Blogroll | Communications of the ACM

From Schneier on Security

Emergency Surveillance During COVID-19 Crisis

Israel is using emergency surveillance powers to track people who may have COVID-19, joining China and Iran in using mass surveillance in this way. I believe pressure... Bruce Schneier
From Schneier on Security | March 20, 2020 at 07:25 AM

From Schneier on Security

Work-from-Home Security Advice

SANS has made freely available its "Work-from-Home Awareness Kit." When I think about how COVID-19's security measures are affecting organizational networks, I... Bruce Schneier
From Schneier on Security | March 19, 2020 at 07:49 AM

From Schneier on Security

The Insecurity of WordPress and Apache Struts

Interesting data: A study that analyzed all the vulnerability disclosures between 2010 and 2019 found that around 55% of all the security bugs that have been weaponized... Bruce Schneier
From Schneier on Security | March 18, 2020 at 08:45 AM

From Schneier on Security

TSA Admits Liquid Ban Is Security Theater

The TSA is allowing people to bring larger bottles of hand sanitizer with them on airplanes: Passengers will now be allowed to travel with containers of liquid... Bruce Schneier
From Schneier on Security | March 16, 2020 at 10:31 AM

From Schneier on Security

Friday Squid Blogging: New Report on Squid Markets

This report costs $2,000. (Please don't buy it for me.) As usual, you can also use this squid post to talk about the security stories in the news that I haven't... Bruce Schneier
From Schneier on Security | March 13, 2020 at 05:02 PM

From Schneier on Security

The EARN-IT Act

Prepare for another attack on encryption in the U.S. The EARN-IT Act purports to be about protecting children from predation, but it's really about forcing the... Bruce Schneier
From Schneier on Security | March 13, 2020 at 07:20 AM

From Schneier on Security

The Whisper Secret-Sharing App Exposed Locations

This is a big deal: Whisper, the secret-sharing app that called itself the "safest place on the Internet," left years of users' most intimate confessions exposed... Bruce Schneier
From Schneier on Security | March 12, 2020 at 07:30 AM

From Schneier on Security

LA Covers Up Bad Cybersecurity

This is bad in several dimensions. The Los Angeles Department of Water and Power has been accused of deliberately keeping widespread gaps in its cybersecurity a... Bruce Schneier
From Schneier on Security | March 11, 2020 at 11:52 AM

From Schneier on Security

CIA Dirty Laundry Aired

Joshua Schulte, the CIA employee standing trial for leaking the Wikileaks Vault 7 CIA hacking tools, maintains his innocence. And during the trial, a lot of shoddy... Bruce Schneier
From Schneier on Security | March 10, 2020 at 07:18 AM

From Schneier on Security

Cybersecurity Law Casebook

Robert Chesney teaches cybersecurity at the University of Texas School of Law. He recently published a fantastic casebook, which is a good source for anyone studying... Bruce Schneier
From Schneier on Security | March 9, 2020 at 07:36 AM

From Schneier on Security

Friday Squid Blogging: The Effect of Noise on Squid

Two articles. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines... Bruce Schneier
From Schneier on Security | March 6, 2020 at 05:06 PM

From Schneier on Security

More on Crypto AG

One follow-on to the story of Crypto AG being owned by the CIA: this interview with a Washington Post reporter. The whole thing is worth reading or listening to... Bruce Schneier
From Schneier on Security | March 6, 2020 at 08:48 AM

From Schneier on Security

Security of Health Information

The world is racing to contain the new COVID-19 virus that is spreading around the globe with alarming speed. Right now, pandemic disease experts at the World Health... Bruce Schneier
From Schneier on Security | March 5, 2020 at 07:10 AM

From Schneier on Security

Let's Encrypt Vulnerability

The BBC is reporting a vulnerability in the Let's Encrypt certificate service: In a notification email to its clients, the organisation said: "We recently discovered... Bruce Schneier
From Schneier on Security | March 4, 2020 at 07:46 AM

From Schneier on Security

Wi-Fi Chip Vulnerability

There's a vulnerability in Wi-Fi hardware that breaks the encryption: The vulnerability exists in Wi-Fi chips made by Cypress Semiconductor and Broadcom, the latter... Bruce Schneier
From Schneier on Security | March 3, 2020 at 07:43 AM

From Schneier on Security

Facebook's Download-Your-Data Tool Is Incomplete

Privacy International has the details: Key facts: Despite Facebook claim, "Download Your Information" doesn't provide users with a list of all advertisers who uploaded... Bruce Schneier
From Schneier on Security | March 2, 2020 at 07:28 AM

From Schneier on Security

Friday Squid Blogging: Squid Eggs

Cool photo. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here... Bruce Schneier
From Schneier on Security | February 28, 2020 at 05:08 PM

From Schneier on Security

Humble Bundle's 2020 Cybersecurity Books

For years, Humble Bundle has been selling great books at a "pay what you can afford" model. This month, they're featuring as many as nineteen cybersecurity books... Bruce Schneier
From Schneier on Security | February 28, 2020 at 02:53 PM

From Schneier on Security

Deep Learning to Find Malicious Email Attachments

Google presented its system of using deep-learning techniques to identify malicious email attachments: At the RSA security conference in San Francisco on Tuesday... Bruce Schneier
From Schneier on Security | February 28, 2020 at 12:57 PM

From Schneier on Security

Securing the Internet of Things through Class-Action Lawsuits

This law journal article discusses the role of class-action litigation to secure the Internet of Things. Basically, the article postulates that (1) market realities... Bruce Schneier
From Schneier on Security | February 27, 2020 at 07:03 AM