Syndicated Blog

Schneier on Security
A blog covering security and security technology.
https://www.schneier.com/

Reimagining Democracy

| | AI, Conferences, Democracy, Uncategorized
Imagine that all of us—all of society—have landed on some alien planet and need to form a government: clean slate. We do not have any legacy systems from the United States or ...
Schneier on Security

Arguing Against CALEA

| | CALEA, Cybersecurity, eavesdropping, national security policy, Telecom, Uncategorized
At a Congressional hearing earlier this week, Matt Blaze made the point that CALEA, the 1994 law that forces telecoms to make phone calls wiretappable, is outdated in today’s threat environment and ...
Schneier on Security

DIRNSA Fired

| | national security policy, nsa, Privacy, surveillance, Uncategorized
In “Secrets and Lies” (2000), I wrote: It is poor civic hygiene to install technologies that could someday facilitate a police state. It’s something a bunch of us were saying at the ...
Schneier on Security

Web 3.0 Requires Data Integrity

| | Internet, protocols, Uncategorized, web
If you’ve ever taken a computer security class, you’ve probably learned about the three legs of computer security—confidentiality, integrity, and availability—known as the CIA triad. When we talk about a system being secure, that’s ...
Schneier on Security

Rational Astrologies and Security

| | Cybersecurity, psychology of security, security theater, Uncategorized
John Kelsey and I wrote a short paper for the Rossfest Festschrift: “Rational Astrologies and Security“: There is another non-security way that designers can spend their security budget: on making their own ...
Schneier on Security

The Signal Chat Leak and the NSA

| | Defense, Department of Defense, signal, Uncategorized, Vulnerabilities
US National Security Advisor Mike Waltz, who started the now-infamous group chat coordinating a US attack against the Yemen-based Houthis on March 15, is seemingly now suggesting that the secure messaging service ...
Schneier on Security

AIs as Trusted Third Parties

| | academic papers, AI, cryptography, machine learning, Trust, Uncategorized
This is a truly fascinating paper: “Trusted Machine Learning Models Unlock Private Inference for Problems Currently Infeasible with Cryptography.” The basic idea is that AIs can act as trusted third parties: Abstract: ...
Schneier on Security

AI Data Poisoning

| | AI, botnets, spoofing, Uncategorized
Cloudflare has a new feature—available to free users as well—that uses AI to generate random pages to feed to AI web crawlers: Instead of simply blocking bots, Cloudflare’s new system lures them ...
Schneier on Security

Report on Paragon Spyware

| | israel, Reports, spyware, Uncategorized
Citizen Lab has a new report on Paragon’s spyware: Key Findings: Introducing Paragon Solutions. Paragon Solutions was founded in Israel in 2019 and sells spyware called Graphite. The company differentiates itself by ...
Schneier on Security

Is Security Human Factors Research Skewed Towards Western Ideas and Habits?

| | academic papers, Uncategorized, Usability
Really interesting research: “How WEIRD is Usable Privacy and Security Research?” by Ayako A. Hasegawa Daisuke Inoue, and Mitsuaki Akiyama: Abstract: In human factor fields such as human-computer interaction (HCI) and psychology, ...
Schneier on Security
Load more