Blogroll | Communications of the ACM

From Schneier on Security

Email Security Flaw Found in the Wild

Google’s Threat Analysis Group announced a zero-day against the Zimbra Collaboration email server that has been used against governments around the world. TAG has... Bruce Schneier
From Schneier on Security | November 21, 2023 at 07:05 AM

From Schneier on Security

Using Generative AI for Surveillance

Generative AI is going to be a powerful tool for data analysis and summarization. Here’s an example of it being used for sentiment analysis. My guess is that it... Bruce Schneier
From Schneier on Security | November 20, 2023 at 06:57 AM

From Schneier on Security

Friday Squid Blogging: Unpatched Vulnerabilities in the Squid Caching Proxy

In a rare squid/security post, here’s an article about unpatched vulnerabilities in the Squid caching proxy. As usual, you can also use this squid post to talkhere... Bruce Schneier
From Schneier on Security | November 17, 2023 at 05:01 PM

From Schneier on Security

Ransomware Gang Files SEC Complaint

A ransomware gang, annoyed at not being paid, filed an SEC complaint against its victim for not disclosing its security breach within the required four days. This... Bruce Schneier
From Schneier on Security | November 17, 2023 at 11:31 AM

From Schneier on Security

Leaving Authentication Credentials in Public Code

Seth Godin wrote an article about a surprisingly common vulnerability: programmers leaving authentication credentials and other secrets in publicly accessible software... Bruce Schneier
From Schneier on Security | November 16, 2023 at 07:10 AM

From Schneier on Security

New SSH Vulnerability

This is interesting: For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH... Bruce Schneier
From Schneier on Security | November 15, 2023 at 12:51 PM

From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at the AI Summit New York on December 6, 2023. The list is maintained on this page... Bruce Schneier
From Schneier on Security | November 14, 2023 at 12:01 PM

From Schneier on Security

How .tk Became a TLD for Scammers

Sad story of Tokelau, and how its top-level domain “became the unwitting host to the dark underworld by providing a never-ending supply of domain names that could... Bruce Schneier
From Schneier on Security | November 14, 2023 at 07:06 AM

From Schneier on Security

Ten Ways AI Will Change Democracy

Artificial intelligence will change so many aspects of society, largely in ways that we cannot conceive of yet. Democracy, and the systems of governance that surround... Bruce Schneier
From Schneier on Security | November 13, 2023 at 07:09 AM

From Schneier on Security

Friday Squid Blogging: The History and Morality of US Squid Consumption

Really interesting article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting... Bruce Schneier
From Schneier on Security | November 10, 2023 at 05:04 PM

From Schneier on Security

The Privacy Disaster of Modern Smart Cars

Article based on a Mozilla report. Bruce Schneier
From Schneier on Security | November 10, 2023 at 07:07 AM

From Schneier on Security

Online Retail Hack

Selling miniature replicas to unsuspecting shoppers: Online marketplaces sell tiny pink cowboy hats. They also sell miniature pencil sharpeners, palm-size kitchen... Bruce Schneier
From Schneier on Security | November 9, 2023 at 07:09 AM

From Schneier on Security

Decoupling for Security

This is an excerpt from a longer paper. You can read the whole thing (complete with sidebars and illustrations) here. Our message is simple: it is possible to get... B. Schneier
From Schneier on Security | November 8, 2023 at 07:08 AM

From Schneier on Security

Spaf on the Morris Worm

Gene Spafford wrote an essay reflecting on the Morris Worm of 1988—35 years ago. His lessons from then are still applicable today. B. Schneier
From Schneier on Security | November 7, 2023 at 07:08 AM

From Schneier on Security

Crashing iPhones with a Flipper Zero

The Flipper Zero is an incredibly versatile hacking device. Now it can be used to <a href="https://arstechnica.com/security/2023/11/flipper-zero-gadget-that-doses... Bruce Schneier
From Schneier on Security | November 6, 2023 at 09:45 AM

From Schneier on Security

Friday Squid Blogging: Eating Dancing Squid

It’s not actually alive, but it twitches in response to soy sauce. As usual, you can also use this squid post to talk about the security stories in the news that... Bruce Schneier
From Schneier on Security | November 3, 2023 at 05:05 PM

From Schneier on Security

New York Increases Cybersecurity Rules for Financial Companies

Another example of a large and influential state doing things the federal government won’t: Boards of directors, or other senior committees, are charged with overseeing... Bruce Schneier
From Schneier on Security | November 3, 2023 at 07:01 AM

From Schneier on Security

Spyware in India

Apple has warned leaders of the opposition government in India that their phones are being spied on: Multiple top leaders of India’s opposition parties and several... Bruce Schneier
From Schneier on Security | November 2, 2023 at 07:07 AM

From Schneier on Security

The Future of Drone Warfare

Ukraine is using $400 drones to destroy tanks: Facing an enemy with superior numbers of troops and armor, the Ukrainian defenders are holding on with the help... Bruce Schneier
From Schneier on Security | October 31, 2023 at 07:03 AM

From Schneier on Security

Hacking Scandinavian Alcohol Tax

The islands of Åland are an important tax hack: Although Åland is part of the Republic of Finland, it has its own autonomous parliament. In areas where Åland has... Bruce Schneier
From Schneier on Security | October 30, 2023 at 07:10 AM