acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Surveillance through Push Notifications
From Schneier on Security

Surveillance through Push Notifications

The Washington Post is reporting on the FBI’s increasing use of push notification data—”push tokens”—to identify people. The police can request this data from companies...

The Insecurity of Video Doorbells
From Schneier on Security

The Insecurity of Video Doorbells

Consumer Reports has analyzed a bunch of popular Internet-connected video doorbells. Their security is terrible. First, these doorbells expose your home IP address...

LLM Prompt Injection Worm
From Schneier on Security

LLM Prompt Injection Worm

Researchers have demonstrated a worm that spreads through prompt injection. Details: In one instance, the researchers, acting as attackers, wrote an email including...

Friday Squid Blogging: New Extinct Species of Vampire Squid Discovered
From Schneier on Security

Friday Squid Blogging: New Extinct Species of Vampire Squid Discovered

Paleontologists have discovered a 183-million-year-old species of vampire squid. Prior research suggests that the vampyromorph lived in the shallows off an island...

NIST Cybersecurity Framework 2.0
From Schneier on Security

NIST Cybersecurity Framework 2.0

NIST has released version 2.0 of the Cybersecurity Framework: The CSF 2.0, which supports implementation of the National Cybersecurity Strategy, has an expanded...

A Cyber Insurance Backstop
From Schneier on Security

A Cyber Insurance Backstop

In the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would...

China Surveillance Company Hacked
From Schneier on Security

China Surveillance Company Hacked

Last week, someone posted something like 570 files, images and chat logs from a Chinese company called I-Soon. I-Soon sells hacking and espionage services to Chinese...

Apple Announces Post-Quantum Encryption Algorithms for iMessage
From Schneier on Security

Apple Announces Post-Quantum Encryption Algorithms for iMessage

Apple announced PQ3, its post-quantum encryption standard based on the Kyber secure key-encapsulation protocol, one of the post-quantum algorithms selected by NIST...

Friday Squid Blogging: Illex Squid and Climate Change
From Schneier on Security

Friday Squid Blogging: Illex Squid and Climate Change

There are correlations between the populations of the Illex Argentines squid and water temperatures. As usual, you can also use this squid post to talk about the...

AIs Hacking Websites
From Schneier on Security

AIs Hacking Websites

New research: LLM Agents can Autonomously Hack Websites Abstract: In recent years, large language models (LLMs) have become increasingly capable and can now interact...

New Image/Video Prompt Injection Attacks
From Schneier on Security

New Image/Video Prompt Injection Attacks

Simon Willison has been playing with the video processing capabilities of the new Gemini Pro 1.5 model from Google, and it’s really impressive. Which means a lot...

Details of a Phone Scam
From Schneier on Security

Details of a Phone Scam

First-person account of someone who fell for a scam, that started as a fake Amazon service rep and ended with a fake CIA agent, and lost $50,000 cash. And thisCory...

Microsoft Is Spying on Users of Its AI Tools
From Schneier on Security

Microsoft Is Spying on Users of Its AI Tools

Microsoft announced that it caught Chinese, Russian, and Iranian hackers using its AI tools—presumably coding tools—to improve their hacking abilities. From their...

EU Court of Human Rights Rejects Encryption Backdoors
From Schneier on Security

EU Court of Human Rights Rejects Encryption Backdoors

The European Court of Human Rights has ruled that breaking end-to-end encryption by adding backdoors violates human rights: Seemingly most critically, the [Russian]...

Friday Squid Blogging: Vegan Squid-Ink Pasta
From Schneier on Security

Friday Squid Blogging: Vegan Squid-Ink Pasta

It uses black beans for color and seaweed for flavor. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered...

On the Insecurity of Software Bloat
From Schneier on Security

On the Insecurity of Software Bloat

Good essay on software bloat and the insecurities it causes. The world ships too much code, most of it by third parties, sometimes unintended, most of it uninspected...

Upcoming Speaking Engagements
From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at the Munich Security Conference (MSC) 2024 in Munich, Germany, on Friday, February...

Improving the Cryptanalysis of Lattice-Based Public-Key Algorithms
From Schneier on Security

Improving the Cryptanalysis of Lattice-Based Public-Key Algorithms

The winner of the Best Paper Award at Crypto this year was a significant improvement to lattice-based cryptanalysis. This is important, because a bunch of NIST’s...

Molly White Reviews Blockchain Book
From Schneier on Security

Molly White Reviews Blockchain Book

Molly White—of “Web3 is Going Just Great” fame—reviews Chris Dixon’s blockchain solutions book: Read Write Own: In fact, throughout the entire book, Dixon fails...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account