This website does readability filtering of other pages. All styles, scripts, forms and ads are stripped. If you want your website excluded or have other feedback, use this form.

Schneier on Security: Crypto-Gram

Schneier on Security

Crypto-Gram Newsletter

Crypto-Gram is a free monthly e-mail digest of posts from Bruce Schneier's Schneier on Security blog.

Recent Issues

October 15, 2018

In this issue:

  1. NSA Attacks Against Virtual Private Networks
  2. Public Shaming of Companies for Bad Security
  3. Pegasus Spyware Used in 45 Countries
  4. Security Vulnerability in ESS ExpressVote Touchscreen Voting Computer
  5. AES Resulted in a $250-Billion Economic Benefit
  6. New Findings About Prime Number Distribution Almost Certainly Irrelevant to Cryptography
  7. New Variants of Cold-Boot Attack
  8. Evidence for the Security of PKCS #1 Digital Signatures
  9. Counting People through a Wall with Wi-Fi
  10. Yet Another IoT Cybersecurity Document
  11. Major Tech Companies Finally Endorse Federal Privacy Regulation
  12. More on the Five Eyes Statement on Encryption and Backdoors
  13. Facebook Is Using Your Two-Factor Authentication Phone Number to Target Advertising
  14. Sophisticated Voice Phishing Scams
  15. Terahertz Millimeter-Wave Scanners
  16. The Effects of GDPR's 72-Hour Notification Rule
  17. Helen Nissenbaum on Data Privacy and Consent
  18. Chinese Supply Chain Hardware Attack
  19. Conspiracy Theories around the "Presidential Alert"
  20. Detecting Credit Card Skimmers
  21. Defeating the "Deal or No Deal" Arcade Game
  22. The US National Cyber Strategy
  23. Access Now Is Looking for a Chief Security Officer
  24. Security Vulnerabilities in US Weapons Systems
  25. Another Bloomberg Story about Supply-Chain Hardware Attacks from China
  26. Security in a World of Physically Capable Computers
  27. Upcoming Speaking Engagements

Read This Issue →

September 15, 2018

In this issue:

  1. New Book Announcement: Click Here to Kill Everybody
  2. Speculation Attack Against Intel's SGX
  3. New Ways to Track Internet Browsing
  4. James Mickens on the Current State of Computer Security
  5. "Two Stage" BMW Theft Attempt
  6. Good Primer on Two-Factor Authentication Security
  7. John Mueller and Mark Stewart on the Risks of Terrorism
  8. Future Cyberwar
  9. NotPetya
  10. CIA Network Exposed through Insecure Communications System
  11. Cheating in Bird Racing
  12. Eavesdropping on Computer Screens through the Webcam Mic
  13. Using a Smartphone's Microphone and Speakers to Eavesdrop on Passwords
  14. Five-Eyes Intelligence Services Choose Surveillance Over Security
  15. Reddit AMA
  16. Using Hacked IoT Devices to Disrupt the Power Grid
  17. Security Vulnerability in Smart Electric Outlets
  18. Security Risks of Government Hacking
  19. Quantum Computing and Cryptography
  20. Click Here to Kill Everybody Reviews and Press Mentions
  21. Upcoming Speaking Engagements

Read This Issue →

August 15, 2018

In this issue:

  1. New Book Announcement: Click Here to Kill Everybody
  2. Reasonably Clever Extortion E-mail Based on Password Theft
  3. Installing a Credit Card Skimmer on a POS Terminal
  4. Defeating the iPhone Restricted Mode
  5. Suing South Carolina Because Its Election Machines Are Insecure
  6. New Report on Chinese Intelligence Cyber-Operations
  7. 1Password's Travel Mode
  8. Nicholas Weaver on Cryptocurrencies
  9. On Financial Fraud
  10. Major Bluetooth Vulnerability
  11. DARPA Wants Research into Resilient Anonymous Communications
  12. Google Employees Use a Physical Token as Their Second Authentication Factor
  13. Third Annual Cybercrime Conference
  14. New Report on Police Digital Forensics Techniques
  15. Identifying People by Metadata
  16. The Poor Cybersecurity of US Space Assets
  17. Hacking a Robot Vacuum
  18. Backdoors in Cisco Routers
  19. GCHQ on Quantum Key Distribution
  20. Using In-Game Purchases to Launder Money
  21. How the US Military Can Better Keep Hackers
  22. Three of My Books Are Available in DRM-Free E-Book Format
  23. Hacking the McDonald's Monopoly Sweepstakes
  24. Measuring the Rationality of Security Decisions
  25. SpiderOak's Warrant Canary Died
  26. Detecting Phishing Sites with Machine Learning
  27. Don't Fear the TSA Cutting Airport Security. Be Glad That They're Talking about It.
  28. xkcd on Voting Computers
  29. Identifying Programmers by their Coding Style
  30. Google Tracks its Users Even if They Opt-Out of Tracking
  31. My Speaking Engagements

Read This Issue →

More Issues →

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.