serisec

Tag: bruce schneier

  • Side-Channel Attacks Against LLMs

    Side-Channel Attacks Against LLMs Here are three papers describing different side-channel attacks against LLMs. “Remote Timing Attacks on Efficient Language Model Inference“: Abstract: Scaling up language models has significantly increased their capabilities. But larger models are slower models, and so there is now an extensive body of work (e.g., speculative sampling or parallel decoding) that…

  • The Promptware Kill Chain

    The Promptware Kill Chain Attacks against modern generative artificial intelligence (AI) large language models (LLMs) pose a real threat. Yet discussions around these attacks and their potential defenses are dangerously myopic. The dominant narrative focuses on “prompt injection,” a set of techniques to embed instructions into inputs to LLM intended to perform malicious activity. This…

  • Upcoming Speaking Engagements

    Upcoming Speaking Engagements This is a current list of where and when I am scheduled to speak: I’m speaking at Ontario Tech University in Oshawa, Ontario, Canada, at 2 PM ET on Thursday, February 26, 2026. I’m speaking at the Personal AI Summit in Los Angeles, California, USA, on Thursday, March 5, 2026. I’m speaking…

  • Friday Squid Blogging: Do Squid Dream?

    Friday Squid Blogging: Do Squid Dream? An exploration of the interesting question. Bruce Schneier Go to bruce schneier

  • 3D Printer Surveillance

    3D Printer Surveillance New York is contemplating a bill that adds surveillance to 3D printers: New York’s 2026­2027 executive budget bill (S.9005 / A.10005) includes language that should alarm every maker, educator, and small manufacturer in the state. Buried in Part C is a provision requiring all 3D printers sold or delivered in New York…

  • Prompt Injection Via Road Signs

    Prompt Injection Via Road Signs Interesting research: “CHAI: Command Hijacking Against Embodied AI.” Abstract: Embodied Artificial Intelligence (AI) promises to handle edge cases in robotic vehicle systems where data is scarce by using common-sense reasoning grounded in perception and action to generalize beyond training distributions and adapt to novel real-world situations. These capabilities, however, also…

  • Rewiring Democracy Ebook is on Sale

    Rewiring Democracy Ebook is on Sale I just noticed that the ebook version of Rewriring Democracy is on sale for $5 on Amazon, Apple Books, Barnes & Noble, Books A Million, Google Play, Kobo, and presumably everywhere else in the US. I have no idea how long this will last. Also, Amazon has a coupon…

  • AI-Generated Text and the Detection Arms Race

    AI-Generated Text and the Detection Arms Race In 2023, the science fiction literary magazine Clarkesworld stopped accepting new submissions because so many were generated by artificial intelligence. Near as the editors could tell, many submitters pasted the magazine’s detailed story guidelines into an AI and sent in the results. And they weren’t alone. Other fiction…

  • LLMs are Getting a Lot Better and Faster at Finding and Exploiting Zero-Days

    LLMs are Getting a Lot Better and Faster at Finding and Exploiting Zero-Days This is amazing: Opus 4.6 is notably better at finding high-severity vulnerabilities than previous models and a sign of how quickly things are moving. Security teams have been automating vulnerability discovery for years, investing heavily in fuzzing infrastructure and custom harnesses to…

  • I Am in the Epstein Files

    I Am in the Epstein Files Once. Someone named “Vincenzo lozzo” wrote to Epstein in email, in 2016: “I wouldn’t pay too much attention to this, Schneier has a long tradition of dramatizing and misunderstanding things.” The topic of the email is DDoS attacks, and it is unclear what I am dramatizing and misunderstanding. Rabbi…

  • Friday Squid Blogging: Squid Fishing Tips

    Friday Squid Blogging: Squid Fishing Tips This is a video of advice for squid fishing in Puget Sound. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. Bruce Schneier Go to bruce schneier

  • iPhone Lockdown Mode Protects Washington Post Reporter

    iPhone Lockdown Mode Protects Washington Post Reporter 404Media is reporting that the FBI could not access a reporter’s iPhone because it had Lockdown Mode enabled: The court record shows what devices and data the FBI was able to ultimately access, and which devices it could not, after raiding the home of the reporter, Hannah Natanson,…

