Blogroll | Communications of the ACM

From Schneier on Security

Hacking Trains

Seems like an old system system that predates any care about security: The flaw has to do with the protocol used in a train system known as the End-of-Train and... Bruce Schneier
From Schneier on Security | July 16, 2025 at 12:57 PM

From Schneier on Security

Report from the Cambridge Cybercrime Conference

The Cambridge Cybercrime Conference was held on 23 June. Summaries of the presentations are here. Bruce Schneier
From Schneier on Security | July 14, 2025 at 02:46 PM

From Schneier on Security

Squid Dominated the Oceans in the Late Cretaceous

New research: One reason the early years of squids has been such a mystery is because squids’ lack of hard shells made their fossils hard to come by. Undeterred... Bruce Schneier
From Schneier on Security | July 11, 2025 at 05:04 PM

From Schneier on Security

Tradecraft in the Information Age

Long article on the difficulty (impossibility?) of human spying in the age of ubiquitous digital surveillance. Bruce Schneier
From Schneier on Security | July 11, 2025 at 12:06 PM

From Schneier on Security

Using Signal Groups for Activism

Good tutorial by Micah Lee. It includes some nonobvious use cases. Bruce Schneier
From Schneier on Security | July 10, 2025 at 07:08 AM

From Schneier on Security

Yet Another Strava Privacy Leak

This time it’s the Swedish prime minister’s bodyguards. (Last year, it was the US Secret Service and Emmanuel Macron’s bodyguards. in 2018, it was secret US military... Bruce Schneier
From Schneier on Security | July 9, 2025 at 07:05 AM

From Schneier on Security

Hiding Prompt Injections in Academic Papers

Academic papers were found to contain hidden instructions to LLMs: It discovered such prompts in 17 articles, whose lead authors are affiliated with 14 institutions... Bruce Schneier
From Schneier on Security | July 7, 2025 at 07:20 AM

From Schneier on Security

Friday Squid Blogging: How Squid Skin Distorts Light

New research. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. Bruce Schneier
From Schneier on Security | July 4, 2025 at 05:01 PM

From Schneier on Security

Surveillance Used by a Drug Cartel

Once you build a surveillance system, you can’t control who will use it: A hacker working for the Sinaloa drug cartel was able to obtain an FBI official’s phone... Bruce Schneier
From Schneier on Security | July 3, 2025 at 07:06 AM

From Schneier on Security

Ubuntu Disables Spectre/Meltdown Protections

A whole class of speculative execution attacks against CPUs were published in 2018. They seemed pretty catastrophic at the time. But the fixes were as well. Speculative... Bruce Schneier
From Schneier on Security | July 2, 2025 at 07:02 AM

From Schneier on Security

Iranian Blackout Affected Misinformation Campaigns

Dozens of accounts on X that promoted Scottish independence went dark during an internet blackout in Iran. Well, that’s one way to identify fake accounts and misinformation... Bruce Schneier
From Schneier on Security | July 1, 2025 at 07:07 AM

From Schneier on Security

How Cybersecurity Fears Affect Confidence in Voting Systems

American democracy runs on trust, and that trust is cracking. Nearly half of Americans, both Democrats and Republicans, question whether elections are conducted... Bruce Schneier
From Schneier on Security | June 30, 2025 at 07:05 AM

From Schneier on Security

Friday Squid Blogging: What to Do When You Find a Squid “Egg Mop”

Tips on what to do if you find a mop of squid eggs. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered... Bruce Schneier
From Schneier on Security | June 27, 2025 at 05:04 PM

From Schneier on Security

The Age of Integrity

We need to talk about data integrity. Narrowly, the term refers to ensuring that data isn’t tampered with, either in transit or in storage. Manipulating account... Bruce Schneier
From Schneier on Security | June 27, 2025 at 07:02 AM

From Schneier on Security

White House Bans WhatsApp

Reuters is reporting that the White House has banned WhatsApp on all employee devices: The notice said the “Office of Cybersecurity has deemed WhatsApp a high risk... Bruce Schneier
From Schneier on Security | June 26, 2025 at 07:00 AM

From Schneier on Security

What LLMs Know About Their Users

Simon Willison talks about ChatGPT’s new memory dossier feature. In his explanation, he illustrates how much the LLM—and the company—knows about its users. It’s... Bruce Schneier
From Schneier on Security | June 25, 2025 at 07:04 AM

From Schneier on Security

Largest DDoS Attack to Date

It was a recently unimaginable 7.3 Tbps: The vast majority of the attack was delivered in the form of User Datagram Protocol packets. Legitimate UDP-based transmissions... Bruce Schneier
From Schneier on Security | June 23, 2025 at 07:04 AM

From Schneier on Security

Friday Squid Blogging: Gonate Squid Video

This is the first ever video of the Antarctic Gonate Squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven... Bruce Schneier
From Schneier on Security | June 20, 2025 at 05:04 PM

From Schneier on Security

Surveillance in the US

Good article from 404 Media on the cozy surveillance relationship between local Oregon police and ICE: In the email thread, crime analysts from several local police... Bruce Schneier
From Schneier on Security | June 20, 2025 at 07:00 AM

From Schneier on Security

Self-Driving Car Video Footage

Two articles crossed my path recently. First, a discussion of all the video Waymo has from outside its cars: in this case related to the LA protests. Second, ainside... Bruce Schneier
From Schneier on Security | June 19, 2025 at 07:06 AM