acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Upcoming Speaking Engagements
From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm being interviewed on "Hacking in the Public Interest" as part of the Black Hat Webcast Series...

Ransomware Now Leaking Stolen Documents
From Schneier on Security

Ransomware Now Leaking Stolen Documents

Originally, ransomware didn't involve any data theft. Malware would encrypt the data on your computer, and demand a ransom for the encryption key. Now ransomware...

Contact Tracing COVID-19 Infections via Smartphone Apps
From Schneier on Security

Contact Tracing COVID-19 Infections via Smartphone Apps

Google and Apple have announced a joint project to create a privacy-preserving COVID-19 contact tracing app. (Details, such as we have them, are here.) It's similar...

Friday Squid Blogging: Amazingly Realistic Squid Drawings
From Schneier on Security

Friday Squid Blogging: Amazingly Realistic Squid Drawings

The squid drawings of Yuuki Tokuda are simply incredible. I tried to figure out how to buy one of them, but everything is in Japanese. As usual, you can also use...

Kubernetes Security
From Schneier on Security

Kubernetes Security

Attack matrix for Kubernetes, using the MITRE ATT&CK framework. A good first step towards understand the security of this suddenly popular and very complex container...

Microsoft Buys Corp.com
From Schneier on Security

Microsoft Buys Corp.com

A few months ago, Brian Krebs told the story of the domain corp.com, and how it is basically a security nightmare: At issue is a problem known as "namespace collision...

RSA-250 Factored
From Schneier on Security

RSA-250 Factored

RSA-250 has been factored. This computation was performed with the Number Field Sieve algorithm, using the open-source CADO-NFS software. The total computation...

Cybersecurity During COVID-19
From Schneier on Security

Cybersecurity During COVID-19

Three weeks ago (could it possibly be that long already?), I wrote about the increased risks of working remotely during the COVID-19 pandemic. One, employees are...

Emotat Malware Causes Physical Damage
From Schneier on Security

Emotat Malware Causes Physical Damage

Microsoft is reporting that an Emotat malware infection shut down a network by causing computers to overheat and then crash. The Emotet payload was delivered and...

Friday Squid Blogging: On Squid Communication
From Schneier on Security

Friday Squid Blogging: On Squid Communication

They can communicate using bioluminescent flashes: New research published this week in Proceedings of the National Academy of Sciences presents evidence for a previously...

Security and Privacy Implications of Zoom
From Schneier on Security

Security and Privacy Implications of Zoom

Over the past few weeks, Zoom's use has exploded since it became the video conferencing platform of choice in today's COVID-19 world. (My own university, Harvard...

Bug Bounty Programs Are Being Used to Buy Silence
From Schneier on Security

Bug Bounty Programs Are Being Used to Buy Silence

Investigative report on how commercial bug-bounty programs like HackerOne, Bugcrowd, and SynAck are being used to silence researchers: Used properly, bug bounty...

Marriott Was Hacked -- Again
From Schneier on Security

Marriott Was Hacked -- Again

Marriott announced another data breach, this one affecting 5.2 million people: At this point, we believe that the following information may have been involved,...

Dark Web Hosting Provider Hacked
From Schneier on Security

Dark Web Hosting Provider Hacked

Daniel's Hosting, which hosts about 7,600 dark web portals for free, has been hacked and is down. It's unclear when, or if, it will be back up....

Clarifying the Computer Fraud and Abuse Act
From Schneier on Security

Clarifying the Computer Fraud and Abuse Act

A federal court has ruled that violating a website's tems of service is not "hacking" under the Computer Fraud and Abuse Act. The plaintiffs wanted to investigate...

Privacy vs. Surveillance in the Age of COVID-19
From Schneier on Security

Privacy vs. Surveillance in the Age of COVID-19

The trade-offs are changing: As countries around the world race to contain the pandemic, many are deploying digital surveillance tools as a means to exert social...

Friday Squid Blogging: Squid Can Edit Their Own Genome
From Schneier on Security

Friday Squid Blogging: Squid Can Edit Their Own Genome

Amazing: Revealing yet another super-power in the skillful squid, scientists have discovered that squid massively edit their own genetic instructions not only within...

Story of Gus Weiss
From Schneier on Security

Story of Gus Weiss

This is a long and fascinating article about Gus Weiss, who masterminded a long campaign to feed technical disinformation to the Soviet Union, which may or may...

On Cyber Warranties
From Schneier on Security

On Cyber Warranties

Interesting article discussing cyber-warranties, and whether they are an effective way to transfer risk (as envisioned by Ackerlof's "market for lemons") or a marketing...

Facial Recognition for People Wearing Masks
From Schneier on Security

Facial Recognition for People Wearing Masks

The Chinese facial recognition company Hanwang claims it can recognize people wearing masks: The company now says its masked facial recognition program has reached...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account