Tag: Schneier on Security

New paper: “Zero Progress on Zero Days: How the Last Ten Years Created the Modern Spyware Market“: Abstract: Spyware makes surveillance simple. The last ten years have seen a global market emerge for ready-made software that lets governments surveil their…

Read more →

Microsoft is trying to create a personal digital assistant: At a Build conference event on Monday, Microsoft revealed a new AI-powered feature called “Recall” for Copilot+ PCs that will allow Windows 11 users to search and retrieve their past activities…

Read more →

Experiments in unredacting text that has been pixelated. This article has been indexed from Schneier on Security Read the original article: Unredacting Pixelated Text

Read more →

From Slashdot: Apple and Google have launched a new industry standard called “Detecting Unwanted Location Trackers” to combat the misuse of Bluetooth trackers for stalking. Starting Monday, iPhone and Android users will receive alerts when an unknown Bluetooth device is…

Read more →

IBM is selling its QRadar product suite to Palo Alto Networks, for an undisclosed—but probably surprisingly small—sum. I have a personal connection to this. In 2016, IBM bought Resilient Systems, the startup I was a part of. It became part…

Read more →

The FBI has seized the BreachForums website, used by ransomware criminals to leak stolen corporate data. If law enforcement has gained access to the hacking forum’s backend data, as they claim, they would have email addresses, IP addresses, and private…

Read more →

Microsoft is working on a promising-looking protocol to lock down DNS. ZTDNS aims to solve this decades-old problem by integrating the Windows DNS engine with the Windows Filtering Platform—the core component of the Windows Firewall—directly into client devices. Jake Williams,…

Read more →

This is a current list of where and when I am scheduled to speak: I’m giving a webinar via Zoom on Wednesday, May 22, at 11:00 AM ET. The topic is “Should the USG Establish a Publicly Funded AI Option?“…

Read more →

Google has patched another Chrome zero-day: On Thursday, Google said an anonymous source notified it of the vulnerability. The vulnerability carries a severity rating of 8.8 out of 10. In response, Google said, it would be releasing versions 124.0.6367.201/.202 for…

Read more →

Back in the 1960s, if you played a 2,600Hz tone into an AT&T pay phone, you could make calls without paying. A phone hacker named John Draper noticed that the plastic whistle that came free in a box of Captain…

Read more →

This is another attack that convinces the AI to ignore road signs: Due to the way CMOS cameras operate, rapidly changing light from fast flashing diodes can be used to vary the color. For example, the shade of red on…

Read more →

There’s a new report on how criminals are using generative AI tools: Key Takeaways: Adoption rates of AI technologies among criminals lag behind the rates of their industry counterparts because of the evolving nature of cybercrime. Compared to last year,…

Read more →

This attack has been feasible for over two decades: Researchers have devised an attack against nearly all virtual private network applications that forces them to send and receive some or all traffic outside of the encrypted tunnel designed to protect…

Read more →

Lots of complicated details here: too many for me to summarize well. It involves an obscure Section 230 provision—and an even more obscure typo. Read this. This article has been indexed from Schneier on Security Read the original article: New…

Read more →

I have spoken at several TED conferences over the years. TEDxPSU 2010: “Reconceptualizing Security” TEDxCambridge 2013: “The Battle for Power on the Internet” TEDMed 2016: “Who Controls Your Medical Data?” I’m putting this here because I want all three links…

Read more →

The Polish Embassy has posted a series of short interview segments with Marian Rejewski, the first person to crack the Enigma. Details from his biography. This article has been indexed from Schneier on Security Read the original article: Rare Interviews…

Read more →

The UK is the first country to ban default passwords on IoT devices. On Monday, the United Kingdom became the first country in the world to ban default guessable usernames and passwords from these IoT devices. Unique passwords installed by…

Read more →

Scammers tricked a company into believing they were dealing with a BBC presenter. They faked her voice, and accepted money intended for her. This article has been indexed from Schneier on Security Read the original article: AI Voice Scam

Read more →

Meta has threatened to pull WhatsApp out of India if the courts try to force it to break its end-to-end encryption. This article has been indexed from Schneier on Security Read the original article: WhatsApp in India

Read more →

During the Cold War, the US Navy tried to make a secret code out of whale song. The basic plan was to develop coded messages from recordings of whales, dolphins, sea lions, and seals. The submarine would broadcast the noises…

Read more →