acm-header
Sign In

Communications of the ACM

Blogroll


Refine your search:
dateMore Than a Year Ago
authorschneier
bg-corner

Friday Squid Blogging: Squid Communication
From Schneier on Security

Friday Squid Blogging: Squid Communication

Interesting article on squid communication. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read...

Friday Squid Blogging: Tentacle Doorknob
From Schneier on Security

Friday Squid Blogging: Tentacle Doorknob

It’s pretty. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

Interesting Privilege Escalation Vulnerability
From Schneier on Security

Interesting Privilege Escalation Vulnerability

If you plug a Razer peripheral (mouse or keyboard, I think) into a Windows 10 or 11 machine, you can use a vulnerability in the Razer Synapse software — which automatically...

Surveillance of the Internet Backbone
From Schneier on Security

Surveillance of the Internet Backbone

Vice has an article about how data brokers sell access to the Internet backbone. This is netflow data. It’s useful for cybersecurity forensics, but can also be...

Friday Squid Blogging: On Squid Brains
From Schneier on Security

Friday Squid Blogging: On Squid Brains

Interesting National Geographic article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Readhere...

More on Apple’s iPhone Backdoor
From Schneier on Security

More on Apple’s iPhone Backdoor

In this post, I’ll collect links on Apple’s iPhone backdoor for scanning CSAM images. Previous links are here and here. Apple says that hash collisions in its CSAM...

T-Mobile Data Breach
From Schneier on Security

T-Mobile Data Breach

It’s a big one: As first reported by Motherboard on Sunday, someone on the dark web claims to have obtained the data of 100 million from T-Mobile’s servers andalso...

Apple’s NeuralHash Algorithm Has Been Reverse-Engineered
From Schneier on Security

Apple’s NeuralHash Algorithm Has Been Reverse-Engineered

Apple’s NeuralHash algorithm — the one it’s using for client-side scanning on the iPhone — has been reverse-engineered. Turns out it was already in iOS 14.3, and...

Tetris: Chinese Espionage Tool
From Schneier on Security

Tetris: Chinese Espionage Tool

I’m starting to see writings about a Chinese espionage tool that exploits website vulnerabilities to try and identify Chinese dissidents.

Friday Squid Blogging: A Good Year for Squid?
From Schneier on Security

Friday Squid Blogging: A Good Year for Squid?

Improved ocean conditions are leading to optimism about this year’s squid catch. As usual, you can also use this squid post to talk about the security stories in...

Using AI to Scale Spear Phishing
From Schneier on Security

Using AI to Scale Spear Phishing

The problem with spear phishing it that it takes time and creativity to create individualized enticing phishing emails. Researchers are using GPT-3 to attempt to...

Upcoming Speaking Engagements
From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking (via Internet) at SHIFT Business Festival in Finland, August 25-26, 2021. I’ll be...

Cobolt Strike Vulnerability Affects Botnet Servers
From Schneier on Security

Cobolt Strike Vulnerability Affects Botnet Servers

Cobolt Strike is a security tool, used by penetration testers to simulate network attackers. But it’s also used by attackers — from criminals to governments — to...

Apple Adds a Backdoor to iMesssage and iCloud Storage
From Schneier on Security

Apple Adds a Backdoor to iMesssage and iCloud Storage

Apple’s announcement that it’s going to start scanning photos for child abuse material is a big deal. I have been following the details, and discussing it in several...

Defeating Microsoft’s Trusted Platform Module
From Schneier on Security

Defeating Microsoft’s Trusted Platform Module

This is a really interesting story explaining how to defeat Microsoft’s TPM in 30 minutes — without having to solder anything to the motherboard. Researchers at...

Squid Dog Toy
From Schneier on Security

Squid Dog Toy

It’s sold out, but the pictures are cute. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read...

Using “Master Faces” to Bypass Face-Recognition Authenticating Systems
From Schneier on Security

Using “Master Faces” to Bypass Face-Recognition Authenticating Systems

Fascinating research: “Generating Master Faces for Dictionary Attacks with a Network-Assisted Latent Space Evolution.” Abstract: A master face is a face image that...

Zoom Lied about End-to-End Encryption
From Schneier on Security

Zoom Lied about End-to-End Encryption

The facts aren’t news, but Zoom will pay $85M — to the class-action attorneys, and to users — for lying to users about end-to-end encryption, and for giving user...

Paragon: Yet Another Cyberweapons Arms Manufacturer
From Schneier on Security

Paragon: Yet Another Cyberweapons Arms Manufacturer

Forbes has the story: Paragon’s product will also likely get spyware critics and surveillance experts alike rubbernecking: It claims to give police the power to...

The European Space Agency Launches Hackable Satellite
From Schneier on Security

The European Space Agency Launches Hackable Satellite

Of course this is hackable: A sophisticated telecommunications satellite that can be completely repurposed while in space has launched. […] Because the satellite...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account