Blogroll | Communications of the ACM

From Schneier on Security

Storing Encrypted Photos in Google’s Cloud

New paper: “Encrypted Cloud Photo Storage Using Google Photos“: Abstract: Cloud photo services are widely used for persistent, convenient, and often free photo... Bruce Schneier
From Schneier on Security | July 29, 2021 at 09:36 PM

From Schneier on Security

I Am Parting With My Crypto Library

The time has come for me to find a new home for my (paper) cryptography library. It’s about 150 linear feet of books, conference proceedings, journals, and monographs... Bruce Schneier
From Schneier on Security | July 29, 2021 at 09:32 PM

From Schneier on Security

Friday Squid Blogging: Squid Skin Is Naturally Anti-microbial

Often it feels like squid just evolved better than us mammals. As usual, you can also use this squid post to talk about the security stories in the news that Ihere... Bruce Schneier
From Schneier on Security | July 29, 2021 at 02:19 PM

From Schneier on Security

AirDropped Gun Photo Causes Terrorist Scare

A teenager on an airplane sent a photo of a replica gun via AirDrop to everyone who had their settings configured to receive unsolicited photos from strangers.these... Bruce Schneier
From Schneier on Security | July 28, 2021 at 11:54 AM

From Schneier on Security

De-anonymization Story

This is important: Monsignor Jeffrey Burrill was general secretary of the US Conference of Catholic Bishops (USCCB), effectively the highest-ranking priest inreportedly... Bruce Schneier
From Schneier on Security | July 27, 2021 at 04:09 PM

From Schneier on Security

Hiding Malware in ML Models

Interesting research: “EvilModel: Hiding Malware Inside of Neural Network Models”. Abstract: Delivering malware covertly and detection-evadingly is critical to... Bruce Schneier
From Schneier on Security | July 26, 2021 at 04:59 PM

From Schneier on Security

Disrupting Ransomware by Disrupting Bitcoin

Ransomware isn’t new; the idea dates back to 1986 with the “Brain” computer virus. Now, it’s become the criminal business model of the internet for two reasons.... Bruce Schneier
From Schneier on Security | July 23, 2021 at 11:36 AM

From Schneier on Security

Commercial Location Data Used to Out Priest

A Catholic priest was outed through commercially available surveillance data. Vice has a good analysis: The news starkly demonstrates not only the inherent power... Bruce Schneier
From Schneier on Security | July 23, 2021 at 09:58 AM

From Schneier on Security

Nasty Printer Driver Vulnerability

From SentinelLabs, a critical vulnerability in HP printer drivers: Researchers have released technical details on a high-severity privilege-escalation flaw in... Bruce Schneier
From Schneier on Security | July 22, 2021 at 11:41 AM

From Schneier on Security

NSO Group Hacked

NSO Group, the Israeli cyberweapons arms manufacturer behind the Pegasus spyware — used by authoritarian regimes around the world to spy on dissidents, journalists... Bruce Schneier
From Schneier on Security | July 20, 2021 at 02:50 PM

From Schneier on Security

Candiru: Another Cyberweapons Arms Manufacturer

Citizen Lab has identified yet another Israeli company that sells spyware to governments around the world: Candiru. From the report: Summary: Candiru is a secretive... Bruce Schneier
From Schneier on Security | July 19, 2021 at 11:54 AM

From Schneier on Security

REvil is Off-Line

This is an interesting development: Just days after President Biden demanded that President Vladimir V. Putin of Russia shut down ransomware groups attacking American... Bruce Schneier
From Schneier on Security | July 16, 2021 at 04:03 PM

From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at Norbert Wiener in the 21st Century, a virtual conference hosted by The IEEE Society... Schneier.com Webmaster
From Schneier on Security | July 13, 2021 at 11:58 PM

From Schneier on Security

Colorado Passes Consumer Privacy Law

First California. Then Virginia. Now Colorado. Here’s a good comparison of the three states’ laws. Bruce Schneier
From Schneier on Security | July 13, 2021 at 10:10 AM

From Schneier on Security

China Taking Control of Zero-Day Exploits

China is making sure that all newly discovered zero-day exploits are disclosed to the government. Under the new rules, anyone in China who finds a vulnerability... Bruce Schneier
From Schneier on Security | July 13, 2021 at 10:07 AM

From Schneier on Security

Iranian State-Sponsored Hacking Attempts

Interesting attack: Masquerading as UK scholars with the University of London’s School of Oriental and African Studies (SOAS), the threat actor TA453 has been covertly... Bruce Schneier
From Schneier on Security | July 13, 2021 at 10:04 AM

From Schneier on Security

Friday Squid Blogging: The Evolution of Squid

Good video about the evolutionary history of squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered... Bruce Schneier
From Schneier on Security | July 12, 2021 at 12:59 PM

From Schneier on Security

Analysis of the FBI’s Anom Phone

Motherboard got its hands on one of those Anom phones that were really FBI honeypots. The details are interesting. Bruce Schneier
From Schneier on Security | July 12, 2021 at 12:58 PM

From Schneier on Security

Details of the REvil Ransomware Attack

ArsTechnica has a good story on the REvil ransomware attack of last weekend, with technical details: This weekend’s attack was carried out with almost surgical... Bruce Schneier
From Schneier on Security | July 8, 2021 at 11:12 AM

From Schneier on Security

Vulnerability in the Kaspersky Password Manager

A vulnerability (just patched) in the random number generator used in the Kaspersky Password Manager resulted in easily guessable passwords: The password generator... Bruce Schneier
From Schneier on Security | July 6, 2021 at 10:27 AM