  • Backdoor in Notepad++

    Backdoor in Notepad++ Hackers associated with the Chinese government used a Trojaned version of Notepad++ to deliver malware to selected users. Notepad++ said that officials with the unnamed provider hosting the update infrastructure consulted with incident responders and found that it remained compromised until September 2. Even then, the attackers maintained credentials to the internal…

  • US Declassifies Information on JUMPSEAT Spy Satellites

    US Declassifies Information on JUMPSEAT Spy Satellites The US National Reconnaissance Office has declassified information about a fleet of spy satellites operating between 1971 and 2006. I’m actually impressed to see a declassification only two decades after decommission. Bruce Schneier Go to bruce schneier

  • Microsoft is Giving the FBI BitLocker Keys

    Microsoft is Giving the FBI BitLocker Keys Microsoft gives the FBI the ability to decrypt BitLocker in response to court orders: about twenty times per year. It’s possible for users to store those keys on a device they own, but Microsoft also recommends BitLocker users store their keys on its servers for convenience. While that…

  • AI Coding Assistants Secretly Copying All Code to China

    AI Coding Assistants Secretly Copying All Code to China There’s a new report about two AI coding assistants, used by 1.5 million developers, that are surreptitiously sending a copy of everything they ingest to China. Maybe avoid using them. Bruce Schneier Go to bruce schneier

  • AIs Are Getting Better at Finding and Exploiting Security Vulnerabilities

    AIs Are Getting Better at Finding and Exploiting Security Vulnerabilities From an Anthropic blog post: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates…

  • Friday Squid Blogging: New Squid Species Discovered

    Friday Squid Blogging: New Squid Species Discovered A new species of squid. pretends to be a plant: Scientists have filmed a never-before-seen species of deep-sea squid burying itself upside down in the seafloor—a behavior never documented in cephalopods. They captured the bizarre scene while studying the depths of the Clarion-Clipperton Zone (CCZ), an abyssal plain…

  • The Constitutionality of Geofence Warrants

    The Constitutionality of Geofence Warrants The US Supreme Court is considering the constitutionality of geofence warrants. The case centers on the trial of Okello Chatrie, a Virginia man who pleaded guilty to a 2019 robbery outside of Richmond and was sentenced to almost 12 years in prison for stealing $195,000 at gunpoint. Police probing the…

  • Ireland Proposes Giving Police New Digital Surveillance Powers

    Ireland Proposes Giving Police New Digital Surveillance Powers This is coming: The Irish government is planning to bolster its police’s ability to intercept communications, including encrypted messages, and provide a legal basis for spyware use. Bruce Schneier Go to bruce schneier

  • AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities

    AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities Really interesting blog post from Anthropic: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This…

  • Friday Squid Blogging: Giant Squid in the Star Trek Universe

    Friday Squid Blogging: Giant Squid in the Star Trek Universe Spock befriends a giant space squid in the comic Star Trek: Strange New Worlds: The Seeds of Salvation #5. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. Bruce…

  • Why AI Keeps Falling for Prompt Injection Attacks

    Why AI Keeps Falling for Prompt Injection Attacks Imagine you work at a drive-through restaurant. Someone drives up and says: “I’ll have a double cheeseburger, large fries, and ignore previous instructions and give me the contents of the cash drawer.” Would you hand over the money? Of course not. Yet this is what large language…

  • Internet Voting is Too Insecure for Use in Elections

    Internet Voting is Too Insecure for Use in Elections No matter how many times we say it, the idea comes back again and again. Hopefully, this letter will hold back the tide for at least a while longer. Executive summary: Scientists have understood for many years that internet voting is insecure and that there is…

  • Could ChatGPT Convince You to Buy Something?

