Communications of the ACM
Refine your search:
Rethinking human-AI interaction
This essay by AI specialist Jessy Lin explores some of the possibilities to rethink how humans and “intelligent” machines interact…
From Schneier on Security
Negotiating with Ransomware Gangs
Really interesting conversation with someone who negotiates with ransomware gangs: For now, it seems that paying ransomware, while obviously risky and empowering...
From Schneier on Security
Hacking a Coffee Maker
As expected, IoT devices are filled with vulnerabilities: As a thought experiment, Martin Hron, a researcher at security company Avast, reverse engineered one of...
From Schneier on Security
Documented Death from a Ransomware Attack
A Dusseldorf woman died when a ransomware attack against a hospital forced her to be taken to a different hospital in another city. I think this is the first documented...
From Schneier on Security
On Executive Order 12333
Mark Jaycox has written a long article on the US Executive Order 12333: “No Oversight, No Limits, No Worries: A Primer on Presidential Spying and Executive Order...
From Schneier on Security
Iranian Government Hacking Android
The New York Times wrote about a still-unreleased report from Chckpoint and the Miaan Group: The reports, which were reviewed by The New York Times in advance of...
From Schneier on Security
Interview with the Author of the 2000 Love Bug Virus
No real surprises, but we finally have the story. The story he went on to tell is strikingly straightforward. De Guzman was poor, and internet access was expensive...
From Schneier on Security
Friday Squid Blogging: COVID-19 Found on Chinese Squid Packaging
I thought the virus doesn’t survive well on food packaging: Authorities in China’s northeastern Jilin province have found the novel coronavirus on the packaging...
From Schneier on Security
CEO of NS8 Charged with Securities Fraud
The founder and CEO of the Internet security company NS8 has been arrested and “charged in a Complaint in Manhattan federal court with securities fraud, fraud in...
From Schneier on Security
Nihilistic Password Security Questions
Posted three years ago, but definitely appropriate for the times.
From Schneier on Security
Amazon Delivery Drivers Hacking Scheduling System
Amazon drivers — all gig workers who don’t work for the company — are hanging cell phones in trees near Amazon delivery stations, fooling the system into thinking...
From Schneier on Security
Friday Squid Blogging: Nano-Sized SQUIDS
SQUID news: Physicists have developed a small, compact superconducting quantum interference device (SQUID) that can detect magnetic fields. The team l focused on...
From Schneier on Security
Former NSA Director Keith Alexander Joins Amazon’s Board of Directors
This sounds like a bad idea.
From Schneier on Security
Matt Blaze on OTP Radio Stations
Matt Blaze discusses an interesting mystery about a Cuban one-time-pad radio station, and a random number generator error that probably helped arrest a pair of...
From Schneier on Security
New Bluetooth Vulnerability
There’s a new unpatched Bluetooth vulnerability: The issue is with a protocol called Cross-Transport Key Derivation (or CTKD, for short). When, say, an iPhone is...
From Schneier on Security
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking at the Cybersecurity Law & Policy Scholars Virtual Conference on September 17, 2020...
From Schneier on Security
Friday Squid Blogging: Calamari vs. Squid
St. Louis Magazine answers the important question: “Is there a difference between calamari and squid?” Short answer: no. As usual, you can also use this squid post...
From Schneier on Security
How the FIN7 Cybercrime Gang Operates
The Grugq has written an excellent essay on how the Russian cybercriminal gang FIN7 operates. An excerpt: The secret of FIN7’s success is their operational art...
From Schneier on Security
Privacy Analysis of Ambient Light Sensors
Interesting privacy analysis of the Ambient Light Sensor API. And a blog post. Especially note the “Lessons Learned” section.
From Schneier on Security
Interesting Attack on the EMV Smartcard Payment Standard
It’s complicated, but it’s basically a man-in-the-middle attack that involves two smartphones. The first phone reads the actual smartcard, and then forwards the...
From Schneier on Security