acm-header
Sign In

Communications of the ACM

Blogroll


Refine your search:
dateMore Than a Year Ago
authorBruce Schneier
bg-corner

Facebook Enables Messenger End-to-End Encryption by Default
From Schneier on Security

Facebook Enables Messenger End-to-End Encryption by Default

It’s happened. Details here, and tech details here (for messages in transit) and here (for messages in storage) Rollout to everyone will take months, but it’s a...

Friday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering Code
From Schneier on Security

Friday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering Code

Another rare security + squid story: The woman—who has only been identified by her surname, Wang—was having a meal with friends at a hotpot restaurant in Kunming...

New Bluetooth Attack
From Schneier on Security

New Bluetooth Attack

New attack breaks forward secrecy in Bluetooth. Three. news articles. The vulnerability has been around for at least a decade.

Spying through Push Notifications
From Schneier on Security

Spying through Push Notifications

When you get a push notification on your Apple or Google phone, those notifications go through Apple and Google servers. Which means that those companies can spy...

Security Analysis of a Thirteenth-Century Venetian Election Protocol
From Schneier on Security

Security Analysis of a Thirteenth-Century Venetian Election Protocol

Interesting analysis: This paper discusses the protocol used for electing the Doge of Venice between 1268 and the end of the Republic in 1797. We will show that...

The Internet Enabled Mass Surveillance. AI Will Enable Mass Spying
From Schneier on Security

The Internet Enabled Mass Surveillance. AI Will Enable Mass Spying

Spying and surveillance are different but related things. If I hired a private detective to spy on you, that detective could hide a bug in your home or car, tap...

Friday Squid Blogging: Strawberry Squid in the Galápagos
From Schneier on Security

Friday Squid Blogging: Strawberry Squid in the Galápagos

Scientists have found Strawberry Squid, “whose mismatched eyes help them simultaneously search for prey above and below them,” among the coral reefs in the Galápagos...

AI Decides to Engage in Insider Trading
From Schneier on Security

AI Decides to Engage in Insider Trading

A stock-trading AI (a simulated experiment) engaged in insider trading, even though it “knew” it was wrong. The agent is put under pressure in three ways. First...

Breaking Laptop Fingerprint Sensors
From Schneier on Security

Breaking Laptop Fingerprint Sensors

They’re not that good: Security researchers Jesse D’Aguanno and Timo Teräs write that, with varying degrees of reverse-engineering and using some external hardware...

Digital Car Keys Are Coming
From Schneier on Security

Digital Car Keys Are Coming

Soon we will be able to unlock and start our cars from our phones. Let’s hope people are thinking about security.

Secret White House Warrantless Surveillance Program
From Schneier on Security

Secret White House Warrantless Surveillance Program

There seems to be no end to warrantless surveillance: According to the letter, a surveillance program now known as Data Analytical Services (DAS) has for more than...

Friday Squid Blogging: Squid Nebula
From Schneier on Security

Friday Squid Blogging: Squid Nebula

Pretty photograph. The Squid Nebula is shown in blue, indicating doubly ionized oxygen—­which is when you ionize your oxygen once and then ionize it again justhere...

Chocolate Swiss Army Knife
From Schneier on Security

Chocolate Swiss Army Knife

It’s realistic looking. If I drop it in a bin with my keys and wallet, will the TSA confiscate it?

LitterDrifter USB Worm
From Schneier on Security

LitterDrifter USB Worm

A new worm that spreads via USB sticks is infecting computers in Ukraine and beyond. The group­—known by many names, including Gamaredon, Primitive Bear, ACTINIUM...

Apple to Add Manual Authentication to iMessage
From Schneier on Security

Apple to Add Manual Authentication to iMessage

Signal has had the ability to manually authenticate another account for years. iMessage is getting it: The feature is called Contact Key Verification, and it does...

Email Security Flaw Found in the Wild
From Schneier on Security

Email Security Flaw Found in the Wild

Google’s Threat Analysis Group announced a zero-day against the Zimbra Collaboration email server that has been used against governments around the world. TAG has...

Using Generative AI for Surveillance
From Schneier on Security

Using Generative AI for Surveillance

Generative AI is going to be a powerful tool for data analysis and summarization. Here’s an example of it being used for sentiment analysis. My guess is that it...

Friday Squid Blogging: Unpatched Vulnerabilities in the Squid Caching Proxy
From Schneier on Security

Friday Squid Blogging: Unpatched Vulnerabilities in the Squid Caching Proxy

In a rare squid/security post, here’s an article about unpatched vulnerabilities in the Squid caching proxy. As usual, you can also use this squid post to talkhere...

Ransomware Gang Files SEC Complaint
From Schneier on Security

Ransomware Gang Files SEC Complaint

A ransomware gang, annoyed at not being paid, filed an SEC complaint against its victim for not disclosing its security breach within the required four days. This...

Leaving Authentication Credentials in Public Code
From Schneier on Security

Leaving Authentication Credentials in Public Code

Seth Godin wrote an article about a surprisingly common vulnerability: programmers leaving authentication credentials and other secrets in publicly accessible software...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account