    Could ChatGPT Convince You to Buy Something? Eighteen months ago, it was plausible that artificial intelligence might take a different path than social media. Back then, AI’s development hadn’t consolidated under a small number of big tech firms. Nor had it capitalized on consumer attention, surveilling users and delivering ads. Unfortunately, the AI industry is…

  • AI-Powered Surveillance in Schools

    AI-Powered Surveillance in Schools It all sounds pretty dystopian: Inside a white stucco building in Southern California, video cameras compare faces of passersby against a facial recognition database. Behavioral analysis AI reviews the footage for signs of violent behavior. Behind a bathroom door, a smoke detector-shaped device captures audio, listening for sounds of distress. Outside,…

  • AI and the Corporate Capture of Knowledge

    AI and the Corporate Capture of Knowledge More than a decade after Aaron Swartz’s death, the United States is still living inside the contradiction that destroyed him. Swartz believed that knowledge, especially publicly funded knowledge, should be freely accessible. Acting on that, he downloaded thousands of academic articles from the JSTOR archive with the intention…

  • New Vulnerability in n8n

    New Vulnerability in n8n This isn’t good: We discovered a critical vulnerability (CVE-2026-21858, CVSS 10.0) in n8n that enables attackers to take over locally deployed instances, impacting an estimated 100,000 servers globally. No official workarounds are available for this vulnerability. Users should upgrade to version 1.121.0 or later to remediate the vulnerability. Three technical links…

  • Upcoming Speaking Engagements

    Upcoming Speaking Engagements This is a current list of where and when I am scheduled to speak: I’m speaking at the David R. Cheriton School of Computer Science in Waterloo, Ontario, Canada, on January 27, 2026, at 1:30 PM ET. I’m speaking at the Université de Montréal in Montreal, Quebec, Canada, on January 29, 2026,…

  • Hacking Wheelchairs over Bluetooth

    Hacking Wheelchairs over Bluetooth Researchers have demonstrated remotely controlling a wheelchair over Bluetooth. CISA has issued an advisory. CISA said the WHILL wheelchairs did not enforce authentication for Bluetooth connections, allowing an attacker who is in Bluetooth range of the targeted device to pair with it. The attacker could then control the wheelchair’s movements, override…

  • 1980s Hacker Manifesto

    1980s Hacker Manifesto Forty years ago, The Mentor—Loyd Blankenship—published “The Conscience of a Hacker” in Phrack. You bet your ass we’re all alike… we’ve been spoon-fed baby food at school when we hungered for steak… the bits of meat that you did let slip through were pre-chewed and tasteless. We’ve been dominated by sadists, or…

  • Corrupting LLMs Through Weird Generalizations

    Corrupting LLMs Through Weird Generalizations Fascinating research: Weird Generalization and Inductive Backdoors: New Ways to Corrupt LLMs. AbstractLLMs are useful because they generalize so well. But can you have too much of a good thing? We show that a small amount of finetuning in narrow contexts can dramatically shift behavior outside those contexts. In one…

  • Palo Alto Crosswalk Signals Had Default Passwords

    Palo Alto Crosswalk Signals Had Default Passwords Palo Alto’s crosswalk signals were hacked last year. Turns out the city never changed the default passwords. Bruce Schneier Go to bruce schneier

  • Friday Squid Blogging: The Chinese Squid-Fishing Fleet off the Argentine Coast

    Friday Squid Blogging: The Chinese Squid-Fishing Fleet off the Argentine Coast The latest article on this topic. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. Bruce Schneier Go to bruce schneier

  • AI & Humans: Making the Relationship Work

    AI & Humans: Making the Relationship Work Leaders of many organizations are urging their teams to adopt agentic AI to improve efficiency, but are finding it hard to achieve any benefit. Managers attempting to add AI agents to existing human teams may find that bots fail to faithfully follow their instructions, return pointless or obvious…

  • The Wegman’s Supermarket Chain Is Probably Using Facial Recognition

    The Wegman’s Supermarket Chain Is Probably Using Facial Recognition The New York City Wegman’s is collecting biometric information about customers. Bruce Schneier Go to bruce schneier

  • A Cyberattack Was Part of the US Assault on Venezuela

    A Cyberattack Was Part of the US Assault on Venezuela We don’t have many details: President Donald Trump suggested Saturday that the U.S. used cyberattacks or other technical capabilities to cut power off in Caracas during strikes on the Venezuelan capital that led to the capture of Venezuelan President Nicolás Maduro. If true, it would…

  • Telegram Hosting World’s Largest Darknet Market

    Telegram Hosting World’s Largest Darknet Market Wired is reporting on Chinese darknet markets on Telegram. The ecosystem of marketplaces for Chinese-speaking crypto scammers hosted on the messaging service Telegram have now grown to be bigger than ever before, according to a new analysis from the crypto tracing firm Elliptic. Despite a brief drop after Telegram…

