acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Buying Used Voting Machines on eBay
From Schneier on Security

Buying Used Voting Machines on eBay

This is not surprising: This year, I bought two more machines to see if security had improved. To my dismay, I discovered that the newer model machines -- those...

Was the Triton Malware Attack Russian in Origin?
From Schneier on Security

Was the Triton Malware Attack Russian in Origin?

The conventional story is that Iran targeted Saudi Arabia with Triton in 2017. New research from FireEye indicates that it might have been Russia. I don't know....

ID Systems Throughout the 50 States
From Schneier on Security

ID Systems Throughout the 50 States

Jim Harper at CATO has a good survey of state ID systems in the US....

Cell Phone Security and Heads of State
From Schneier on Security

Cell Phone Security and Heads of State

Earlier this week, the New York Times reported that the Russians and the Chinese were eavesdropping on President Donald Trump's personal cell phone and using the...

More on the Supermicro Spying Story
From Schneier on Security

More on the Supermicro Spying Story

I've blogged twice about the Bloomberg story that China bugged Supermicro networking equipment destined to the US. We still don't know if the story is true, although...

Security Vulnerability in Internet-Connected Construction Cranes
From Schneier on Security

Security Vulnerability in Internet-Connected Construction Cranes

This seems bad: The F25 software was found to contain a capture replay vulnerability -- basically an attacker would be able to eavesdrop on radio transmissions...

Friday Squid Blogging: Squid Falsely Labeled as Octopus
From Schneier on Security

Friday Squid Blogging: Squid Falsely Labeled as Octopus

Two New Yorkers have been charged with importing squid from Peru and then reselling it as octopus. Yet another problem that a blockchain-enabled supply-chain system...

Detecting Deep Fakes
From Schneier on Security

Detecting Deep Fakes

This story nicely illustrates the arms race between technologies to create fake videos and technologies to detect fake videos: These fakes, while convincing if...

Android Ad-Fraud Scheme
From Schneier on Security

Android Ad-Fraud Scheme

BuzzFeed is reporting on a scheme where fraudsters buy legitimate Android apps, track users' behavior in order to mimic it in a way that evades bot detectors, and...

China's Hacking of the Border Gateway Protocol
From Schneier on Security

China's Hacking of the Border Gateway Protocol

This is a long -- and somewhat technical -- paper by Chris C. Demchak and Yuval Shavitt about China's repeated hacking of the Internet Border Gateway Protocol (BGP)...

On Disguise
From Schneier on Security

On Disguise

The former CIA Chief of Disguise has a fascinating video about her work....

Are the Police using Smart-Home IoT Devices to Spy on People?
From Schneier on Security

Are the Police using Smart-Home IoT Devices to Spy on People?

IoT devices are surveillance devices, and manufacturers generally use them to collect data on their customers. Surveillance is still the business model of the Internet...

Friday Squid Blogging: Roasted Squid with Tomatillo Salsa
From Schneier on Security

Friday Squid Blogging: Roasted Squid with Tomatillo Salsa

Recipe and commentary. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines...

West Virginia Using Internet Voting
From Schneier on Security

West Virginia Using Internet Voting

This is crazy (and dangerous). West Virginia is allowing people to vote via a smart-phone app. Even crazier, the app uses blockchain -- presumably because they...

Government Perspective on Supply Chain Security
From Schneier on Security

Government Perspective on Supply Chain Security

This is an interesting interview with a former NSA employee about supply chain security. I consider this to be an insurmountable problem right now....

Privacy for Tigers
From Schneier on Security

Privacy for Tigers

Ross Anderson has some new work: As mobile phone masts went up across the world's jungles, savannas and mountains, so did poaching. Wildlife crime syndicates can...

How DNA Databases Violate Everyone's Privacy
From Schneier on Security

How DNA Databases Violate Everyone's Privacy

If you're an American of European descent, there's a 60% you can be uniquely identified by public information in DNA databases. This is not information that you...

Upcoming Speaking Engagements
From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I'm speaking at Data in Smarter Cities in New York City on October 23, 2018. I'm speaking at the...

Friday Squid Blogging: Eat Less Squid
From Schneier on Security

Friday Squid Blogging: Eat Less Squid

The UK's Marine Conservation Society is urging people to eat less squid. As usual, you can also use this squid post to talk about the security stories in the news...

Security in a World of Physically Capable Computers
From Schneier on Security

Security in a World of Physically Capable Computers

It's no secret that computers are insecure. Stories like the recent Facebook hack, the Equifax hack and the hacking of government agencies are remarkable for how...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account