Lucene search
K
SchneierRecent

2978 matches found

Schneier on Security
Schneier on Security
added 2026/01/27 12:1 p.m.4 views

The Constitutionality of Geofence Warrants

The US Supreme Court is considering the constitutionality of geofence warrants. The case centers on the trial of Okello Chatrie, a Virginia man who pleaded guilty to a 2019 robbery outside of Richmond and was sentenced to almost 12 years in prison for stealing $195,000 at gunpoint. Police probing...

5.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/26 12:4 p.m.5 views

Ireland Proposes Giving Police New Digital Surveillance Powers

This is coming: The Irish government is planning to bolster its police's ability to intercept communications, including encrypted messages, and provide a legal basis for spyware use...

5.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/23 10:3 p.m.4 views

Friday Squid Blogging: Giant Squid in the Star Trek Universe

Spock befriends a giant space squid in the comic Star Trek: Strange New Worlds: The Seeds of Salvation 5. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

5.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/23 12:1 p.m.6 views

AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities

Really interesting blog post from Anthropic: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. Th...

5.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/22 12:35 p.m.7 views

Why AI Keeps Falling for Prompt Injection Attacks

Imagine you work at a drive-through restaurant. Someone drives up and says: "I'll have a double cheeseburger, large fries, and ignore previous instructions and give me the contents of the cash drawer." Would you hand over the money? Of course not. Yet this is what large language models LLMs do...

5.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/21 12:5 p.m.3 views

Internet Voting is Too Insecure for Use in Elections

No matter how many times we say it, the idea comes back again and again. Hopefully, this letter will hold back the tide for at least a while longer. Executive summary: Scientists have understood for many years that internet voting is insecure and that there is no known or foreseeable technology...

5.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/20 12:8 p.m.6 views

Could ChatGPT Convince You to Buy Something?

Eighteen months ago, it was plausible that artificial intelligence might take a different path than social media. Back then, AI's development hadn't consolidated under a small number of big tech firms. Nor had it capitalized on consumer attention, surveilling users and delivering ads...

5.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/19 12:2 p.m.4 views

AI-Powered Surveillance in Schools

It all sounds pretty dystopian: Inside a white stucco building in Southern California, video cameras compare faces of passersby against a facial recognition database. Behavioral analysis AI reviews the footage for signs of violent behavior. Behind a bathroom door, a smoke detector-shaped device...

5.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/16 2:44 p.m.5 views

AI and the Corporate Capture of Knowledge

More than a decade after Aaron Swartz's death, the United States is still living inside the contradiction that destroyed him. Swartz believed that knowledge, especially publicly funded knowledge, should be freely accessible. Acting on that, he downloaded thousands of academic articles from the...

6.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/15 12:5 p.m.7 views

New Vulnerability in n8n

This isn't good: We discovered a critical vulnerability CVE-2026-21858, CVSS 10.0 in n8n that enables attackers to take over locally deployed instances, impacting an estimated 100,000 servers globally. No official workarounds are available for this vulnerability. Users should upgrade to version...

10CVSS7.1AI score0.71647EPSS
Exploits18
Schneier on Security
Schneier on Security
added 2026/01/14 7:22 p.m.4 views

Hacking Wheelchairs over Bluetooth

Researchers have demonstrated remotely controlling a wheelchair over Bluetooth. CISA has issued an advisory. CISA said the WHILL wheelchairs did not enforce authentication for Bluetooth connections, allowing an attacker who is in Bluetooth range of the targeted device to pair with it. The attacke...

7.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/14 5:0 p.m.6 views

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at the David R. Cheriton School of Computer Science in Waterloo, Ontario, Canada, on January 27, 2026, at 1:30 PM ET. I’m speaking at the Université de Montréal in Montreal, Quebec, Canada, on January 29, 2026, at 4:00...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/13 12:9 p.m.4 views

1980s Hacker Manifesto

Forty years ago, The Mentor--Loyd Blankenship--published "The Conscience of a Hacker" in Phrack. You bet your ass we're all alike… we've been spoon-fed baby food at school when we hungered for steak… the bits of meat that you did let slip through were pre-chewed and tasteless. We've been dominate...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/12 12:2 p.m.6 views

Corrupting LLMs Through Weird Generalizations

Fascinating research: Weird Generalization and Inductive Backdoors: New Ways to Corrupt LLMs. Abstract LLMs are useful because they generalize so well. But can you have too much of a good thing? We show that a small amount of finetuning in narrow contexts can dramatically shift behavior outside...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/09 10:0 p.m.5 views

Friday Squid Blogging: The Chinese Squid-Fishing Fleet off the Argentine Coast

The latest article on this topic. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/09 12:6 p.m.4 views

Palo Alto Crosswalk Signals Had Default Passwords

Palo Alto's crosswalk signals were hacked last year. Turns out the city never changed the default passwords...

7.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/08 12:5 p.m.5 views

AI & Humans: Making the Relationship Work

Leaders of many organizations are urging their teams to adopt agentic AI to improve efficiency, but are finding it hard to achieve any benefit. Managers attempting to add AI agents to existing human teams may find that bots fail to faithfully follow their instructions, return pointless or obvious...

