Lucene search
K
SchneierMost viewed

2979 matches found

Schneier on Security
Schneier on Security
added 2022/11/11 12:25 p.m.12 views

NSA Over-surveillance

Here in 2022, we have a newly declassified 2016 Inspector General report--"Misuse of Sigint Systems"--about a 2013 NSA program that resulted in the unauthorized that is, illegal targeting of Americans. Given all we learned from Edward Snowden, this feels like a minor coda. Theres nothing really...

2.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/10/31 11:29 a.m.12 views

Apple Only Commits to Patching Latest OS Version

People have suspected this for a while, but Apple has made it official. It only commits to fully patching the latest version of its OS, even though it claims to support older versions. From ArsTechnica: In other words, while Apple will provide security-related updates for older versions of its...

1.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/10/14 9:20 p.m.12 views

Friday Squid Blogging: On Squid Ink

Its aimed at children, but its a good primer. As usual, you can also use this squid post to talk about the security stories in the news that I havent covered. Read my blog posting guidelines here...

1.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/10/07 9:5 p.m.12 views

Friday Squid Blogging: Emotional Support Squid

The Monterey Bay Aquarium has a video--"2 Hours Of Squid To Relax/Study/Work To"--with 2.4 million views. As usual, you can also use this squid post to talk about the security stories in the news that I havent covered. Read my blog posting guidelines here...

2.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/09/15 3:28 p.m.12 views

Relay Attack against Teslas

Nice work: Radio relay attacks are technically complicated to execute, but conceptually easy to understand: attackers simply extend the range of your existing key using what is essentially a high-tech walkie-talkie. One thief stands near you while youre in the grocery store, intercepting your key...

0.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/09/09 9:3 p.m.12 views

Friday Squid Blogging: Colossal Squid in New Zealand Museum

Its in Timaru. As usual, you can also use this squid post to talk about the security stories in the news that I havent covered. Read my blog posting guidelines here...

1.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/09/08 3:14 p.m.12 views

Facebook Has No Idea What Data It Has

This is from a court deposition: Facebooks stonewalling has been revealing on its own, providing variations on the same theme: It has amassed so much data on so many billions of people and organized it so confusingly that full transparency is impossible on a technical level. In the March 2022...

1.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/07/20 3:32 p.m.12 views

Russia Creates Malware False-Flag App

The Russian hacking group Turla released an Android app that seems to aid Ukrainian hackers in their attacks against Russian networks. Its actually malware, and provides information back to the Russians: The hackers pretended to be a "community of free people around the world who are fighting...

1.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/07/15 11:17 a.m.12 views

San Francisco Police Want Real-Time Access to Private Surveillance Cameras

Surely no one could have predicted this: The new proposal--championed by Mayor London Breed after Novembers wild weekend of orchestrated burglaries and theft in the San Francisco Bay Area--would authorize the police department to use non-city-owned security cameras and camera networks to live...

0.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/06/17 9:5 p.m.12 views

Friday Squid Blogging: Signature Steamed Giant Squid with Thai Lime Sauce

From a restaurant in Singapore. Its not actually giant squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

1.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/05/31 11:6 a.m.12 views

The Limits of Cyber Operations in Wartime

Interesting paper by Lennart Maschmeyer: "The Subversive Trilemma: Why Cyber Operations Fall Short of Expectations": Abstract: Although cyber conflict has existed for thirty years, the strategic utility of cyber operations remains unclear. Many expect cyber operations to provide independent utili...

2.3AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/05/16 11:34 a.m.12 views

The NSA Says that There are No Known Flaws in NIST’s Quantum-Resistant Algorithms

Rob Joyce, the director of cybersecurity at the NSA, said so in an interview: The NSA already has classified quantum-resistant algorithms of its own that it developed over many years, said Joyce. But it didnt enter any of its own in the contest. The agencys mathematicians, however, worked with NI...

0.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/05/11 2:24 p.m.12 views

ICE Is a Domestic Surveillance Agency

Georgetown has a new report on the highly secretive bulk surveillance activities of ICE in the US: When you think about government surveillance in the United States, you likely think of the National Security Agency or the FBI. You might even think of a powerful police agency, such as the New York...

0.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/04/15 9:7 p.m.12 views

Friday Squid Blogging: Strawberry Squid Video

Beautiful video shot off the California coast. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

2.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/03/17 11:16 a.m.12 views

“Change Password”

Oops: Instead of telling you when its safe to cross the street, the walk signs in Crystal City, VA are just repeating CHANGE PASSWORD. Somethings gone terribly wrong here...

