Crypto-Gram Newsletter
Crypto-Gram is a free monthly e-mail digest of posts from Bruce Schneier's Schneier on Security blog.
Recent Issues
November 15, 2018
In this issue:
- How DNA Databases Violate Everyone's Privacy
- Privacy for Tigers
- Government Perspective on Supply Chain Security
- West Virginia Using Internet Voting
- Are the Police Using Smart-Home IoT Devices to Spy on People?
- On Disguise
- China's Hacking of the Border Gateway Protocol
- Android Ad-Fraud Scheme
- Detecting Fake Videos
- Security Vulnerability in Internet-Connected Construction Cranes
- More on the Supermicro Spying Story
- Cell Phone Security and Heads of State
- ID Systems Throughout the 50 States
- Was the Triton Malware Attack Russian in Origin?
- Buying Used Voting Machines on eBay
- How to Punish Cybercriminals
- Troy Hunt on Passwords
- Security of Solid-State-Drive Encryption
- Consumer Reports Reviews Wireless Home-Security Cameras
- iOS 12.1 Vulnerability
- Privacy and Security of Data at Universities
- The Pentagon Is Publishing Foreign Nation-State Malware
- Hiding Secret Messages in Fingerprints
- New IoT Security Regulations
- Oracle and "Responsible Disclosure"
- More Spectre/Meltdown-Like Attacks
- Upcoming Speaking Engagements
October 15, 2018
In this issue:
- NSA Attacks Against Virtual Private Networks
- Public Shaming of Companies for Bad Security
- Pegasus Spyware Used in 45 Countries
- Security Vulnerability in ESS ExpressVote Touchscreen Voting Computer
- AES Resulted in a $250-Billion Economic Benefit
- New Findings About Prime Number Distribution Almost Certainly Irrelevant to Cryptography
- New Variants of Cold-Boot Attack
- Evidence for the Security of PKCS #1 Digital Signatures
- Counting People through a Wall with Wi-Fi
- Yet Another IoT Cybersecurity Document
- Major Tech Companies Finally Endorse Federal Privacy Regulation
- More on the Five Eyes Statement on Encryption and Backdoors
- Facebook Is Using Your Two-Factor Authentication Phone Number to Target Advertising
- Sophisticated Voice Phishing Scams
- Terahertz Millimeter-Wave Scanners
- The Effects of GDPR's 72-Hour Notification Rule
- Helen Nissenbaum on Data Privacy and Consent
- Chinese Supply Chain Hardware Attack
- Conspiracy Theories around the "Presidential Alert"
- Detecting Credit Card Skimmers
- Defeating the "Deal or No Deal" Arcade Game
- The US National Cyber Strategy
- Access Now Is Looking for a Chief Security Officer
- Security Vulnerabilities in US Weapons Systems
- Another Bloomberg Story about Supply-Chain Hardware Attacks from China
- Security in a World of Physically Capable Computers
- Upcoming Speaking Engagements
September 15, 2018
In this issue:
- New Book Announcement: Click Here to Kill Everybody
- Speculation Attack Against Intel's SGX
- New Ways to Track Internet Browsing
- James Mickens on the Current State of Computer Security
- "Two Stage" BMW Theft Attempt
- Good Primer on Two-Factor Authentication Security
- John Mueller and Mark Stewart on the Risks of Terrorism
- Future Cyberwar
- NotPetya
- CIA Network Exposed through Insecure Communications System
- Cheating in Bird Racing
- Eavesdropping on Computer Screens through the Webcam Mic
- Using a Smartphone's Microphone and Speakers to Eavesdrop on Passwords
- Five-Eyes Intelligence Services Choose Surveillance Over Security
- Reddit AMA
- Using Hacked IoT Devices to Disrupt the Power Grid
- Security Vulnerability in Smart Electric Outlets
- Security Risks of Government Hacking
- Quantum Computing and Cryptography
- Click Here to Kill Everybody Reviews and Press Mentions
- Upcoming Speaking Engagements
Photo of Bruce Schneier by Per Ervland.
Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.