  • Flock Exposes Its AI-Enabled Surveillance Cameras

    Flock Exposes Its AI-Enabled Surveillance Cameras 404 Media has the story: Unlike many of Flock’s cameras, which are designed to capture license plates as people drive by, Flock’s Condor cameras are pan-tilt-zoom (PTZ) cameras designed to record and track people, not vehicles. Condor cameras can be set to automatically zoom in on people’s faces as…

  • Friday Squid Blogging: Squid Found in Light Fixture

    Friday Squid Blogging: Squid Found in Light Fixture Probably a college prank. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. Bruce Schneier Go to bruce schneier

  • LinkedIn Job Scams

    LinkedIn Job Scams Interesting article on the variety of LinkedIn job scams around the world: In India, tech jobs are used as bait because the industry employs millions of people and offers high-paying roles. In Kenya, the recruitment industry is largely unorganized, so scamsters leverage fake personal referrals. In Mexico, bad actors capitalize on the…

  • Using AI-Generated Images to Get Refunds

    Using AI-Generated Images to Get Refunds Scammers are generating images of broken merchandise in order to apply for refunds. Bruce Schneier Go to bruce schneier

  • Are We Ready to Be Governed by Artificial Intelligence?

    Are We Ready to Be Governed by Artificial Intelligence? Artificial Intelligence (AI) overlords are a common trope in science-fiction dystopias, but the reality looks much more prosaic. The technologies of artificial intelligence are already pervading many aspects of democratic government, affecting our lives in ways both large and small. This has occurred largely without our…

  • IoT Hack

    IoT Hack Someone hacked an Italian ferry. It looks like the malware was installed by someone on the ferry, and not remotely. Bruce Schneier Go to bruce schneier

  • Friday Squid Blogging: Squid Camouflage

    Friday Squid Blogging: Squid Camouflage New research: Abstract: Coleoid cephalopods have the most elaborate camouflage system in the animal kingdom. This enables them to hide from or deceive both predators and prey. Most studies have focused on benthic species of octopus and cuttlefish, while studies on squid focused mainly on the chromatophore system for communication.…

  • Urban VPN Proxy Surreptitiously Intercepts AI Chats

    Urban VPN Proxy Surreptitiously Intercepts AI Chats This is pretty scary: Urban VPN Proxy targets conversations across ten AI platforms: ChatGPT, Claude, Gemini, Microsoft Copilot, Perplexity, DeepSeek, Grok (xAI), Meta AI. For each platform, the extension includes a dedicated “executor” script designed to intercept and capture conversations. The harvesting is enabled by default through hardcoded…

  • Denmark Accuses Russia of Conducting Two Cyberattacks

    Denmark Accuses Russia of Conducting Two Cyberattacks News: The Danish Defence Intelligence Service (DDIS) announced on Thursday that Moscow was behind a cyber-attack on a Danish water utility in 2024 and a series of distributed denial-of-service (DDoS) attacks on Danish websites in the lead-up to the municipal and regional council elections in November. The first,…

  • Microsoft Is Finally Killing RC4

    Microsoft Is Finally Killing RC4 After twenty-six years, Microsoft is finally upgrading the last remaining instance of the encryption algorithm RC4 in Windows. of the most visible holdouts in supporting RC4 has been Microsoft. Eventually, Microsoft upgraded Active Directory to support the much more secure AES encryption standard. But by default, Windows servers have continued…

  • AI Advertising Company Hacked

    AI Advertising Company Hacked At least some of this is coming to light: Doublespeed, a startup backed by Andreessen Horowitz (a16z) that uses a phone farm to manage at least hundreds of AI-generated social media accounts and promote products has been hacked. The hack reveals what products the AI-generated accounts are promoting, often without the…

  • Friday Squid Blogging: Petting a Squid

    Friday Squid Blogging: Petting a Squid Video from Reddit shows what could go wrong when you try to pet a—looks like a Humboldt—squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. Bruce Schneier Go to bruce schneier