1.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/03/04 10:4 p.m.12 views

Friday Squid Blogging: Far Side Cartoon

Squid, of course. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

1.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/03/01 12:6 p.m.12 views

Decrypting Hive Ransomware Data

Nice piece of research: Abstract: Among the many types of malicious codes, ransomware poses a major threat. Ransomware encrypts data and demands a ransom in exchange for decryption. As data recovery is impossible if the encryption key is not obtained, some companies suffer from considerable damag...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/01/14 12:13 p.m.12 views

Using EM Waves to Detect Malware

I dont even know what I think about this. Researchers have developed a malware detection system that uses EM waves: "Obfuscation Revealed: Leveraging Electromagnetic Signals for Obfuscated Malware Classification." Abstract: The Internet of Things IoT is constituted of devices that are exponential...

0.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/01/07 12:13 p.m.12 views

Norton’s Antivirus Product Now Includes an Ethereum Miner

Norton 360 can now mine Ethereum. Its opt-in, and the company keeps 15%. Its hard to uninstall this option...

1.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/01/06 12:29 p.m.12 views

People Are Increasingly Choosing Private Web Search

DuckDuckGo has had a banner year: And yet, DuckDuckGo. The privacy-oriented search engine netted more than 35 billion search queries in 2021, a 46.4% jump over 2020 23.6 billion. Thats big. Even so, the company, which bills itself as the "Internet privacy company," offering a search engine and...

1.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/12/22 4:20 p.m.12 views

Stolen Bitcoins Returned

The US has returned $154 million in bitcoins stolen by a Sony employee. However, on December 1, following an investigation in collaboration with Japanese law enforcement authorities, the FBI seized the 3879.16242937 BTC in Ishiis wallet after obtaining the private key, which made it possible to...

1.4AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/12/03 8:18 p.m.12 views

Friday Squid Blogging: Squeeze the Squid

Squeeze the Squid is a band. It just released its second album. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

1.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/11/19 10:12 p.m.12 views

Friday Squid Blogging: Bigfin Squid Captured on Video

"Eerie video captures elusive, alien-like squid gliding in the Gulf of Mexico." As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/11/05 9:11 p.m.12 views

Friday Squid Blogging: Squid Game Cryptocurrency Was a Scam

The Squid Game cryptocurrency was a complete scam: The SQUID cryptocurrency peaked at a price of $2,861 before plummeting to $0 around 5:40 a.m. ET., according to the website CoinMarketCap. This kind of theft, commonly called a "rug pull" by crypto investors, happens when the creators of the cryp...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/09/27 11:25 a.m.12 views

Tracking Stolen Cryptocurrencies

Good article about the current state of cryptocurrency forensics...

1.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/08/27 1:37 p.m.12 views

Details of the Recent T-Mobile Breach

Seems that 47 million customers were affected. Surprising no one, T-Mobile had awful security. Ive lost count of how many times T-Mobile has been hacked...

2.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2020/11/02 8:1 p.m.12 views

New Windows Zero-Day

Googles Project Zero has discovered and published a buffer overflow vulnerability in the Windows Kernel Cryptography Driver. The exploit doesnt affect the cryptography, but allows attackers to escalate system privileges: Attackers were combining an exploit for it with a separate one targeting a...

3.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2020/09/01 6:17 a.m.12 views

North Korea ATM Hack

The US Cybersecurity and Infrastructure Security Agency CISA published a long and technical alert describing a North Korea hacking scheme against ATMs in a bunch of countries worldwide: This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure Security Agenc...

1.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2020/08/28 4:10 p.m.12 views

Friday Squid Blogging: How Squid Survive Freezing, Oxygen-Deprived Waters

Lots of interesting genetic details. As usual, you can also use this squid post to talk about the security stories in the news that I havent covered. Read my blog posting guidelines here...

2.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2020/08/26 11:31 a.m.12 views

Amazon Supplier Fraud

Interesting story of an Amazon supplier fraud: According to the indictment, the brothers swapped ASINs for items Amazon ordered to send large quantities of different goods instead. In one instance, Amazon ordered 12 canisters of disinfectant spray costing $94.03. The defendants allegedly shipped...

1.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2020/07/10 4:48 p.m.12 views

EFF's 30th Anniversary Livestream

It's the EFF's 30th birthday, and the organization is having a celebratory livestream today from 3:00 to 10:00 pm PDT. There are a lot of interesting discussions and things. I am having a fireside chat at 4:10 pm PDT to talk about the Crypto Wars and more. Stop by. And thank you for supporting EF...

1.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2018/07/27 9:12 p.m.12 views

Friday Squid Blogging: Squid Deception

This is a fantastic video of a squid attracting prey with a tentacle that looks like a smaller squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...

