Schneier
From Schneier on Security | December 26, 2014 at 07:43 AM

From Schneier on Security

"Santa Claus and the Surveillance State"

He sees you when you're sleeping. He knows when you're awake. He's everywhere. And that's the whole point of the Elf on the Shelf, the bright-eyed, Kewpie-esque... Bruce Schneier
From Schneier on Security | December 25, 2014 at 07:21 AM

From Schneier on Security

Did North Korea Really Attack Sony?

I am deeply skeptical of the FBI's announcement on Friday that North Korea was behind last month's Sony hack. The agency's evidence is tenuous, and I have a hard... Bruce Schneier
From Schneier on Security | December 24, 2014 at 07:56 AM

From Schneier on Security

Manipulating Juries with PowerPoint

Interesting article on the subconscious visual tricks used to manipulate juries and affect verdicts. In December 2012 the Washington Supreme Court threw out Glasmann's... Bruce Schneier
From Schneier on Security | December 23, 2014 at 03:19 PM

From Schneier on Security

North Korea DDoSed Off the Internet

North Korea has been knocked off the Internet by a distributed denial-of-service (DDoS) attack. Maybe the US did it, and maybe not. This whole incident is a perfect... Bruce Schneier
From Schneier on Security | December 23, 2014 at 11:52 AM

From Schneier on Security

2008 Cyberattack Against Turkish Oil Pipeline

Interesting article talks about the 2008 cyberattack against a Turkish oil pipeline: For western intelligence agencies, the blowout was a watershed event. Hackers... Bruce Schneier
From Schneier on Security | December 23, 2014 at 09:38 AM

From Schneier on Security

Reacting to the Sony Hack

First we thought North Korea was behind the Sony cyberattacks. Then we thought it was a couple of hacker guys with an axe to grind. Now we think North Korea is... Bruce Schneier
From Schneier on Security | December 22, 2014 at 07:51 AM