acm-header
Sign In

Communications of the ACM

Blogroll


bg-corner

Digital Car Keys Are Coming
From Schneier on Security

Digital Car Keys Are Coming

Soon we will be able to unlock and start our cars from our phones. Let’s hope people are thinking about security.

Secret White House Warrantless Surveillance Program
From Schneier on Security

Secret White House Warrantless Surveillance Program

There seems to be no end to warrantless surveillance: According to the letter, a surveillance program now known as Data Analytical Services (DAS) has for more than...

Friday Squid Blogging: Squid Nebula
From Schneier on Security

Friday Squid Blogging: Squid Nebula

Pretty photograph. The Squid Nebula is shown in blue, indicating doubly ionized oxygen—­which is when you ionize your oxygen once and then ionize it again justhere...

Chocolate Swiss Army Knife
From Schneier on Security

Chocolate Swiss Army Knife

It’s realistic looking. If I drop it in a bin with my keys and wallet, will the TSA confiscate it?

LitterDrifter USB Worm
From Schneier on Security

LitterDrifter USB Worm

A new worm that spreads via USB sticks is infecting computers in Ukraine and beyond. The group­—known by many names, including Gamaredon, Primitive Bear, ACTINIUM...

Apple to Add Manual Authentication to iMessage
From Schneier on Security

Apple to Add Manual Authentication to iMessage

Signal has had the ability to manually authenticate another account for years. iMessage is getting it: The feature is called Contact Key Verification, and it does...

Email Security Flaw Found in the Wild
From Schneier on Security

Email Security Flaw Found in the Wild

Google’s Threat Analysis Group announced a zero-day against the Zimbra Collaboration email server that has been used against governments around the world. TAG has...

Using Generative AI for Surveillance
From Schneier on Security

Using Generative AI for Surveillance

Generative AI is going to be a powerful tool for data analysis and summarization. Here’s an example of it being used for sentiment analysis. My guess is that it...

Friday Squid Blogging: Unpatched Vulnerabilities in the Squid Caching Proxy
From Schneier on Security

Friday Squid Blogging: Unpatched Vulnerabilities in the Squid Caching Proxy

In a rare squid/security post, here’s an article about unpatched vulnerabilities in the Squid caching proxy. As usual, you can also use this squid post to talkhere...

Ransomware Gang Files SEC Complaint
From Schneier on Security

Ransomware Gang Files SEC Complaint

A ransomware gang, annoyed at not being paid, filed an SEC complaint against its victim for not disclosing its security breach within the required four days. This...

Leaving Authentication Credentials in Public Code
From Schneier on Security

Leaving Authentication Credentials in Public Code

Seth Godin wrote an article about a surprisingly common vulnerability: programmers leaving authentication credentials and other secrets in publicly accessible software...

New SSH Vulnerability
From Schneier on Security

New SSH Vulnerability

This is interesting: For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH...

Upcoming Speaking Engagements
From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at the AI Summit New York on December 6, 2023. The list is maintained on this page...

How .tk Became a TLD for Scammers
From Schneier on Security

How .tk Became a TLD for Scammers

Sad story of Tokelau, and how its top-level domain “became the unwitting host to the dark underworld by providing a never-ending supply of domain names that could...

Ten Ways AI Will Change Democracy
From Schneier on Security

Ten Ways AI Will Change Democracy

Artificial intelligence will change so many aspects of society, largely in ways that we cannot conceive of yet. Democracy, and the systems of governance that surround...

Friday Squid Blogging: The History and Morality of US Squid Consumption
From Schneier on Security

Friday Squid Blogging: The History and Morality of US Squid Consumption

Really interesting article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting...

The Privacy Disaster of Modern Smart Cars
From Schneier on Security

The Privacy Disaster of Modern Smart Cars

Article based on a Mozilla report.

Online Retail Hack
From Schneier on Security

Online Retail Hack

Selling miniature replicas to unsuspecting shoppers: Online marketplaces sell tiny pink cowboy hats. They also sell miniature pencil sharpeners, palm-size kitchen...

Decoupling for Security
From Schneier on Security

Decoupling for Security

This is an excerpt from a longer paper. You can read the whole thing (complete with sidebars and illustrations) here. Our message is simple: it is possible to get...

Spaf on the Morris Worm
From Schneier on Security

Spaf on the Morris Worm

Gene Spafford wrote an essay reflecting on the Morris Worm of 1988—35 years ago. His lessons from then are still applicable today.
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account