1.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2018/02/09 10:17 p.m.12 views

Calling Squid "Calamari" Makes It More Appetizing

Research shows that what a food is called affects how we think about it. Research paper. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2018/02/07 12:19 p.m.12 views

Cabinet of Secret Documents from Australia

This story of leaked Australian government secrets is unlike any other I've heard: It begins at a second-hand shop in Canberra, where ex-government furniture is sold off cheaply. The deals can be even cheaper when the items in question are two heavy filing cabinets to which no-one can find the...

6.4AI score
Exploits0
Schneier on Security
Schneier on Security
added 2018/01/05 6:45 p.m.12 views

New Book Coming in September: "Click Here to Kill Everybody"

My next book is still on track for a September 2018 publication. Norton is still the publisher. The title is now Click Here to Kill Everybody: Peril and Promise on a Hyperconnected Planet, which I generally refer to as CH2KE. The table of contents has changed since I last blogged about this, and ...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2017/04/26 11:14 a.m.12 views

Analyzing Cyber Insurance Policies

There's a really interesting new paper analyzing over 100 different cyber insurance policies. From the abstract: In this research paper, we seek to answer fundamental questions concerning the current state of the cyber insurance market. Specifically, by collecting over 100 full insurance policies...

6.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/06/30 12:5 p.m.11 views

The Realities of AI Video Surveillance

The Financial Times has a good article on how AI is changing the capabilities of video surveillance, with information from both Israel/Iran and Russia. I wrote about this sort of thing a few years ago, how AI enables mass spying in the way that computers and networks enabled mass surveillance. Th...

5.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/06/12 9:5 p.m.11 views

Friday Squid Blogging: Squid-Inspired Fluid Pump

This fluid pump was inspired by the way squids propel themselves through the water. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

5.4AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/06/10 11:8 a.m.11 views

NSO Group Hacking WhatsApp Despite Court Order

WhatsApp has caught the NSO Group phishing its users, in violation of a court order...

5.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/05/22 1:58 p.m.11 views

CISA Security Leak

Crazy story: Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency CISA maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the...

5.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/05/20 2:21 p.m.11 views

On AI Security

Good report: Executive Summary: Let's say you wanted to make sure that your AI is secure. Can you just maximize the security and privacy benchmark and call it a day? Nope, because benchmarks don't actually work for measuring AI capabilities even when they are NOT emergent systemic properties like...

5.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/05/19 11:0 a.m.11 views

Laurie Anderson Is Quoting Me

Not by name, but Laurie Anderson quotes me in one of the tracks of her new album: My favorite quote is from a cryptologist who said "If you think technology will solve your problems, you don't understand technology and you don't understand your problems." Also in interviews: "Of course, it's...

5.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/05/14 4:1 p.m.11 views

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m giving a virtual talk on “The Security of Trust in the Age of AI,” hosted by the Financial Women’s Association of New York, at 6:00 PM ET on May 21, 2026. I’m speaking at the Potsdam Conference on National Cybersecurity at the...

5.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/05/14 11:4 a.m.11 views

How Dangerous Is Anthropic’s Mythos AI?

Last month, Anthropic made a remarkable announcement about its new model, Claude Mythos Preview: it was so good at finding security vulnerabilities in software that the company would not release it to the general public. Instead, it would only be available to a select group of companies to scan a...

5.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/05/08 9:3 p.m.11 views

Friday Squid Blogging: Giant Squid Live in the Waters of Western Australia

Evidence of them has been found by analyzing DNA in the seawater. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

5.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/05/08 5:49 p.m.11 views

Insider Betting on Polymarket

Insider trading is rife on Polymarket: Analysis by the Anti-Corruption Data Collective, a non-profit research and advocacy group, found that long-shot bets--­defined as wagers of $2,500 or more at odds of 35 percent or less--­on the platform had an average win rate of around 52 percent in markets...

5.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/05/06 10:36 a.m.11 views

Rowhammer Attack Against NVIDIA Chips

A new rowhammer attack gives complete control of NVIDIA CPUs. On Thursday, two research teams, working independently of each other, demonstrated attacks against two cards from Nvidia’s Ampere generation that take GPU rowhammering into new--­and potentially much more consequential--­territory: GDD...

5.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/04/24 11:1 a.m.11 views

Hiding Bluetooth Trackers in Mail

It was used to track a Dutch naval ship: Dutch journalist Just Vervaart, working for regional media network Omroep Gelderland, followed the directions posted on the Dutch government website and mailed a postcard with a hidden tracker inside. Because of this, they were able to track the ship for...

5.4AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/04/22 11:2 a.m.11 views

ICE Uses Graphite Spyware

ICE has admitted that it uses spyware from the Israeli company Graphite...

5.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/04/21 11:4 a.m.11 views

Mexican Surveillance Company

Grupo Seguritech is a Mexican surveillance company that is expanding into the US...

5.8AI score
Exploits0
Total number of security vulnerabilities2979