Blogroll | Communications of the ACM

From Schneier on Security

New Bluetooth Vulnerability

There’s a new unpatched Bluetooth vulnerability: The issue is with a protocol called Cross-Transport Key Derivation (or CTKD, for short). When, say, an iPhone is... Bruce Schneier
From Schneier on Security | September 15, 2020 at 11:48 AM

From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at the Cybersecurity Law & Policy Scholars Virtual Conference on September 17, 2020... Schneier.com Webmaster
From Schneier on Security | September 14, 2020 at 10:18 PM

From Schneier on Security

Friday Squid Blogging: Calamari vs. Squid

St. Louis Magazine answers the important question: “Is there a difference between calamari and squid?” Short answer: no. As usual, you can also use this squid post... Bruce Schneier
From Schneier on Security | September 11, 2020 at 02:24 PM

From Schneier on Security

How the FIN7 Cybercrime Gang Operates

The Grugq has written an excellent essay on how the Russian cybercriminal gang FIN7 operates. An excerpt: The secret of FIN7’s success is their operational art... Bruce Schneier
From Schneier on Security | September 9, 2020 at 03:03 PM

From Schneier on Security

Privacy Analysis of Ambient Light Sensors

Interesting privacy analysis of the Ambient Light Sensor API. And a blog post. Especially note the “Lessons Learned” section. Bruce Schneier
From Schneier on Security | September 9, 2020 at 02:51 PM

From Schneier on Security

Interesting Attack on the EMV Smartcard Payment Standard

It’s complicated, but it’s basically a man-in-the-middle attack that involves two smartphones. The first phone reads the actual smartcard, and then forwards the... Bruce Schneier
From Schneier on Security | September 9, 2020 at 02:50 PM

From Schneier on Security

Ranking National Cyber Power

Harvard Kennedy School’s Belfer Center published the “National Cyber Power Index 2020: Methodology and Analytical Considerations.” The rankings: US China UK ... Bruce Schneier
From Schneier on Security | September 9, 2020 at 12:34 PM

From Schneier on Security

The Third Edition of Ross Anderson’s Security Engineering

Ross Anderson’s fantastic textbook, Security Engineering, will have a third edition. The book won’t be published until December, but Ross has been making drafts... Bruce Schneier
From Schneier on Security | September 9, 2020 at 12:14 PM

From Schneier on Security

US Space Cybersecurity Directive

The Trump Administration just published “Space Policy Directive – 5“: “Cybersecurity Principles for Space Systems.” It’s pretty general: Principles. (a) Space systems... Bruce Schneier
From Schneier on Security | September 8, 2020 at 05:38 PM

From Schneier on Security

More on NIST’s Post-Quantum Cryptography

Back in July, NIST selected third-round algorithms for its post-quantum cryptography standard. Recently, Daniel Apon of NIST gave a talk detailing the selection... Bruce Schneier
From Schneier on Security | September 8, 2020 at 03:47 PM

From Schneier on Security

More on NIST’s Post-Quantum Cryptography

Back in July, NIST selected third-round algorithms for its post-quantum cryptography standard. Recently, Daniel Apon of NIST gave a talk detailing the selection... Bruce Schneier
From Schneier on Security | September 8, 2020 at 03:47 PM

From Schneier on Security

More on NIST's Post-Quantum Cryptography

Back in July, NIST selected third-round algorithms for its post-quantum cryptography standard. Recently, Daniel Apon of NIST gave a talk detailing the selection... Bruce Schneier
From Schneier on Security | September 8, 2020 at 07:12 AM

From Schneier on Security

Schneier.com is Moving

I'm switching my website software from Movable Type to Wordpress, and moving to a new host. The migration is expected to last from approximately 3 AM EST Monday... Bruce Schneier
From Schneier on Security | September 5, 2020 at 09:01 PM

From Schneier on Security

Schneier.com is Moving

I’m switching my website software from Movable Type to WordPress, and moving to a new host. The migration is expected to last from approximately 3 AM EST Monday... Bruce Schneier
From Schneier on Security | September 5, 2020 at 04:01 PM

From Schneier on Security

Schneier.com is Moving

I’m switching my website software from Movable Type to WordPress, and moving to a new host. The migration is expected to last from approximately 3 AM EST Monday... Bruce Schneier
From Schneier on Security | September 5, 2020 at 04:01 PM

From Schneier on Security

Friday Squid Blogging: Morning Squid

Asa ika means "morning squid" in Japanese. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read... Bruce Schneier
From Schneier on Security | September 4, 2020 at 05:53 PM

From Schneier on Security

Friday Squid Blogging: Morning Squid

Asa ika means “morning squid” in Japanese. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read... Bruce Schneier
From Schneier on Security | September 4, 2020 at 12:53 PM

From Schneier on Security

Friday Squid Blogging: Morning Squid

Asa ika means “morning squid” in Japanese. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read... Bruce Schneier
From Schneier on Security | September 4, 2020 at 12:53 PM

From Schneier on Security

Hacking AI-Graded Tests

The company Edgenuity sells AI systems for grading tests. Turns out that they just search for keywords without doing any actual semantic analysis.... Bruce Schneier
From Schneier on Security | September 4, 2020 at 07:02 AM

From Schneier on Security

Hacking AI-Graded Tests

The company Edgenuity sells AI systems for grading tests. Turns out that they just search for keywords without doing any actual semantic analysis. Bruce Schneier
From Schneier on Security | September 4, 2020 at 02:02 AM