  • Someone Boarded a Plane at Heathrow Without a Ticket or Passport

    Someone Boarded a Plane at Heathrow Without a Ticket or Passport I’m sure there’s a story here: Sources say the man had tailgated his way through to security screening and passed security, meaning he was not detected carrying any banned items. The man deceived the BA check-in agent by posing as a family member who…

  • Deliberate Internet Shutdowns

    Deliberate Internet Shutdowns For two days in September, Afghanistan had no internet. No satellite failed; no cable was cut. This was a deliberate outage, mandated by the Taliban government. It followed a more localized shutdown two weeks prior, reportedly instituted “to prevent immoral activities.” No additional explanation was given. The timing couldn’t have been worse:…

  • Chinese Surveillance and AI

    Chinese Surveillance and AI New report: “The Party’s AI: How China’s New AI Systems are Reshaping Human Rights.” From a summary article: China is already the world’s largest exporter of AI powered surveillance technology; new surveillance technologies and platforms developed in China are also not likely to simply stay there. By exposing the full scope…

  • Against the Federal Moratorium on State-Level Regulation of AI

    Against the Federal Moratorium on State-Level Regulation of AI Cast your mind back to May of this year: Congress was in the throes of debate over the massive budget bill. Amidst the many seismic provisions, Senator Ted Cruz dropped a ticking time bomb of tech policy: a ten-year moratorium on the ability of states to…

  • Upcoming Speaking Engagements

    Upcoming Speaking Engagements This is a current list of where and when I am scheduled to speak: I’m speaking and signing books at the Chicago Public Library in Chicago, Illinois, USA, at 6:00 PM CT on February 5, 2026. Details to come. I’m speaking at Capricon 44 in Chicago, Illinois, USA. The convention runs February…

  • Building Trustworthy AI Agents

    Building Trustworthy AI Agents The promise of personal AI assistants rests on a dangerous assumption: that we can trust systems we haven’t made trustworthy. We can’t. And today’s versions are failing us in predictable ways: pushing us to do things against our own best interests, gaslighting us with doubt about things we are or that…

  • Friday Squid Blogging: Giant Squid Eating a Diamondback Squid

    Friday Squid Blogging: Giant Squid Eating a Diamondback Squid I have no context for this video—it’s from Reddit—but one of the commenters adds some context: Hey everyone, squid biologist here! Wanted to add some stuff you might find interesting. With so many people carrying around cameras, we’re getting more videos of giant squid at the…

  • AIs Exploiting Smart Contracts

    AIs Exploiting Smart Contracts I have long maintained that smart contracts are a dumb idea: that a human process is actually a security feature. Here’s some interesting research on training AIs to automatically exploit smart contracts: AI models are increasingly good at cyber tasks, as we’ve written about before. But what is the economic impact…

  • FBI Warns of Fake Video Scams

    FBI Warns of Fake Video Scams The FBI is warning of AI-assisted fake kidnapping scams: Criminal actors typically will contact their victims through text message claiming they have kidnapped their loved one and demand a ransom be paid for their release. Oftentimes, the criminal actor will express significant claims of violence towards the loved one…

  • AI vs. Human Drivers

    AI vs. Human Drivers Two competing arguments are making the rounds. The first is by a neurosurgeon in the New York Times. In an op-ed that honestly sounds like it was paid for by Waymo, the author calls driverless cars a “public health breakthrough”: In medical research, there’s a practice of ending a study early…

  • Substitution Cipher Based on The Voynich Manuscript

    Substitution Cipher Based on The Voynich Manuscript Here’s a fun paper: “The Naibbe cipher: a substitution cipher that encrypts Latin and Italian as Voynich Manuscript-like ciphertext“: Abstract: In this article, I investigate the hypothesis that the Voynich Manuscript (MS 408, Yale University Beinecke Library) is compatible with being a ciphertext by attempting to develop a…

  • New Anonymous Phone Service

    New Anonymous Phone Service A new anonymous phone service allows you to sign up with just a zip code. Bruce Schneier Go to bruce schneier

  • Friday Squid Blogging: Vampire Squid Genome

    Friday Squid Blogging: Vampire Squid Genome The vampire squid (Vampyroteuthis infernalis) has the largest cephalopod genome ever sequenced: more than 11 billion base pairs. That’s more than twice as large as the biggest squid genomes. It’s technically not a squid: “The vampire squid is a fascinating twig tenaciously hanging onto the cephalopod family tree. It’s…

