Blogroll | Communications of the ACM

From Schneier on Security

Friday Squid Blogging: Radioactive Giant Squid Washes Ashore in California

Uh oh. And the real story. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. schneier
From Schneier on Security | February 7, 2014 at 05:54 PM

From Schneier on Security

TRINITY: NSA Exploit of the Day

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: TRINITY (TS//SI//REL) TRINITY is a miniaturized digital core packaged in a... schneier
From Schneier on Security | February 7, 2014 at 03:53 PM

From Schneier on Security

Another Fake NSA Codename Generator

Generate your own fake TAO implant. This is even more fun than the fake NSA program generator. Sadly, the NSA will probably use these to help develop their R&D... schneier
From Schneier on Security | February 7, 2014 at 03:23 PM

From Schneier on Security

SWAP: NSA Exploit of the Day

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: SWAP (TS//SI//REL) SWAP provides software application persistence by exploiting... schneier
From Schneier on Security | February 6, 2014 at 03:07 PM

From Schneier on Security

Dispute Resolution Systems for Security Protocols

Interesting paper by Steven J. Murdoch and Ross Anderson in this year's Financial Cryptography conference: "Security Protocols and Evidence: Where Many Payment."... schneier
From Schneier on Security | February 6, 2014 at 07:05 AM

From Schneier on Security

SOMBERKNAVE: NSA Exploit of the Day

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: SOMBERKNAVE (TS//SI//REL) SOMBERKNAVE is Windows XP wireless software implant... schneier
From Schneier on Security | February 5, 2014 at 03:04 PM

From Schneier on Security

1971 Social Engineering Attack

From Betty Medsger's book on the 1971 FBI burglary (page 22): As burglars, they used some unusual techniques, ones Davidon enjoyed recalling years later, such... schneier
From Schneier on Security | February 5, 2014 at 07:02 AM

From Schneier on Security

MAESTRO-II: NSA Exploit of the Day

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: MAESTRO-II (TS//SI//REL) MAESTRO-II is a miniaturized digital core packaged... schneier
From Schneier on Security | February 4, 2014 at 03:09 PM

From Schneier on Security

Hacking Airline Lounges for Free Meals

I think this is a great hack: A man bought a first-class ticket and used it to have free meals and drinks at the airport's VIP lounge almost every day for nearly... schneier
From Schneier on Security | February 4, 2014 at 07:45 AM

From Schneier on Security

JUNIORMINT: NSA Exploit of the Day

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: JUNIORMINT (TS//SI//REL) JUNIORMINT is a digital core packaged in both a mini... schneier
From Schneier on Security | February 3, 2014 at 03:09 PM

From Schneier on Security

CSEC Surveillance Analysis of IP and User Data

The most recent story from the Snowden documents is from Canada: it claims the CSEC (Communications Security Establishment Canada) used airport Wi-Fi information... schneier
From Schneier on Security | February 3, 2014 at 06:09 AM

From Schneier on Security

Friday Squid Blogging: Squid T-Shirt

A T-shirt with a drawing of a squid reading. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. schneier
From Schneier on Security | January 31, 2014 at 05:41 PM

From Schneier on Security

IRATEMONK: NSA Exploit of the Day

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: IRATEMONK (TS//SI//REL) IRATEMONK provides software application persistence... schneier
From Schneier on Security | January 31, 2014 at 03:17 PM

From Schneier on Security

Another Credit-Card-as-Authentication Hack

This is a pretty impressive social engineering story: an attacker compromised someone's GoDaddy domain registration in order to change his e-mail address and steal... schneier
From Schneier on Security | January 31, 2014 at 07:16 AM

From Schneier on Security

HOWLERMONKEY: NSA Exploit of the Day

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: HOWLERMONKEY (TS//SI//REL) HOWLERMONKEY is a custom Short to Medium rangehere... schneier
From Schneier on Security | January 30, 2014 at 09:38 PM

From Schneier on Security

Side-Channel Attacks on Frog Calls

The male túngara frog Physalaemus pustulosus uses calls to attract females. But croaking also causes ripples in the water, which are eavesdropped on -- both by... schneier
From Schneier on Security | January 30, 2014 at 01:08 PM

From Schneier on Security

Catalog of Snowden Revelations

This looks to be very good. Add that to these three indexes of NSA source material, and these two summaries. This excellent parody website has a good collection... schneier
From Schneier on Security | January 30, 2014 at 07:52 AM

From Schneier on Security

GINSU: NSA Exploit of the Day

Today's item from the NSA's Tailored Access Operations (TAO) group implant catalog: GINSU (TS//SI//REL) GINSU provides software application persistence for the... schneier
From Schneier on Security | January 29, 2014 at 03:28 PM

From Schneier on Security

Trying to Value Online Privacy

Interesting paper: "The value of Online Privacy," by Scott Savage and Donald M. Waldman. Abstract: We estimate the value of online privacy with a differentiated... schneier
From Schneier on Security | January 29, 2014 at 01:26 PM

From Schneier on Security

The Politics of Fear

This is very good: ...one might suppose that modern democratic states, with the lessons of history at hand, would seek to minimize fear or at least minimizeThey... schneier
From Schneier on Security | January 29, 2014 at 07:24 AM