acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

On Financial Fraud
From Schneier on Security

On Financial Fraud

There are some good lessons in this article on financial fraud: That's how we got it so wrong. We were looking for incidental breaches of technical regulations,...

Nicholas Weaver on Cryptocurrencies
From Schneier on Security

Nicholas Weaver on Cryptocurrencies

This is well-worth reading (non-paywalled version). Here's the opening: Cryptocurrencies, although a seemingly interesting idea, are simply not fit for purpose....

1Password's Travel Mode
From Schneier on Security

1Password's Travel Mode

The 1Password password manager has just introduced "travel mode," which allows you to delete your stored passwords when you're in other countries or crossing borders...

Friday Squid Blogging: Dead Squid on Prince Edward Island
From Schneier on Security

Friday Squid Blogging: Dead Squid on Prince Edward Island

A beach on Prince Edward Island is littered with dead squid. No one knows why. As usual, you can also use this squid post to talk about the security stories in...

New Report on Chinese Intelligence Cyber-Operations
From Schneier on Security

New Report on Chinese Intelligence Cyber-Operations

The company ProtectWise just published a long report linking a bunch of Chinese cyber-operations over the past few years. The always interesting gruqq has some...

Suing South Carolina Because Its Election Machines Are Insecure
From Schneier on Security

Suing South Carolina Because Its Election Machines Are Insecure

A group called Protect Democracy is suing South Carolina because its insecure voting machines are effectively denying people the right to vote. Note: I am an advisor...

Defeating the iPhone Restricted Mode
From Schneier on Security

Defeating the iPhone Restricted Mode

Recently, Apple introduced restricted mode to protect iPhones from attacks by companies like Cellebrite and Greyshift, which allow attackers to recover information...

Installing a Credit Card Skimmer on a POS Terminal
From Schneier on Security

Installing a Credit Card Skimmer on a POS Terminal

Watch how someone installs a credit card skimmer in just a couple of seconds. I don't know if the skimmer just records the data and is collected later, or if it...

Reasonably Clever Extortion E-mail Based on Password Theft
From Schneier on Security

Reasonably Clever Extortion E-mail Based on Password Theft

Imagine you've gotten your hands on a file of e-mail addresses and passwords. You want to monetize it, but the site it's for isn't very valuable. How do you use...

Gas Pump Hack
From Schneier on Security

Gas Pump Hack

This is weird: Police in Detroit are looking for two suspects who allegedly managed to hack a gas pump and steal over 600 gallons of gasoline, valued at about $1...

Friday Squid Blogging: Antifungal Squid-Egg Coating
From Schneier on Security

Friday Squid Blogging: Antifungal Squid-Egg Coating

The Hawaiian bobtail squid coats its eggs with antifungal bacteria. As usual, you can also use this squid post to talk about the security stories in the news that...

WPA3
From Schneier on Security

WPA3

Everyone is writing about the new WPA3 Wi-Fi security standard, and how it improves security over the current WPA2 standard. This summary is as good as any other...

Department of Commerce Report on the Botnet Threat
From Schneier on Security

Department of Commerce Report on the Botnet Threat

Last month, the US Department of Commerce released a report on the threat of botnets and what to do about it. I note that it explicitly said that the IoT makes...

Recovering Keyboard Inputs through Thermal Imaging
From Schneier on Security

Recovering Keyboard Inputs through Thermal Imaging

Researchers at the University of California, Irvine, are able to recover user passwords by way of thermal imaging. The tech is pretty straightforward, but it's...

PROPagate Code Injection Seen in the Wild
From Schneier on Security

PROPagate Code Injection Seen in the Wild

Last year, researchers wrote about a new Windows code injection technique called PROPagate. Last week, it was first seen in malware: This technique abuses the SetWindowsSubclass...

Friday Squid Blogging: Squid Unexpectedly Playing a Part in US/China Trade War
From Schneier on Security

Friday Squid Blogging: Squid Unexpectedly Playing a Part in US/China Trade War

Chinese buyers are canceling orders to buy US squid in advance of an expected 25% tariff. As usual, you can also use this squid post to talk about the security...

The NSA's Domestic Surveillance Centers
From Schneier on Security

The NSA's Domestic Surveillance Centers

The Intercept has a long story about the NSA's domestic interception points. Includes some new Snowden documents....

Beating Facial Recognition Software with Face Makeup
From Schneier on Security

Beating Facial Recognition Software with Face Makeup

At least right now, facial recognition algorithms don't work with Juggalo makeup....

California Passes New Privacy Law
From Schneier on Security

California Passes New Privacy Law

The California legislature unanimously passed the strongest data privacy law in the nation. This is great news, but I have a lot of reservations. The Internet tech...

Traffic Analysis of the LTE Mobile Standard
From Schneier on Security

Traffic Analysis of the LTE Mobile Standard

Interesting research in using traffic analysis to learn things about encrypted traffic. It's hard to know how critical these vulnerabilities are. They're very hard...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account