Schneier on Security
14,316 FOLLOWERS
A blog by Bruce Schneier covering security and security technology also frequent posts about homeland security in particular. Bruce Schneier is an internationally renowned security technologist and author. He is described by The Economist as a "Security Guru".
Schneier on Security
18h ago
The first live video of the Promachoteuthis squid, filmed at a newly discovered seamount off the coast of Chile.
Blog moderation policy ..read more
Schneier on Security
18h ago
There is a side-channel attack against YubiKey access tokens that allows someone to clone a device. It’s a complicated attack, requiring the victim’s username and password, and physical access to their YubiKey—as well as some technical expertise and equipment.
Still, nice piece of security analysis ..read more
Schneier on Security
2d ago
Really interesting analysis of the American M-209 encryption device and its security ..read more
Schneier on Security
3d ago
This story seems straightforward. A city is the victim of a ransomware attack. They repeatedly lie to the media about the severity of the breach. A security researcher repeatedly proves their statements to be lies. The city gets mad and sues the researcher.
Let’s hope the judge throws the case out, but—still—it will serve as a warning to others ..read more
Schneier on Security
3d ago
The NSA’s “National Cryptographic School Television Catalogue” from 1991 lists about 600 COMSEC and SIGINT training videos.
There are a bunch explaining the operations of various cryptographic equipment, and a few code words I have never heard of before ..read more
Schneier on Security
5d ago
Interesting vulnerability:
…a special lane at airport security called Known Crewmember (KCM). KCM is a TSA program that allows pilots and flight attendants to bypass security screening, even when flying on domestic personal trips.
The KCM process is fairly simple: the employee uses the dedicated lane and presents their KCM barcode or provides the TSA agent their employee number and airline. Various forms of ID need to be presented while the TSA agent’s laptop verifies the employment status with the airline. If successful, the employee can access the sterile area without any screening at all ..read more
Schneier on Security
1w ago
The “long lost lecture” by Adm. Grace Hopper has been published by the NSA. (Note that there are two parts.)
It’s a wonderful talk: funny, engaging, wise, prescient. Remember that talk was given in 1982, less than a year before the ARPANET switched to TCP/IP and the internet went operational. She was a remarkable person.
Listening to it, and thinking about the audience of NSA engineers, I wonder how much of what she’s talking about as the future of computing—miniaturization, parallelization—was being done in the present and in secret ..read more
Schneier on Security
1w ago
Matthew Green wrote a really good blog post on what Telegram’s encryption is and is not ..read more
Schneier on Security
1w ago
Ars Technica has a good article on what’s happening in the world of television surveillance. More than even I realized ..read more