acm-header
Sign In

Communications of the ACM

Blogroll


Refine your search:
dateMore Than a Year Ago
authorschneier
bg-corner

Theft of CIA's "Vault Seven" Hacking Tools Due to Its Own Lousy Security
From Schneier on Security

Theft of CIA's "Vault Seven" Hacking Tools Due to Its Own Lousy Security

The Washington Post is reporting on an internal CIA report about its "Vault 7" security breach: The breach -- allegedly committed by a CIA employee -- was discovered...

Zoom Will Be End-to-End Encrypted for All Users
From Schneier on Security

Zoom Will Be End-to-End Encrypted for All Users

Zoom is doing the right thing: it's making end-to-end encryption available to all users, paid and unpaid. (This is a change; I wrote about the initial decision...

Bank Card "Master Key" Stolen
From Schneier on Security

Bank Card "Master Key" Stolen

South Africa's Postbank experienced a catastrophic security failure. The bank's master PIN key was stolen, forcing it to cancel and replace 12 million bank cards...

Eavesdropping on Sound Using Variations in Light Bulbs
From Schneier on Security

Eavesdropping on Sound Using Variations in Light Bulbs

New research is able to recover sound waves in a room by observing minute changes in the room's light bulbs. This technique works from a distance, even from a building...

Examining the US Cyber Budget
From Schneier on Security

Examining the US Cyber Budget

Jason Healey takes a detailed look at the US federal cybersecurity budget and reaches an important conclusion: the US keeps saying that we need to prioritize defense...

Friday Squid Blogging: Human Cells with Squid-Like Transparency
From Schneier on Security

Friday Squid Blogging: Human Cells with Squid-Like Transparency

I think we need more human organs with squid-like features. As usual, you can also use this squid post to talk about the security stories in the news that I haven't...

Facebook Helped Develop a Tails Exploit
From Schneier on Security

Facebook Helped Develop a Tails Exploit

This is a weird story: Hernandez was able to evade capture for so long because he used Tails, a version of Linux designed for users at high risk of surveillance...

Another Intel Speculative Execution Vulnerability
From Schneier on Security

Another Intel Speculative Execution Vulnerability

Remember Spectre and Meltdown? Back in early 2018, I wrote: Spectre and Meltdown are pretty catastrophic vulnerabilities, but they only affect the confidentiality...

Availability Attacks against Neural Networks
From Schneier on Security

Availability Attacks against Neural Networks

New research on using specially crafted inputs to slow down machine-learning neural network systems: Sponge Examples: Energy-Latency Attacks on Neural Networks...

Security Analysis of the Democracy Live Online Voting System
From Schneier on Security

Security Analysis of the Democracy Live Online Voting System

New research: "Security Analysis of the Democracy Live Online Voting System": Abstract: Democracy Live's OmniBallot platform is a web-based system for blank ballot...

Gene Spafford on Internet Voting
From Schneier on Security

Gene Spafford on Internet Voting

Good interview....

Phishing Attacks Against Trump and Biden Campaigns
From Schneier on Security

Phishing Attacks Against Trump and Biden Campaigns

Google's threat analysts have identified state-level attacks from China. I hope both campaigns are working under the assumption that everything they say and do...

Friday Squid Blogging: Shark vs. Squid
From Schneier on Security

Friday Squid Blogging: Shark vs. Squid

National Geographic has a photo of a 7-foot long shark that fought a giant squid and lived to tell the tale. Or, at least, lived to show off the suction marks on...

New Research: "Privacy Threats in Intimate Relationships"
From Schneier on Security

New Research: "Privacy Threats in Intimate Relationships"

I just published a new paper with Karen Levy of Cornell: "Privacy Threats in Intimate Relationships." Abstract: This article provides an overview of intimate threats...

Zoom's Commitment to User Security Depends on Whether you Pay It or Not
From Schneier on Security

Zoom's Commitment to User Security Depends on Whether you Pay It or Not

Zoom was doing so well.... And now we have this: Corporate clients will get access to Zoom's end-to-end encryption service now being developed, but Yuan said free...

Wallpaper that Crashes Android Phones
From Schneier on Security

Wallpaper that Crashes Android Phones

This is interesting: The image, a seemingly innocuous sunset (or dawn) sky above placid waters, may be viewed without harm. But if loaded as wallpaper, the phone...

"Sign in with Apple" Vulnerability
From Schneier on Security

"Sign in with Apple" Vulnerability

Researcher Bhavuk Jain discovered a vulnerability in the "Sign in with Apple" feature, and received a $100,000 bug bounty from Apple. Basically, forged tokens could...

Password Changing After a Breach
From Schneier on Security

Password Changing After a Breach

This study shows that most people don't change their passwords after a breach, and if they do they change it to a weaker password. Abstract: To protect against...

Friday Squid Blogging: Humboldt Squid Communication
From Schneier on Security

Friday Squid Blogging: Humboldt Squid Communication

Humboldt Squid communicate by changing their skin patterns and glowing. As usual, you can also use this squid post to talk about the security stories in the news...

Bogus Security Technology: An Anti-5G USB Stick
From Schneier on Security

Bogus Security Technology: An Anti-5G USB Stick

The 5GBioShield sells for £339.60, and the description sounds like snake oil: ...its website, which describes it as a USB key that "provides protection for your...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account