acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Impersonating iOS Password Prompts
From Schneier on Security

Impersonating iOS Password Prompts

This is an interesting security vulnerability: because it is so easy to impersonate iOS password prompts, a malicious app can steal your password just by asking...

More on Kaspersky and the Stolen NSA Attack Tools
From Schneier on Security

More on Kaspersky and the Stolen NSA Attack Tools

Both the New York Times and the Washington Post are reporting that Israel has penetrated Kaspersky's network and detected the Russian operation. From the New York...

Changes in Password Best Practices
From Schneier on Security

Changes in Password Best Practices

NIST recently published their four-volume SP800-63-3 Digital Identity Guidelines. Among other things, they make three important suggestions when it comes to passwords...

White House Chief of Staff John Kelly's Cell Phone was Tapped
From Schneier on Security

White House Chief of Staff John Kelly's Cell Phone was Tapped

Politico reports that White House Chief of Staff John Kelly's cell phone was compromised back in December. I know this is news because of who he is, but I hope...

Friday Squid Blogging: Baby Ichthyosaurus Fed on Squid
From Schneier on Security

Friday Squid Blogging: Baby Ichthyosaurus Fed on Squid

New discovery: paper and article. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog...

Yet Another Russian Hack of the NSA -- This Time with Kaspersky's Help
From Schneier on Security

Yet Another Russian Hack of the NSA -- This Time with Kaspersky's Help

The Wall Street Journal has a bombshell of a story. Yet another NSA contractor took classified documents home with him. Yet another Russian intelligence operation...

Replacing Social Security Numbers
From Schneier on Security

Replacing Social Security Numbers

In the wake of the Equifax break, I've heard calls to replace Social Security numbers. Steve Bellovin explains why this is hard....

HP Shared ArcSight Source Code with Russians
From Schneier on Security

HP Shared ArcSight Source Code with Russians

Reuters is reporting that HP Enterprise gave the Russians a copy of the ArcSight source code. The article highlights that ArcSight is used by the Pentagon to protect...

E-Mail Tracking
From Schneier on Security

E-Mail Tracking

Interesting survey paper: on the privacy implications of e-mail tracking: Abstract: We show that the simple act of viewing emails contains privacy pitfalls for...

Remote Malware Attacks on ATMs
From Schneier on Security

Remote Malware Attacks on ATMs

This report discusses the new trend of remote malware attacks against ATMs....

Friday Squid Blogging: Squid Empire Is a New Book
From Schneier on Security

Friday Squid Blogging: Squid Empire Is a New Book

Regularly I receive mail from people wanting to advertise on, write for, or sponsor posts on my blog. My rule is that I say no to everyone. There is no amount of...

Deloitte Hacked
From Schneier on Security

Deloitte Hacked

The large accountancy firm Deloitte was hacked, losing client e-mails and files. The hackers had access inside the company's networks for months. Deloitte is doing...

New Internet Explorer Bug
From Schneier on Security

New Internet Explorer Bug

There's a newly discovered bug in Internet Explorer that allows any currently visited website to learn the contents of the address bar when the user hits enter....

Department of Homeland Security to Collect Social Media of Immigrants and Citizens
From Schneier on Security

Department of Homeland Security to Collect Social Media of Immigrants and Citizens

New rules give the DHS permission to collect "social media handles, aliases, associated identifiable information, and search results" as part of people's immigration...

The Data Tinder Collects, Saves, and Uses
From Schneier on Security

The Data Tinder Collects, Saves, and Uses

Under European law, service providers like Tinder are required to show users what information they have on them when requested. This author requested, and this...

GPS Spoofing Attacks
From Schneier on Security

GPS Spoofing Attacks

Wired has a story about a possible GPS spoofing attack by Russia: After trawling through AIS data from recent years, evidence of spoofing becomes clear. Goward...

Boston Red Sox Caught Using Technology to Steal Signs
From Schneier on Security

Boston Red Sox Caught Using Technology to Steal Signs

The Boston Red Sox admitted to eavesdropping on the communications channel between catcher and pitcher. Stealing signs is believed to be particularly effective...

ISO Rejects NSA Encryption Algorithms
From Schneier on Security

ISO Rejects NSA Encryption Algorithms

The ISO has decided not to approve two NSA-designed block encryption algorithms: Speck and Simon. It's because the NSA is not trusted to put security ahead of surveillance...

What the NSA Collects via 702
From Schneier on Security

What the NSA Collects via 702

New York Times reporter Charlie Savage writes about some bad statistics we're all using: Among surveillance legal policy specialists, it is common to cite a set...

Apple's FaceID
From Schneier on Security

Apple's FaceID

This is a good interview with Apple's SVP of Software Engineering about FaceID. Honestly, I don't know what to think. I am confident that Apple is not collecting...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account