Sign In

Communications of the ACM

Blogroll



Negotiating with Ransomware Gangs
From Schneier on Security

Negotiating with Ransomware Gangs

Really interesting conversation with someone who negotiates with ransomware gangs: For now, it seems that paying ransomware, while obviously risky and empowering...

Hacking a Coffee Maker
From Schneier on Security

Hacking a Coffee Maker

As expected, IoT devices are filled with vulnerabilities: As a thought experiment, Martin Hron, a researcher at security company Avast, reverse engineered one of...

Documented Death from a Ransomware Attack
From Schneier on Security

Documented Death from a Ransomware Attack

A Dusseldorf woman died when a ransomware attack against a hospital forced her to be taken to a different hospital in another city. I think this is the first documented...

On Executive Order 12333
From Schneier on Security

On Executive Order 12333

Mark Jaycox has written a long article on the US Executive Order 12333: “No Oversight, No Limits, No Worries: A Primer on Presidential Spying and Executive Order...

Iranian Government Hacking Android
From Schneier on Security

Iranian Government Hacking Android

The New York Times wrote about a still-unreleased report from Chckpoint and the Miaan Group: The reports, which were reviewed by The New York Times in advance of...

Interview with the Author of the 2000 Love Bug Virus
From Schneier on Security

Interview with the Author of the 2000 Love Bug Virus

No real surprises, but we finally have the story. The story he went on to tell is strikingly straightforward. De Guzman was poor, and internet access was expensive...

Friday Squid Blogging: COVID-19 Found on Chinese Squid Packaging
From Schneier on Security

Friday Squid Blogging: COVID-19 Found on Chinese Squid Packaging

I thought the virus doesn’t survive well on food packaging: Authorities in China’s northeastern Jilin province have found the novel coronavirus on the packaging...

CEO of NS8 Charged with Securities Fraud
From Schneier on Security

CEO of NS8 Charged with Securities Fraud

The founder and CEO of the Internet security company NS8 has been arrested and “charged in a Complaint in Manhattan federal court with securities fraud, fraud in...

Nihilistic Password Security Questions
From Schneier on Security

Nihilistic Password Security Questions

Posted three years ago, but definitely appropriate for the times.

Amazon Delivery Drivers Hacking Scheduling System
From Schneier on Security

Amazon Delivery Drivers Hacking Scheduling System

Amazon drivers — all gig workers who don’t work for the company — are hanging cell phones in trees near Amazon delivery stations, fooling the system into thinking...

Friday Squid Blogging: Nano-Sized SQUIDS
From Schneier on Security

Friday Squid Blogging: Nano-Sized SQUIDS

SQUID news: Physicists have developed a small, compact superconducting quantum interference device (SQUID) that can detect magnetic fields. The team l focused on...

Former NSA Director Keith Alexander Joins Amazon’s Board of Directors
From Schneier on Security

Former NSA Director Keith Alexander Joins Amazon’s Board of Directors

This sounds like a bad idea.

Matt Blaze on OTP Radio Stations
From Schneier on Security

Matt Blaze on OTP Radio Stations

Matt Blaze discusses an interesting mystery about a Cuban one-time-pad radio station, and a random number generator error that probably helped arrest a pair of...

New Bluetooth Vulnerability
From Schneier on Security

New Bluetooth Vulnerability

There’s a new unpatched Bluetooth vulnerability: The issue is with a protocol called Cross-Transport Key Derivation (or CTKD, for short). When, say, an iPhone is...

Upcoming Speaking Engagements
From Schneier on Security

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at the Cybersecurity Law & Policy Scholars Virtual Conference on September 17, 2020...

Friday Squid Blogging: Calamari vs. Squid
From Schneier on Security

Friday Squid Blogging: Calamari vs. Squid

St. Louis Magazine answers the important question: “Is there a difference between calamari and squid?” Short answer: no. As usual, you can also use this squid post...

How the FIN7 Cybercrime Gang Operates
From Schneier on Security

How the FIN7 Cybercrime Gang Operates

The Grugq has written an excellent essay on how the Russian cybercriminal gang FIN7 operates. An excerpt: The secret of FIN7’s success is their operational art...

Privacy Analysis of Ambient Light Sensors
From Schneier on Security

Privacy Analysis of Ambient Light Sensors

Interesting privacy analysis of the Ambient Light Sensor API. And a blog post. Especially note the “Lessons Learned” section.

Interesting Attack on the EMV Smartcard Payment Standard
From Schneier on Security

Interesting Attack on the EMV Smartcard Payment Standard

It’s complicated, but it’s basically a man-in-the-middle attack that involves two smartphones. The first phone reads the actual smartcard, and then forwards the...

Ranking National Cyber Power
From Schneier on Security

Ranking National Cyber Power

Harvard Kennedy School’s Belfer Center published the “National Cyber Power Index 2020: Methodology and Analytical Considerations.” The rankings: US China UK ...
Sign In for Full Access
» Forgot Password? » Create an ACM Web Account