Schneier on Security

A blog covering security and security technology.

Latest articles

Friday Squid Blogging: Bigfin Squid Found in Australian Waters

A bigfin squid has been found — and filmed — in Australian waters for the first time. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

The 2020 Workshop on Economics and Information Security (WEIS)

The workshop on Economics and Information Security is always an interesting conference. This year, it will be online. Here’s the program. Registration is free.

Enigma Machine Recovered from the Baltic Sea

Neat story: German divers searching the Baltic Sea for discarded fishing nets have stumbled upon a rare Enigma cipher machine used by the Nazi military during World War Two which they believe was thrown overboard from a scuttled submarine. Thinking they had discovered a typewriter entangled in a net on the seabed of Gelting Bay, underwater archaeologist...

Open Source Does Not Equal Secure

Way back in 1999, I wrote about open-source software: First, simply publishing the code does not automatically mean that people will examine it for security flaws. Security researchers are fickle and busy people. They do not have the time to examine every piece of source code that is published. So while opening up source code is a good thing, it is...

Impressive iPhone Exploit

This is a scarily impressive vulnerability: Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bug in the iOS kernel that gave attackers remote access to the entire device­ — over Wi-Fi, with no user interaction required at all. Oh, and exploits were wormable­ — meaning radio-proximity exploits...

Manipulating Systems Using Remote Lasers

Many systems are vulnerable: Researchers at the time said that they were able to launch inaudible commands by shining lasers — from as far as 360 feet — at the microphones on various popular voice assistants, including Amazon Alexa, Apple Siri, Facebook Portal, and Google Assistant. […] They broadened their research to show how light can be used...

Check Washing

I can’t believe that check washing is still a thing: “Check washing” is a practice where thieves break into mailboxes (or otherwise steal mail), find envelopes with checks, then use special solvents to remove the information on that check (except for the signature) and then change the payee and the amount to a bank account under their control so that...

Friday Squid Blogging: Diplomoceras Maximum

Diplomoceras maximum is an ancient squid-like creature. It lived about 68 million years ago, looked kind of like a giant paperclip, and may have had a lifespan of 200 years. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

Undermining Democracy

Last Thursday, Rudy Giuliani, a Trump campaign lawyer, alleged a widespread voting conspiracy involving Venezuela, Cuba, and China. Another lawyer, Sidney Powell, argued that Mr. Trump won in a landslide, the entire election in swing states should be overturned and the legislatures should make sure that the electors are selected for the president. The...

Cyber Public Health

In a lecture, Adam Shostack makes the case for a discipline of cyber public health. It would relate to cybersecurity in a similar way that public health relates to medicine.

Discover, share and read the best on the web

Subscribe to RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters! Get unfiltered news feeds or filter them to your liking.

Get Inoreader
Inoreader - Subscribe to RSS Feeds, Blogs, Podcasts, Twitter searches, Facebook pages, even Email Newsletters!