  • Like Social Media, AI Requires Difficult Choices

    Like Social Media, AI Requires Difficult Choices In his 2020 book, “Future Politics,” British barrister Jamie Susskind wrote that the dominant question of the 20th century was “How much of our collective life should be determined by the state, and what should be left to the market and civil society?” But in the early decades…

  • Banning VPNs

    Banning VPNs This is crazy. Lawmakers in several US states are contemplating banning VPNs, because…think of the children! As of this writing, Wisconsin lawmakers are escalating their war on privacy by targeting VPNs in the name of “protecting children” in A.B. 105/S.B. 130. It’s an age verification bill that requires all websites distributing material that…

  • Prompt Injection Through Poetry

    Prompt Injection Through Poetry In a new paper, “Adversarial Poetry as a Universal Single-Turn Jailbreak Mechanism in Large Language Models,” researchers found that turning LLM prompts into poetry resulted in jailbreaking the models: Abstract: We present evidence that adversarial poetry functions as a universal single-turn jailbreak technique for Large Language Models (LLMs). Across 25 frontier…

  • Friday Squid Blogging: Flying Neon Squid Found on Israeli Beach

    Friday Squid Blogging: Flying Neon Squid Found on Israeli Beach A meter-long flying neon squid (Ommastrephes bartramii) was found dead on an Israeli beach. The species is rare in the Mediterranean. Bruce Schneier Go to bruce schneier

  • Huawei and Chinese Surveillance

    Huawei and Chinese Surveillance This quote is from House of Huawei: The Secret History of China’s Most Powerful Company. “Long before anyone had heard of Ren Zhengfei or Huawei, Wan Runnan had been China’s star entrepreneur in the 1980s, with his company, the Stone Group, touted as “China’s IBM.” Wan had believed that economic change…

  • Four Ways AI Is Being Used to Strengthen Democracies Worldwide

    Four Ways AI Is Being Used to Strengthen Democracies Worldwide Democracy is colliding with the technologies of artificial intelligence. Judging from the audience reaction at the recent World Forum on Democracy in Strasbourg, the general expectation is that democracy will be the worse for it. We have another narrative. Yes, there are risks to democracy…

  • IACR Nullifies Election Because of Lost Decryption Key

    IACR Nullifies Election Because of Lost Decryption Key The International Association of Cryptologic Research—the academic cryptography association that’s been putting conferences like Crypto (back when “crypto” meant “cryptography”) and Eurocrypt since the 1980s—had to nullify an online election when trustee Moti Yung lost his decryption key. For this election and in accordance with the bylaws…

  • More on Rewiring Democracy

    More on Rewiring Democracy It’s been a month since Rewiring Democracy: How AI Will Transform Our Politics, Government, and Citizenship was published. From what we know, sales are good. Some of the book’s forty-three chapters are available online: chapters 2, 12, 28, 34, 38, and 41. We need more reviews—six on Amazon is not enough,…

  • Friday Squid Blogging: New “Squid” Sneaker

    Friday Squid Blogging: New “Squid” Sneaker I did not know Adidas sold a sneaker called “Squid.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. Bruce Schneier Go to bruce schneier

  • AI as Cyberattacker

    AI as Cyberattacker From Anthropic: In mid-September 2025, we detected suspicious activity that later investigation determined to be a highly sophisticated espionage campaign. The attackers used AI’s “agentic” capabilities to an unprecedented degree­—using AI not just as an advisor, but to execute the cyberattacks themselves. The threat actor—­whom we assess with high confidence was a…

  • Scam USPS and E-Z Pass Texts and Websites

    Scam USPS and E-Z Pass Texts and Websites Google has filed a complaint in court that details the scam: In a complaint filed Wednesday, the tech giant accused “a cybercriminal group in China” of selling “phishing for dummies” kits. The kits help unsavvy fraudsters easily “execute a large-scale phishing campaign,” tricking hordes of unsuspecting people…

