Crypto-Gram Newsletter
Crypto-Gram is a free monthly e-mail digest of posts from Bruce Schneier’s Schneier on Security blog.
Recent Issues
April 15, 2024
In this issue:
- Improving C++
- Drones and the US Air Force
- AI and the Evolution of Social Media
- Cheating Automatic Toll Booths by Obscuring License Plates
- Public AI as an Alternative to Corporate AI
- Google Pays $10M in Bug Bounties in 2023
- Licensing AI Engineers
- On Secure Voting Systems
- Security Vulnerability in Saflok’s RFID-Based Keycard Locks
- Hardware Vulnerability in Apple’s M-Series Chips
- Lessons from a Ransomware Attack against the British Library
- Ross Anderson
- Magic Security Dust
- Declassified NSA Newsletters
- XZ Utils Backdoor
- Class-Action Lawsuit against Google’s Incognito Mode
- Surveillance by the New Microsoft Outlook App
- Maybe the Phone System Surveillance Vulnerabilities Will Be Fixed
- Security Vulnerability of HTML Emails
- US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack
- In Memoriam: Ross Anderson, 1956-2024
- Backdoor in XZ Utils That Almost Happened
- Smuggling Gold by Disguising it as Machine Parts
- Upcoming Speaking Engagements
March 15, 2024
In this issue:
- On the Insecurity of Software Bloat
- European Court of Human Rights Rejects Encryption Backdoors
- Microsoft Is Spying on Users of Its AI Tools
- Details of a Phone Scam
- New Image/Video Prompt Injection Attacks
- AIs Hacking Websites
- Apple Announces Post-Quantum Encryption Algorithms for iMessage
- China Surveillance Company Hacked
- A Cyber Insurance Backstop
- How the “Frontier” Became the Slogan of Uncontrolled AI
- NIST Cybersecurity Framework 2.0
- LLM Prompt Injection Worm
- The Insecurity of Video Doorbells
- Surveillance through Push Notifications
- How Public AI Can Strengthen Democracy
- A Taxonomy of Prompt Injection Attacks
- Essays from the Second IWORD
- Using LLMs to Unredact Text
- Jailbreaking LLMs with ASCII Art
- Burglars Using Wi-Fi Jammers to Disable Security Cameras
- Automakers Are Sharing Driver Data with Insurers without Consent
February 15, 2024
In this issue:
- Voice Cloning with Very Short Samples
- The Story of the Mirai Botnet
- Code Written with AI Assistants Is Less Secure
- Canadian Citizen Gets Phone Back from Police
- Speaking to the CIA’s Creative Writing Group
- Zelle Is Using My Name and Voice without My Consent
- AI Bots on X (Twitter)
- Side Channels Are Common
- Poisoning AI Models
- Quantum Computing Skeptics
- Chatbots and Human Conversation
- Microsoft Executives Hacked
- NSA Buying Bulk Surveillance Data on Americans without a Warrant
- New Images of Colossus Released
- CFPB’s Proposed Data Rules
- Facebook’s Extensive Surveillance Network
- A Self-Enforcing Protocol to Solve Gerrymandering
- David Kahn
- Deepfake Fraud
- Documents about the NSA’s Banning of Furby Toys in the 1990s
- Teaching LLMs to Be Deceptive
- On Software Liabilities
- No, Toothbrushes Were Not Used in a Massive DDoS Attack
- On Passkey Usability
- Molly White Reviews Blockchain Book
- A Hacker’s Mind is Out in Paperback
- Improving the Cryptanalysis of Lattice-Based Public-Key Algorithms
- Upcoming Speaking Engagements
Sidebar photo of Bruce Schneier by Joe MacInnis.