acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Cryptographic Blunders Revealed by Adobe's Password Leak
From Schneier on Security

Cryptographic Blunders Revealed by Adobe's Password Leak

Adobe lost 150 million customer passwords. Even worse, they had a pretty dumb cryptographic hash system protecting those passwords.

Bizarre Online Gambling Movie-Plot Threat
From Schneier on Security

Bizarre Online Gambling Movie-Plot Threat

This article argues that online gambling is a strategic national threat because terrorists could use it to launder money. The Harper demonstration showed the technology...

Dan Geer Explains the Government Surveillance Mentality
From Schneier on Security

Dan Geer Explains the Government Surveillance Mentality

This talk by Dan Geer explains the NSA mindset of "collect everything": I previously worked for a data protection company. Our product was, and I believe still...

Friday Squid Blogging: Tree Yarn-Bombed
From Schneier on Security

Friday Squid Blogging: Tree Yarn-Bombed

This tree in San Mateo, CA, has been turned into a giant blue squid. As usual, you can also use this squid post to talk about the security stories in the news...

Another Snowden Lesson: People Are the Weak Security Link
From Schneier on Security

Another Snowden Lesson: People Are the Weak Security Link

There's a story that Edward Snowden successfully socially engineered other NSA employees into giving him their passwords.

Why the Government Should Help Leakers
From Schneier on Security

Why the Government Should Help Leakers

In the Information Age, it's easier than ever to steal and publish data. Corporations and governments have to adjust to their secrets being exposed, regularly. ...

Risk-Based Authentication
From Schneier on Security

Risk-Based Authentication

I like this idea of giving each individual login attempt a risk score, based on the characteristics of the attempt: The risk score estimates the risk associated...

Deception in Fruit Flies
From Schneier on Security

Deception in Fruit Flies

The wings of the Goniurellia tridens fruit fly have images of an ant on them, to deceive predators: "When threatened, the fly flashes its wings to give the appearance...

Elliptic Curve Crypto Primer
From Schneier on Security

Elliptic Curve Crypto Primer

This is well-written and very good.

The Story of the Bomb Squad at the Boston Marathon
From Schneier on Security

The Story of the Bomb Squad at the Boston Marathon

This is interesting reading, but I'm left wanting more. What are the lessons here? How can we do this better next time? Clearly we won't be able to anticipate...

More NSA Revelations
From Schneier on Security

More NSA Revelations

This New York Times story on the NSA is very good, and contains lots of little tidbits of new information gleaned from the Snowden documents. The agency’s Dishfire...

badBIOS
From Schneier on Security

badBIOS

Good story of badBIOS, a really nasty piece of malware. The weirdest part is how it uses ultrasonic sound to jump air gaps. Ruiu said he arrived at the theory...

Friday Squid Blogging: 8-Foot Giant Squid Pillow
From Schneier on Security

Friday Squid Blogging: 8-Foot Giant Squid Pillow

Make your own 8-foot giant squid pillow. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

A Template for Reporting Government Surveillance News Stories
From Schneier on Security

A Template for Reporting Government Surveillance News Stories

This is from 2006 -- I blogged it here -- but it's even more true today. Under a top secret program initiated by the Bush Administration after the Sept. 11 attacks...

Reading Group at Harvard Law School
From Schneier on Security

Reading Group at Harvard Law School

In Spring Semester, I'm running a reading group -- which seems to be a formal variant of a study group -- at Harvard Law School on "Security, Power, and the Internet...

Close-In Surveillance Using Your Phone's Wi-Fi
From Schneier on Security

Close-In Surveillance Using Your Phone's Wi-Fi

This article talks about applications in retail, but the possibilities are endless. Every smartphone these days comes equipped with a WiFi card. When the cardpick...

NSA Eavesdropping on Google and Yahoo Networks
From Schneier on Security

NSA Eavesdropping on Google and Yahoo Networks

The Washington Post reported that the NSA is eavesdropping on the Google and Yahoo private networks -- the code name for the program is MUSCULAR. I may write more...

The Battle for Power on the Internet
From Schneier on Security

The Battle for Power on the Internet

We're in the middle of an epic battle for power in cyberspace. On one side are the traditional, organized, institutional powers such as governments and large multinational...

What the NSA Can and Cannot Do
From Schneier on Security

What the NSA Can and Cannot Do

Good summary from the London Review of Books.

Arguing for NSA-Level Internet Surveillance
From Schneier on Security

Arguing for NSA-Level Internet Surveillance

Jack Goldsmith argues that we need the NSA to surveil the Internet not for terrorism reasons, but for cyberespionage and cybercrime reasons. Daniel Gallington ...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account