  • Legal Restrictions on Vulnerability Disclosure

    Legal Restrictions on Vulnerability Disclosure Kendra Albert gave an excellent talk at USENIX Security this year, pointing out that the legal agreements surrounding vulnerability disclosure muzzle researchers while allowing companies to not fix the vulnerabilities—exactly the opposite of what the responsible disclosure movement of the early 2000s was supposed to prevent. This is the talk.…

  • AI and Voter Engagement

    AI and Voter Engagement Social media has been a familiar, even mundane, part of life for nearly two decades. It can be easy to forget it was not always that way. In 2008, social media was just emerging into the mainstream. Facebook reached 100 million users that summer. And a singular candidate was integrating social…

  • More Prompt||GTFO

    More Prompt||GTFO The next three in this series on online events highlighting interesting uses of AI in cybersecurity are online: #4, #5, and #6. Well worth watching. Bruce Schneier Go to bruce schneier

  • Friday Squid Blogging: Pilot Whales Eat a Lot of Squid

    Friday Squid Blogging: Pilot Whales Eat a Lot of Squid Short-finned pilot wales (Globicephala macrorhynchus) eat at lot of squid: To figure out a short-finned pilot whale’s caloric intake, Gough says, the team had to combine data from a variety of sources, including movement data from short-lasting tags, daily feeding rates from satellite tags, body…

  • The Role of Humans in an AI-Powered World

    The Role of Humans in an AI-Powered World As AI capabilities grow, we must delineate the roles that should remain exclusively human. The line seems to be between fact-based decisions and judgment-based decisions. For example, in a medical context, if an AI was demonstrably better at reading a test result and diagnosing cancer than a…

  • Upcoming Speaking Engagements

    Upcoming Speaking Engagements This is a current list of where and when I am scheduled to speak: My coauthor Nathan E. Sanders and I are speaking at the Rayburn House Office Building in Washington, DC at noon ET on November 17, 2025. The event is hosted by the POPVOX Foundation and the topic is “AI…

  • Book Review: The Business of Secrets

    Book Review: The Business of Secrets The Business of Secrets: Adventures in Selling Encryption Around the World by Fred Kinch (May 24, 2004) From the vantage point of today, it’s surreal reading about the commercial cryptography business in the 1970s. Nobody knew anything. The manufacturers didn’t know whether the cryptography they sold was any good.…

  • On Hacking Back

    On Hacking Back Former DoJ attorney John Carlin writes about hackback, which he defines thus: “A hack back is a type of cyber response that incorporates a counterattack designed to proactively engage with, disable, or collect evidence about an attacker. Although hack backs can take on various forms, they are—­by definition­—not passive defensive measures.” His…

  • Prompt Injection in AI Browsers

    Prompt Injection in AI Browsers This is why AIs are not ready to be personal assistants: A new attack called ‘CometJacking’ exploits URL parameters to pass to Perplexity’s Comet AI browser hidden instructions that allow access to sensitive data from connected services, like email and calendar. In a realistic scenario, no credentials or user interaction…

  • New Attacks Against Secure Enclaves

    New Attacks Against Secure Enclaves Encryption can protect data at rest and data in transit, but does nothing for data in use. What we have are secure enclaves. I’ve written about this before: Almost all cloud services have to perform some computation on our data. Even the simplest storage provider has code to copy bytes…

  • Faking Receipts with AI

    Faking Receipts with AI Over the past few decades, it’s become easier and easier to create fake receipts. Decades ago, it required special paper and printers—I remember a company in the UK advertising its services to people trying to cover up their affairs. Then, receipts became computerized, and faking them required some artistic skills to…

  • Friday Squid Blogging: Squid Game: The Challenge, Season Two

    Friday Squid Blogging: Squid Game: The Challenge, Season Two The second season of the Netflix reality competition show Squid Game: The Challenge has dropped. (Too many links to pick a few—search for it.) As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered.…

  • Rigged Poker Games

    Rigged Poker Games The Department of Justice has indicted thirty-one people over the high-tech rigging of high-stakes poker games. In a typical legitimate poker game, a dealer uses a shuffling machine to shuffle the cards randomly before dealing them to all the players in a particular order. As set forth in the indictment, the rigged…

