acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

New Paper on Encryption Workarounds
From Schneier on Security

New Paper on Encryption Workarounds

I have written a paper with Orin Kerr on encryption workarounds. Our goal wasn't to make any policy recommendations. (That was a good thing, since we probably don't...

NSA Documents from before 1930
From Schneier on Security

NSA Documents from before 1930

Here is a listing of all the documents that the NSA has in its archives that are dated earlier than 1930....

WikiLeaks Not Disclosing CIA-Hoarded Vulnerabilities to Companies
From Schneier on Security

WikiLeaks Not Disclosing CIA-Hoarded Vulnerabilities to Companies

WikiLeaks has started publishing a large collection of classified CIA documents, including information on several -- possibly many -- unpublished (i.e., zero-day)...

Friedman Comments on Yardley
From Schneier on Security

Friedman Comments on Yardley

This is William Friedman's highly annotated copy of Herbert Yardley's book, The American Black Chamber....

Security Vulnerabilities in Mobile MAC Randomization
From Schneier on Security

Security Vulnerabilities in Mobile MAC Randomization

Interesting research: "A Study of MAC Address Randomization in Mobile Devices When it Fails": Abstract: Media Access Control (MAC) address randomization is a privacy...

Friday Squid Blogging: Squid Catches Down in Argentina
From Schneier on Security

Friday Squid Blogging: Squid Catches Down in Argentina

News from the South Atlantic: While the outlook is good at present, it is too early to predict what the final balance of this season will be. The sector is totally...

New Gmail Phishing Scam
From Schneier on Security

New Gmail Phishing Scam

The article is right; this is frighteningly good....

History of US Information Warfare
From Schneier on Security

History of US Information Warfare

An interesting history....

Using Intel's SGX to Attack Itself
From Schneier on Security

Using Intel's SGX to Attack Itself

Researchers have demonstrated using Intel's Software Guard Extensions to hide malware and steal cryptographic keys from inside SGX's protected enclave: Malware...

IoT Teddy Bear Leaked Personal Audio Recordings
From Schneier on Security

IoT Teddy Bear Leaked Personal Audio Recordings

CloudPets are an Internet-connected stuffed animals that allow children and parents to send each other voice messages. Last week, we learned that Spiral Toys had...

France Abandons Plans for Internet Voting
From Schneier on Security

France Abandons Plans for Internet Voting

Some good election security news for a change: France is dropping its plans for remote Internet voting, because it's concerned about hacking....

Digital Security Exchange: Security for High-Risk Communities
From Schneier on Security

Digital Security Exchange: Security for High-Risk Communities

I am part of this very interesting project: For many users, blog posts on how to install Signal, massive guides to protecting your digital privacy, and broad statements...

Ransomware for Sale
From Schneier on Security

Ransomware for Sale

Brian Krebs posts a video advertisement for Philadelphia, a ransomware package that you can purchase....

The CIA's "Development Tradecraft DOs and DON'Ts"
From Schneier on Security

The CIA's "Development Tradecraft DOs and DON'Ts"

Useful best practices for malware writers, courtesy of the CIA. Seems like a lot of good advice. General: DO obfuscate or encrypt all strings and configuration...

FBI's Exploit Against Tor
From Schneier on Security

FBI's Exploit Against Tor

The Department of Justice is dropping all charges in a child-porn case rather than release the details of a hack against Tor....

Friday Squid Blogging: Squid Cooking Techniques
From Schneier on Security

Friday Squid Blogging: Squid Cooking Techniques

Here are some squid cooking tips. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered....

Podcast Interview with Me
From Schneier on Security

Podcast Interview with Me

Here's a video interview I did at RSA on the Internet of Things and security....

Defense Against Doxing
From Schneier on Security

Defense Against Doxing

A decade ago, I wrote about the death of ephemeral conversation. As computers were becoming ubiquitous, some unintended changes happened, too. Before computers,...

Google Discloses Details of an Unpatched Microsoft Vulnerability
From Schneier on Security

Google Discloses Details of an Unpatched Microsoft Vulnerability

Google's Project Zero is serious about releasing the details of security vulnerabilities 90 days after they alert the vendors, even if they're unpatched. It just...

More on the CIA Document Leak
From Schneier on Security

More on the CIA Document Leak

If I had to guess right now, I'd say the documents came from an outsider and not an insider. My reasoning: One, there is absolutely nothing illegal in the contents...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account