Bruce Shneier's Blog

Subscribe to Bruce Shneier's Blog feed
A blog covering security and security technology. Movable Type Pro
Updated: 1 day 16 hours ago

Yet Another FBI Proposal for Insecure Communications

Thu, 01/11/2018 - 07:05
Deputy Attorney General Rosenstein has given talks where he proposes that tech companies decrease their communications and device security for the benefit of the FBI. In a recent talk, his idea is that tech companies just save a copy of the plaintext: Law enforcement can also partner with private industry to address a problem we call "Going Dark." Technology increasingly... Bruce Schneier
Categories: Security News

Susan Landau's New Book: Listening In

Wed, 01/10/2018 - 13:42
Susan Landau has written a terrific book on cybersecurity threats and why we need strong crypto. Listening In: Cybersecurity in an Insecure Age. It's based in part on her 2016 Congressional testimony in the Apple/FBI case; it examines how the Digital Revolution has transformed society, and how law enforcement needs to -- and can -- adjust to the new realities.... Bruce Schneier
Categories: Security News

Cybersecurity and the 2017 US National Security Strategy

Wed, 01/10/2018 - 07:27
Commentaries on the 2017 US national security strategy by Michael Sulmeyer and Ben Buchanan.... Bruce Schneier
Categories: Security News

Daniel Miessler on My Writings about IoT Security

Tue, 01/09/2018 - 15:26
Daniel Miessler criticizes my writings about IoT security: I know it's super cool to scream about how IoT is insecure, how it's dumb to hook up everyday objects like houses and cars and locks to the internet, how bad things can get, and I know it's fun to be invited to talk about how everything is doom and gloom. I... Bruce Schneier
Categories: Security News

NSA Morale

Tue, 01/09/2018 - 05:58
The Washington Post is reporting that poor morale at the NSA is causing a significant talent shortage. A November New York Times article said much the same thing. The articles point to many factors: the recent reorganization, low pay, and the various leaks. I have been saying for a while that the Shadow Brokers leaks have been much more damaging... Bruce Schneier
Categories: Security News

Tourist Scams

Mon, 01/08/2018 - 06:34
A comprehensive list. Most are old and obvious, but there are some clever variants.... Bruce Schneier
Categories: Security News

Friday Squid Blogging: How the Optic Lobe Controls Squid Camouflage

Fri, 01/05/2018 - 16:42
Experiments on the oval squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here.... Bruce Schneier
Categories: Security News

Spectre and Meltdown Attacks Against Microprocessors

Fri, 01/05/2018 - 14:22
The security of pretty much every computer on the planet has just gotten a lot worse, and the only real solution -- which of course is not a solution -- is to throw them all away and buy new ones. On Wednesday, researchers just announced a series of major security vulnerabilities in the microprocessors at the heart of the world's... Bruce Schneier
Categories: Security News

New Book Coming in September: "Click Here to Kill Everybody"

Fri, 01/05/2018 - 12:45
My next book is still on track for a September 2018 publication. Norton is still the publisher. The title is now Click Here to Kill Everybody: Peril and Promise on a Hyperconnected Planet, which I generally refer to as CH2KE. The table of contents has changed since I last blogged about this, and it now looks like this: Introduction: Everything... Bruce Schneier
Categories: Security News

Detecting Adblocker Blockers

Fri, 01/05/2018 - 09:00
Interesting research on the prevalence of adblock blockers: "Measuring and Disrupting Anti-Adblockers Using Differential Execution Analysis": Abstract: Millions of people use adblockers to remove intrusive and malicious ads as well as protect themselves against tracking and pervasive surveillance. Online publishers consider adblockers a major threat to the ad-powered "free" Web. They have started to retaliate against adblockers by employing anti-adblockers... Bruce Schneier
Categories: Security News

Spectre and Meltdown Attacks

Thu, 01/04/2018 - 06:28
After a week or so of rumors, everyone is now reporting about the Spectre and Meltdown attacks against pretty much every modern processor out there. These are side-channel attacks where one process can spy on other processes. They affect computers where an untrusted browser window can execute code, phones that have multiple apps running at the same time, and cloud... Bruce Schneier
Categories: Security News

Tamper-Detection App for Android

Wed, 01/03/2018 - 06:17
Edward Snowden and Nathan Freitas have created an Android app that detects when it's being tampered with. The basic idea is to put the app on a second phone and put the app on or near something important, like your laptop. The app can then text you -- and also record audio and video -- when something happens around it:... Bruce Schneier
Categories: Security News