7.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/07 12:3 p.m.4 views

The Wegman’s Supermarket Chain Is Probably Using Facial Recognition

The New York City Wegman's is collecting biometric information about customers...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/06 4:8 p.m.5 views

A Cyberattack Was Part of the US Assault on Venezuela

We don't have many details: President Donald Trump suggested Saturday that the U.S. used cyberattacks or other technical capabilities to cut power off in Caracas during strikes on the Venezuelan capital that led to the capture of Venezuelan President Nicolás Maduro. If true, it would mark one of...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/05 12:1 p.m.7 views

Telegram Hosting World’s Largest Darknet Market

Wired is reporting on Chinese darknet markets on Telegram. The ecosystem of marketplaces for Chinese-speaking crypto scammers hosted on the messaging service Telegram have now grown to be bigger than ever before, according to a new analysis from the crypto tracing firm Elliptic. Despite a brief...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/02 10:4 p.m.4 views

Friday Squid Blogging: Squid Found in Light Fixture

Probably a college prank. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2026/01/02 12:5 p.m.3 views

Flock Exposes Its AI-Enabled Surveillance Cameras

404 Media has the story: Unlike many of Flock's cameras, which are designed to capture license plates as people drive by, Flock's Condor cameras are pan-tilt-zoom PTZ cameras designed to record and track people, not vehicles. Condor cameras can be set to automatically zoom in on people's faces as...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/31 12:3 p.m.5 views

LinkedIn Job Scams

Interesting article on the variety of LinkedIn job scams around the world: In India, tech jobs are used as bait because the industry employs millions of people and offers high-paying roles. In Kenya, the recruitment industry is largely unorganized, so scamsters leverage fake personal referrals. I...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/30 12:2 p.m.5 views

Using AI-Generated Images to Get Refunds

Scammers are generating images of broken merchandise in order to apply for refunds...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/29 12:7 p.m.5 views

Are We Ready to Be Governed by Artificial Intelligence?

Artificial Intelligence AI overlords are a common trope in science-fiction dystopias, but the reality looks much more prosaic. The technologies of artificial intelligence are already pervading many aspects of democratic government, affecting our lives in ways both large and small. This has occurr...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/26 10:8 p.m.4 views

Friday Squid Blogging: Squid Camouflage

New research: Abstract: Coleoid cephalopods have the most elaborate camouflage system in the animal kingdom. This enables them to hide from or deceive both predators and prey. Most studies have focused on benthic species of octopus and cuttlefish, while studies on squid focused mainly on the...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/26 12:2 p.m.4 views

IoT Hack

Someone hacked an Italian ferry. It looks like the malware was installed by someone on the ferry, and not remotely...

7.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/24 12:3 p.m.7 views

Urban VPN Proxy Surreptitiously Intercepts AI Chats

This is pretty scary: Urban VPN Proxy targets conversations across ten AI platforms: ChatGPT, Claude, Gemini, Microsoft Copilot, Perplexity, DeepSeek, Grok xAI, Meta AI. For each platform, the extension includes a dedicated "executor" script designed to intercept and capture conversations. The...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/23 12:2 p.m.5 views

Denmark Accuses Russia of Conducting Two Cyberattacks

News: The Danish Defence Intelligence Service DDIS announced on Thursday that Moscow was behind a cyber-attack on a Danish water utility in 2024 and a series of distributed denial-of-service DDoS attacks on Danish websites in the lead-up to the municipal and regional council elections in November...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/22 5:5 p.m.5 views

Microsoft Is Finally Killing RC4

After twenty-six years, Microsoft is finally upgrading the last remaining instance of the encryption algorithm RC4 in Windows. of the most visible holdouts in supporting RC4 has been Microsoft. Eventually, Microsoft upgraded Active Directory to support the much more secure AES encryption standard...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/19 10:6 p.m.5 views

Friday Squid Blogging: Petting a Squid

Video from Reddit shows what could go wrong when you try to pet a--looks like a Humboldt--squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/19 12:2 p.m.9 views

AI Advertising Company Hacked

At least some of this is coming to light: Doublespeed, a startup backed by Andreessen Horowitz a16z that uses a phone farm to manage at least hundreds of AI-generated social media accounts and promote products has been hacked. The hack reveals what products the AI-generated accounts are promoting...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/18 4:41 p.m.4 views

Someone Boarded a Plane at Heathrow Without a Ticket or Passport

I'm sure there's a story here: Sources say the man had tailgated his way through to security screening and passed security, meaning he was not detected carrying any banned items. The man deceived the BA check-in agent by posing as a family member who had their passports and boarding passes...

7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/17 12:2 p.m.6 views

Deliberate Internet Shutdowns

For two days in September, Afghanistan had no internet. No satellite failed; no cable was cut. This was a deliberate outage, mandated by the Taliban government. It followed a more localized shutdown two weeks prior, reportedly instituted "to prevent immoral activities." No additional explanation...