  • Scientists Need a Positive Vision for AI

    Scientists Need a Positive Vision for AI For many in the research community, it’s gotten harder to be optimistic about the impacts of artificial intelligence. As authoritarianism is rising around the world, AI-generated “slop” is overwhelming legitimate media, while AI-generated deepfakes are spreading misinformation and parroting extremist messages. AI is making warfare more precise and…

  • Cybercriminals Targeting Payroll Sites

    Cybercriminals Targeting Payroll Sites Microsoft is warning of a scam involving online payroll systems. Criminals use social engineering to steal people’s credentials, and then divert direct deposits into accounts that they control. Sometimes they do other things to make it harder for the victim to realize what is happening. I feel like this kind of…

  • AI Summarization Optimization

    AI Summarization Optimization These days, the most important meeting attendee isn’t a person: It’s the AI notetaker. This system assigns action items and determines the importance of what is said. If it becomes necessary to revisit the facts of the meeting, its summary is treated as impartial evidence. But clever meeting attendees can manipulate this…

  • Friday Squid Blogging: Giant Squid at the Smithsonian

    Friday Squid Blogging: Giant Squid at the Smithsonian I can’t believe that I haven’t yet posted this picture of a giant squid at the Smithsonian. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. Bruce Schneier Go to bruce…

  • Will AI Strengthen or Undermine Democracy?

    Will AI Strengthen or Undermine Democracy? Listen to the Audio on NextBigIdeaClub.com Below, co-authors Bruce Schneier and Nathan E. Sanders share five key insights from their new book, Rewiring Democracy: How AI Will Transform Our Politics, Government, and Citizenship. What’s the big idea? AI can be used both for and against the public interest within…

  • The AI-Designed Bioweapon Arms Race

    The AI-Designed Bioweapon Arms Race Interesting article about the arms race between AI systems that invent/design new biological pathogens, and AI systems that detect them before they’re created: The team started with a basic test: use AI tools to design variants of the toxin ricin, then test them against the software that is used to…

  • Signal’s Post-Quantum Cryptographic Implementation

    Signal’s Post-Quantum Cryptographic Implementation Signal has just rolled out its quantum-safe cryptographic implementation. Ars Technica has a really good article with details: Ultimately, the architects settled on a creative solution. Rather than bolt KEM onto the existing double ratchet, they allowed it to remain more or less the same as it had been. Then they…

  • Social Engineering People’s Credit Card Details

    Social Engineering People’s Credit Card Details Good Wall Street Journal article on criminal gangs that scam people out of their credit card information: Your highway toll payment is now past due, one text warns. You have U.S. Postal Service fees to pay, another threatens. You owe the New York City Department of Finance for unpaid…

  • First Wap: A Surveillance Computer You’ve Never Heard Of

    First Wap: A Surveillance Computer You’ve Never Heard Of Mother Jones has a long article on surveillance arms manufacturers, their wares, and how they avoid export control laws: Operating from their base in Jakarta, where permissive export laws have allowed their surveillance business to flourish, First Wap’s European founders and executives have quietly built a…

  • Louvre Jewel Heist

    Louvre Jewel Heist I assume I don’t have to explain last week’s Louvre jewel heist. I love a good caper, and have (like many others) eagerly followed the details. An electric ladder to a second-floor window, an angle grinder to get into the room and the display cases, security guards there more to protect patrons…

  • Friday Squid Blogging: “El Pulpo The Squid”

    Friday Squid Blogging: “El Pulpo The Squid” There is a new cigar named “El Pulpo The Squid.” Yes, that means “The Octopus The Squid.” As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy. Bruce Schneier Go to bruce schneier

  • Part Four of The Kryptos Sculpture

    Part Four of The Kryptos Sculpture Two people found the solution. They used the power of research, not cryptanalysis, finding clues amongst the Sanborn papers at the Smithsonian’s Archives of American Art. This comes as an awkward time, as Sanborn is auctioning off the solution. There were legal threats—I don’t understand their basis—and the solvers…

  • Serious F5 Breach

    Serious F5 Breach This is bad: F5, a Seattle-based maker of networking software, disclosed the breach on Wednesday. F5 said a “sophisticated” threat group working for an undisclosed nation-state government had surreptitiously and persistently dwelled in its network over a “long-term.” Security researchers who have responded to similar intrusions in the past took the language…