Blogroll | Communications of the ACM

From Schneier on Security

Obama's Legacy in Internet Security

NextGov has a nice article summarizing President Obama's accomplishments in Internet security: what he did, what he didn't do, and how it turned out.... Bruce Schneier
From Schneier on Security | January 23, 2017 at 07:55 AM

From Schneier on Security

Friday Squid Blogging: Know Your Cephalopods

This graphic shows the important difference between arms and tentacles. As usual, you can also use this squid post to talk about the security stories in the news... Bruce Schneier
From Schneier on Security | January 20, 2017 at 05:19 PM

From Schneier on Security

New White House Privacy Report

Two days ago, the White House released a report on privacy: "Privacy in our Digital Lives: Protecting Individuals and Promoting Innovation." The report summarizes... Bruce Schneier
From Schneier on Security | January 20, 2017 at 10:51 AM

From Schneier on Security

Heartbeat as Biometric Password

There's research in using a heartbeat as a biometric password. No details in the article. My guess is that there isn't nearly enough entropy in the reproducible... Bruce Schneier
From Schneier on Security | January 19, 2017 at 07:22 AM

From Schneier on Security

Brian Krebs Uncovers Murai Botnet Author

Really interesting investigative story.... Bruce Schneier
From Schneier on Security | January 18, 2017 at 06:06 PM

From Schneier on Security

WhatsApp Security Vulnerability

Back in March, Rolf Weber wrote about a potential vulnerability in the WhatsApp protocol that would allow Facebook to defeat perfect forward secrecy by forcibly... Bruce Schneier
From Schneier on Security | January 17, 2017 at 07:09 AM

From Schneier on Security

Cloudflare's Experience with a National Security Letter

Interesting post on Cloudflare's experience with receiving a National Security Letter. News article.... Bruce Schneier
From Schneier on Security | January 16, 2017 at 07:40 AM

From Schneier on Security

Friday Squid Blogging: 1874 Giant Squid Attack

This article discusses a giant squid attack on a schooner off the coast of Sri Lanka in 1874. As usual, you can also use this squid post to talk about the security... Bruce Schneier
From Schneier on Security | January 13, 2017 at 05:52 PM

From Schneier on Security

A Comment on the Trump Dossier

Imagine that you are someone in the CIA, concerned about the future of America. You have this Russian dossier on Donald Trump, which you have some evidence might... Bruce Schneier
From Schneier on Security | January 13, 2017 at 12:58 PM

From Schneier on Security

Internet Filtering in Authoritarian Regimes

Interesting research: Sebastian Hellmeier, "The Dictator's Digital Toolkit: Explaining Variation in Internet Filtering in Authoritarian Regimes," Politics & Policy... Bruce Schneier
From Schneier on Security | January 13, 2017 at 07:48 AM

From Schneier on Security

NSA Given More Ability to Share Raw Intelligence Data

President Obama has changed the rules regarding raw intelligence, allowing the NSA to share raw data with the US's other 16 intelligence agencies. The new rules... Bruce Schneier
From Schneier on Security | January 12, 2017 at 01:07 PM

From Schneier on Security

Twofish Power Analysis Attack

New paper: "A Simple Power Analysis Attack on the Twofish Key Schedule." This shouldn't be a surprise; these attacks are devastating if you don't take steps to... Bruce Schneier
From Schneier on Security | January 12, 2017 at 07:28 AM

From Schneier on Security

Law Enforcement Access to IoT Data

In the first of what will undoubtedly be a large number of battles between companies that make IoT devices and the police, Amazon is refusing to comply with a warrant... Bruce Schneier
From Schneier on Security | January 11, 2017 at 07:22 AM

From Schneier on Security

Should Elections Be Classified as "Critical Infrastructure"?

I am co-author on a paper discussing whether elections be classified as "critical infrastructure" in the US, based on experiences in other countries: Abstract:... Bruce Schneier
From Schneier on Security | January 10, 2017 at 07:02 AM

From Schneier on Security

FDA Recommendations on Medical-Device Cybersecurity

The FDA has issued a report giving medical devices guidance on computer and network security. There's nothing particularly new or interesting; it reads like standard... Bruce Schneier
From Schneier on Security | January 10, 2017 at 06:06 AM

From Schneier on Security

Attributing the DNC Hacks to Russia

President Barack Obama's public accusation of Russia as the source of the hacks in the US presidential election and the leaking of sensitive e-mails through WikiLeaks... Bruce Schneier
From Schneier on Security | January 9, 2017 at 06:53 AM

From Schneier on Security

Friday Squid Blogging: Simple Grilled Squid Recipe

Easy recipe from America's Test Kitchen. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.... Bruce Schneier
From Schneier on Security | January 6, 2017 at 05:29 PM

From Schneier on Security

The Effect of Real Names on Online Behavior

Good article debunking the myth that requiring people to use their real names on the Internet makes them behave better.... Bruce Schneier
From Schneier on Security | January 6, 2017 at 10:44 AM

From Schneier on Security

Cryptographic Capabilities of the Barbie Typewriter

They're not much, but they do exist.... Bruce Schneier
From Schneier on Security | January 5, 2017 at 06:58 AM

From Schneier on Security

An SQL Injection Attack Is a Legal Company Name in the UK

Someone just registered their company name as ; DROP TABLE "COMPANIES";-- LTD. Reddit thread. Obligatory xkcd comic.... Bruce Schneier
From Schneier on Security | January 4, 2017 at 04:17 PM