Security Vulnerability in Saflok’s RFID-Based Keycard Locks

Its pretty devastating: Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security vulnerabilities that would allow a hacker to almost instantly open several models of...

On Secure Voting Systems

Andrew Appel shepherded a public comment--signed by twenty election cybersecurity experts, including myself--on best practices for ballot marking devices and vote tabulation. It was written for the Pennsylvania legislature, but its general in nature. From the executive summary: We believe that no...

AI and Trust

Watch the Video on YouTube.com A 15-minute talk by Bruce Schneier...

Licensing AI Engineers

The debate over professionalizing software engineers is decades old. The basic idea is that, like lawyers and architects, there should be some professional licensing requirement for software engineers. Heres a law journal article recommending the same idea for AI engineers. This Article proposes...

Friday Squid Blogging: New Species of Squid Discovered

A new species of squid was discovered, along with about a hundred other species. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

Google Pays $10M in Bug Bounties in 2023

BleepingComputer has the details. Its $2M less than in 2022, but its still a lot. The highest reward for a vulnerability report in 2023 was $113,337, while the total tally since the programs launch in 2010 has reached $59 million. For Android, the worlds most popular and widely used mobile...

Public AI as an Alternative to Corporate AI

This mini-essay was my contribution to a round table on Power and Governance in the Age of AI. Its nothing I havent said here before, but for anyone who hasnt read my longer essays on the topic, its a shorter introduction. The increasingly centralized control of AI is an ominous sign. When tech...

Cheating Automatic Toll Booths by Obscuring License Plates

The Wall Street Journal is reporting on a variety of techniques drivers are using to obscure their license plates so that automatic readers cant identify them and charge tolls properly. Some drivers have power-washed paint off their plates or covered them with a range of household items such as...

AI and the Evolution of Social Media

Oh, how the mighty have fallen. A decade ago, social media was celebrated for sparking democratic uprisings in the Arab world and beyond. Now front pages are splashed with stories of social platforms’ role in misinformation, business conspiracy, malfeasance, and risks to mental health. In a 2022...

Drones and the US Air Force

Fascinating analysis of the use of drones on a modern battlefield--that is, Ukraine--and the inability of the US Air Force to react to this change. The F-35A certainly remains an important platform for high-intensity conventional warfare. But the Air Force is planning to buy 1,763 of the aircraft...

Friday Squid Blogging: Operation Squid

Operation Squid found 1.3 tons of cocaine hidden in frozen fish. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

Improving C++

C++ guru Herb Sutter writes about how we can improve the programming language for better security. The immediate problem "is" that it’s Too Easy By Default™ to write security and safety vulnerabilities in C++ that would have been caught by stricter enforcement of known rules for type, bounds,...

Automakers Are Sharing Driver Data with Insurers without Consent

Kasmir Hill has the story: Modern cars are internet-enabled, allowing access to services like navigation, roadside assistance and car apps that drivers can connect to their vehicles to locate them or unlock them remotely. In recent years, automakers, including G.M., Honda, Kia and Hyundai, have...

Burglars Using Wi-Fi Jammers to Disable Security Cameras

The arms race continues, as burglars are learning how to use jammers to disable Wi-Fi security cameras...

Jailbreaking LLMs with ASCII Art

Researchers have demonstrated that putting words in ASCII art can cause LLMs--GPT-3.5, GPT-4, Gemini, Claude, and Llama2--to ignore their safety instructions. Research paper...

Using LLMs to Unredact Text

Initial results in using LLMs to unredact text based on the size of the individual-word redaction rectangles. This feels like something that a specialized ML system could be trained on...

Friday Squid Blogging: New Plant Looks Like a Squid

Newly discovered plant looks like a squid. And its super weird: The plant, which grows to 3 centimetres tall and 2 centimetres wide, emerges to the surface for as little as a week each year. It belongs to a group of plants known as fairy lanterns and has been given the scientific name...

Essays from the Second IWORD

The Ash Center has posted a series of twelve essays stemming from the Second Interdisciplinary Workshop on Reimagining Democracy IWORD 2023. Aviv Ovadya, Democracy as Approximation: A Primer for “AI for Democracy” Innovators Kathryn Peters, Permission and Participation Claudia Chwalisz, Moving...

