Blogroll | Communications of the ACM

From Schneier on Security

Friday Squid Blogging: Amazingly Realistic Squid Drawings

The squid drawings of Yuuki Tokuda are simply incredible. I tried to figure out how to buy one of them, but everything is in Japanese. As usual, you can also use... Bruce Schneier
From Schneier on Security | April 10, 2020 at 05:04 PM

From Schneier on Security

Kubernetes Security

Attack matrix for Kubernetes, using the MITRE ATT&CK framework. A good first step towards understand the security of this suddenly popular and very complex container... Bruce Schneier
From Schneier on Security | April 10, 2020 at 07:24 AM

From Schneier on Security

Microsoft Buys Corp.com

A few months ago, Brian Krebs told the story of the domain corp.com, and how it is basically a security nightmare: At issue is a problem known as "namespace collision... Bruce Schneier
From Schneier on Security | April 9, 2020 at 07:45 AM

From Schneier on Security

RSA-250 Factored

RSA-250 has been factored. This computation was performed with the Number Field Sieve algorithm, using the open-source CADO-NFS software. The total computation... Bruce Schneier
From Schneier on Security | April 8, 2020 at 07:37 AM

From Schneier on Security

Cybersecurity During COVID-19

Three weeks ago (could it possibly be that long already?), I wrote about the increased risks of working remotely during the COVID-19 pandemic. One, employees are... Bruce Schneier
From Schneier on Security | April 7, 2020 at 11:00 AM

From Schneier on Security

Emotat Malware Causes Physical Damage

Microsoft is reporting that an Emotat malware infection shut down a network by causing computers to overheat and then crash. The Emotet payload was delivered and... Bruce Schneier
From Schneier on Security | April 6, 2020 at 12:26 PM

From Schneier on Security

Friday Squid Blogging: On Squid Communication

They can communicate using bioluminescent flashes: New research published this week in Proceedings of the National Academy of Sciences presents evidence for a previously... Bruce Schneier
From Schneier on Security | April 3, 2020 at 05:30 PM

From Schneier on Security

Security and Privacy Implications of Zoom

Over the past few weeks, Zoom's use has exploded since it became the video conferencing platform of choice in today's COVID-19 world. (My own university, Harvard... Bruce Schneier
From Schneier on Security | April 3, 2020 at 11:10 AM

From Schneier on Security

Bug Bounty Programs Are Being Used to Buy Silence

Investigative report on how commercial bug-bounty programs like HackerOne, Bugcrowd, and SynAck are being used to silence researchers: Used properly, bug bounty... Bruce Schneier
From Schneier on Security | April 3, 2020 at 07:21 AM

From Schneier on Security

Marriott Was Hacked -- Again

Marriott announced another data breach, this one affecting 5.2 million people: At this point, we believe that the following information may have been involved,... Bruce Schneier
From Schneier on Security | April 2, 2020 at 12:33 PM

From Schneier on Security

Dark Web Hosting Provider Hacked

Daniel's Hosting, which hosts about 7,600 dark web portals for free, has been hacked and is down. It's unclear when, or if, it will be back up.... Bruce Schneier
From Schneier on Security | April 1, 2020 at 07:53 AM

From Schneier on Security

Clarifying the Computer Fraud and Abuse Act

A federal court has ruled that violating a website's tems of service is not "hacking" under the Computer Fraud and Abuse Act. The plaintiffs wanted to investigate... Bruce Schneier
From Schneier on Security | March 31, 2020 at 08:51 AM

From Schneier on Security

Privacy vs. Surveillance in the Age of COVID-19

The trade-offs are changing: As countries around the world race to contain the pandemic, many are deploying digital surveillance tools as a means to exert social... Bruce Schneier
From Schneier on Security | March 30, 2020 at 07:32 AM

From Schneier on Security

Friday Squid Blogging: Squid Can Edit Their Own Genome

Amazing: Revealing yet another super-power in the skillful squid, scientists have discovered that squid massively edit their own genetic instructions not only within... Bruce Schneier
From Schneier on Security | March 27, 2020 at 05:28 PM

From Schneier on Security

Story of Gus Weiss

This is a long and fascinating article about Gus Weiss, who masterminded a long campaign to feed technical disinformation to the Soviet Union, which may or may... Bruce Schneier
From Schneier on Security | March 27, 2020 at 07:03 AM

From Schneier on Security

On Cyber Warranties

Interesting article discussing cyber-warranties, and whether they are an effective way to transfer risk (as envisioned by Ackerlof's "market for lemons") or a marketing... Bruce Schneier
From Schneier on Security | March 26, 2020 at 07:27 AM

From Schneier on Security

Facial Recognition for People Wearing Masks

The Chinese facial recognition company Hanwang claims it can recognize people wearing masks: The company now says its masked facial recognition program has reached... Bruce Schneier
From Schneier on Security | March 25, 2020 at 07:33 AM

From Schneier on Security

Internet Voting in Puerto Rico

Puerto Rico is considered allowing for Internet voting. I have joined a group of security experts in a letter opposing the bill. Cybersecurity experts agree that... Bruce Schneier
From Schneier on Security | March 24, 2020 at 07:01 AM

From Schneier on Security

Hacking Voice Assistants with Ultrasonic Waves

I previously wrote about hacking voice assistants with lasers. Turns you can do much the same thing with ultrasonic waves: Voice assistants -- the demo targeted... Bruce Schneier
From Schneier on Security | March 23, 2020 at 07:19 AM

From Schneier on Security

Friday Squid Blogging: Squid Orders Down in Italy

COVID-19 is depressing the demand for squid in Italy. The article is a week old, and already seems almost comically quaint. As usual, you can also use this squid... Bruce Schneier
From Schneier on Security | March 20, 2020 at 05:18 PM