acm-header
Sign In

Communications of the ACM

Blogroll


Refine your search:
datePast Year
authorBruce Schneier
bg-corner

New iPhone Exploit Uses Four Zero-Days
From Schneier on Security

New iPhone Exploit Uses Four Zero-Days

Kaspersky researchers are detailing “an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow...

Facial Recognition Systems in the US
From Schneier on Security

Facial Recognition Systems in the US

A helpful summary of which US retail stores are using facial recognition, thinking about using it, or currently not planning on using it. (This, of course, canI...

TikTok Editorial Analysis
From Schneier on Security

TikTok Editorial Analysis

TikTok seems to be skewing things in the interests of the Chinese Communist Party. (This is a serious analysis, and the methodology looks sound.) Conclusion: Substantial...

AI Is Scarily Good at Guessing the Location of Random Photos
From Schneier on Security

AI Is Scarily Good at Guessing the Location of Random Photos

Wow: To test PIGEON’s performance, I gave it five personal photos from a trip I took across America years ago, none of which have been published online. Some photos...

Friday Squid Blogging: Sqids
From Schneier on Security

Friday Squid Blogging: Sqids

They’re short unique strings: Sqids (pronounced “squids”) is an open-source library that lets you generate YouTube-looking IDs from numbers. These IDs are short...

New iPhone Security Features to Protect Stolen Devices
From Schneier on Security

New iPhone Security Features to Protect Stolen Devices

Apple is rolling out a new “Stolen Device Protection” feature that seems well thought out: When Stolen Device Protection is turned on, Face ID or Touch ID authentication...

Google Stops Collecting Location Data from Maps
From Schneier on Security

Google Stops Collecting Location Data from Maps

Google Maps now stores location data locally on your device, meaning that Google no longer has that data to turn over to the police.

Friday Squid Blogging: Squid Parts into Fertilizer
From Schneier on Security

Friday Squid Blogging: Squid Parts into Fertilizer

It’s squid parts from college dissections, so it’s not a volume operation. As usual, you can also use this squid post to talk about the security stories in thehere...

Data Exfiltration Using Indirect Prompt Injection
From Schneier on Security

Data Exfiltration Using Indirect Prompt Injection

Interesting attack on a LLM: In Writer, users can enter a ChatGPT-like session to edit or create their documents. In this chat session, the LLM can retrieve information...

GCHQ Christmas Codebreaking Challenge
From Schneier on Security

GCHQ Christmas Codebreaking Challenge

Looks like fun. Details here.

OpenAI Is Not Training on Your Dropbox Documents—Today
From Schneier on Security

OpenAI Is Not Training on Your Dropbox Documents—Today

There’s a rumor flying around the Internet that OpenAI is training foundation models on your Dropbox documents. Here’s CNBC. Here’s Boing Boing. Some articles are...

Police Get Medical Records without a Warrant
From Schneier on Security

Police Get Medical Records without a Warrant

More unconstrained surveillance: Lawmakers noted the pharmacies’ policies for releasing medical records in a letter dated Tuesday to the Department of Health and...

Friday Squid Blogging: Underwater Sculptures Use Squid Ink for Coloring
From Schneier on Security

Friday Squid Blogging: Underwater Sculptures Use Squid Ink for Coloring

The Molinière Underwater Sculpture Park has pieces that are colored in part with squid ink. As usual, you can also use this squid post to talk about the security...

A Robot the Size of the World
From Schneier on Security

A Robot the Size of the World

In 2016, I wrote about an Internet that affected the world in a direct, physical manner. It was connected to your smartphone. It had sensors like cameras and thermostats...

Surveillance Cameras Disguised as Clothes Hooks
From Schneier on Security

Surveillance Cameras Disguised as Clothes Hooks

This seems like a bad idea. And there are ongoing lawsuits against Amazon for selling them.

Surveillance by the US Postal Service
From Schneier on Security

Surveillance by the US Postal Service

This is not about mass surveillance of mail, this is about sorts of targeted surveillance the US Postal Inspection Service uses to catch mail thieves: To track...

New Windows/Linux Firmware Attack
From Schneier on Security

New Windows/Linux Firmware Attack

Interesting attack based on malicious pre-OS logo images: LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years,...

Facebook Enables Messenger End-to-End Encryption by Default
From Schneier on Security

Facebook Enables Messenger End-to-End Encryption by Default

It’s happened. Details here, and tech details here (for messages in transit) and here (for messages in storage) Rollout to everyone will take months, but it’s a...

Friday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering Code
From Schneier on Security

Friday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering Code

Another rare security + squid story: The woman—who has only been identified by her surname, Wang—was having a meal with friends at a hotpot restaurant in Kunming...

New Bluetooth Attack
From Schneier on Security

New Bluetooth Attack

New attack breaks forward secrecy in Bluetooth. Three. news articles. The vulnerability has been around for at least a decade.
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account