A Taxonomy of Prompt Injection Attacks

Researchers ran a global prompt hacking competition, and have documented the results in a paper that both gives a lot of good examples and tries to organize a taxonomy of effective prompt injection strategies. It seems as if the most common successful strategy is the "compound instruction attack,...

How Public AI Can Strengthen Democracy

With the worlds focus turning to misinformation, manipulation, and outright propaganda ahead of the 2024 U.S. presidential election, we know that democracy has an AI problem. But were learning that AI has a democracy problem, too. Both challenges must be addressed for the sake of democratic...

Surveillance through Push Notifications

The Washington Post is reporting on the FBIs increasing use of push notification data--"push tokens"--to identify people. The police can request this data from companies like Apple and Google without a warrant. The investigative technique goes back years. Court orders that were issued in 2019 to...

The Insecurity of Video Doorbells

Consumer Reports has analyzed a bunch of popular Internet-connected video doorbells. Their security is terrible. First, these doorbells expose your home IP address and WiFi network name to the internet without encryption, potentially opening your home network to online criminals. … Anyone who can...

LLM Prompt Injection Worm

Researchers have demonstrated a worm that spreads through prompt injection. Details: In one instance, the researchers, acting as attackers, wrote an email including the adversarial text prompt, which "poisons" the database of an email assistant using retrieval-augmented generation RAG, a way for...

Friday Squid Blogging: New Extinct Species of Vampire Squid Discovered

Paleontologists have discovered a 183-million-year-old species of vampire squid. Prior research suggests that the vampyromorph lived in the shallows off an island that once existed in what is now the heart of the European mainland. The research team believes that the remarkable degree of...

NIST Cybersecurity Framework 2.0

NIST has released version 2.0 of the Cybersecurity Framework: The CSF 2.0, which supports implementation of the National Cybersecurity Strategy, has an expanded scope that goes beyond protecting critical infrastructure, such as hospitals and power plants, to all organizations in any sector. It al...

How the “Frontier” Became the Slogan of Uncontrolled AI

Artificial intelligence AI has been billed as the next frontier of humanity: the newly available expanse whose exploration will drive the next era of growth, wealth, and human flourishing. Its a scary metaphor. Throughout American history, the drive for expansion and the very concept of terrain u...

A Cyber Insurance Backstop

In the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would cover a $700 million claim filed after the devastating NotPetya cyberattack in 2017. The malware ultimately infected more than 40,000 of...

China Surveillance Company Hacked

Last week, someone posted something like 570 files, images and chat logs from a Chinese company called I-Soon. I-Soon sells hacking and espionage services to Chinese national and local government. Lots of details in the news articles. These arent details about the tools or techniques, more the...

Apple Announces Post-Quantum Encryption Algorithms for iMessage

Apple announced PQ3, its post-quantum encryption standard based on the Kyber secure key-encapsulation protocol, one of the post-quantum algorithms selected by NIST in 2022. Theres a lot of detail in the Apple blog post, and more in Douglas Stabilas security analysis. I am of two minds about this...

Friday Squid Blogging: Illex Squid and Climate Change

There are correlations between the populations of the Illex Argentines squid and water temperatures. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

AIs Hacking Websites

New research: LLM Agents can Autonomously Hack Websites Abstract: In recent years, large language models LLMs have become increasingly capable and can now interact with tools i.e., call functions, read documents, and recursively call themselves. As a result, these LLMs can now function autonomous...

New Image/Video Prompt Injection Attacks

Simon Willison has been playing with the video processing capabilities of the new Gemini Pro 1.5 model from Google, and its really impressive. Which means a lot of scary new video prompt injection attacks. And remember, given the current state of technology, prompt injection attacks are impossibl...

Details of a Phone Scam

First-person account of someone who fell for a scam, that started as a fake Amazon service rep and ended with a fake CIA agent, and lost $50,000 cash. And this is not a naive or stupid person. The details are fascinating. And if you think it couldnt happen to you, think again. Given the right set...