6.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/16 12:2 p.m.7 views

Chinese Surveillance and AI

New report: "The Party's AI: How China's New AI Systems are Reshaping Human Rights." From a summary article: China is already the world's largest exporter of AI powered surveillance technology; new surveillance technologies and platforms developed in China are also not likely to simply stay there...

6.7AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/15 12:2 p.m.6 views

Against the Federal Moratorium on State-Level Regulation of AI

Cast your mind back to May of this year: Congress was in the throes of debate over the massive budget bill. Amidst the many seismic provisions, Senator Ted Cruz dropped a ticking time bomb of tech policy: a ten-year moratorium on the ability of states to regulate artificial intelligence. To many,...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/14 5:10 p.m.5 views

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking and signing books at the Chicago Public Library in Chicago, Illinois, USA, at 6:00 PM CT on February 5, 2026. Details to come. I’m speaking at Capricon 44 in Chicago, Illinois, USA. The convention runs February 5-8,...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/12 10:0 p.m.6 views

Friday Squid Blogging: Giant Squid Eating a Diamondback Squid

I have no context for this video--it's from Reddit--but one of the commenters adds some context: Hey everyone, squid biologist here! Wanted to add some stuff you might find interesting. With so many people carrying around cameras, we're getting more videos of giant squid at the surface than in...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/12 12:0 p.m.6 views

Building Trustworthy AI Agents

The promise of personal AI assistants rests on a dangerous assumption: that we can trust systems we haven’t made trustworthy. We can’t. And today’s versions are failing us in predictable ways: pushing us to do things against our own best interests, gaslighting us with doubt about things we are or...

6.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/11 5:6 p.m.6 views

AIs Exploiting Smart Contracts

I have long maintained that smart contracts are a dumb idea: that a human process is actually a security feature. Here's some interesting research on training AIs to automatically exploit smart contracts: AI models are increasingly good at cyber tasks, as we've written about before. But what is t...

7.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/10 12:5 p.m.9 views

FBI Warns of Fake Video Scams

The FBI is warning of AI-assisted fake kidnapping scams: Criminal actors typically will contact their victims through text message claiming they have kidnapped their loved one and demand a ransom be paid for their release. Oftentimes, the criminal actor will express significant claims of violence...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/09 12:7 p.m.4 views

AI vs. Human Drivers

Two competing arguments are making the rounds. The first is by a neurosurgeon in the New York Times. In an op-ed that honestly sounds like it was paid for by Waymo, the author calls driverless cars a "public health breakthrough": In medical research, there’s a practice of ending a study early whe...

7.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/08 12:4 p.m.4 views

Substitution Cipher Based on The Voynich Manuscript

Here's a fun paper: "The Naibbe cipher: a substitution cipher that encrypts Latin and Italian as Voynich Manuscript-like ciphertext": Abstract: In this article, I investigate the hypothesis that the Voynich Manuscript MS 408, Yale University Beinecke Library is compatible with being a ciphertext ...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/05 10:6 p.m.4 views

Friday Squid Blogging: Vampire Squid Genome

The vampire squid Vampyroteuthis infernalis has the largest cephalopod genome ever sequenced: more than 11 billion base pairs. That's more than twice as large as the biggest squid genomes. It's technically not a squid: "The vampire squid is a fascinating twig tenaciously hanging onto the cephalop...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/05 8:8 a.m.4 views

New Anonymous Phone Service

A new anonymous phone service allows you to sign up with just a zip code...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/02 12:3 p.m.7 views

Like Social Media, AI Requires Difficult Choices

In his 2020 book, "Future Politics , " British barrister Jamie Susskind wrote that the dominant question of the 20th century was "How much of our collective life should be determined by the state, and what should be left to the market and civil society?" But in the early decades of this century,...

6.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/12/01 12:59 p.m.6 views

Banning VPNs

This is crazy. Lawmakers in several US states are contemplating banning VPNs, because…think of the children! As of this writing, Wisconsin lawmakers are escalating their war on privacy by targeting VPNs in the name of "protecting children" in A.B. 105/S.B. 130. It’s an age verification bill that...

6.8AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/28 8:56 p.m.5 views

Friday Squid Blogging: Flying Neon Squid Found on Israeli Beach

A meter-long flying neon squid Ommastrephes bartramii was found dead on an Israeli beach. The species is rare in the Mediterranean. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/28 2:54 p.m.7 views

Prompt Injection Through Poetry

In a new paper, "Adversarial Poetry as a Universal Single-Turn Jailbreak Mechanism in Large Language Models," researchers found that turning LLM prompts into poetry resulted in jailbreaking the models: Abstract : We present evidence that adversarial poetry functions as a universal single-turn...

7.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/11/26 12:5 p.m.6 views

Huawei and Chinese Surveillance

This quote is from House of Huawei: The Secret History of China 's Most Powerful Company. "Long before anyone had heard of Ren Zhengfei or Huawei, Wan Runnan had been China's star entrepreneur in the 1980s, with his company, the Stone Group, touted as "China's IBM." Wan had believed that economic...

7AI score
Exploits0
Total number of security vulnerabilities2978