Blogroll | Communications of the ACM

From Schneier on Security

Malware Installed in Asus Computers Through Hacked Update Process

Kaspersky Labs is reporting on a new supply chain attack they call "Shadowhammer." In January 2019, we discovered a sophisticated supply chain attack involving... Bruce Schneier
From Schneier on Security | March 28, 2019 at 07:42 AM

From Schneier on Security

Programmers Who Don't Understand Security Are Poor at Security

A university study confirmed the obvious: if you pay a random bunch of freelance programmers a small amount of money to write security software, they're not going... Bruce Schneier
From Schneier on Security | March 27, 2019 at 07:37 AM

From Schneier on Security

Personal Data Left on Used Laptops

A recent experiment found all sorts of personal data left on used laptops and smartphones. This should come as no surprise. Simson Garfinkel performed the same... Bruce Schneier
From Schneier on Security | March 26, 2019 at 07:24 AM

From Schneier on Security

Mail Fishing

Not email, paper mail: Thieves, often at night, use string to lower glue-covered rodent traps or bottles coated with an adhesive down the chute of a sidewalk mailbox... Bruce Schneier
From Schneier on Security | March 25, 2019 at 10:39 AM

From Schneier on Security

Friday Squid Blogging: New Research on Squid Camouflage

From the New York Times: Now, a paper published last week in Nature Communications suggests that their chromatophores, previously thought to be mainly pockets of... Bruce Schneier
From Schneier on Security | March 22, 2019 at 05:45 PM

From Schneier on Security

Enigma, Typex, and Bombe Simulators

GCHQ has put simulators for the Enigma, Typex, and Bombe on the Internet. News article.... Bruce Schneier
From Schneier on Security | March 22, 2019 at 07:16 AM

From Schneier on Security

First Look Media Shutting Down Access to Snowden NSA Archives

The Daily Beast is reporting that First Look Media -- home of The Intercept and Glenn Greenwald -- is shutting down access to the Snowden archives. The Intercept... Bruce Schneier
From Schneier on Security | March 21, 2019 at 06:52 AM

From Schneier on Security

Zipcar Disruption

This isn't a security story, but it easily could have been. Last Saturday, Zipcar had a system outage: "an outage experienced by a third party telecommunications... Bruce Schneier
From Schneier on Security | March 20, 2019 at 01:38 PM

From Schneier on Security

An Argument that Cybersecurity Is Basically Okay

Andrew Odlyzko's new essay is worth reading -- "Cybersecurity is not very important": Abstract: There is a rising tide of security breaches. There is an even faster... Bruce Schneier
From Schneier on Security | March 20, 2019 at 07:03 AM

From Schneier on Security

Triton

Good article on the Triton malware which targets industrial control systems.... Bruce Schneier
From Schneier on Security | March 19, 2019 at 07:48 AM

From Schneier on Security

CAs Reissue Over One Million Weak Certificates

Turns out that the software a bunch of CAs used to generate public-key certificates was flawed: they created random serial numbers with only 63 bits instead of... Bruce Schneier
From Schneier on Security | March 18, 2019 at 07:23 AM

From Schneier on Security

Friday Squid Blogging: A Squid-Related Vacation Tour in Hawaii

You can hunt for the Hawaiian bobtail squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read... Bruce Schneier
From Schneier on Security | March 15, 2019 at 05:24 PM

From Schneier on Security

I Was Cited in a Court Decision

An article I co-wrote -- my first law journal article -- was cited by the Massachusetts Supreme Judicial Court -- the state supreme court -- in a case on compelled... Bruce Schneier
From Schneier on Security | March 15, 2019 at 03:38 PM

From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm teaching a live online class called "Spotlight on Cloud: The Future of Internet Security with... Bruce Schneier
From Schneier on Security | March 15, 2019 at 03:15 PM

From Schneier on Security

Critical Flaw in Swiss Internet Voting System

Researchers have found a critical flaw in the Swiss Internet voting system. I was going to write an essay about how this demonstrates that Internet voting is a... Bruce Schneier
From Schneier on Security | March 15, 2019 at 10:44 AM

From Schneier on Security

DARPA Is Developing an Open-Source Voting System

This sounds like a good development: ...a new $10 million contract the Defense Department's Defense Advanced Research Projects Agency (DARPA) has launched to design... Bruce Schneier
From Schneier on Security | March 14, 2019 at 02:20 PM

From Schneier on Security

Judging Facebook's Privacy Shift

Facebook is making a new and stronger commitment to privacy. Last month, the company hired three of its most vociferous critics and installed them in senior technical... Bruce Schneier
From Schneier on Security | March 13, 2019 at 07:51 AM

From Schneier on Security

On Surveillance in the Workplace

Data & Society just published a report entitled "Workplace Monitoring & Surveillance": This explainer highlights four broad trends in employee monitoring and surveillance... Bruce Schneier
From Schneier on Security | March 12, 2019 at 07:38 AM

From Schneier on Security

Russia Is Testing Online Voting

This is a bad idea: A second innovation will allow "electronic absentee voting" within voters' home precincts. In other words, Russia is set to introduce its first... Bruce Schneier
From Schneier on Security | March 11, 2019 at 07:54 AM

From Schneier on Security

Friday Squid Blogging: Squid Proteins Can Be an Alternative to Plastic

Is there anything squids aren't good for? Academic paper. As usual, you can also use this squid post to talk about the security stories in the news that I haven't... Bruce Schneier
From Schneier on Security | March 8, 2019 at 05:36 PM