Microsoft Is Spying on Users of Its AI Tools

Microsoft announced that it caught Chinese, Russian, and Iranian hackers using its AI tools--presumably coding tools--to improve their hacking abilities. From their report: In collaboration with OpenAI, we are sharing threat intelligence showing detected state affiliated adversaries--tracked as...

EU Court of Human Rights Rejects Encryption Backdoors

The European Court of Human Rights has ruled that breaking end-to-end encryption by adding backdoors violates human rights: Seemingly most critically, the Russian government told the ECHR that any intrusion on private lives resulting from decrypting messages was "necessary" to combat terrorism in...

Friday Squid Blogging: Vegan Squid-Ink Pasta

It uses black beans for color and seaweed for flavor. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

On the Insecurity of Software Bloat

Good essay on software bloat and the insecurities it causes. The world ships too much code, most of it by third parties, sometimes unintended, most of it uninspected. Because of this, there is a huge attack surface full of mediocre code. Efforts are ongoing to improve the quality of code itself,...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at the Munich Security Conference MSC 2024 in Munich, Germany, on Friday, February 16, 2024. I’m giving a keynote on “AI and Trust” at Generative AI, Free Speech, & Public Discourse. The symposium will be held at...

Improving the Cryptanalysis of Lattice-Based Public-Key Algorithms

The winner of the Best Paper Award at Crypto this year was a significant improvement to lattice-based cryptanalysis. This is important, because a bunch of NISTs post-quantum options base their security on lattice problems. I worry about standardizing on post-quantum algorithms too quickly. We are...

A Hacker’s Mind is Out in Paperback

The paperback version of A Hackers Mind has just been published. Its the same book, only a cheaper format. But--and this is the real reason I am posting this--Amazon has significantly discounted the hardcover to $15 to get rid of its stock. This is much cheaper than I am selling it for, and cheap...

Molly White Reviews Blockchain Book

Molly White--of "Web3 is Going Just Great" fame--reviews Chris Dixons blockchain solutions book: Read Write Own: In fact, throughout the entire book, Dixon fails to identify a single blockchain project that has successfully provided a non-speculative service at any kind of scale. The closest he...

On Passkey Usability

Matt Burgess tries to only use passkeys. The results are mixed...

Friday Squid Blogging: A Penguin Named “Squid”

Amusing story about a penguin named "Squid." As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

No, Toothbrushes Were Not Used in a Massive DDoS Attack

The widely reported story last week that 1.5 million smart toothbrushes were hacked and used in a DDoS attack is false. Near as I can tell, a German reporter talking to someone at Fortinet got it wrong, and then everyone else ran with it without reading the German text. It was a hypothetical, whi...

On Software Liabilities

Over on Lawfare, Jim Dempsey published a really interesting proposal for software liability: "Standard for Software Liability: Focus on the Product for Liability, Focus on the Process for Safe Harbor." Section 1 of this paper sets the stage by briefly describing the problem to be solved. Section ...

Teaching LLMs to Be Deceptive

Interesting research: "Sleeper Agents: Training Deceptive LLMs that Persist Through Safety Training": Abstract: Humans are capable of strategically deceptive behavior: behaving helpfully in most situations, but then behaving very differently in order to pursue alternative objectives when given th...

Documents about the NSA’s Banning of Furby Toys in the 1990s

Via a FOIA request, we have documents from the NSA about their banning of Furby toys. 404 Media has the story. EDITED TO ADD: The documents are now on Archive.org...

Deepfake Fraud

A deepfake video conference call--with everyone else on the call a fake--fooled a finance worker into sending $25M to the criminals account...

Friday Squid Blogging: Illex Squid in Argentina Waters

Argentina is reporting that there is a good population of illex squid in its waters ready for fishing, and is working to ensure that Chinese fishing boats dont take it all. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my bl...

David Kahn

David Kahn has died. His groundbreaking book, The Codebreakers was the first serious book I read about codebreaking, and one of the primary reasons I entered this field. He will be missed. EDITED TO ADD 2/4: Funeral website. EDITED TO ADD 2/10: New York Times obituary...