Communications of the ACM
Refine your search:
The gender shades audit
Face recognition technology is used widely, such as at passport controls and by police forces. What if it isn't as good at recognising…
From Schneier on Security
Snowden Ten Years Later
In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. But I had a more personal...
From Schneier on Security
The Software-Defined Car
Developers are starting to talk about the software-defined car. For decades, features have accumulated like cruft in new vehicles: a box here to control the antilock...
From Schneier on Security
Friday Squid Blogging: Squid Chromolithographs
Beautiful illustrations. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog postinghere...
From Schneier on Security
Open-Source LLMs
In February, Meta released its large language model: LLaMA. Unlike OpenAI and its ChatGPT, Meta didn’t just give the world a chat window to play with. Instead,...
From Schneier on Security
On the Catastrophic Risk of AI
Earlier this week, I signed on to a short group statement, coordinated by the Center for AI Safety: Mitigating the risk of extinction from AI should be a global...
From Schneier on Security
Chinese Hacking of U.S. Critical Infrastructure
Everyone is writing about an interagency and international report on Chinese hacking of US critical infrastructure. Lots of interesting details about how the...
From Schneier on Security
Brute-Forcing a Fingerprint Reader
It’s neither hard nor expensive: Unlike password authentication, which requires a direct match between what is inputted and what’s stored in a database, fingerprint...
From Schneier on Security
Friday Squid Blogging: Online Cephalopod Course
Atlas Obscura has a five-part online course on cephalopods, taught by squid biologist Dr. Sarah McAnulty. As usual, you can also use this squid post to talk about...
From Schneier on Security
Expeditionary Cyberspace Operations
Cyberspace operations now officially has a physical dimension, meaning that the United States has official military doctrine about cyberattacks that also involve...
From Schneier on Security
On the Poisoning of LLMs
Interesting essay on the poisoning of LLMs—ChatGPT in particular: Given that we’ve known about model poisoning for years, and given the strong incentives the black...
From Schneier on Security
Indiana, Iowa, and Tennessee Pass Comprehensive Privacy Laws
It’s been a big month for US data privacy. Indiana, Iowa, and Tennessee all passed state privacy laws, bringing the total number of states with a privacy law up...
From Schneier on Security
Credible Handwriting Machine
In case you don’t have enough to worry about, someone has built a credible handwriting machine: This is still a work in progress, but the project seeks to solve...
From Schneier on Security
Google Is Not Deleting Old YouTube Videos
Google has backtracked on its plan to delete inactive YouTube videos—at least for now. Of course, it could change its mind anytime it wants. It would be nice if...
From Schneier on Security
Friday Squid Blogging: Peruvian Squid-Fishing Regulation Drives Chinese Fleets Away
A Peruvian oversight law has the opposite effect: Peru in 2020 began requiring any foreign fishing boat entering its ports to use a vessel monitoring system allowing...
From Schneier on Security
Security Risks of New .zip and .mov Domains
Researchers are worried about Google’s .zip and .mov domains, because they are confusing. Mistaking a URL for a filename could be a security vulnerability.
From Schneier on Security
Microsoft Secure Boot Bug
Microsoft is currently patching a zero-day Secure-Boot bug. The BlackLotus bootkit is the first-known real-world malware that can bypass Secure Boot protections...
From Schneier on Security
Micro-Star International Signing Key Stolen
Micro-Star International—aka MSI—had its UEFI signing key stolen last month. This raises the possibility that the leaked key could push out updates that would infect...
From Schneier on Security
Friday Squid Blogging: Giant Squid Video
A video—authentic, not a deep fake—of a giant squid close to the surface. As usual, you can also use this squid post to talk about the security stories in the news...
From Schneier on Security
Ted Chiang on the Risks of AI
Ted Chiang has an excellent essay in the New Yorker: “Will A.I. Become the New McKinsey?” The question we should be asking is: as A.I. becomes more powerful and...
From Schneier on Security